skip navigation

More signal. Less noise.

Daily briefing.

The Cool Exploit Kit adds a new attack against older versions of Java (Java 7 Update 9 is safe). An Indian "hacker prodigy" claims he's got a Windows Phone 8 OS exploit. European Commission information mavens' laptops were hacked during the Internet Governance Forum in Baku, Azerbaijan. Hootsuite mistakenly exposes users' email addresses; PayGate loses credit card information to hackers.

Last week's Twitter password reset leads businesses to review their social media security. Cloud Pro offers advice on side-channel attacks and how cloud users might address them.

Israel and the Palestinian Authority are under long-term, sustained cyber espionage attack. The campaigns appear state-sponsored, based on Xtreme RAT crimeware kit, and related to the Arab Spring, but attribution remains unclear. Iran arrests one of its nationals on charges of hacking Western targets.

Amazon UK denies weekend reports of hacking. The Citadel banking Trojan continues to evolve into more sophisticated and tenacious forms.

Microsoft patches its recently released Surface tablet and shows Steven Sinofsky the door. Widely seen as Microsoft's next CEO, Sinofsky led development of Windows 8. Lockheed Martin asks suppliers to help with cyber security. Lockheed also names a new CEO.

German authorities launch a public-private cyber security partnership program. China accuses the US of a "cold war" mentality in the ZTE and Huawei investigations. The email trail that exposed former US DCI Petraeus' misbehavior now apparently extends to General Allen, US commander in Afghanistan. (And at least one implicated email account reused passwords compromised in last year's Stratfor hack.)

Notes.

Today's issue includes events affecting Azerbaijan, China, European Union, Georgia, Germany, Iran, Israel, Norway, Palestinian Territories, Russia, South Africa, Sweden, United Arab Emirates, United Kingdom, United States..

Cyber Attacks, Threats, and Vulnerabilities

New Java Attack Introduced into Cool Exploit Kit (Threatpost) A new exploit has been found in the Cool Exploit Kit for a vulnerability in Java 7 Update 7 as well as older versions, a flaw that's been patched by Oracle in Java 7 Update 9

Windows Phone 8 malware? This teen hacker claims to have created a prototype (Naked Security) A teenage hacker prodigy in India claims to have developed a prototype of malware that will run on smartphones running Microsoft's new Windows Phone 8 operating system - the first known instance of Windows Phone 8 malware

European Commission Officials Say Their Computers Were Hacked in Azerbaijan (Softpedia) Neelie Kroes, the vice-president of the European Commission, has revealed that the laptops of her advisers have been hacked into while attending the Internet Governance Forum (IDF) in Baku, the capital city of Azerbaijan. On her personal blog, Kroes stated that she attended the event because she was confident that the IDF would bring radical change, just as it happened in Tunisia and Egypt. But on the other hand I was denied access to meet political prisoners, despite a commitment from the President himself"

HootSuite Inadvertently Exposes Email Addresses of Thousands of Users (Softpedia) Social management company HootSuit has mistakenly exposed the names and email addresses of as many as 4,000 users. A couple of days ago, customers whose 60-day HootSuit Pro trial was about to expire were notified via email. However, the recipients didnt see only their own email address, but also the ones of others, The Next Web reports

Payment Processor PayGate Hacked, Credit Cards Exposed (Softpedia) Representatives of PayGate a South African company that intermediates payments between online retailers and banks admitted that their systems were breached back in August and that some credit cards were exposed. According to Independent Onlines Business Report, the confirmation comes after four financial institutions were forced last week to re-issue thousands of credit cards. PayGate stated that they took immediate steps to secure their systems after the breach was discovered

Fake AmEx alert leads to hard-to-detect malware (Help Net Security) American Express customers are often targeted with malware-laden or phishing emails, mostly because when it comes to money and the potential loss of it, people automatically become anxious and are more

Request for info: Robocall Phishing Against Local/Regional Banks (Internet Storm Center) Last week, my wife got an automated call from a bank with only a local presence that her debit card was deactivated. The call went to her cell phone. She wasn't a customer of that bank so it was easy for her to discard the call (I am a customer with my commercial accounts). It seems they simply wardialed every phone number with the right area code and three digit exchange in the area of that bank

How safe is your company's Twitter account? (Fortune) In light of last week's massive password reset, businesses should shore up their security measures. What do the experts suggest? Did Twitter force you to change your password last week? While it may have been an inconvenience to social media managers, the micro-blogging giant had some very good reasons to take this action

Cryptography attack: side-channel cloud threat is all nerd and no knickers (Cloud Pro) Side-channel attacks are nothing new, in fact I have been interested in them and writing about them for more than ten years now. Their arrival in the cloud, or rather the potential for a side-channel approach to touch the cloud threat surface, most

Study Shows Israel and Palestinian Territories under Cyber Attack (MarketWatch) According to Norman AS, a leading malware analysis firm headquartered in Oslo, Norway and San Diego, California, multiple malware attacks against Israeli

The Globalization Of Cyberespionage (Dark Reading) Newly revealed cyberspying campaign against Israeli and Palestinian targets demonstrates how the threat is no longer mostly a China thing. A recently discovered targeted cyberespionage campaign targeting Israeli and Palestinian organizations in operation for more than a year serves as chilling evidence that cyberspying is a global phenomenon and no longer mostly the domain of massive nation-states like China

Cyber Weapon Friendly Fire: Chevron Stuxnet Fallout (Information Week) Malware's jump from Iranian uranium enrichment facility to energy giant highlights the downside to custom-made espionage malware -- its capability to infect friends as well as foes. The pioneering Stuxnet computer virus, which was designed to attack a single Iranian uranium enrichment facility, went on to infect PCs around the world. Security experts have identified thousands of resulting Stuxnet infections. On Monday, multinational energy giant Chevron became the first U.S. company to admit that it, too, was infected by Stuxnet

Co-ops Rally After S.C. Cyber Attack (Electric Co-op Today) Following a massive cyber attack on the state government, South Carolina's electric cooperatives are helping alert consumers that their personal information could be at risk. After a huge cyber security breach against the state of South Carolina, co-ops are stepping up to the plate. (Photo By: Thinkstock) The South Carolina Department of Revenue was hit by what many experts believe is the largest security breach of a state government. Some 3.6 million Social Security numbers, plus 387,000 credit and debit card numbers, were compromised by a hacker

Amazon denies UK customer database hacked (IT Pro) Internet retail giant denies claims that Pastebin data dump is from its systems. Internet retail giant Amazon has denied claims that a computer hacker infiltrated its systems and leaked the details of more than 600 UK users online. A hacker, going by the name Darwinare, posted usernames, contacts details and home address of 628 people on text-sharing website Pastebin on Saturday, claiming they belonged to Amazon customers

Citadel Trojan Tough for Banks to Beat (Bank Information Security) The banking Trojan known as Citadel, which debuted in underground forums in January 2012, has evolved to become one of the financial industry's greatest worries, cybersecurity experts say. Citadel, an advanced variant of Zeus, is a keylogger that steals online-banking credentials by capturing keystrokes. Fraudsters then use stolen login IDs and passwords to access online accounts, take them over and schedule fraudulent transactions

Young Facebook users are most vulnerable to security threats (Help Net Security) ZoneAlarm revealed the common behaviours of younger Facebook users that increase their susceptibility to encountering cyberbullying, predators and other security threats

12 scams of Christmas (Help Net Security) A Harris Interactive study, conducted online among over 2,300 U.S. adults, investigates the online habits and behaviors of Americans, including those who indicate that they will engage with the Internet

Security Patches, Mitigations, and Software Updates

Microsoft plugs critical hole in Surface operating system (Fierce Mobile IT) In an advanced notice of its security patches issued on Patch Tuesday--the second Tuesday of every month--Microsoft (NASDAQ: MSFT) announced that it is patching a critical vulnerability in its Surface tablet's Windows RT operating system, which if left unpatched, could enable hackers to infect the tablet with malware

Cyber Trends

Hacking attempts will pass one billion in Q4 2012, claims information assurance firm (The Next Web) Hacking attempts across the globe are likely to top one billion in the final quarter of 2012, according to estimations by the NCC Group

Symantec predicts cyber crime developments in 2013 (Wired) Well, they would know if anybody does. Anybody besides the guys who invented Flame, who are presumably way too busy to blog these days. I hope the Flamesters didn't report directly to Petraeus

NSA 1990s Report Showcases Wildly Inaccurate Predictions About Computing's Future (Reason) The mid-1990s were dark years for the National Security Agency. Its budget had been slashed, top technical talent was seeping out, and the company that made its supercomputers was in trouble. You can get a sense of the agency's worry — and its myopia

When will the public sector grasp basic lessons on information security? (Help Net Security) Another day, another public sector data breach. Last month the ICO fined Greater Manchester Police £120,000 for the loss of a USB stick. The month before, the Scottish Borders Council was slapped

Cyber Wars (Air Traffic Management) Faced with the theoretical potential for a cyber attack to affect multiple connected systems, ICCAIA evokes the volcanic ash crisis of recent years to press home the need for a coherent response. A cyber attack in a future interconnect air system could

Businesses admit to losing data through BYOD (Help Net Security) Businesses are putting their corporate security at risk, with one in three organisations (33 per cent) allowing their staff unrestricted access to corporate resources from their personal smartphones

Mobile network backhaul equipment market to reach $6.71 billion next year (Fierce Mobile IT) Fueled by 4G deployment and mobile data traffic, the global mobile network backhaul equipment market is predicted to reach $6.71 billion next year, according to the latest research from Visiongain

Middleware firms drag feet on mobile platform strategies, says report (Fierce Mobile IT) The majority of traditional middleware providers such as IBM (NYSE: IBM), Oracle (NASDAQ: ORCL), VMware, SAP and Red Hat have taken most of this year to develop mobile platform strategies, with integrated offerings not expected until 2013, according to a report on BYOD trends by Current Analysis

Marketplace

Fort Meade: Building a team of elite cyber professionals (CapitalGazette.com) Rhett A. Hernandez, commanding general, Army Cyber Command. While all re-enlistment ceremonies are unique and impactful to the personnel involved and the families and units supporting them, this re-enlistment was noteworthy for the ranks of the Army

Lockheed says cyber attacks up sharply, suppliers targeted (WKZO) The Pentagon's No. 1 supplier, Lockheed Martin Corp, on Monday cited dramatic growth in the number and sophistication of international cyber attacks on its networks and said it was contacting suppliers to help them shore up their security. Chandra McMahon, Lockheed vice president and chief information security officer, said about 20 percent of the threats directed at Lockheed networks were considered "advanced persistent threats," prolonged and targeted attacks by a nation state or other group trying to steal data or harm operations

General Dynamics to Provide C4ISR and IT Support for U.S. European, Central and Special Operations Commands (PR Newswire) General Dynamics Information Technology, a business unit of General Dynamics (NYSE: GD), has been awarded a contract by the Space and Naval Warfare Systems Center (SSC) Atlantic to provide worldwide Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance (C4ISR) and Information Technology (IT) support to its European Office and its Combatant Command and Unified Command customers. The five-year, multiple-award, indefinite delivery, indefinite quantity (IDIQ) contract has a potential value of $750 million to all five awardees, if all options are exercised

Know your worth: Salaries for IT professionals in UAE curves upward (Emirates 24/7) Technology professionals continue to be in strong demand within Middle East. Information technology (IT) professionals are not always the most admired lot at work. Co-workers and employees grumble about how all tech-related problems emanate from the IT room

Wanted: Qualified Data Scientists, People Skills A Plus (InformationWeek) A good data scientist is hard enough to find; try finding one who can effectively communicate data-driven insights to non-technical folk

Denver Cyber Security Announces Merger with Web Development Firm Denver Web Services (The Herald) Denver Cyber Security, an IT security firm providing custom solutions for companies throughout the state of Colorado, has recently been acquired by internet marketing and web development firm Denver Web Services

Former Chairman William Bratton to Remain at Kroll as Senior Advisor (Govconwire) Kroll Advisory Solutions has retained former Chairman William J. Bratton as a senior advisor, according to a company statement. Bratton will now serve the firm by working with public entities and private organizations that face complex security or investigatory issues

Lockheed Names 29-Year Vet Marillyn Hewson CEO Starting Jan. 1 (Govconwire) Lockheed Martin (NYSE:LMT) has elected Marillyn Hewson, currently executive vice president for electronic systems, to succeed the retiring Bob Stevens as chief executive, effective Jan. 1, 2013. In a release, the company said it also named her president, chief operating officer and director, effective immediately, upon the resignation of Chris Kubasik from the company

Windows head Sinofsky out at Microsoft (IT World) Steven Sinofsky, the executive in charge of Microsoft's Windows 8 operating system and the driving force behind the new OS, is leaving the company, Microsoft announced late Monday, just weeks after the long-awaited operating system launched

The Wrong Man For The Job, Microsoft In The Aftermath of Steven Sinofsky's Departure (TechCrunch) Now that Steven Sinofsky has left Microsoft as President of the Windows division, the question now comes down to what happened and the implications his departure means for the company

The Next CEO Of Microsoft Suddenly No Longer Works At Microsoft (TechCrunch) "Floored." "Wow." "Wild." Those are some of the reactions within Microsoft tonight upon hearing that Windows and Windows Live President Steven Sinofsky would be leaving the company "effective immediately". Those are the reactions because nearly all Microsoft employees found out about the news tonight alongside the rest of us

Products, Services, and Solutions

Just how well do Android privacy apps hide your sexy photos and secret texts? (Naked Security) Do you have photographs on your smartphone that you don't want others to see? If an app publisher tells you that they will keep your secrets safe would you trust them? Gary Hawkins takes a closer look at Android apps that promise to keep your photos private, and finds some lacking

Sophos unveils new unified threat management appliance (Help Net Security) Sophos released a new unified threat management appliance and software package exclusively for small businesses. The Sophos UTM 100 appliance with BasicGuard sets a new standard for small business security

Sourcefire puts persistent malware in its sights (ITWorld Canada) Sourcefire Inc. a Maryland-based cyber-security company, has just updated its line of FirePower appliances with more advanced malware protection software

With BlackBerry 10, RIM must pull off its greatest trick yet (ZDNet) With BlackBerry 10, RIM must pull off its greatest trick yet. Summary: RIM's new operating system will need to score with consumers and business, tablets and smartphones

Technologies, Techniques, and Standards

Protecting Your Identity As Cyber-Attacks Become More Frequent and Sophisticated (Huffington Post) The South Carolina Revenue Department announced a major cyber-attack at the end of October possibly affecting 3.6 million taxpayers dating back to 1998. The state says an international hacker took unencrypted social security numbers and 387,000 credit

Russian Hackers Beaten at their own Game (WND) 'Honey pot' traps agents turning computers into secret surveillance machines. In the world of cyber espionage, usually an attacker can lurk in the shadows unidentified, but through a combination of skill, timing and luck, one hacker has been exposed for all the world to see

Stop To Consider Vendor Lock-In (MSPmentor) In fact, in a recent survey, the Cloud Security Alliance (CSA) and the Information Systems Audit and Control Association (ISACA) asked IT decision makers to name their top concerns about cloud. Not surprising, exit strategies (#1), contract lock-in (#4)

CSA Releases Security Guidance For Critical Areas Of Mobile Computing (Biztech2.com) The Cloud Security Alliance (CSA) has released version 1.0 of the "Security Guidance for Critical Areas of Mobile Computing" which provides an assessment of the current state of mobile computing as well as details the prevailing top threats to mobile

Design and Innovation

Google Commits 1M Euros To German Startups Via Berlin Start-up Center, The Factory (TechCrunch) Google has a number of initiatives aimed at entrepreneurs globally, and a thread of a strategy appears to be emerging in Europe, albeit with different approaches. The tech giant has already supported the creation of an accelerator/workspace called Le Camping in Paris, part-backed with state money. In London it literally took out a ten-year lease on a building, Google Campus London, and stacked it

Innovation Lesson: Disrupt Before You're Disrupted (InformationWeek) Even innovators struggle with the pace of change. Here are some of the ways Silicon Valley companies like LinkedIn push the edge without falling off

Research and Development

Your Unconscious Brain Can Do Math, Process Language (IEEE Spectrum) New experiments suggest sophisticated subliminal workings in the brain

Legislation, Policy, and Regulation

Zittrain: Peer-to-peer transactions risk privacy (Fierce Government IT) The rise of low-cost, peer-to-peer transactions facilitated by the Internet presents challenges for privacy, yet regulation of it may be difficult due to the First Amendment, said Jonathan Zittrain, a Harvard law professor

Spotlight: VanRoekel to stay on for second term (Fierce Government IT) Federal Chief Information Officer Steven VanRoekel intends to continue working at his Office of Management and Budget post for President Obama's second term

Cyber-tension between nations fuels public desire for action (Net-Security) The UK public is growing increasingly concerned about national cyber security, following the number of high profile security incidents and malware discoveries reported this year, according to LogRhythm. In a survey of 1,000 consumers, 65 percent of respondents stated that pre-emptive strikes on enemy states that pose a credible threat to national security are justified, and of those, 46 percent believe it depends on the level of threat posed. Of those surveyed, 45 percent believe that the UK government needs to step up its protection of national assets and information against cyber security threats, and 43 percent think that the threat of international cyber war and cyber terrorism is something that needs to be taken very seriously now

German Cyber-Security Partnership Launched (Security Defense Agenda) "A new Federal Alliance of Cyber-Security opened for business in Germany on Thursday. The two chief bodies behind the project are the Federal Office for Information Technology Security and the I.T. trade association Bitkom. At the initiatives core is a reporting system, which will allow companies and organisations to immediately alert the authorities of any cyber-attack without necessarily having to disclose their identity

Israel Police Force Launches Cyber Unit (Algemeiner) The announcement comes two weeks after a system-wide cyber attack forced police to discontinue use of the internet on computers and avoid using thumb drives or CDs, or any other passing of data and programs between police computers

Senate readies for fight over cybersecurity surveillance (CNet) Sen. Joe Lieberman says his cybersecurity bill is necessary to prevent terrorists from dumping "raw sewage into our lakes." But privacy groups call it a big step toward Big Brother. Sen. Joseph Lieberman spent years fighting unsuccessfully for a so-called Internet kill switch granting the president vast power over private networks during a "national cyberemergency."Now Lieberman, who did not seek reelection, is hoping a more modest version of his proposal will be approved before he leaves office. Majority Leader Harry Reid has inserted the cybersecurity bill into the Senate's post-election calendar, and a vote could happen as early as this week after debate on a proposal to open more public land for hunting and fishing

White House May Soon Take Action on #Cybersecurity (Search Engine Journal) Now that the dust of the elections has settled, and Congress is due back in session tomorrow, President Obama may soon add a signature to an Executive Order on Cybersecurity. That step by the White House depends on whether or not Congress will finally come to a decision on cybersecurity legislation that has been languishing in limbo

US Renews Call to Private Industry to Help Cybersecurity (Tom's Hardware Guide) In a speech to the audience of the Symantec Government Symposium, General Keith Alexander, Commander, U.S. Cyber Command and Director, National Security Agency/Chief, Central Security Service, said that only a close collaboration between the

Military gears up to defend US against cyber-attack (Military Technologies) Military gears up to defend U.S. against cyber-attack. The next attack on the United States may be an invisible one, but the consequences could be very real. The military is gearing up to defend the nation against an attack in cyberspace

Post-Petraeus CIA Should Kill Less and Spy More, Former Chief Says (Wired Danger Room) When David Petraeus got the job of CIA chief, he knew what job #1 was: find out everything he could about al-Qaida and its allies — and then assist in their removal from the land of living. Fourteen months and more than 110 drone strikes later, the breaking of al-Qaida's core that began under Petraeus' predecessors is almost complete. Yet a major chunk of the nation's intelligence community remains singularly focused on terrorism. It's time to give that a rest, a former leader of the Central Intelligence Agency says — especially with Petraeus gone. There's a whole world out there that needs to be snooped on. "We have been tremendously focused on counterterrorism for the last 11 years [since 9/11]. How do you now begin to make sure that you cover other necessary things without making the country less safe?" asks former CIA director and retired Gen. Michael Hayden

New UAE law on cyber crimes: Porn, online harassment criminalised (Emirates 24/7) New decree provides legal protection to all information published online. President His Highness Sheikh Khalifa bin Zayed Al Nahyan has issued Federal Legal Decree No. 5 for 2012 on combating cyber crimes. The new decree includes amendments to Federal Legal Decree No. 2 for 2006 on cyber crimes

Litigation, Investigation, and Law Enforcement

Iranian Hacker Responsible for Attacks on US and Israeli Sites Arrested (Softpedia) Iranian authorities have arrested a man suspected of hacking into more than 1,000 foreign websites. Most of his targets are from the United States and Israel. According to Trend, the hacker claimed that he breached the US and Israeli websites out of curiosity and to demonstrate that they were not properly secured

China lashes out at US over Huawei/ZTE report, cites 'Cold War mentality' (FierceWireless) In remarks recently at the 2012 Cloud Security Alliance Congress, Huawei's chief security officer, Donald "Andy" Purdy, reaffirmed Huawei's commitment to cybersecurity. Purdy noted that Huawei works with at least 400 U.S. companies, and that Huawei has

Congressional inquiry responses released: Data brokers refuse to name sources (ZDNet) A Congressional inquiry told nine major data brokerage companies to explain how they collect and sell consumer information. The data dealers have responded with PR and generalities. Data brokers have compiled secret dossiers on what's estimated to be 500 million people and they're refusing to name data sources to a Congressional inquiry - or transparently explain what's being done with the privacy-invading data they're collecting and compiling

Email Location Data Led FBI to Uncover Top Spy's Affair (Wired Threat Level) In the irony of ironies, the distinguished career of CIA Director and former CENTCOM commander David Petraeus appears to have come unhinged after authorities traced the location of the sender of threatening e-mails that were written from an anonymous Gmail

Petraeus Scandal Engulfs Afghanistan War Chief (Wired Danger Room) The sex scandal that brought down former Army general and CIA Director David Petraeus has expanded to engulf another senior official: Marine Corps Gen. John Allen, the commander of U.S. and NATO troops in Afghanistan. Allen, who is married, allegedly exchanged what's being described as "inappropriate communication'' — up to 30,000 pages of it — with Jill Kelley, the 37-year-old Tampa socialite who claims she received threatening emails from Petraeus' mistress (and biographer) Paula Broadwell

Petraeus affair offers unintentional lesson on password reuse (Ars Technica) Paula Broadwell, the biographer and reported mistress of CIA director David Petraeus, appears to have been a subscriber to the "private intelligence" firm Stratforand that means that her Stratfor login account and its hashed password were hacked and released last year by Anonymous. The Stratfor hacker, who the US government says was Chicago-based Jeremy Hammond, obtained a complete roster of all corporate client accounts. These were released online in a massive file called stratfor_users

DDoS marketing stunt backfires, entrepreneur jailed for nine months (Naked Security) He meant to promote his anti-DDoS kit by shedding light on poor internet security at the Hong Kong stock exchange, but his two brief DDoS attacks instead wound up costing him his freedom for the better part of a year

Meet The Patent Troll Suing Hundreds Of Companies For Encrypting Web Traffic (Techdirt) Ars Technica has the story on yet another patent troll -- though this one seems a bit special. TQP Development -- a typical patent troll in so many ways -- has apparently gone on something of a rampage over the last four years (and increased in the last year) suing hundreds of companies. The list is impressive

Hong Kong stock exchange hacker sentenced to jail (ZDNet) The hacker who broke into the Hong Kong stock exchange news Web site last year has been sentenced to nine months in jail. A South China Morning Post (SCMP) report Saturday said Tse Man-lai, 28, was convicted in the district court on two counts of obtaining access to a computer with criminal or dishonest intent. On Aug. 12 and Aug. 13 last year, Tse launched denial-of-service attacks (DoS) on HKExnews, a Web site operated by the Hong Kong Exchanges and Clearing (HKEx) which publishes corporate filings, the report said

Pirate Bay co-founder suspected of serious fraud and another data intrusion (Computer World) Swedish authorities now suspect Pirate Bay co-founder Gottfrid Svartholm Warg of serious fraud and another data intrusion in addition to the alleged hacking of IT company Logica that led to his arrest, public prosecutor Henrik Olin said Monday. Svartholm Warg was arrested in Cambodia in August and deported to Sweden. In September, Swedish authorities arrested him on suspicion of hacking Logica, which handles taxes for the Swedish government

Blizzard sued over security concerns, 'deceptive upselling' (Help Net Security) Blizzard, the developer of popular online games such as World of Warcraft and Diablo, has been hit with a class action lawsuit claiming that the company engages in "deceptive upselling" by not making

With HTC dispute over, Apple can aim legal guns at Samsung (Fierce Mobile IT) Apple (NASDAQ: AAPL) and HTC settled their global patent lawsuit over the weekend and announced a licensing agreement that ends their two-year smartphone patent war.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

E2 Innovate Conference & Expo (Santa Clara, California, November 14 - 15, 2012) E2 Innovate, formerly Enterprise 2.0, brings strategic business professionals together with industry influencers and next-gen enterprise technologies.

Anatomy of an Attack (New York, New York, November 15, 2012) Join Sophos security experts in exploring how threats like malware, Trojans, worms and spyware actually work and what you can do to protect your company, even if you're on a tight budget.

ZeroNights (Moscow, Russia, November 19 - 20, 2012) ZeroNights is an international conference dedicated to the technical side of information security. The mission of the conference is to disseminate information about new attack methods, threats and defense...

Digital Security Summit (Riyadh, Saudi Arabia, December 1 - 2, 2012) A major conference to discuss the growing threat to digital security in the Middle East, especially in Saudi Arabia.

Passwords^12 (, January 1, 1970) Passwords^12 is a 3-day conference only about passwords & PIN codes. With an "all-star" cast of speakers, including Joan Daemen (AES/SHA3), Jens Steube (alias "atom", hashcat author), Colin Percival (CSO...

CIO Cloud Summit 2012 (, January 1, 1970) The CIO Cloud Summit will help C-level executives better understand the true capabilities of cloud computing and the transformational opportunities it can bring.

BayThreat (Sunnyvale, California, December 7 - 8, 2012) The theme for BayThreat is a new spin on the dichotomy of attacking and defending in information security. We're calling out all of the attackers and defenders that are on the front lines of the battle.

2012 European Community SCADA and Process Control Summit (Barcelona, Spain, December 10 - 11, 2012) The European SCADA Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations...

TechMentor Orlando 2013 (Orland, Florida, USA, March 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow...

e-Crime Congress 2013 (London, England, March 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding...

The Future of Cyber Security 2013 (London, England, UK, March 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.

25th Annual FIRST Conference (Bangkok, Thailand, June 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.