A widespread denial-of-service attack on the .cn domain disrupted Internet service throughout China over the weekend. Investigation continues; it's not clear where the attack originated or who perpetrated it.
Sourcing Snowden, Der Spiegel reports that the US NSA compromised a United Nations teleconferencing system in the summer of 2012. The story appears to further damage US relations with Germany; it also highlights the vulnerability of teleconferencing systems to surveillance.
The Nasdaq stock exchange reopened this morning after last week's trading flash freeze. Nasdaq attributes its problems to internal data feed bugs and denies it was attacked. It indeed seems unlikely that Nasdaq sustained a denial-of-service attack (as several observers reflexively concluded Friday), but it's premature to dismiss the possibility of cyber attack.
Various cyber-riots continue from Israel to Pakistan. Azerbaijani hacktivists attack Armenian government sites. Anonymous continues #opGabon, and also seeks to embarrass the US FBI with new (small but irritating) exploits.
FireEye says the MoleRats are behind the PoisonIvy Trojan's current resurgence. (The Middle Eastern group may be trying to deflect suspicion by using a tool commonly associated with China.)
NIST issues medical device wireless security standards, and the market for device security sees new entrants. In other business news, analysts continue to predict surveillance fallout to affect US solution providers.
NSA's annus horribilis continues with petty but embarrassing "LoveInt" revelations. Administration investigative panels meet with skepticism. Senator Feinstein, hitherto an NSA defender, promises a major investigation when Congress reconvenes in two weeks. A Church Commission reprise seems likely.
Today's issue includes events affecting Armenia, Australia, Azerbaijan, Brazil, China, Gabon, Germany, India, Iran, Israel, Japan, Pakistan, Spain, United Arab Emirates, United Kingdom, United Nations, United States..
Cyber Attacks, Threats, and Vulnerabilities
Major DDoS attacks .cn domain; disrupts Internet in China(ComputerWorld) It's still unclear where the DDoS attack originated from. China's Internet was hit with a major distributed denial of service (DDoS) attack Sunday morning that briefly disrupted and slowed access to sites in the .cn domain
Nasdaq Three-Hour Halt Highlights Vulnerability in Market(Bloomberg) The interruption that froze half the U.S. stock market last week began with a routine notice. NYSE Arca is currently experiencing an issue processing customer messages on routed orders in Tape C symbol range 'TACT' through 'ZYY.C,'" read an alert for traders received by Bloomberg News at 10:17 a.m. on Aug. 22. "Will advise." The brevity of the message belied its significance. Computers at the world's biggest exchange operators were having difficulty communicating
Nasdaq CEO Defends Exchange After 'Flash Freeze'(Fox Business) Nasdaq CEO Robert Greifeld in an interview with FOX Business on Friday defended the all-electronic exchange's handling of the three-hour outage dubbed the "Flash Freeze," calling it an internal glitch and easing fears that it was triggered by some kind of cyber attack
Nasdaq Focuses on Pivotal 2 Minutes in Trading Halt(Wall Street Journal) The period foretold just how severe the market's problems were to get. Regulators and exchange officials trying to unravel the cause of last week's Nasdaq Stock Market NDAQ +0.26% failure are focusing on an apparently pivotal two-minute period that foretold just how severe the market's problems were about to get, according to people familiar with the discussions
Nasdaq Outage Explored: 7 Facts(InformationWeek) Security experts dismiss reports that DDoS attack compromised systems in New York City and crashed Nasdaq exchange. But squirrels have not been ruled out
Nasdaq outage: Last straw for retail investors(MSN Money) For many smaller players, the freeze has proved to them that they don't belong in the stock market. "Last straw." Those are the two words I heard everywhere I went this weekend. The Nasdaq outage was the last straw, as it's become clear that the machines have taken over and they simply can't be stopped. That attitude, plus the desire to see someone at the Nasdaq OMX (NDAQ +0.32%) take the fall for Facebook (FB +2.66%) and for this three-hour shutdown, was on one everybody's lips — my conversations tend to skew to the stock market when any event puts stocks back on the front page
Nasdaq technical glitch hits Apple, Facebook and Microsoft [share prices](Computing) A technical glitch caused the Nasdaq stock market to freeze for three hours, potentially costing shareholders and listed companies millions of dollars. The likes of Apple, Facebook, Intel and Microsoft were all affected by the halt on trading at 12:14pm (EST), with trading partially resuming at 2:45pm (EST) and back online by 3:25pm
Several Armenian Government Ministries Websites Hacked by Azerbaijan hackers(Hack Read) An organization ran by Azerbaijani hackers known as ANTI-ARMENIA.ORG has hacked and defaced high profile Armenian government ministries websites earlier today. The hackers left their deface page showing messages, graphic images and Youtube videos against Armenian government on all hacked websites
Hackers turn from emails to security in homes, cars(Toledo Blade) Danger grows as everday items connect to Internet. Imagine driving on the freeway at 60 mph and your car suddenly screeches to a halt, causing a pileup that injures dozens of people. Now imagine you had absolutely nothing to do with the accident because your car was taken over by hackers. Charlie Miller, a security researcher at Twitter, and Chris Valasek, director of security intelligence at IOActive, a security research company, recently demonstrated car hacks at the Black Hat and DefCon computer security conferences in Las Vegas. The researchers completely disabled a driver's ability to control a vehicle. No brakes. Distorted steering. All with a click of a button. While the demos were with hybrid cars, researchers warn that dozens of modern vehicles could be susceptible
Nearly One–Fifth Of Enterprise Operating Systems Not Fully Patched(Dark Reading) One in five IT professionals say they either have not fully patched their organizations' endpoint operating systems--or they aren't sure if the machines are up-to-date. A fully patched operating system is the "minimum bar" for any organization, says Matt Hathaway, senior product manager with Rapid7, which today released results of a survey of 600 IT pros on their enterprises' endpoint security practices. Some 83 percent say their endpoint OSes are fully patched
The Maginot Line(TechCrunch) I'm sorry to say that I have succumbed to something like schadenfreude. It's not that I really enjoy what is happening these days, what with institutions of the web shutting down, basic civil rights being ignored, and all the rest. It's just that it's all a little poetic
Your emails are all scanned—and that's what you agreed to(Phys.org) According to Nobel Laureate Gabriel García Márquez, "all human beings have three lives: public, private, and secret". It is in our nature to want privacy, yet in the internet age, it has never been easier to access the details of our private lives
There are no winners in the blame game(Help Net Security) Every time a major security breach makes the headlines, a common reaction happens. Even before the details of the breach are known, the infosec world gets into a frenzy of speculation as to how the attack happened, who conducted it, and whether the attackers were skilled or not. Invariably the conversation focuses onto the company that is the victim of the attack, and it often tends to highlight how stupid, negligent or weak its security defenses were. In effect, we blame the victim for being attacked
Look out for more cyber threats this year(AsiaOne) Phishing has a great impact on cyber threats in the Asia Pacific region - Danny Siew, Trend Micro's Senior Director of Technical Support for APAC said that
Army network modernization efforts don't capitalize on testing, says GAO(FierceGovIT) "The Army has not yet tapped into the potential to use the NIE to gain insight into the effectiveness and performance of the overall tactical network," finds the Government Accountability Office in an Aug. 22 report.For example, some technology that tested poorly in the development stage was pushed through to operational testing with similarly poor results. Now, Army plans to buy and field the systems, says GAO
Should Software Testing Be Military?(IDGConnect) Software bugs cost the global economy an average of $312 billion a year. Yet there is a virtually ignored unemployed population of systematic, methodical, hard-working, team spirited individuals out there desperate to progress in careers. Perhaps marrying the great swathes of jobless ex-military with the need for rigorous global software testing could achieve an extremely socially responsible and lucrative system
DHS kicks off $6B cyber program(Federal Times) John Streufert, director of the National Cyber Security Division at the Department of Homeland Security, is helping guide a massive DHS effort to standardize
KCG Holds Spot on $6B DHS Cybersecurity Contract(GovConWire) Knowledge Consulting Group has won a spot on the Department of Homeland Security's $6 billion contract meant to provide government agencies with information technology services they can utilize to bolster cybersecurity
HP to Compete on $6B DHS Cybersecurity BPA(GovConExecutive) Hewlett Packard holds a position on a potential $6 billion blanket purchase agreement to provide tools and services for the Department of Homeland Security's cyber defense program
5 Companies That Came To Win This Week(CRN) This week's roundup of companies that came to win include Lenovo ramping up notebook production, Dell winning a storage battle and Yahoo besting Google in U.S. Web traffic (for a month at least). Also, executive moves at HP has the channel optimistic and Intelisys unveiled a new partner program at UBM Channel's XChange event
FDA's guidance for wireless devices sparks business opportunity(FierceMedicalDevices) Barely a week after the FDA issued its final guidance on wireless devices, some already see a small-business opportunity in trying to help device companies navigate the new rules. Global Technology Resources, a Colorado IT operation focused on areas including Big Data, mobile software and system security, said it will partner with healthcare/medical device consultancy Integra Systems in Nevada to help device companies interpret the new requirements and adjust their regulatory submission strategies accordingly
Security firm makes health IT push(Healthcare IT News) As part of this expansion, NJVC has released a three-part series of white papers for healthcare executives on cyber security to help them learn about the breadth
Podcast: Made In China, Secured In The U.S.(Security Ledger) We've written a lot about the threat posed by nation-state sponsored hackers to U.S. corporations and the economy. So-called "advanced persistent threat" (or APT) style attacks against corporate and government networks have been linked to the theft of sensitive data and intellectual property
Products, Services, and Solutions
Yahoo Releases Recycled Usernames To Those Who Sent In Requests, Lets You Stalk Your Own For $1.99(TechCrunch) Today, Yahoo will begin notifying those who requested a particular user ID through the company's newly expanded pool of usernames if their choice has been granted. In case you missed it the first time around: earlier this summer, Yahoo announced it would re-open access to unused Yahoo IDs, and the email addresses associated with them. The plans that were initially met with a bit of controversy
Did you know Twitter shadows every click you make?(Alexander Hanff) So today I was working on some code for a new web site I am about to launch for one of my privacy projects. I wanted a way to be able to log some statistics about my site visitors without retaining any information which might be considered as private, identifying or could be used to track them; these statistics are important for attracting sponsors. As a rule, I always disable logging everything apart from the date/time, requested page and result (whether or not the page was retrieved successfully) in Apache's access log - but this is a little cumbersome to navigate and create meaningful information from. So I decided I wanted to save some statistical data to a database which I can then access and display in a number of useful ways such as tables & charts. I also wanted to know where my users are coming from without retaining their IP address - so I installed a module for Apache called GeoIP which allows me to see which country a visitor is coming from based on their IP address, without actually having to store their IP address
Kaspersky blocks zero–day attacks(IT–Online) Kaspersky Internet Security 2013 for home users delivered a 100% success rate in blocking zero-day threats during a two-month security test
Fingerprint algorithm for Android devices(Help Net Security) Precise Biometrics AB has launched a new software product designed and optimized for embedding fingerprint verification on smartphones and tablets. Precise BioMatch Mobile supports Android, and in
Box.com forges new cloud security model(ComputerWeekly) The time has come for service providers and consumers to move to a security model better suited to the cloud computing era, says cloud-based content management and collaboration firm Box.com
In surveillance era, clever trick enhances secrecy of iPhone text messages(Ars Technica) "Perfect forward secrecy" comes to iOS and gets a boost on Android. A security researcher has developed a technique that could significantly improve the secrecy of text messages sent in near real time on iPhones. The technique, which will debut in September in an iOS app called TextSecure, will also be folded into a currently available Android app by the same name
Top Five Hacker Tools Every CISO Should Understand(Tripwire) As the role of the CISO continues to evolve within organizations towards that of an executive level position, we see a growing emphasis on traditional business administration skills over the more technical skills that previously defined the top security leadership job. Nonetheless, CISOs need to keep abreast of the latest down-in-the-weeds tools and technologies that can benefit their organization's security posture, as well as those tools that are widely available which could be misused by malicious actors to identify and exploit network security weaknesses
NIST proposes supply chain control overlay(FierceGovIT) A new proposed cybersecurity control overlay from the National Institute of Standards and Technology for federal agency supply chain risk management would add a new family of controls that would at minimum require tracking systems or components as they wind their way through the supply chain
Download me II—Removing the remnants of the Web's most dangerous search terms(Ars Technica) According to McAfee's 2008 The Web's Most Dangerous Search Terms, "free" fell into the highest search term risk category. And my previous search for free stuff on the Internet ended ugly. What did I do? I searched for free things, clicked the top links, and initiated the first download on each page. This—no surprise—led me to download a bunch of adware and malware, what McAfee coined as Potentially Unwanted Programs (PUPs). For instance, a search for "free music downloads" (the worst search query from round one) left my desktop littered with them. From my download notes and desktop count, I went from three to 19 programs while adding six Firefox plugins and 12 extensions that made my browser a cluttered array of toolbars and icons. My computer was dogged with PUPs—point proven. Now this was my mess to clean up. Could I do anything to fix my computer, and was it even worth it
When does your browser send a "Referer" header (or not)?(Internet Storm Center) The "Referer" header is frequently considered a privacy concern. Your browser will let a site know which site it visited last. If the site was coded carelessly, your browser may communicate sensitive information (session tokens, usernames/passwords and other input sent as part of the URL). For example, Referer headers frequently expose internal systems (like webmail systems) or customer service portals. There are however a few simple tricks you can apply to your website to prevent the Referer header from being sent
Can Your Antivirus Handle a Zero-Day Malware Attack?(SecurityWatch) Testing signature-based antivirus protection is a snap. You gather hundreds or thousands of known malware samples, run a scan, and note how many your antivirus product detected. However, for a brand-new, zero-day virus (or other type of malware) there's necessarily no signature available. Testing protection against zero-day threats is tough, but the researchers at AV-Comparatives have worked out a technique that satisfies them. Note, though, that not all antivirus vendors approve of this particular test; quite a few opted out of the latest edition, the results of which have just been released
Creating your first cloud policy(Australian Techworld) Finally, look to what other organizations have published and what standards bodies like the Cloud Security Alliance (CSA), National Institute of Standards and
BYOD, cloud transform endpoint security(ITWeb Security) Although for many years endpoint security solutions were targeted at desktop PCs and servers, the explosion of bring your own device (BYOD) and cloud computing has changed the notion of the endpoint and has shifted the focus from protecting devices to protecting the data itself
Is That Quantum Computer for Real? There May Finally Be a Test(Wired) In early May, news reports gushed that a quantum computation device had for the first time outperformed classical computers, solving certain problems thousands of times faster. The media coverage sent ripples of excitement through the technology community. A full-on quantum computer, if ever built, would revolutionize large swaths of computer science, running many algorithms dramatically faster, including one that could crack most encryption protocols in use today
Feds spending over $5.1M on facial recognition surveillance program(Ars Technica) Meet DHS' "Biometric Optical Surveillance System," or BOSS. If you thought that license plate readers were fun, just wait until facial recognition gets better. Recall, facial recognition technology famously failed to catch the two Boston bombing suspects earlier this year, and it remains difficult to actually pull off quickly, accurately, and at a distance
Surveillance Revelations Shake U.S.–German Ties(New York Times) Continuing revelations, based on documents leaked by Edward J. Snowden, of sweeping American digital surveillance around the world are rattling the close ties between the United States and Germany
Sen. Dianne Feinstein to pry into spy activity(My Desert) Sen. Dianne Feinstein, a staunch defender of President Barack Obama's surveillance programs, plans to take a critical look at the government's intelligence-gathering activities after Congress returns Sept. 9 from its month-long break. The California Democrat, chairwoman of the Senate Intelligence Committee, has announced plans for a series of hearings to conduct a "major review of all intelligence data-collection programs involving Americans." "This will be the primary order of business for the committee this fall and will be used to develop proposals to increase transparency and improve privacy protections for these vital national security programs," Feinstein said in a recent statement. Critics doubt that the hearings will prompt Congress to end or limit domestic spying
The NSA is losing the benefit of the doubt(Washington Post) He cited a 2009 finding that the court's approval of the National Security Agency's telephone records program was premised on "a flawed depiction" of how the
NSA analysts deliberately broke rules to spy on Americans, agency reveals(The Guardian) Inspector general's admission undermines fresh insistences from president that breaches of privacy rules were inadvertent. US intelligence analysts have deliberately broken rules designed to prevent them from spying on Americans, according to an admission by the National Security Agency that undermines fresh insistences from Barack Obama on Friday that all breaches were inadvertent
Obama: Team has to build confidence in NSA(USA Today) President Obama says he understands people's concerns about National Security Agency surveillance programs, but privacy protections are working and being improved
Obama: NSA revelations show 'oversight worked'(CNN) President Barack Obama said he believes the latest revelation that the National Security Agency inadvertently collected emails of some Americans shows "all these safeguards, checks, audits, oversight worked."ent
A little more light(The Economist) IN JULY 2012, nearly a year before Edward Snowden escaped to Hong Kong with their secrets, America's spies made a brief and tantalising confession. Under pressure from Ron Wyden, a senator from Oregon, the country's spymaster admitted that the panel of judges that supervises the spooks had "on at least one occasion" halted a surveillance programme on the grounds that it was unconstitutional. Since then the government has battled a lawsuit brought by the Electronic Frontier Foundation, a lobby group, demanding it declassify the court's decision
Three Illusory "Investigations" of the NSA Spying Are Unable to Succeed(Electronic Frontier Foundation) Since the revelations of confirmed National Security Agency spying in June, three different "investigations" have been announced. One by the Privacy and Civil Liberties Oversight Board (PCLOB), another by the Director of National Intelligence, Gen. James Clapper, and the third by the Senate Intelligence Committee, formally called the Senate Select Committee on Intelligence (SSCI)
NSA Paid Tech Companies Millions For Prism(InformationWeek) Leaked documents show taxpayer cost of involving Google, Microsoft and other tech companies in Prism digital dragnet. Who paid the cost of giving the National Security Agency direct access to the systems of nine technology companies, including Facebook, Google, Microsoft and Yahoo? The answer arrived Friday: U.S. taxpayers
U.S. spy agency edges into the light after Snowden revelations(Reuters) There was a time when the U.S. National Security Agency was so secretive that government officials dared not speak its name in public. NSA, the joke went, stood for "No Such Agency." That same agency this month held an on-the-record conference call with reporters, issued a lengthy press release to rebut a newspaper story, and posted documents on a newly launched open website
Snowden suspected of bypassing electronic logs(Anchorage Daily News) The U.S. government's efforts to determine which highly classified materials leaker Edward Snowden took from the National Security Agency have been frustrated by Snowden's sophisticated efforts to cover his digital trail by deleting or bypassing electronic logs, government officials told The Associated Press. Such logs would have showed what information Snowden viewed or downloaded
NSA Analysts Intentionally Abused Spying Powers Multiple Times(Bloomberg) Some National Security Agency analysts deliberately ignored restrictions on their authority to spy on Americans multiple times in the past decade, contradicting Obama administration officials' and lawmakers' statements that no willful violations occurred
In our opinion: Permission, please(Deseret News) On one hand, it should come as little surprise that the National Security Agency secretly cast a broad net over Salt Lake City to intercept private electronic communications during the 2002 Winter Olympic Games. On the other hand, the nature of the surveillance only adds to concerns the NSA has too often leaped past the boundaries of legal propriety in its efforts to thwart terrorism
Love, Redactually: Romantic comedies of the National Security Agency(San Jose Mercury News) What would you do if you could eavesdrop on Americans' online communications? For at least a handful of employees of the National Security Agency, you might use it to read up on your potential romantic interests. In a disturbing practice known as LOVEINT – short for love intelligence, just as HUMINT stands for human intelligence – a few analysts at the spy agency have abused their access to the agency's powerful online databases
How might the feds have snooped on Lavabit?(Ars Technica) Founder no longer thinks his encrypted e-mail service can withstand secret court orders. In 2004, a 22-year-old technology enthusiast named Ladar Levison hatched a venture that fused his passion for open-source software with his belief that privacy was a fundamental right. Using the OpenSSL cryptography library, the Linux-based operating system, and close to 10,000 programming hours, he built what ultimately became Lavabit, an e-mail service that, when used correctly, made it impossible for even him to read the encrypted messages stored on his servers
What Snowden and Manning Don't Understand About Secrecy(The Atlantic) Government often finds bad reasons to keep information hidden, but the recent indiscriminate leaks are foolish. As an old reporter who has from time to time outed classified information, I have watched the cases of Bradley Manning and Edward Snowden with professional interest
Cyber attack lasted months(Sunday Times) Email accounts linked to the Yes Scotland campaign have been hacked for several months, sources close to an investigation into unauthorised access believe. Thousands of emails are thought to have been vulnerable during the cyber attack which continued until late on Wednesday evening, after the campaign team thought their system was again secure
Beware: Internet gang using explicit videos to lure UAE victims(Emirates 24/7) Victims blackmailed to avoid having their videos published on the web: Abu Dhabi police. The Abu Dhabi Police have exposed an international gang that uses clips and scenes from archived sexual videos and a female voice-over to lure male victims in front of webcams and record them while they participate in indecent behaviour
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
4th Annual Cybersecurity Summit(Washington, DC, USA, September 25, 2013) GEN Keith Alexander, Commander of U.S. Cyber Command, Director of the NSA/Chief, Central Security Service and Dr. Pat Gallagher, Director, NIST are among the distinguished speakers confirmed to keynote...
SANS Thailand 201(Bangkok, Thailand, August 19 - 31, 2013) SANS hands-on advanced Information Security training is coming to Thailand this August! SANS is bringing our Web App Penetration Testing course to the Crowne Plaza Bangkok Lumpini Park in Bangkok, Thailand.
TechCrunch Disrupt San Francisco(San Francisco, California, September 7 - 11, 2013) For the fourth year in a row, TechCrunch Disrupt will take over the San Francisco Design Center Concourse, and we're bringing the hottest startups and best minds in the industry with us. Block off September...
SANS CyberCon Fall 2013(Online, September 9 - 14, 2013) With sequestration still in place, organizations are finding themselves with training budgets, but drastically reduced travel budgets. This one-of-a-kind online training event brings SANS' top instructors...
15th Annual AT&T Cyber Security Conference(New York, New York, USA, September 10, 2013) The AT&T Cyber Security Conference is an annual day-long conference offered by the AT&T Chief Security Office. Combining the expertise of its security experts, the scale and reliability of its global IP...
International Common Criteria Conference(Orlando, Florida, USA, September 10 - 11, 2013) FBC invites you to participate in the International Common Criteria Conference (ICCC) taking place in Orlando, Florida. This is the first time since 2000 that the ICCC is taking place in the U.S. The ICCC...
GrrCon(Grand Rapids, Michigan, USA, September 12 - 13, 2013) Says IT World, "Another hacker conference, this time in Michigan. The schedule looks to be bawdy, brash and anything but dull, with hackers promising to "pwn" you before you leave town. There are also...
cybergamut Technical Tuesday: Malware Analysis for the Masses(Columbia, Maryland, USA, September 17, 2013) With malware becoming more prevalent, and the pool of capable reversers falling short of overall need, there is a greater need to provide quick and efficient malware analysis for network defense. With...
Shaping the Future of Cybersecurity Education Workshop(Gaithersburg, Maryland, USA, September 17 - 19, 2013) The third annual Shaping the Future of Cybersecurity Education Workshop will be held at the National Institute of Standards and Technology (NIST) in Gaithersburg, MD and focus on "Navigating the National...
NovaSec!(McLean, Virginia, USA, June 13, 2013) NovaSec! is Northern Virginia's largest Cybersecurity and physical security networking event of the year. We are bringing together security professionals from commercial and government organizations with...
Strange Loop(, January 1, 1970) Meet us in St. Louis, Sept 18-20th, 2013, to make connections with the creators and users of the languages, libraries, tools, and techniques at the forefront of the industry. Find out where we're going…and...
ISSA Cyber Security Forum at Ft Belvoir(Fort Belvoir, Virginia, USA, September 19, 2013) This event will allow personnel from Fort Belvoir the chance to learn about the latest cyber security trends, network with peers, discuss Army best practices and to view and demo some of the latest cyber...
CISO Executive Summit(Atlanta, Georgia, USA, September 19 - 20, 2013) Be on the forefront of a new global initiative where today's world-class leaders in information security will gather to navigate through international waters. Join these leaders as they follow the wind...
2013 Cyber Security Summit(New York, New York, USA, September 25, 2013) The 2013 Cyber Security Summit connects executives responsible for protecting their company's critical infrastructure with innovative product, service and solution providers. The one day event, to be...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.