Syrian Electronic Army (SEA) pro-Assad hacktivists continue "random" web vandalism. Investigation of the SEA's successful attack on media sites they consider "unfair" to Assad continues, with no malware payloads yet found. (That's not unexpected: the SEA hasn't so far generally used its attacks as malware vectors.)
As the likelihood of Western punitive operations against the Syrian regime rises (French authorities predict some will occur by next Wednesday), fears of an asymmetric cyber response from Syria and its Iranian partner also rise. US banks are particularly concerned.
Last week's Nasdaq flash freeze is now being attributed to a flood of traffic from NYSE's Arca platform as Arca tried to connect to Nasdaq's Securities Information Processor (SIP). SIP couldn't throttle the traffic, and so trading halted.
Bring-your-own-device (BYOD) leads to a new trend in the cyber marketplace: BYOA (bring-your-own-attorney). Multinational firms support cyber talent cultivation with a new academy in the UK.
Several draft information security standards are being circulated, some general, others sector-specific (e.g. aviation).
The European Union intends to push domestic cloud services, significantly over concerns with US surveillance, but also with protectionist and dirigiste motives. Studies indicate that US Government appetite for surveillance data is not unique. It's not even world-leading: the US ranks just seventh in data requests.
As the US President's surveillance policy panel begins work (to considerable skepticism, but the panel may surprise skeptics with its independence), DNI Clapper announces plans to release an annual report giving figures on FISC court orders and national security letters.
Today's issue includes events affecting Australia, Brazil, European Union, France, Germany, Israel, New Zealand, Nigeria, Syria, South Africa, Taiwan, Turkey, United Arab Emirates, United Kingdom, United States..
The CyberWire will take a break Monday to observe the US Labor Day holiday, but we'll resume normal publication Tuesday.
Cyber Attacks, Threats, and Vulnerabilities
Syrian Hackers Promote Assad Government by Vandalising Random Web Sites(Cloudmark) The Syrian Electronic Army (SEA) has been getting a lot of press recently for successful phishing attacks against media outlets that they feel have painted an unfair picture of the Syrian government. In investigating hacked web servers used by spammers we've come across another, smaller, group supporting the Syrian Government. The SeCuR!TY LiONS HaCK3RS (sic) are not hacking into other peoples' web servers to send spam though. They are just doing it to deface the site with a pro-Assad message
US threat: Syria to retaliate with cyber attack?(FirstPost) f the United States attacks Syria, it will be the first time it strikes a country that is capable of waging retaliatory cyberspace attacks on American targets. The risk is heightened by Syria's alliance with Iran, which has built up its cyber capability in the past three years, and already gives the country technical and other support. If Iran stood with Syria in any fray with the United States that would significantly increase the cyber threat, security experts said. Organized cyber attacks have already been carried out by the Syrian Electronic Army (SEA), a hacking group loyal to the government of President Bashar al-Assad
No Proof Of Malware In New York Times DNS Hijacking Attack(Dark Reading) No evidence thus far to confirm that the Syrian Electronic Army embedded malware on redirected Web pages, but investigation continues. Dropping malware isn't the usual M.O. for the Syrian Electronic Army (SEA): The pro-Assad hacktivist group is best-known for loudly spreading its message -- or even fake news -- via hijacked high-profile websites and Twitter accounts of media and other organizations, not for amassing bots or infecting machines. So when some security experts yesterday reported that malware may have been embedded in the Web pages the attackers redirected The New York Times website to, it signaled a possible shift in strategy by the group
Hack attacks, explained(Harvard Gazette) Computer network hackers calling themselves the Syrian Electronic Army earlier this week disrupted The New York Times' website for nearly a day and electronic publishing on the Twitter social network for several hours. Also targeted were the Huffington Post and other media outlets
Israel Prepares for Possible Cyber Attack(The Media Line) Israelis are lining up to get government-issued gas masks and stocking up on batteries and water just in case an American attack on Syria causes Syria or its ally
Inside the Response to the New York Times Attack(Threatpost) Late Tuesday morning, one of the engineers in CloudFlare's San Francisco office saw a message on Twitter saying that the New York Times Web site was down. Minutes later, more messages appeared, as security researchers and others began looking into the situation and realized that someone may have compromised the site's DNS records. Understanding the ramifications of that sort of attack, if that's in fact what it was, Matthew Prince, CloudFlare's CEO sent an email to Rajiv Pant, the CTO of the Times, saying that the company's engineers would be available if Pant needed some help figuring out the situation. He did
U.S. Banks Seen as Targets of Syrian Cyber–Attacks(American Banker) The U.S. is planning for a possible wave of computer attacks against companies by hackers connected to Syria or Iran in retaliation for any military strike against the government of Bashar al-Assad, according to a person familiar with the planning. The National Security Agency has tapped hackers' computers in the Middle East to assess their ability to disrupt power grids, financial systems or other critical infrastructure, according to another person familiar with those operations
UAE twitter disruption blamed on Syrian hackers' US attack(The National) Users of one of the world's most popular social media sites have been experiencing problems with the service this morning. The browser-based version of Twitter was non-responsive to many in the UAE from just after 8am on Wednesday
Shutdown at Nasdaq Is Traced to Software(New York Times) Though the Nasdaq market calls itself home for the stocks of the world's biggest technology companies, the exchange acknowledged on Thursday that a three-hour halt in trading arose from a problem with its software. The Nasdaq OMX Group, the parent company, on Thursday released preliminary findings that provided the clearest official insight into what caused the trading halt, being called in trading circles as the "flash freeze"
Nasdaq operator admits partial blame for outage(Computer Weekly) Last week's three-hour shutdown of the tech-heavy Nasdaq raised fears over cyber attacks, but now the company that owns and operates the stock exchange has admitted partial responsibility. However, the Nasdaq OMX Group also blamed rival stock exchange operator NYSE Euronext for swamping Nasdaq's systems with "a stream of inaccurate symbols", according to the BBC
Rendering bug crashes OS X and iOS apps with string of Arabic characters(Ars Technica) CoreText bug crashes any iOS 6 and OS X programs that use the API. There's a new bug in town, and it's here to crash your Mac and iPhone applications. Posters in a HackerNews thread from late yesterday have discovered that it's possible to crash Web browsers and other apps running on current versions of iOS and OS X by making them render a specific, nonsensical string of Arabic characters. The title of the HackerNews thread implies that the issue is with the WebKit browser engine, but it actually affects any browser or application that uses Apple's CoreText API to render text. Ars Microsoft Editor Peter Bright has taken great pleasure in sending the text string to his co-workers, which has crashed the Limechat IRC client and Adium chat client, among other programs
PCs with Security Software May Still be Infected, Says Bitdefender(Finance Post) Online security vendor Bitdefender has warned consumers that installing an Internet security software in a PC may still not be an assurance that the computer would not be infected by a virus. The company said a wrong impression by PC users might expose them to potential risks
New Trojan Malware Disguises as Fake Xerox Scans(Finance Post) Online security vendor Bitdefender has warned office workers against responding to an email that invites them to open and download a supposed scanned file by a Xerox machine. According to the Internet security firm, such emails are among a series of messages in a new spam campaign that aims to infect unsuspecting victim's PC systems with the Trojan virus
Forget "post–PC"—pervasive computing and cloud will change the nature of IT(Ars Technica) In the next five years, mobile tech and analytics will change how we work. Change happens in IT whether you want it to or not. But even with all the talk of the "post-PC" era and the rise of the horrifically named "bring your own device" hype, change has happened in a patchwork. Despite the disruptive technologies documented on Ars and elsewhere, the fundamentals of enterprise IT have evolved slowly over the past decade
Dropbox reverse engineering an omen for software industry(PCWorld) The risks of relying on the cloud have been discussed at length, but security researchers are about to add a new danger that users will soon have to worry about: Reverse engineering the software directly. In a new paper, "Looking inside the (Drop) box" [PDF], security pros Dhiru Kholia and PrzemysBaw Wegrzyn outline in painstaking detail the steps they took to successfully decode the program that makes up the Dropbox user client, essentially opening it (and their would-be victims' accounts) up for direct attack
Would you publicly report a security breach?(Help Net Security) Recent research by AlienVault revealed that only 2% of surveyed EU companies would be willing to go public should they suffer a security breach. 38% opted to inform the relevant authorities and 31% said
Information Security's Real Threat: Oversharing(InformationWeek) Too much sharing and too little risk and security management are bad for business, especially among SMBs. It's a safe bet Voltaire wasn't thinking of Facebook when he wrote those words, but it's a useful warning for businesses now enjoying the growing clout of social media. Reaching thousands of customers by dashing off a quick sentence and hitting 'Share' is both great and powerful -- but too much sharing without enough risk management can be bad for business
Why The NSA Is The Least Of Your Cloud Concerns(Forbes) Revelations over the NSA's aggressive data collection have ignited fears that customers will abandon U.S. cloud companies—or even cloud computing itself. The fears are unfounded and will dissolve. Here's why
How Worried Should Small Businesses Be Regarding Cyber Security?(Forbes) By some estimates, network-based attacks, such as DDOS (short for Distributed Denial of Services), which have the ability to take down large computing networks, have increased by 700 percent this year. Targeted DDOS attacks against internet service providers, domain registrars, web hosting providers, and individual businesses have been known to cripple thousands of websites simultaneously for extended periods of time
Growing Your eCommerce Business Through Security(McAfee Blog Central) With online shopping already a major part of U.S. retail sales culture, it is crucial for merchants to figure out how to differentiate themselves from the competition. While there are many factors that determine the success of an eCommerce business, building trust is one of the most important when it comes to reducing shopping cart abandonment and boosting sales. To build this trust, businesses need to ensure that site visitors feel sufficiently comfortable sharing personal details like credit card and billing information. In addition to backend security like firewalls and web application protection, confidence elements like trustmarks can help improve customer confidence and ultimately lead to an increase in traffic
Carlos Salazar Promoted to IntelliDyne CFO(GovConWire) Carlos Salazar, who joined IntelliDyne in 2010 from Accenture, has been promoted to chief financial officer at the Falls Church, Va.-based public sector consulting firm
Northrop to Acquire Australia's Qantas Airways Defense Unit(GovConWire) A Northrop Grumman Corp. (NYSE: NOC) subsidiary has reached an agreement to buy Qantas Airways' defense business for an undisclosed amount as Northrop looks to further its international strategy. Northrop Grumman Australia Pty Ltd.'s acquisition of Qantas Defence Services Pty Ltd. could wrap up in 2014 after meeting several conditions, Northrop Grumman said Wednesday. Wes Bush, Northrop Grumman chairman, CEO and president, said the QDS buy will help expand the company's unmanned, C4ISR, cyber and logistics and modernization platform
Proxynet partners Fire Eye solution to tackle cyber attack on Businesses in West Africa(Business Daily) As part as of its effort to provide solution to protect important data and information of financial organisation, government and businesses from incidence of cyber attack, Proxynet Communications Limited has committed over 80,000 US dollars in partnership with Fire Eye, a US based web malware protection system company to safe guard data of corporate organisations against the upsurge of cyber attacks
WatchGuard updates email and web security appliance(Help Net Security) WatchGuard Technologies introduced the WatchGuard XCS 880, which is designed to meet the email and web-based content security needs of large enterprises. Delivering 20 percent more processing power
Blackbag Technologies: Blacklight® 2013 R2 Software Release(Forensic Focus) BlackBag Technologies, Inc., a leading developer of forensics software and training solutions, today announced the immediate availability of BlackLight 2013 R2, a comprehensive iPhone, iPad, Mac OS X, and Windows forensic analysis tool. This latest release includes improved data search and processing speeds, and advanced evidence mapping and analysis features
Oxygen Forensic Suite 2013 Enhances Mobile Analytics with Links and Stats(Forensic Focus) Oxygen Software has updated its flagship mobile forensic product, Oxygen Forensic Suite 2013, enhancing mobile analytics with Links and Stats view. Replacing previously available Communication Statistics with revised Links and Stats view, the update helps mobile forensic specialists analyzing users' communication statistics by aggregating information from a wide range of sources such as calls and messages, emails, numerous social networks, chats, instant messengers and other types of applications
Forensic Explorer Fast Shadow Copy Access Added(Forensic Focus) Australian software company GetData Forensics adds Volume Shadow Copy analysis to Forensic Explorer. "Volume Shadow Copies are a potential gold mine for the forensic investigator" said GetData Managing Director John Hunter. "Until recent times they have often been overlooked due to difficulty of access. Forensic Explorer changes this"
Technologies, Techniques, and Standards
Administration Previews Optional Industry Cyber Standards(NextGov) The Obama administration has released a draft of computer security protocols for companies that operate key systems, such as chemical plants and the electric grid. The document admittedly does not address privacy issues
Making sense of your logs(SC Magazine) As organizations continue to embrace cloud, mobility and agility-driven business models, formerly well-defined network boundaries evolve into virtual bridge and termination points. So, is it sufficient to continue with the traditional log-aggregation model that drives security information and event management (SIEM)
IPv6 To Complicate Threat-Intelligence Landscape(Dark Reading) A common type of Internet-based threat intelligence is the assigning of reputation scores to the source of traffic, usually expressed as a certain Internet address or domain. Yet, with the gradual--some would say "glacial"--move to the Internet Protocol Version 6 (IPv6) address scheme, the Internet's address space will grow from merely big to nearly infinite. The vastness of the address space will cause problems for many threat-intelligence firms, from allowing attackers to use a new address for every attack to causing a rapid expansion in the size of the database needed to track the data on various sources, says Tommy Stiansen, chief technology officer for Norse, a real-time threat intelligence provider
Implement ISO 27001 according to current 2005 revision, or wait for new 2013 revision?(ISO 27001 & ISO 22301 blog) Currently, the most repeated question I hear from companies implementing ISO 27001 is: "I heard a new revision of ISO 27001 is soon to be published - what should we do? Should we wait for the new revision or implement the standard according to the currently valid revision from 2005?" My suggestion is: if you can finish it rather quickly, use the current 2005 revision; if you are just starting, go straight away with 2013 revision. Here's why
Open security isn't just software, say government open source advocates(FierceGovernmentIT) Open source advocates within government say the many eyeballs approach to creating software functionality can extend to improving system cybersecurity. The Homeland Security Department has quietly for a few years now run a program dubbed Homeland Open Security Technology, adding money for development of an open source intrusion detection and prevention engine known as Suricata and funding FIPS 140-2 validation of an open source toolkit for implementation of SSL and TLS known as OpenSSL
NIST discussion draft of cybersecurity framework leaves many unanswered questions(FierceGovernmentIT) A discussion draft of the preliminary cybersecurity framework still leaves a lot of the implementation details undecided, acknowledge National Institute of Standards and Technology officials. NIST released the discussion draft (.pdf) Aug. 28 in anticipation of a fourth workshop on the framework set to be held in Dallas Sept. 11-13. A preliminary framework is due this October, with a finalized version due in February
Big Mother is watching you(Financial Times) When Apple introduced the Find My iPhone app three years ago, its aim was to help people locate their lost smartphones. But EJ Hilbert, a 43-year-old former FBI officer, had a better idea - installing the app on his three children's devices, so that he could track them wherever they went
Pushing for Perfect Forward Secrecy, an Important Web Privacy Protection(EFF) When you access a Web site over an encrypted connection, you're using a protocol called HTTPS. But not all HTTPS connections are created equal. In the first few milliseconds after a browser connects securely to a server, an important choice is made: the browser sends a list of preferences for what kind of encryption it's willing to support, and the server replies with a verification certificate and picks a choice for encryption from the browser's list. These different encryption choices are called "cipher suites." Most of the time, users don't have to worry about which suite the browsers and servers are using, but in some cases it can make a big difference
Doxing : The Dark Side of Reconnaissance(Infosec Institute) Doxing is a coin with two sides. Doxing can be used for security, research and collecting proof for investigation in one hand but in other hand, it can be used for cyber harassment and other serious cyber issues. But here, after lots of research, I learned that Doxing is a part of Reconnaissance, which generally focuses on its dark side. So before entering into the dark side, let's first understand the bright side i.e. Reconnaissance
AIAA Releases Cybersecurity White Paper(AINonline) The American Institute for Aeronautics and Astronautics (AIAA) has expressed concern about the lack of an international agreement on tackling the cybersecurity threat to commercial aviation around the world. The group gave the warning in a new white paper published on August 13 called A Framework for Aviation Cybersecurity
Making Intrusion Prevention and Malware Protection Work Together to Combat Modern Attacks(SecurityWeek) There's a lot of talk in the security industry and among organizations about the threats we face - malware, advanced persistent threats, zero-days, targeted attacks, viruses, Trojans, Distributed Denial of Service attacks, worms, phishing…the list goes on and on. But no matter how you parse it, it all comes down to threats. More specifically, two fundamental types of threats: known and unknown
Research and Development
Let Me Answer That For You: Exploiting Broadcast Information in Cellular Networks(Technische Universitãt Berlin and Deutsche Telekom) Mobile telecommunication has become an important part of our daily lives. Yet, industry standards such as GSM often exclude scenarios with active attackers. Devices participating in communication are seen as trusted and non-malicious. By implementing our own baseband firmware based on OsmocomBB, we violate this trust and are able to evaluate the impact of a rogue device with regard to the usage of broadcast information. Through our analysis we show two new attacks based on the pag- ing procedure used in cellular networks. We demonstrate that for at least GSM, it is feasible to hijack the trans- mission of mobile terminated services such as calls, per- form targeted denial of service attacks against single sub- scribers and as well against large geographical regions within a metropolitan area
Dust: A Blocking–Resistant Internet Transport Protocol (University of Texas) Censorship of information on the Internet has be en an increasing problem as the methods have become more sophisticated and increasing resources have been allocated to censor more content. A number of approaches to counteract Internet censorship have been implemented, from censorship - resistant publishin g systems to anonymizing proxies. A prerequisite for these systems to function against real attackers is that they also offer blocking resistance. Dust is proposed as a blocking - resistant Internet protocol designed to be used alone or in conjunction with e xisting systems to resist a number of attacks currently in active use to censor Internet communication. Unlike previous work in censorship resistance, it does not seek to provide anonymity in terms of unlinkability of sender and receiver. Instead it provid es blocking resistance against the most common packet filtering techniques currently in use to impose Internet censorship
DARPA Demos Mobile Network Tech(ExecutiveGov) The Defense Advanced Research Projects Agency has ended phase one of field-testing of its Content-Based Mobile Edge Networking program, kicking off the next stage of the project aimed to mature the technology
University of Fairfax partners with Defense Acquisition University on Cybersecurity(CivSource) Earlier this week CivSource reported on the Big Data Institute announced by the University of Virginia and its possible overlapping work with the state's cyber security initiative Semper Secure. Now, the University of Fairfax and Defense Acquisition University are joining in. Military and civilian government employees and contractors who have completed Defense Acquisition University (DAU) coursework may now be able to receive graduate credit towards a master's or doctoral degree in cybersecurity from the University of Fairfax (UoF)
University cybersecurity: Different, but still the same(GCN) Universities are shoring up their cybersecurity strategies amid a rising wave of attacks on their networks. Schools from the University of North Carolina to the University of California at Berkeley have doubled the size of their IT staffs and/or budgets in order to address the problem
Snowden Leaks $52 Billion Intelligence Budget, Reveals "Offensive Cyber Operations"(TechCrunch) National Security Agency leaker and new Russia resident Edward Snowden has leaked a top-secret $52 billion intelligence budget to the Washington Post. The partially redacted budget reveals the successes and shortcomings of the United States' sprawling intelligence apparatus, as well as the justifications for top-line budget items
New Snowden Leak Reports 'Groundbreaking' NSA Crypto–Cracking(Wired) The latest published leak from NSA whistleblower Edward Snowden lays bare details of the U.S. government's highly classified 2013 intelligence budget, and makes the first reference in any of the Snowden documents to a "groundbreaking" U.S. encryption-breaking effort targeted
The Coming Standoff Between Tech Companies and Government(Wired) Given X-Keyscore was a program primarily designed to intercept unencrypted internet traffic, you could be forgiven for interpreting Facebook's post as a middle finger pointed in NSA's direction. This heralds a looming standoff between technology companies like Apple, Facebook, and
Clapper to Publish Numbers of Secret Spying Orders(ABC News) The nation's top intelligence official said Thursday that he'll now release figures every year on how many new top secret court orders and national security letters are issued and how many people are targeted because of them
The Definitive NSA Parody Site Is Actually Informative(Forbes) When I was working on a story about how much information the NSA data center in Utah might actually hold, a colleague sent me a link to this site, suggesting that the NSA was actually pretty transparent about its plans in Bluffdale. The "nsa.gov1.info" site had maps and photos of the data center, an overview of the plan for the site, and a description of the equipment that would be used there, as well as links to relevant articles. While the site looks very much like the NSA's and much of the information – as gleaned from news articles – is accurate, it's a parody site that takes on the bureaucrasona of the fictional "Domestic Surveillance Directorate"
Litigation, Investigation, and Law Enforcement
Injunction to continue in Miranda press freedoms case: expedited Judicial Review to be heard in October to scrutinise Government assertions(Bindmans) Last week, Mr Miranda made an urgent application for an interim injunction to stop inspection of the documents seized from him when he was detained at Heathrow airport on 18 August. His application was based on the principle that police and Government officials should not be able to use terrorist powers unlawfully to gain material from journalists and then inspect that material freely while the lawfulness of their actions is still being determined by a Court. As Lord Justice Laws made clear at the hearing 'All bets are off' as to the legality of the Defendants' actions. The court granted an injunction that permitted the Government access to the material seized on narrowly defined grounds
Kim Dotcom Blasts New Zealand Police 'Cover-up'(SecurityWeek) Megaupload founder Kim Dotcom accused New Zealand police of selectively applying the law Friday after they opted not to prosecute intelligence officials who illegally spied on him
Customer lawsuit tied to Symantec source code hack dismissed(SC Magazine) A California judge has dismissed a customer lawsuit stemming from the 2006 theft of its security product source code from Symantec. U.S. District Court Judge Jon Tigar, sitting in San Francisco, tossed the case because the plaintiff, Texas resident Kathleen Haskins, failed to demonstrate that the product she purchased was among those impacted by the breach, according to court documents. The dismissal was made following a motion filed by Symantec
Snowden suspected of bypassing electronic logs(InformationSecurity) The U.S. government's efforts to determine which highly classified materials leaker Edward Snowden took from the National Security Agency have been frustrated by Snowden's sophisticated efforts to cover his digital trail by deleting or bypassing electronic logs, government officials told The Associated Press. Such logs would have showed what information Snowden viewed or downloaded
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
SANS Thailand 2013(Bangkok, Thailand, August 19 - 31, 2013) SANS hands-on advanced Information Security training is coming to Thailand this August! SANS is bringing our Web App Penetration Testing course to the Crowne Plaza Bangkok Lumpini Park in Bangkok, Thailand.
SANS Thailand 201(Bangkok, Thailand, August 19 - 31, 2013) SANS hands-on advanced Information Security training is coming to Thailand this August! SANS is bringing our Web App Penetration Testing course to the Crowne Plaza Bangkok Lumpini Park in Bangkok, Thailand.
TechCrunch Disrupt San Francisco(San Francisco, California, September 7 - 11, 2013) For the fourth year in a row, TechCrunch Disrupt will take over the San Francisco Design Center Concourse, and we're bringing the hottest startups and best minds in the industry with us. Block off September...
SANS CyberCon Fall 2013(Online, September 9 - 14, 2013) With sequestration still in place, organizations are finding themselves with training budgets, but drastically reduced travel budgets. This one-of-a-kind online training event brings SANS' top instructors...
15th Annual AT&T Cyber Security Conference(New York, New York, USA, September 10, 2013) The AT&T Cyber Security Conference is an annual day-long conference offered by the AT&T Chief Security Office. Combining the expertise of its security experts, the scale and reliability of its global IP...
International Common Criteria Conference(Orlando, Florida, USA, September 10 - 11, 2013) FBC invites you to participate in the International Common Criteria Conference (ICCC) taking place in Orlando, Florida. This is the first time since 2000 that the ICCC is taking place in the U.S. The ICCC...
GrrCon(Grand Rapids, Michigan, USA, September 12 - 13, 2013) Says IT World, "Another hacker conference, this time in Michigan. The schedule looks to be bawdy, brash and anything but dull, with hackers promising to "pwn" you before you leave town. There are also...
cybergamut Technical Tuesday: Malware Analysis for the Masses(Columbia, Maryland, USA, September 17, 2013) With malware becoming more prevalent, and the pool of capable reversers falling short of overall need, there is a greater need to provide quick and efficient malware analysis for network defense. With...
GovConnects Business Breakfast: Surviving Sequestration(Elkridge, Maryland, USA, September 17, 2013) This Business Breakfast will feature presentations by seasoned professionals in the field of government contracting as they share best practices for dealing with current challenges of doing business in...
Shaping the Future of Cybersecurity Education Workshop(Gaithersburg, Maryland, USA, September 17 - 19, 2013) The third annual Shaping the Future of Cybersecurity Education Workshop will be held at the National Institute of Standards and Technology (NIST) in Gaithersburg, MD and focus on "Navigating the National...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.