skip navigation

More signal. Less noise.

Daily briefing.

Israeli officials tentatively attribute recent attacks on industry and government sites to the Chinese "defense industry." Elsewhere in Israel Carmel Tunnel problems remain controversial, with skeptics questioning hacking reports.

November 5, Guy Fawkes Day, beloved by Anonymous, approaches. Observers believe they discern chatter indicating an #OpNSA denial-of-service campaign in the works. The nominally independent but clearly state-supported Syrian Electronic Army assumes an implausible (nonetheless embarrassing) rhetorical high ground, claiming ethical motives for recent exploits.

The Internet Storm Center warns of an "exploit cocktail" targeting three-month old (yet unpatched) vulnerabilities. Attack Secure describes vulnerabilities in Facebook apps for Android exposing user access tokens. The fuss over LinkedIn's new "Intro" feature continues: LinkedIn defends it; researchers call it a man-in-the-middle attack waiting to happen.

Security agencies in the UK and Netherlands warn their business communities against rising cyber crime levels. (The approaching holidays also should prompt businesses everywhere to be on their guard.) Law firms recently worried about becoming the hacker's "soft underbelly" of commerce, but NGOs and not-for-profits shouldn't be overlooked: they offer similarly attractive attack surfaces.

Surveillance allegations give Google a stiff headwind in Brazilian markets. Australia's new government will not relax security strictures against Huawei's participation in national broadband initiatives.

Industry reviews NIST's draft cyber guidelines. Battelle sets a 2015 goal for practical quantum cryptography.

US surveillance travails continue, as the President considers "constraints" and IC staffers feel (off-the-record) hung out to dry. On the record, DNI Clapper releases more FISA documents. Former NSA-defender Senator Feinstein executes a volte-face.

Notes.

Today's issue includes events affecting Australia, Brazil, China, Colombia, France, Germany, India, Israel, Italy, Mexico, Netherlands, Spain, Syria, Sweden, United Kingdom, United States..

Cyber Attacks, Threats, and Vulnerabilities

Israel Suspects China in Failed Cyberattack Vs. Defense Industry (Defense One) Israeli authorities suspect Chinese involvement in a failed cyberattack targeting 140 top defense industry executives and program officials, according to Israel's Channel 2 News

Cyberattack Against Israeli Highway System? Maybe Not (Tom's Guide) Did a cyberattack shut down a major road system in Israel last month? The Associated Press says it did, but security experts who spoke to Tom's Guide weren't so sure

The reality of cyber–war hits home: Israeli road system taken down by Trojan (ITProPortal) One of Israel's major infrastructure hubs was shut down by a cyber-attack in September, according to inside sources. The disclosure comes after the Israel Defence Forces (IDF) Chief of General Staff, Lieutenant General Binyamin Gantz named computer sabotage as one of the primary concerns facing Israel's defence forces in the future

Syrian Hackers Target Obama's Twitter, Facebook Posts (USA Today) The pro-Assad group Syrian Electronic Army claims it hacked the Twitter and Facebook accounts of U.S. President Barack Obama

Web Intelligence Shows Early Signs of OpNSA Cyber Campaign, DDoS Attacks Planned for November 5 (Analysis Intelligence) The U.S. National Security Agency's website was down for roughly 11 hours on Friday. The agency says the downtime was caused by an error during a routine website update; others believe the NSA was hacked ahead of anti-government surveillance protests in Washington, D.C. on Saturday. Web intelligence shows members of Anonymous clearly promoting the physical protests prior to Saturday (the Recorded Future alert shown below was delivered on October 11), and we know that efforts by hacktivists are closely tied to campaigns by activists on the ground. The dates of October 26 and November 5 have been visible in Anonymous circles for weeks

Exploit cocktail (Struts, Java, Windows) going after 3–month old vulnerabilities (Internet Storm Center) When ISC reader Yin reported earlier today that one of their servers had been hacked via the Apache Struts remote command execution vulnerability (CVE-2013-2251), at first this was flagged as "business as usual". Said vulnerability, after all, is known since July, and we've been seeing exploit attempts since early August (diary here). So it wasn't quite a surprise to see an unpatched internet-exposed server subverted. Given the rampant scanning, it was more a surprise that it had survived unscathed until now

Facebook Android Flaws Enable Any App to Get User's Access Tokens (Threatpost) A researcher has discovered serious vulnerabilities in the main Facebook and Facebook Messenger apps for Android that enable any other app on a device to access the user's Facebook access token and take over her account. The same researcher also discovered a separate, similar flaw in the Facebook Pages Manager for Android, an app that

LinkedIn Defends 'Intro' Email Security (Dark Reading) LinkedIn's newest feature, called Intro, stirred up controversy last week when the professional social network introduced it -- and a few other features -- at an event about its mobile offerings. LinkedIn Intro is an opt-in service that lets you connect on a professional level with people you email every day

Security researchers slam LinkedIn's Intro messaging app (FierceMobileIT) LinkedIn defends new email plug-in after experts compare it to man-in-the-middle attacks

Researchers sinkhole several Cryptolocker C&Cs (Help Net Security) The cyber crooks behind Cryptolocker, one of the latest ransomware threats, are having much success in infecting PC users with the deadly malware, but whether the victims fork over the money or not is still unknown

Social Engineers demonstrate the damage that could be caused by information (CSO) Final report from DEF CON 21's SECTF contest reveals how leaving information exposed can empower attackers around the world

Security Patches, Mitigations, and Software Updates

Microsoft SIR Report Highlights Risks of Unsupported Software Ahead of XP Withdrawal (InfoSecurity Magzazine) On April 8 2014, Microsoft will withdraw all support from the XP operating system, despite 21% of the worldwide OS marketplace still using it, and 13% of the UK. The results of the latest Microsoft SIR report prove just how vulnerable this will leave users, according to Microsoft director of Trustworthy Computing, Tim Rains

Cyber Trends

The future? Big data and intelligence driven security (Help Net Security) As we produce and consume an increasing amount of digital data, even the casual user is becoming aware that the way we store and access this data will continue to shift and expand in the near future. The implications of this are even more profound for the IT security industry

Final Summary—13th ICS Cyber Security Conference (Control) More than 180 attendees from electric, water, oil/gas, chemicals, transportation, food, manufacturing, governments, and academia attended the 13th ICS Cyber Security Conference. Attendees were from North America, Europe, Asia, and the Middle East. This is the first year we had to close registration because of seating limitations. We hope to be able to address the seating limitations next year to accommodate more people. As we do not allow taping and I am totally occupied moderating the Conference, the details are skimpy. All of the speakers were very good. I am including what I feel to be the highlites

Cyber–attacks are the greatest threats UK businesses face (Telegraph) Only four per cent uf UK businesses have adequate security measures in place to battle cyber-attacks

Cyber Security Assesment Netherlands (National Cyber Security Center, Ministry of Security and Justice) Cybercrime and digital espionage remain the biggest threats to both governments and the business community. The threat of disruption of online services has increased. Clearly visible in the past year has been the rise of the criminal cyber services sector. Cyber-attack tools are made commercially available through 'cybercrime as a service'

Cheap and ubiquitous biometrics coming, says panel (FierceHomelandSecurity) Biometric identifiers will become more ubiquitous for commercial and government purposes in the coming years, federal officials told a government technology conference Oct. 28

Cyber Monday Attacks Cost Organizations up to $3.4 Million per Hour in Losses, RSA Finds (Wall Street Journal) New Study Shows That While a Majority of Merchants Experience a Spike in Holiday-Timed Attacks; Most Admit to Not Being Able to Detect Them

GCHQ talks to fund groups over cyber attack risk (FundWeb) GCHQ has conducted a number of meetings with some of the UK's largest fund groups in order to try and counter an increasing threat from corporate cyber attacks, says the FT

The Cyber Threat to Non–Governmental Organizations (Sys-Con Media) Over the past year, cyber threats have emerged as a primary concern, particularly with regard to homeland security. Governments, corporations, houses of worship, and non-profit organizations large and small have been the target of cyber-attacks aimed at defacing websites, disrupting networks, stealing information and damaging systems and infrastructure. In outgoing remarks Homeland Security Secretary Napolitano has a warning for her successor: A massive and "serious" cyber-attack on the U.S. homeland is coming, — the likes of which the nation has never seen

Marketplace

NSA Spying Allegations Put Google on Hot Seat in Brazil (Bloomberg) The U.S. National Security Agency's eavesdropping on foreign heads of state from Angela Merkel to Dilma Rousseff is poised to produce its first high-profile corporate casualty: Google Inc.'s operations in Brazil

Enjoy the Cylance (CSO) Cylance has a unique approach to security, designed to identify and block threats before they're really threats

Australia Says Broadband Ban on Huawei Stays (SecurityWeek) Australia's new government on Tuesday said Chinese telecoms giant Huawei will remain shut out of bidding to build Australia's national broadband network on advice from security agencies

Start–up Raises More Cash to Rethink Cyber Security (Inc.) Bromium has big backers and big ambitions. And now flush with another $40 million in VC funding, it's out to rethink how you keep your networks safe

Integralis Completes Name Change To NTT Com Security (Dark Reading) NTT Com Security AG, a provider of global information security and risk management solutions, today announced that Integralis has formally changed its name to NTT Com Security

The seven deadly sins of HealthCare.gov (Ars Technica) A data center failure is the latest in Obamacare site's trail of tears

Contractors point fingers at each other and CMS during healthcare.gov hearing (FierceGovIT) Problems plaguing healthcare.gov should be fixed for most users by the end of next month, former White House official Jeffrey Zients told reporters days into his role as head of the "tech surge" the Obama administration says will resolve the system's technical issues

Products, Services, and Solutions

NetCitadel And Webroot Partner To Bring Security Intelligence To The Enterprise (Dark Reading) NetCitadel, Inc., the pioneer in innovative threat management solutions, and Webroot, a leader in cloud-based security intelligence solutions, today announced their partnership to deliver enhanced security intelligence and threat context to enterprises facing sophisticated security attacks and Advanced Persistent Threats (APTs)

Slide Show: 10 Free Network Defense Tools (Dark Reading) Affordably protect the perimeter and beyond with these handy network security utilities and toolkits

New 'Whistleblower' Portal Lets User Report Incidents Anonymously (Dark Reading) GRC Vendor LockPath offers whistleblower portal to let users anonymously report complaints, security violations. A new Web-based portal could offer employees and other users an anonymous method of reporting complaints or security violations in their enterprises without fear of reprisal

A DIY Tor Wi–Fi Access Point (IEEE Spectrum) Recent revelations about the scope of electronic surveillance performed by the U.S. National Security Agency have provoked considerable debate both inside and outside the United States. Ironically, however, over the past few years, departments within the U.S. federal government have been helping to support a project designed to combat Internet monitoring. The Tor Project permits anonymous Web browsing and publishing, and it has received funding from the U.S. National Science Foundation, the Defense Department, and the State Department. They've backed the project either for research purposes or, in the State Department's case, to assist democratic movements in countries with repressive regimes

Jeremiah Grossman on the Aviator Browser (Threatpost) Dennis Fisher talks with Jeremiah Grossman of WhiteHat Security about the company's new Aviator browser, which employees have used for years, but the company just released as a public project

Apple introduces "cloudless dictation", no longer demands your contact list to understand you (Naked Security) Not everyone was happy about Apple's terms and conditions when it introduced dictation to OS X: speech-to-text was done in the cloud, so Apple got to listen to what you were saying. OS X Mavericks changes that - though apparently more for performance than privacy

5 Ways Google Could Improve Security In Android 4.4 KitKat (ReadWrite) Android security has come a long way since the days when malware filled the Google Play app store. But as Google preps the latest version of Android—version 4.4 KitKat—it still has gaps to fill. In the recent past, many of the security questions that have plagued Android were solved by third-party security vendors. The likes of Lookout, Kaspersky, McAfee and others have patrolled Android, plugging the holes that Google was too busy to see

Trend Micro partners with VMware for secure SDDCs (CIOL) Trend Micro will be discussing the latest advances in virtualized server and VDI security, along with sophisticated capabilities

Google updates reCAPTCHA, makes things easier for users (Help Net Security) Google aims to make life easier for its users and more difficult for botmasters with the introduction of the updated reCAPTCHA tool

Cloud–based service provides anonymous reporting (Help Net Security) LockPath released the Anonymous Incident Portal (AIP), a cloud-based service that lets users securely and anonymously report incidents, complaints, violations and more. The offering lets users submit information to their company first before reporting it to the Security and Exchange Commission (SEC), allowing the company to manage incidents internally before they become public

Technologies, Techniques, and Standards

Antivirus Signature Detection Is Not Effective, Why Would You Still Use It? (Bitdefender Blog) With 2.3 unique malware variations created every second, I will explain to you why it is impossible for signature detection to keep up with the onslaught of new malware and why there is still and need to use signatures to protect your devices

Cybersecurity Framework Offers New Ways for Firms to Look at Security (SIGNAL) Information technology and communications companies doing business with the federal government may want to look at the Preliminary Cybersecurity Framework being released for public comment on October 29

Malware: Identifying the Code is Only Half the Battle (SecurityWeek) The U.S. Department of Commerce's National Institute of Standards and Technology (NIST) has become the go-to source for enterprises looking for sage advice on the intricacies of network security. In August, NIST added a new document to its library of expert advice focused on how to deal with malware: NIST Special Publication 800-83 Revision 1

Social media and digital identity. Prevention and incident response (Security Affairs) The hack of a social media account is a common incident that could have a serious impact of our digital identity. How to prevent it? What to do in case of hack

Visual investigations of botnet command and control behavior (Help Net Security) One of the classic debates in computer science concerns whether artificial intelligence or virtual reality is the more worthwhile pursuit. The advocates of artificial intelligence argue that computers can replace the need for human cognition, and will eventually be able to out-think us. The advocates of virtual reality argue that computer systems augment human intuition more effectively than they replace it, and that a human/machine symbiosis will always be more powerful than machines alone

California Attorney General Issues Guidelines on Medical Identity Theft (eSecurity Planet) Kamala Harris published best practice guidelines for the health care industry, along with tips for consumers

Research and Development

How your compiler may be compromising application security (ITWorld) Researchers at MIT develop a tool to identify code that your compiler may inadvertently remove, creating vulnerabilities

Oracle eyes optical links as final frontier of data–center scaling (IT World) Oracle is exploring silicon photonics, an optical technology drawing widespread interest, as a potential weapon in the battle against data-center power consumption

ACS Picked for DOE Cyber Grant Program (ExecutiveBiz) Applied Communication Sciences has secured funding from the Energy Department to research, build and demonstrate technology intended to help prevent cyber attacks on the nation's smart metering infrastructure

Can quantum cryptography work in the real world? (GCN) Battelle Memorial Institute has built what it claims is the nation's first production system for quantum distribution of cryptographic keys and announced plans to create a 400-mile link enabling quantum-key distribution (QKD) between Columbus, Ohio, and Washington, D.C., by 2015

Legislation, Policy, and Regulation

The New York Times Shreds The Obama Administration As 'Pathetic' On NSA Spying (Business Insider) The New York Times editorial board ripped the Obama administration as "pathetic" in its defenses and assurances on revelations about National Security Agency spying on foreign leaders and citizens of close world allies

India to prepare army of reverse engineers to counter cyber attacks (Times of India) National Security Database, an initiative of Information Sharing and Analysis Center ( ISAC) in association with Ground Zero Summit 2013 on Monday organized a seminar on Reverse Engineering in New Delhi. The seminar was organized to identify and create the need for the most credible and valuable information security professionals in India, especially in reverse engineering, to protect the National Critical Infrastructure and economy of the country

NSA spying will not change Internet governance (ZDNet) The NSA's surveillance of civilians and leaders abroad, now known to include Spain, is guaranteed to generate outrage in those countries. But it won't make any meaningful changes in Internet governance

White House sees need for 'constraints' on NSA spying (Reuters) The White House moved on Monday to reassure U.S. allies and Americans concerned about the sweeping nature of the National Security Agency's surveillance practices by acknowledging that more constraints are needed to ensure that privacy rights are protected

U.S. reviewing spy policies toward allies (USA Today) The Obama administration says that treatment of allies is part of its review of surveillance policies, amid a report that President Obama put a stop to a program that spied on up to 35 foreign leaders

DNI Clapper Declassifies Additional Intelligence Community Documents Regarding Collection Under Section 501 of the Foreign Intelligence Surveillance Act (IC on the record) In June of this year, President Obama directed me to declassify and make public as much information as possible about certain sensitive intelligence collection programs undertaken under the authority of the Foreign Intelligence Surveillance Act (FISA) while being mindful of the need to protect national security. Consistent with this directive, in September 2013, I authorized the declassification and public release of a number of documents pertaining to the Government's collection of bulk telephony metadata under Section 501 of the FISA, as amended by Section 215 of the USA PATRIOT Act (Section 215). Today I am authorizing the declassification and public release of a number of additional documents relating to collection under Section 215. These documents were properly classified, and their declassification is not done lightly. I have determined, however, that the harm to national security from the release of these documents is outweighed by the public interest

White House OKd spying on allies, U.S. intelligence officials say (Los Angeles Times) NSA and other U.S. intelligence agency staff members are said to be angry at President Obama for denying knowledge of the spying

Senator changes tune, now is "totally opposed" to foreign leader surveillance (Ars Technica) "Our oversight needs to be strengthened and increased," says Sen. Dianne Feinstein

Barack Obama surveillance message lost in translation (Politico) From the days of Edward Snowden's first leaks about National Security Agency surveillance, President Barack Obama has tried to calm public fears by stressing that ordinary Americans have nothing to fear

5 Questions to Ask Yourself to Determine if NSA Surveillance Has Made You Safer (LinkedIn) Angela Merkel is irate and Obama red-faced. The US's hypocrisy has been unveiled and damages our ability to influence and work with both enemies and closest allies alike. While the diplomatic soap opera plays out in the major media, I'm focused on the basics: what does the NSA surveillance mean for me personally

Human rights commission questions NSA surveillance (PCWorld) The U.S. government needs to answer for human rights abuses related to the National Security Agency's massive worldwide surveillance of Internet communications and telephone records, privacy advocates told an international human rights board Monday. The NSA is conducting surveillance on "hundreds of millions" of people worldwide, said Steven Watt, a senior staff attorney with the American Civil Liberties Union's Human Rights Program, speaking to the Inter-American Commission on Human Rights (IACHR), part of the Organization of American States (OAS

Righteous indignation over US spying seen as naive in Israel (Fox news) With every passing day bringing new allegations of the U.S. spying on its allies, many Israelis figure they would be naive to believe America wasn't snooping on its closest ally in the Middle East

Is one terrorism death a year really too high a price to pay for freedom from intrusive surveillance? (Graham Cluley) One of the more interesting facets of the case of NSA whistleblower Edward Snowden is the way it has polarised opinion. Normally, that would mean two opposing views, but in this case there seem to be three

How electronic espionage was exposed four decades ago (Sydney Morning Herald) Edward Snowden's exposés of the United States' mass surveillance and electronic espionage programs have made headlines around the world for the past four months

Litigation, Investigation, and Law Enforcement

Alleged Hacker Indicted In New Jersey For Data Breach (Dark Reading) Investigation led by the U.S. Army Criminal Investigation Command-Computer Crime Investigative Unit and the FBI in Newark revealed that Lauri Love allegedly illegally infiltrated U.S. government computer systems

Former FAMU Student Gets Two Years in Prison for Identity Theft (eSecurity Planet) Christopher Wright and two co-conspirators redirected financial aid refunds to prepaid credit cards in their possession

FBI hunt for seven fugitives involved in multimillion–dollar eBay car scam (Naked Security) The FBI has put out a wanted poster and Interpol has issued red notices looking for help in tracking down a gang of seven swindlers who allegedly ran a $3 million (£1.8m) scam, selling cars that were just figments of their very active imaginations

British man charged with hacking NASA and US military computers (ComputerWorld) A British man has been charged with hacking into U.S. government computers and stealing personal data about thousands of employees, then bragging about it on Twitter

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

2013 ACT–IAC Executive Leadership Conference (Williamsburg, Virginia, USA, October 27 - 29, 2013) Advances in technology and massive increases in data available can both challenge and transform Government mission performance. ELC-2013 focuses on how to make this transformation a reality, in and for...

FIRST Energy Symposium (Leesburg, Virginia, USA, October 28 - 29, 2013) Recent reports have shown that the Energy Sector has seen a large increase in the reported number of cyber attacks. The need to protect against threats and improve upon incident management has never been...

SAP NS2: National Security Solutions Summit (Falls Church, Virginia, USA, October 29, 2013) Join us for a day of learning and networking focused on how to advance U.S. national security and homeland security through I.T. innovation. Top-notch speakers will address the new challenges facing U.S.

RSA Conference Europe (Amsterdam, the Netherlands, October 29 - 31, 2013) Information security today isn't optional. It's business-critical. Over three days, RSA® Conference Europe 2013 imparts the must-know actions to manage growing cyber threats. With over 60 sessions spanning...

Regional Cyber Security Forum & IT Day (CSFI) — Hawaii (Honolulu, Hawai'i, USA, October 30, 2013) 2013 marks the 10th anniversary of National Cyber Security Awareness Month and FBC will host the 1st Annual Cyber Security Forum & IT Day (CSFI) at Fort Shafter - Club Hale Ikena to coinside with the anniversary,...

NSA Hawaii — Cyber Security, Intelligence & IT Day (Honolulu, Hawai'i, USA, October 30, 2013) Be a part of the 1st Annual Cyber Security, Intelligence and IT Day set to take place at the new National Security Agency (NSA) Hawaii Rochefort facility. The event will be hosted by NS/CCS Hawaii Technology...

Ahead of the Threat: Driving Innovation for Cyber Security (Bethesda, Maryland, USA, October 30, 2013) Sponsored by the Tech Council of Maryland, this conference will feature a presentation by Sondra L. Barbour, Lockheed Martin Information Systems & Global Solutions (IS&GS) Executive Vice President, will...

TrustED 2013 (Berlin, Germany, November 4, 2013) In this workshop we consider selected aspects of cyber physical systems and their environments. We aim at bringing together experts from academia, research institutes, industry and government for discussing...

OKTANE 1 (San Francisco, California, USA, November 3 - 5, 2013) OKTANE13 is an identity, security and mobility event. Whether you're just getting started with cloud applications, evaluating a mobile strategy, building a hybrid enterprise IT, or looking to make your...

MIRcon 2013 (Washington, DC, USA, November 5 - 6, 2013) With targeted attacks becoming more prevalent, today's incident responders are faced with the tremendous challenge of accelerating their response times while capturing relevant data from attacks in progress.

KMWorld 2013 (, January 1, 1970) KMWorld 2013 is a must-attend event for those concerned with improving their organizations' bottom line, business processes, and productivity, as well as streamlining operations, and accelerating development...

Maryland Art Place Annual Fall Benefit (Baltimore, Maryland, USA, November 9, 2013) Maryland Art Place (MAP) is pleased to announce the participating artists of its 2013 Annual Fall Benefit, the Starlight Dinner - highlighting technology and innovation in contemporary art. The dinner...

cybergamut Technical Tuesday: Location Based, Context Aware Services for Mobile — Today and Tomorrow by Guy Levy-Yurista, Ph.D. (available at various nodes, November 12, 2013) As we continue to grow our dependence on mobile devices in our daily routine from taking pictures to delivering corporate documents, the contexts in which these devices are acting becomes increasingly...

Cyber Education Symposium (Arlington, Virginia, USA, November 19 - 20, 2013) Both the public and the private sectors suffer from a lack of highly trained and effective cyber security leaders. In response, the government, businesses, and academic institutions are all exploring ways...

APPSEC USA (New York, New York, USA, November 18 - 21, 2013) Welcome to Appsec USA 2013, New York - a world class software security conference for developers, auditors, risk managers, and entrepreneurs, bringing you the world's top speakers, the most relevant security...

IT Forum Expo/Black Hat Regional Summit (, January 1, 1970) Black Hat Regional Summit will introduce a mix of local in-region experts and researchers from around the globe, discussing the latest trends in information security with an audience of peers. The sessions...

2nd Annual East Africa IT and Cyber Security Convention 2013 (Nairobi, Kenya, November 28 - 29, 2013) The 2nd Annual East Africa IT and Cyber Security Convention 2013 will bring together leading Cyber and IT Security experts who will provide key insights into critical cybersecurity issues surrounding cyber...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.