skip navigation

More signal. Less noise.

Daily briefing.

Anarcho-syndicalist hacktivists (particularly those of Anonymous) apparently struggle with limiting (or even thinking about, let alone anticipating) the collateral damage they do. Boston Children's Hospital suffered a denial-of-service attack over Easter weekend. (It didn't happen in this case, but hacktivists who pivot between systems are particularly likely to affect medical devices.)

Vulnerabilities are found in both NetSupport (a remote management app) and Viber (mobile messaging) that place information at risk of compromise.

Kaspersky finds the Android banking Trojan "FakeInst" in the US. FakeInst's vector poses as an app for downloading free pornographic videos (this shouts "risky" about as clearly as can be imagined).

Heartbleed continues to preoccupy administrators (and so can serve as misdirection for unrelated exploits). It also prompts widespread rethinking of open source development practices.

Apache's recent Struts zero-day patch is faulty, and a new one is expected by Monday.

To return to healthcare cyber security issues, Wired runs a good overview of what the risks are and why they persist: essentially, medical devices are networked to improve healthcare productivity. Why not, for example, enable care from a nursing station? Some vendors and users are reluctant to patch because they fear having to vet patched devices through the FDA. (But the FDA has had a cyber security exception in place since 2005.) The FBI warns healthcare providers that they need to up their cyber game, and the US Department of Health and Human Services puts financial teeth into medical privacy, extracting million dollar settlements for lost unencrypted laptops.

Notes.

Today's issue includes events affecting Brazil, Canada, France, India, Mexico, Russia, United Kingdom, United States..

Cyber Attacks, Threats, and Vulnerabilities

Activism's slippery slope: Anonymous targets children's hospital (CSO) Supporters of the faceless collective known as Anonymous have taken up the cause of a young girl. However, the methods used to show support may have unintended consequences, which could impact patient care

NetSupport vulnerabilty allows information leakage (Help Net Security) NetSupport is an application that allows corporations to remotely manage and connect to PCs and servers from a central location, to provide desktop support

Here we go again: Viber mobile messenger app leaves user data unencrypted (Naked Security) Viber, a mobile messenger app that allows users to make phone calls and send text messages and images for free, also gives up plenty of free user data to anyone who wants to listen

Researchers spot SMS Trojan active in the US (Help Net Security) For the first time ever, Kaspersky Lab researchers have detected an active SMS Trojan in the United States. The malware in question is an SMS-sending Android Trojan dubbed "FakeInst", and was first spotted in February 2013 targeting Russian users

French orgs targeted with social engineering attacks (Help Net Security) Over the last year, Symantec researchers have been following and warning about exceptionally effective and sophisticated malware delivery / phishing campaigns that have been targeting mostly French organizations

Heartburn from Heartbleed forces wide-ranging rethink in open source world (CNet) Experts caution that the notorious security bug heralds "open season on open source" and will force changes in how open-source code gets vetted as secure

Heartbleed: Quick Turnaround in Open Source Reporting (Recorded Future) By now you've certainly heard of Heartbleed. This security flaw allows hackers to steal protected information without leaving a trace, which means just about everyone is vulnerable to a cyber attack. Between the Heartbleed Bug and the recent expiration of Windows XP support, security teams have had their hands full the past few weeks. It's clear information security is an ongoing process with no end in sight

We Heart It turns off Twitter sharing following spam (CSO) A social network for sharing image collections has turned off sharing on Twitter after a large spam run referenced the service

How bank hackers stole £1.25 million with a simple piece of computer hardware (Graham Cluley) On 4 April 2013, Darius Bolder, walked into the Swiss Cottage branch of Barclays bank in North London and — posing as an IT technician — managed to gain entry to the back office

DrDoS attacks to reach 800 Gbps in 2015 (Help Net Security) While the network time protocol (NTP) DrDoS threats that became prevalent in early 2014 have been contained, new distributed reflected denial of service threats will lead to attacks in excess of 800 Gbps during the next 12 to 18 months

Mobile bad bots running across most top mobile operators (Help Net Security) During 2013, Distil Networks fingerprinted and catalogued 2.2 billion bad bots, or 31 percent of the bad bots that exist in Distil's database of 7-billion bad bots

Covert Bitcoin miner found stashed in malicious Google Play apps (Ars Technica) Titles raise questions about Google's ability to police its own market

Why It's Insanely Easy to Hack Hospital Equipment (Wired) When Scott Erven was given free reign to roam through all of the medical equipment used at a large chain of Midwest health care facilities, he knew he would find security problems—but he wasn't prepared for just how bad it would be

Security Patches, Mitigations, and Software Updates

Apache Warns of Faulty Zero Day Patch for Struts (Threatpost) The Apache Software Foundation today released an advisory warning that a patch issued in March for a zero-day vulnerability in Apache Struts did not fully patch the bug in question

Apple Patches iPhones, iPads, iMacs and MacBooks Against Critical Security Holes (Graham Cluley) If you are using Apple computers or iDevices, I recommend that you update your operating system as soon as possible — because on Tuesday the Cupertino-based firm published some critical security updates

Cyber Trends

FBI warns healthcare info security is 'too lax' (ITNews) The FBI has warned US healthcare providers their cybersecurity systems are lax compared to other sectors, making them vulnerable to attacks by hackers searching for customers' personal medical records and health insurance data

Hacker-Threat Sharing Has Companies Waiting Amid Breaches (Bloomberg) President Barack Obama's plan to protect the U.S. from hackers was supposed to let more companies access classified data on computer threats so banks, utilities and other targets would be able to boost their cybersecurity. Fourteen months later, it hasn't happened

Verizon Blockbuster Data Breach Report Is Bad News for Organizations (Huffington Post) Verizon has published a blockbuster report on Internet "data breaches" which has garnered major headlines because it fingers Eastern Europe (primarily Russia) as a greater source of attacks than those from East Asia, primarily China. Prepared with the cooperation of 50 companies in different parts of the world, the Verizon study classifies "data breaches" into different categories —but the two most important stand out visibly from all the others. These are "point of sale" attacks and "cyber espionage" attacks

Infographic: Most firms that suffer a major data loss close down within 24 months (FierceITSecurity) Close to three-quarters of businesses that suffer a major data loss close down within 24 months, according to an infographic put together by security firm Imprima

McAfee says online gambling fuelling cybercrime (IT Wire) Cybercrime is still on the rise and specialist hacking skills and cyber attacks are being paid for via untraceable payments through online gambling sites, according to a research paper released today by security firm McAfee

Kaspersky Warns of Surge in Bitcoin Cybercrime (eSecurity Planet) Cyber attacks targeting Bitcoin accounted for a total of 8.3 million incidents in 2013

India third-biggest threat frontier in cyber world, says Symantec report (Business Standard) Symantec's 'Internet Security Threat Report' says country ranks third in contribution to malicious cyber activities

Nine out of ten employees don't use password security on mobile devices (CSO) A new survey has sounded alarm bells for employers after it revealed only one in ten employees use a pin or password on their mobile devices

Data Security: Think Outside The Box (Dark Reading) What the public and private sector can learn from each other's data security priorities is an exercise in nuance that is well worth the effort. Here's why

CHDS Speaker: Hackers Critical to Defeating Cyber Threats (Targeted News Service Via TMCnet) The Naval Postgraduate School Center for Homeland Defense and Security issued the following news release: Hackers are potential resources that can aid in the fight against cyber-terror far better than government bureaucrats, says internationally known security researcher Robi Sen

Marketplace

Chinese government sticks with Windows XP over 'expensive' Windows 8 (V3) The Chinese government has said Windows 8 is too expensive to be used as a replacement to Windows XP and is instead looking to patch millions of machines running the ancient operating system despite support ending earlier this month

For crowdsourced security startup, a carrot and a hack (Fortune) Kleiner Perkins' latest bet on cybersecurity? Crowdsourced hacking and a new company called Synack

Why Integrata Security chose Maryland (MDBizNews) Integrata Security is a rising star in Maryland's cybersecurity community. Currently housed in the bwtech@UMBC Research and Technology Park, the startup has developed high-level threat detection and prevention for wireless networks through constant monitoring of all data and all channels

The Real Winner of the Afghan War Is This Shady Military Contractor (Daily Beast) The State Department paid out $4 billion to rebuild Afghanistan. Some $2.5 billion of that went to a single firm with a bad, bad past

Snowden disclosures hurt intelligence agencies' recruitment (SFGate) The Edward Snowden disclosures of National Security Agency surveillance certainly have awakened concerns in a portion of our country that feels strongly about the protection of civil liberties. Snowden's disclosures seem to have created a perception that the values of the intelligence community are not American values, that its activity is inconsistent with our ideals. The disclosures have also created a breach between U.S. technology firms (many of which reside here in Silicon Valley) and the U.S. intelligence community, which have enjoyed a close partnership since 9/11

Mozilla's Denelle Dixon-Thayer: Trading Away Your Privacy (Reason) Don't trust Facebook or Google with your personal information? You're not alone. A recent Reason-Rupe poll found that when it comes to their personal info, more Americans trust even the National Security Agency or the Internal Revenue Service over Google or Facebook. Mozilla's Vice President of Business and Legal Affairs, Denelle Dixon-Thayer, says "data hygiene" should be something every new or established tech company should be thinking about

Tech titan funding just a start in securing critical open-source projects (CSO) Security experts say a formal, enterprise-class product development structure is also needed

Google+ Is Walking Dead (TechCrunch) Today, Google's Vic Gundotra announced that he would be leaving the company after eight years. The first obvious question is where this leaves Google+, Gundotra's baby and primary project for the past several of those years

Report: Google to end forced G+ integration, drastically cut division resources (Ars Technica) Report says 1000-1200 employees will be moved from Google+ to other divisions

Products, Services, and Solutions

WatchGuard APT Blocker Offers Protection From Hidden Threats (ChannelBiz) Advanced-threat visibility has been added to WatchGuard's UTM and Next-Gen Firewall appliances

Review: Zscaler Secure Cloud Gateway (eSecurity Planet) Reviewer Matt Sarrel appreciates the technical support resources available for the Zscaler Secure Cloud Gateway

Storyful's Verification Tech Could Stop Fake News From Spreading On Facebook (TechCrunch) Twitter is the king of real time news, but people's eagerness to retweet juicy stories sometimes outweighs their willingness to verify the facts first, leading them to parrot misinformation. That's why the most intersting thing about Facebook's partnership with Storyful to create a Newswire isn't about refferal traffic or helping journalists find things to cover. It's that putting Storyful's news verification process in the spotlight could make the Internet more trustworthy

Cisco Announces OpenAppID — the Next Open Source 'Game Changer' in Cybersecurity (Cisco Blogs) One of the big lessons I learned during the early days, when I was first creating Snort®, was that the open source model was an incredibly strong way to build great software and attack difficult problems in a way that the user community rallied around. I still see this as one of the chief strengths of the open source development model and why it will be with us for the foreseeable future

AVG, Avira, Avast — Is a free download antivirus enough? (Gamer Headlines) Paying more usually gets your better things in life. This is not always the case when it comes to desktop security, given the fact that free antivirus apps are often on-par with premium versions that you have to spend considerably on. Naturally, there are always benefits for using the premium antivirus programs, but when talking strictly about security, a free antivirus that's free to download is often more than enough. Before deciding if you should spend any money on premium protection, it's important to establish what exactly you'd need from the antivirus to begin with

Technologies, Techniques, and Standards

How to Automatically Block Sites Vulnerable to Heartbleed (McAfee Blog Central) There's been a tremendous amount of activity over the past few weeks in response to the Heartbleed bug discovered in OpenSSL, an open source tool used by thousands of web sites to encrypt web traffic. The bug enables an attacker to obtain a random 64K chunk of memory which could contain sensitive information, such as a user ID or password. The result has been a mad scramble to fix the vulnerability by the many web site owners and security software vendors who rely on OpenSSL

Google Gmail Security Changes to Block NSA: What It Really Means for You (Decoded Science) Google changes its security settings for Gmail last month. The extra encryption will mean that nobody can read emails that are sent over various networks, and was an answer to the controversy surrounding the National Security Agency (NSA)

Academia

Parents win against cloud storage of US students' private information (Naked Security) People are a little touchy about data collection nowadays. They were most certainly touchy about inBloom, a non-profit that was offering to house and manage student data for public school districts across the US by extracting a dizzying array of information

High school students are all about computers but get little instruction in computer science (Washington Post) Their lives swirl in technology, but the nation's high school students spend little time studying the computer science that is the basis of it all. Few are taught to write lines of code, and few take classes that delve into the workings of the Internet or explain how to create an app

Hands on fun at HacKid 2014 (Help Net Security) Last weekend, families and tech industry leaders descended on The Tech Museum of innovation in San Jose, California, for HacKid 2014. We had a great turnout for the event — reaching capacity through advanced ticket sales with over 200 attendees, including parents with children ages 5-17. We were thrilled to again see such great cultural and gender diversity across presenters and participants, with nearly 50% of attendees and 40% of our presenters represented by females

U.S. super leaker Snowden appointed 'rector' of Glasgow University (Examiner) The former National Security Agency (NSA) contractor, Edward Snowden, who is hailed as a whistleblower by supporters and a traitor by opponents, was officially named the student rector of Scotland's University of Glasgow on Wednesday, a position that requires his representing students on the university's governing committee, according to European news outlets

Legislation, Policy, and Regulation

Brazilian president signs internet civil rights law (The Register) Marco Civil bill enshines 'net neutrality', 'privacy' as law

Putin calls Internet 'CIA project' that must be controlled (Washington Times) Russian President Vladimir Putin charged Thursday that the Internet is a project developed and ran by the CIA, and that Russia will continue to fight to squelch dissent online

In Mexico, Hagel Focuses on Crime, Cyber and Natural Disasters (DefenseOne) There's the pivot to Asia, the growing threat of terrorism in the Middle East and North Africa, the continuing conflict in Ukraine, serious budget cuts at home. And then there's Canada and Mexico

If You Have a 'Secret' Clearance, Prepare for Greater Scrutiny (National Defense) The Pentagon is wrapping up an eight-month effort to overhaul security policies to deal with "insider" threats. The focus is on trying to prevent a repeat of the Sept. 16 Washington Navy Yard shooting when a contractor employee with a secret clearance killed 12 coworkers

Lawmakers petition for open NSA debate (CBS News) Once the full House starts debating legislation to reform the National Security Agency, any member of the House should be able to offer amendments, one Democratic congressman insists

Litigation, Investigation, and Law Enforcement

Stolen laptops lead to important HIPAA settlements (FierceITSecurity) Two entities have paid the U.S. Department of Health and Human Services Office for Civil Rights (OCR) $1,975,220 collectively to resolve potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules. These major enforcement actions underscore the significant risk to the security of patient information posed by unencrypted laptop computers and other mobile devices

Defence argues FBI probe of a 9-11 defendant's legal team member has 'staggering' implications (AP via the Nanaimo Daily News) The defence team for five people facing trial before a war crimes tribunal stemming from the Sept. 11, 2001 terror attacks claimed the implications of the FBI's questioning of one of its members are "staggering" and called on the court to probe the incident aggressively, according to a motion unsealed on Wednesday

U.S. Secret Service Has 171 Cybercrimes Under Investigation (Wall Street Journal) The U.S. Secret Service has prevented about $12 billion in losses from cybercrime and arrested more than 4,900 people since it initiated its computer crime investigations 30 years ago, the agency's deputy director said Tuesday

Investigating Cyber Crime At The Local Level (WNIJ) Victims of internet crimes don't always know where to turn for help. If there's money involved, they might call their bank. They can also reach out to federal authorities. But trying to navigate the proper channels can be confusing. Local police can sometimes serve as a first response, even if the perpetrator is thousands of miles away

Feds argue for warrantless phone search to avoid suspects kill-switching evidence (Naked Security) We carry wallets, purses, address books, and briefcases. If police in the US arrest us, they've long had the authority to search this type of wearable, portable stuff

Low-level federal judges balking at law enforcement requests for electronic evidence (Washington Post) Judges at the lowest levels of the federal judiciary are balking at sweeping requests by law enforcement officials for cellphone and other sensitive personal data, declaring the demands overly broad and at odds with basic constitutional rights

Millions in Tax Refunds Obtained Through Massive Identity Theft Conspiracy (WESA) Federal investigators in Western Pennsylvania have uncovered a national identity theft scheme that has been in operation for nearly a decade. Thieves used stolen IDs to open bank accounts, obtain credit cards and file fake tax returns that caused the IRS to pay millions in fraudulent funds

Miami Resident Gets 81 Months in Prison for Identity Theft, Tax Fraud (eSecurity Planet) Brandon James used at least 121 stolen identities to file fraudulent tax returns seeking more than $862,000 in refunds

Five Charged in Identity Theft Scheme with Thousands of Victims (FierceITSecurity) Five individuals from around the United States have been indicted by a federal grand jury in Erie on charges of conspiracy to commit wire fraud and aggravated identity theft, United States Attorney David J. Hickton announced today

'Acid House King' jailed for sophisticated cyber attack on UK banks (Telegraph) The organiser of the infamous 'Sunrise' parties, Tony Colston-Hayter, is jailed for five and a half years for masterminding a sophisticated cyber theft of £1.5m from bank accounts

Putney man jailed for £1.25m cyber attack (Your Local Guardian) A 25-year-old man has been jailed for his role in a sophisticated cyber attack stealing more than £1.25m

Silk Road vendor pleading guilty to selling massive amounts of illicit drugs (Ars Technica) "SuperTrips" sold everything from cocaine and ecstasy to LSD and marijuana

Department of Homeland Security secretary puts ex-watchdog on leave (AP via Northwest Herald) The secretary of the Department of Homeland Security put the agency's former internal watchdog on administrative leave Thursday following the release of a Senate report that concluded he was too cozy with senior agency officials and improperly rewrote, delayed or classified some critical reports to accommodate President Barack Obama's political appointees

Privacy watchdog awaits report on data loss in own office (Montreal Gazette) The federal privacy commissioner will receive on Friday the findings of an internal investigation into an embarrassing loss of sensitive information of approximately 800 current and former federal employees

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

SANSFIRE (Baltimore, Maryland, USA, June 21 - 30, 2014) For more than 10 years, the Internet Storm Center has been providing free analysis and warning to our community. SANSFIRE 2014 is not just another training event. It is our annual "ISC Powered" event.

US News STEM Solutions: National Leadership Conference (, January 1, 1970) The STEM crisis in the United States demands solutions—and nowhere is the search more concentrated than at U.S. News STEM Solutions. Now in its third year, this premier national leadership conference is...

East Africa Banking and ICT Summit (Kampala, Uganda, April 25, 2014) The global event series for Banking and ICT Summit enters its third year. The summit will continue to provide delegates with technical & practical sessions, lectures and showcase for banking and ICT innovations,...

National Collegiate Defense Cyber Competition (, January 1, 1970) Registration for the 2014 CCDC season is underway! Visit your region's website or contact your regional for registration and competition information.

InfoSecIndy (Indianapolis, Indiana, USA, April 26 - 27, 2014) Join us on April 26-27, 2014 in Indianapolis, Indiana for the premier Midwest Information Security and Digital Forensics Conference.

United States Cyber Crime Conference 2014 (, January 1, 1970) This is the only event of its kind that provides both hands-on digital forensics training and an interactive forum for cyber professionals to network. The conference covers the full spectrum of topics...

Infosecurity Europe 2014 (, January 1, 1970) Infosecurity Europe is Europe's number one Information Security event. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and over 12,000...

Cyber COMSEC and IT Day at Fort Huachuca (, January 1, 1970) This one-day vendor expo is a unique opportunity to demonstrate your products and services to military and civilian personnel at Fort Huachuca. Exhibitors will have a casual atmosphere to share ideas,...

cybergamut Technical Tuesday: Malware Reverse Engineering (Columbia, Maryland, USA, May 6, 2014) An introduction to the tools, workflows, and tricks of the trade to attack sophisticated malware by Dale Robson of CyberPoint. Industry standard cyber security products do a good job in blocking and defending...

Kirtland AFB — Cyber Security Seminar & Information Technology Expo (Albuquerque, New Mexico, USA, May 7, 2014) Join FBC and the Armed Forces Communications & Electronics Association (AFCEA)-Albuquerque Chapter for the Cyber Security Seminar & Information Technology Expo set to take place at Kirtland Air Force Base.

US Secret Service Cybersecurity Awareness Day (Washington, DC, May 8, 2014) This Cybersecurity event will be the first of its kind at the USSS. There will be 2-3 opportunities for participating companies to present a 1/2 hour presentation on a Cybersecurity topic of concern to...

SANS Security West (, January 1, 1970) SANS Security West will arm information security professionals with the necessary insight to prepare their organization for today and the future. Attendees will have the opportunity to advance their information...

HackMiami 2014 (Miami Beach, Florida, USA, May 9 - 11, 2014) The HackMiami 2014 Hackers Conference seeks to bring together the brightest minds within the information security industry and the digital underground. This conference will showcase cutting edge tools,...

Eurocrypt 2014 (, January 1, 1970) Eurocrypt 2014 is the 33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques. It is devoted to all aspects of cryptology.

ISPEC 2014 (Fujian, China, May 12 - 14, 2014) The ISPEC conference series is an established forum that brings together researchers and practitioners to provide a confluence of new information security technologies, including their applications and...

CyberWest (Phoenix, Arizona, USA, May 13 - 14, 2014) Cyber threats affect all industry sectors and impact individuals, businesses and governments. From hacktivists to advanced persistent threats, conducting business on-line exposes individuals, corporations...

GovSec 2014 (Washington, DC, USA, May 13 - 14, 2014) GovSec is the nation's premier event for Government, Homeland Security, and Law Enforcement professionals looking for proven strategies and cost effective technology so they can achieve their mission of...

Cyber Security for National Defense Symposium (, January 1, 1970) DSI's Cyber Security for National Defense Symposium is designed as an educational and training "Town Hall" forum, where thought leaders and key policy-makers across military and civilian organizations...

FOSE Conference (Washington, DC, USA, May 13 - 15, 2014) Spend 1 day or 3 days at the FOSE conference and leave with actionable information, covering a broad spectrum of trending topics including: Cybersecurity, Cloud and Virtualization, Mobile Government,...

INFILTRATE (, January 1, 1970) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Groundbreaking researchers focused on the latest technical issues will demonstrate techniques that you cannot...

Security BSides Denver 2014 (Denver, Colorado, USA, May 16, 2014) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...

Security Start-up Speed Lunch NYC (New York, New York, USA, May 19, 2014) Our goal for this inaugural event is to connect the most promising security startups in the world with decision-makers at aerospace, asset-management, banking, communications, defense, energy, healthcare,...

CEIC 2014 (Las Vegas, Nevada, USA, May 19 - 22, 2014) It's no exaggeration to say that CEIC is the biggest digital-investigations conference of its kind and the only one to offer hands-on lab sessions and training for practical skills development. From sessions...

The Device Developers' Conference: Bristol (Bristol, England, UK, May 20, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...

Positive Hack Days (, January 1, 1970) Positive Hack Days is the international venue for the unification of progressive forces of the IT industry. It is about innovators interested in information security problems; it is fresh blood and bright...

Georgetown Law: Cybersecurity Law Institute (, January 1, 1970) A day does not go by where cybersecurity is not in the news. In fact, according to a recent national survey conducted by FTI Consulting, cybersecurity is the number one issue on the minds of general counsels...

NSA Mobile Technology Forum (MTF) 2014 (, January 1, 1970) The Mobile Technologies Forum is an annual event that attracts SIGINT, Information Assurance, HUMINT, Federal Law Enforcement, Counterintelligence and Government personnel from the United States, Australia,...

CyberMontgomery Forum: Center of Gravity (Rockville, Maryland, USA, May 22, 2014) Cybersecurity will be a major growth engine in the region for many years to come. With solid federal government, industry and academic assets already in place in the region, there is still a need to bring...

Cyber Risk Summit (Washington, DC, USA, May 22, 2014) This one-day leadership conference will provide a discussion forum for business executives, insurance companies and policymakers on more effective private and public responses to cyber risk management.

The Device Developers' Conference: Cambridge (Cambridge, England, UK, May 22, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...

Fort Meade Technology Expo (, January 1, 1970) The Ft. Meade Technology Expo is a one-day event held at the Officers' Club (Club Meade) on base. Industry vendors will have the unique opportunity to showcase their products and services to personnel...

CANSEC (, January 1, 1970) CANSEC is Canada's foremost defence tradeshow. A two-day event, CANSEC will feature 120,000 square feet of indoor exhibits by Canada's leading edge defence companies, as well as an outdoor static display.

Hack in The Box Security Conference (HITBSecConf) Amsterdam (, January 1, 1970) HITBSecConf Amsterdam is a gathering of network security professionals and enthusiasts who come from all corners of the globe to discuss the next generation of attacks and defense techniques. This is not...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.