skip navigation

More signal. Less noise.

Daily briefing.

Anonymous calls for a "day of rage" over Ferguson, Missouri, today.

Assad-sponsored (or at least supporting) malware worries observers in MENA and South Asia: it may be difficult for its operators to contain (if its operators care).

Reports surface that confidential files relating to the disappearance of MH370 were exfiltrated early in the investigation from Malaysian government systems to servers in China.

Kaspersky reports discovering a cyber-espionage campaign (they're calling it "Machete") that's focused on "high profile victims, including government, military, law enforcement agencies and embassies" for the past four years. Most of the targets are in Latin America, but the campaign has also been active in Russia, and (at significantly lower levels) North America and Europe.

Motives of the Community Health Systems hackers (still apparently Chinese) remain the subject of speculation, but the hack's enabling conditions are clearer, and overdetermined: loose patching, poor crypto, ineffectual network monitoring, inadequate data segmentation, and, oh, Heartbleed.

UPS discloses it's recently been the victim of Backoff retail point-of-sale malware. UPS says it contained the breach rapidly.

Gameover's rise from the botnet dead is being managed cautiously, the better to escape another swift takedown.

Bitcoin is being widely used as phishbait in targeted attacks on organizations.

Journalists seek to make our flesh creep with credible takes of 911 and traffic light vulnerabilities.

Stoners relax as the "Facebook Drug Task Force" is revealed to be a hoax.

Interesting comparisons are made between the cyber and maritime domains (but caveat lector — such compelling analogies can mislead).

Notes.

Today's issue includes events affecting Austria, Canada, China, Colombia, Cuba, Ecuador, European Union, India, Ireland, Israel, Malaysia, Peru, Russia, Spain, Syria, United Kingdom, United States, and Venezuela.

Cyber Attacks, Threats, and Vulnerabilities

#OpFerguson: Anonymous Calls For 'National Day Of Rage' against Mike Brown Shooting (HackRead) The online hacktivist collective Anonymous has announced a "National Day of Rage" to protest against the response of Ferguson police after the shooting of 17 yr Mike Brown. The protest can be massive as it will take place on Thursday (21/08/2014) in 37 cities across the United States

Syrian malware is lurking, is dangerous (Deccan Chronicle) The geopolitical conflicts of the Middle East have deepened in the last few years, particularly in Syria. The cyberspace conflict there is intensifying as sides try to tip the struggle in their favor by exploiting cyber intelligence and making use of obfuscation. Kaspersky Lab?s latest threat research has unveiled a whole range of malware related to Syria, using a variety of techniques including sophisticated social engineering tricks. Even though new malicious samples appear every day, users should have an understanding of these techniques and tools currently being used to target users in the Middle East and especially Syrian citizens

Malaysian investigators 'hacked' for confidential MH370 records (SC Magazine) Around 30 computers at Malaysian law enforcement agencies looking into the disappearance of the MH370 airplane have reportedly been hacked, with perpetrators making off with confidential data on the aircraft

Chinese hackers targeted the MH 370 investigation and appear to have stolen classified documents (Quartz) Chinese hackers targeted the computers of high-ranking officials from the Malaysian government and Malaysia Airlines and stole classified information during the early stages of the investigation into missing flight MH 370

Machete cyber espionage campaign targeting Latin America (Help Net Security) Kaspersky Lab discovered a new cyber-espionage campaign code-named Machete. This campaign has been targeting high profile victims, including government, military, law enforcement agencies and embassies for at least four years

Heartbleed Not Only Reason For Health Systems Breach (Dark Reading) Community Health Systems' bad patching practices are nothing compared to its poor encryption, network monitoring, fraud detection, and data segmentation, experts say

Why Would Chinese Hackers Steal Millions of Medical Records? (Bloomberg) A group of sophisticated Chinese hackers known for its high-stakes corporate espionage has a history of stealing medical-device blueprints, prescription-drug formulas and other valuable intellectual property from large health-care companies

Debugging The Myths Of Heartbleed (Dark Reading) Does Heartbleed really wreak havoc without a trace? The media and many technical sites seemed convinced of this, but some of us were skeptical

Severity of Attacks against Organizations Escalated (Trend Micro: Simply Security) Another massive healthcare breach has occurred this week, and it supports research and intelligence we are seeing as described in our Q2 Threat Roundup

UPS hit by cyber attack (Financial Times) United Parcel Service is among a new wave of retailers that have been targeted by cyber criminals, with data from more than 100,000 transactions exposed at franchises across the US

'Reveton' ransomware adds powerful password stealer (ComputerWorld) Avast thinks its controllers are trying to diversify after profits have fallen

Latest Gameover botnet lays low, looking to resist takedown (Ars Technica) The botnet that the government shut down is back, with some changes

Spam industry reinvented as messages containing malicious links surge (CSO) Malicious links now in one in six spam emails

Cybercriminals Embark on Bitcoin Phishing Expedition (SecurityWeek) Attackers are playing on the hype around the crypto-currency Bitcoin to cast a wider phishing net looking for victims. It's not just bank credentials cyber-criminals are looking for

Workers at U.S. nuclear regulator fooled by phishers (CSO) Nuclear Regulatory Commission employees were tricked into disclosing passwords and downloading malware

Microsoft detects fall in fake antivirus traffic (Beta News) Rogue security programs that try to trick the user into paying to remove a false virus detection have been around for a while, the earliest dating back to 2007. The software is clever, using different names and brands to cover its tracks, and clearly their perpetrators make money

Analysis reveals many malicious Chrome extensions (Help Net Security) An analysis of 48,332 browser extensions from the Chrome web store has revealed 130 outright malicious and 4,712 suspicious extensions, some of which have been downloaded by millions of users

Exploit kits put Silverlight security issues in focus (TechTarget) Silverlight security issues will demand more attention as attackers increasingly target the plug-in, leaving users vulnerable to various exploits

Incapsula mitigates multi-vector DDoS attack lasting longer than a month (SC Magazine) From the middle of June to nearing the end of July, security company Incapsula helped a targeted video game company withstand a nonstop distributed denial-of-service (DDoS) attack utilizing numerous vectors

How Hackers Could Mess With 911 Systems and Put You at Risk (Wired) The female caller was frantic. Why, she asked 911 dispatchers, hadn't paramedics arrived to her home? She'd already called once to say her husband was writhing on the floor in pain

Hacking Traffic Lights Is Apparently Really Easy (Time) Security researchers in Michigan reveal vulnerabilities in crucial roadway infrastructure

'Facebook Drug Task Force' hoax cranks up the paranoia (Naked Security) Marijuana users around the world heaved a sigh of relief and went back to ordering pizza delivery after it was revealed that the "Facebook Drug Task Force" (FDTF) and its new militarized corporate police force were a hoax

Cyber Trends

Some Principles of Cyber Strategy (ISN) Although cyberspace has existed for decades, the strategic principles of cyber-warfare have not yet been devised. In beginning to do so, John J. Klein believes that similarities between the cyber and maritime domains suggest that the thought of Sir Julian Corbett should be used as inspiration

Cyber Crime Opens New Portals Offers New Solutions (Guardian Liberty Voice) Another medical group falls to a cyber crime; this one apparently funded by a group in China or possibly the Chinese government itself. This particular internet attack was more brazen and included the theft of more than 4.7 million personal data records and Social Security numbers belonging to patients with Community Health Systems Inc., located in Franklin, Tennessee. The cyber group recognized as APT18, is generally acknowledged as the instigator of the invasion. Cyber crime opens new portals of opportunity. New alternatives on the horizon offer solutions

WVU professor: Cyber crimes 'an immense challenge' (Independent Herald) The announcement last week that a Russian crime organization had stolen the credentials of 1.2 billion Internet users has shaken the technology world

Smart city control networks being architected more securely than SCADA (CSO) Advocates of heavily instrumented 'smart city' infrastructure are acutely aware of the legacy left by insecure SCADA control systems and are instrumenting modern industrial-control networks with a higher degree of security, according to smart-cities architect Silver Spring Networks

A Second Act For The Internet Of Things (TechCrunch) There has been a lot of talk in the venture capital industry about automating the home and leveraging Internet-enabled devices for various functions

Healthcare mobility is balancing act between security and usability (FierceMobileIT) Protecting some of the most personally sensitive information for the most security-conscious government agencies is no small task, and a panel of government healthcare experts said their primary challenge is to balance security with the ease of use that mobility brings

Customers welcome C-suite advocate, CipherCloud chief trust officer reports (CSO) Working as a chief trust officer has given Bob West a new perspective on the conversations security companies are having with customers ? and his experience so far has convinced him that a growing number of companies are going to find value in appointing board-level executives to act as data-security liaisons between customers and the executive

MDM vendors come up short on security (FierceMobileIT) While BYOD has increased the productivity of today's workers, it has also introduced a range of security threats, such as malware, direct attacks, data loss or theft and social engineering

In drone wars, dogfights won't be in the air but in the spectrum (Defense Systems) Like other senior officers in kindred offices in the Defense Department, Col. Jim Ekvall, who heads up the Army?s Electronic Warfare Division, is concerned with how to answer the looming threat of enemy UAVs to U.S. and allied unmanned fleets

What it feels like to be the last generation to remember life before the internet (Quartz) Technology has a lot to answer for: killing old businesses, destroying the middle class, Buzzfeed. Technology in the form of the internet is especially villainous, having been accused of everything from making us dumber (paywall) to aiding dictatorships. But Michael Harris, riffing on the observations of Melvin Kranzberg, argues that "technology is neither good nor evil. The most we can say about it is this: It has come"

Marketplace

Making the World a Better Place While Helping an Acquisition Succeed (The Wall Street Transcript) Several years ago, Cryptography Research was in talks with Rambus about a potential acquisition. The opportunity was exciting, and would bring a chance to grow and transform the company I had started in 1995. For both entrepreneurs and acquirers, however, acquisitions are scary — even for Cisco, which knows more about acquiring than almost any other company, about a third of acquisitions fail

Lockheed Martin Growing Its Cyber, Big Data Business (National Defense) Rapid innovations in information technology and changes in the geopolitical environment — including events such as the conflict in the Gaza Strip and the rise of the Islamic State of Iraq and the Levant — all point to the military's need for large amounts of quickly digestible data

Northrop Grumman Wins US Navy CANES Shipboard Network Full Deployment Contract (MarketWatch) The U.S. Navy has selected Northrop Grumman Corporation NOC, +0.91% as one of five contractors for the Consolidated Afloat Networks and Enterprise Services (CANES) full deployment production contract to upgrade cybersecurity, command and control, communications and intelligence (C4I) systems across the fleet. The indefinite delivery, indefinite quantity multiple award contract has a potential value of $2.5 billion over eight years

500,000 Chinese ATM machines ripe for Israeli security (Times of Israel) Fresh off a mission protecting fans at the World Cup, RISCO will now protect cash machines in China

Hexis Cyber Solutions Announces Reseller Agreement With Accuvant (GlobeNewswire via Nasdaq) Hexis Cyber Solutions (Hexis), a wholly-owned subsidiary of The KEYW Holding Corporation (Nasdaq:KEYW), and a provider of advanced cybersecurity solutions for commercial companies and government agencies, today announced a reseller agreement with Accuvant, a leading provider of information security solutions serving enterprise-class organizations across North America

CSC Vet Sam Visner Joins ICF as Cybersecurity Business SVP, GM (GovConWIre) Sam Visner, a 35-year cybersecurity and intelligence veteran and a former Computer Sciences Corp. (NYSE: CSC) executive, has joined ICF International as senior vice president and general manager of the Fairfax, Virginia-based company?s cybersecurity business

Products, Services, and Solutions

Microsoft mulled on rebranding Internet Explorer to bury bad reputation (Tech Times) Internet Explorer, which has a user share of 58 percent, may be the most popular internet browser in the world. The percentage is almost triple the twenty percent share held by Google's Chrome which places the browser second in the rank

Twitter Pollutes The Timeline (Tech Crunch) If your Twitter stream is looking a little more crap (random) than usual there's a concrete reason for that: Twitter has made a behind-the-scenes change which means it's algorithmically adulterating the mix of content you see. Not that they're putting it like that, of course

Sentinel Elite: Adding $250,000 Worth of Breach Protection (WhiteHat Security) A week ago WhiteHat launched Sentinel Elite where we made a bold statement, perhaps one of the boldest statements any security vendor can make. We're offering a financially backed security guarantee: if a website covered by Sentinel Elite gets hacked, specifically using a vulnerability we didn't identify and should have, the customer will be refunded in full

Using the iStorage datAshur Personal secure USB flash drive (Help Net Security) The iStorage datAshur Personal is a PIN-activated USB flash drive designed for everyday use, both private and corporate. The drive comes in three sizes: 8GB, 16GB and 32GB. I tested the 8GB version

Panda Free Antivirus 2015 (PC Magazine) Having two distinct lines can be tough for an antivirus vendor. Your products can wind competing with one another. Panda Security is no longer in that position

Multi-device protection from eScan and AV test certification for eScan Internet Security Suite (ITWeb) eScan Universal Security Suite ensures a safe computing experience for Windows and Linux PCs, Macs, Android mobiles and tablets with just a single licence key

Technologies, Techniques, and Standards

Big Data Overwhelms Security Teams (eSecurity Planet) Experts say increased automation and better analytics will help security teams overwhelmed by Big Data

TOR Browser Hardening Features Under Scrutiny (Threatpost) Tor is a target like never before. The NSA has made no bones about its disdain for the anonymity network, and someone, allegedly researchers from Carnegie Mellon University, were recently on the network trying to de-anonymize users of its hidden services

4 Tips: Protect Government Data From Mobile Malware (InformationWeek) Mobile malware continues to proliferate, particularly on Android devices. These four steps help counter the threat

AlienVault Releases Intrusion Detection Systems (IDS) Best Practices (Hacker News) Network security practitioners rely heavily on intrusion detection systems (IDS) to identify malicious activity on their networks by examining network traffic in real time

How Twitter's new "BotMaker" filter flushes spam out of timelines (Ars Technica) Sifting spam from ham at scale and in real time is a hard problem to solve

Putting Data in Perspective With Web Intelligence (Recorded Future) Government and private sector threat intelligence analysts are awash in data: both proprietary and open source. The evaluation of both — all-source analysis — provides analysts the perspective they need to communicate risk and better task (often expensive) resources at their disposal. Leveraging web intelligence (WEBINT) can effectively apply open sources to this process

Mobile device security: Tackling the risks (Help Net Security) Mobile devices with their large data capacities, always on capabilities, and global communications access, can represent both a business applications? dream and a business risk nightmare

GCHQ helps with cyber attack game (Press Association via Yahoo! News) A new game created by a British intelligence agency depicting a cyber attack on the UK is being used to raise awareness and test the public's ability to deal with online security

Research and Development

Researchers build security framework for Android (CSO) U.S. and German researchers develop hooks for attaching enterprise-class security modules to Android

How to Break Cryptography With Your Bare Hands (MIT Technology Review) The latest way to snoop on a computer is by measuring subtle changes in electrical potential as data is decrypted

The Next Battleground In The War Against Quantum Hacking (MIT Technology Review) Ever since the first hack of a commercial quantum cryptography device, security specialists have been fighting back. Here's an update on the battle

Academia

From CERDEC's Outreach Program STEMs a New Generation of Scientists (SIGNAL) College students of today are studying for jobs that have yet to be conceived — an insight into the rapidity at which fields of science, technology, engineering and mathematics are transforming

Six cyber security master's degrees certified by GCHQ (Acumin) Cabinet Office Minister Francis Maude has announced six new master's degree courses in information security, with certification to be awarded by GCHQ

More Women Entering Cybersecurity Fields Aided By Industry Scholarship Program (Homeland Security Today) Sherri Pearlman, a former Marine Corporal pursuing her master's degree at National University — a National Center of Academic Excellence in Information Assurance Education by the National Security Agency (NSA) and Department of Homeland Security (DHS) — is among 11 recipients of the Women Studying Information Security (SWSIS) scholarship program which aims to increase the number of women pursuing careers in information security-related fields

Vice President Biden Congratulates Winners of National Collegiate Cyber Defense Competition (White House) Vice President Joe Biden speaks to the 2014 National Collegiate Cyber Defense Competition Champions from the University of Central Florida, in the Indian Treaty Room in the Eisenhower Executive Office Building, in Washington, D.C., August 19, 2014

Legislation, Policy, and Regulation

Spy agency mishandled information about Canadians: watchdog (CTV News) Canada's electronic spy agency intercepted — and kept — several private communications of Canadians last year in violation of internal policies on personal information

'Big data' lobbyist: Congress doesn't want online privacy law (The Hill) A lobbyist for one of the top companies that trades in consumer data is confident that Congress won?t set rules for how online marketers use information about consumers

FCC Republican wants to let states block municipal broadband (Ars Technica) Democrats warned not to take action a future Republican-led FCC would dislike

Litigation, Investigation, and Law Enforcement

Antivirus Works Too Well, Gripe Cybercops (Wall Street Journal) For years, police have been in a cat-and-mouse game with an unexpected foe that can frustrate investigations — antivirus software

European Facebook Class Action Suit Attracts 60K Users As It Passes First Court Hurdle (TechCrunch) Some developments around the class action suit filed against Facebook in Europe earlier this month over alleged privacy violations

Group files complaint, charging that US companies are violating EU citizens' privacy (FierceGovernmentIT) The Federal Trade Commission is reviewing a complaint filed by a consumer privacy group, which is alleging that 30 U.S. companies, including Adobe, AOL and Salesforce.com, are collecting personal data on European Union citizens without their consent or knowledge, violating an international framework

Google et al slammed by justice chief over 'right to be forgotten' (Naked Security) Europe's Commissioner for Justice, Martine Reicherts, has slammed Google and other opponents of the 'right to be forgotten' ruling, claiming that they are attempting to undermine the reform

Counterfeit U.S. Cash Floods Crime Forums (Krebs on Security) One can find almost anything for sale online, particularly in some of the darker corners of the Web and on the myriad cybercrime forums. These sites sell everything from stolen credit cards and identities to hot merchandise, but until very recently one illicit good I had never seen for sale on the forums was counterfeit U.S. currency

Stolen data allegedly used by Irish credit unions to find debtors (CSO) Classic social engineering tactics were used to deceive civil servants

Cyber Crime: Law Enforcement Fights Back (ITBusinessEdge) While cyber crime continued to dominate headlines and wreak havoc on organizations of all sizes across nearly every industry in the first half of 2014, it's refreshing to note law enforcement also stepped it up. A surge of activity against individuals and criminal organizations occurred, resulting in scores of arrests, indictments and convictions

Kicking the stool out from under the cybercrime economy (CSO) CSO Online spoke with Shape Security's Wade Williamson at this year's Black Hat USA conference about the economy of cybercrime and how it can be weakened

'Anonymous' Hackers Plead Guilty to Minor Charge in US for Cyber-Attacks (NDTV) Four members of the hacking group Anonymous pleaded guilty to a misdemeanor charge on Tuesday after a judge had earlier questioned whether prosecutors had treated the defendants too harshly for their crimes

Digital data links Inland Empire men to suspected terrorist activity (San Bernadino Sun) The playlist on Upland terrorism suspect Miguel Santana?s I-pod wasn?t like that of most college-aged men. No rock, hip hop or dub step. Instead, what FBI Special Agent Michael Nader said he found on Santana?s I-pod following his arrest was more than a dozen audio files of lectures by Islamic extremists

Mother tracks down Facebook predator who lured son away from home (Naked Security) When parents nag their kids about not talking to strangers - not on the street, not on the playground, and definitely not online - this is the kind of guy they're worried about

These six lawsuits shaped the internet (The Verge) If these cases had ended differently, we would live in a very different world

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Workshop on Cryptographic Hardware and Embedded Systems 2014 (CHES 2014) (Busan, Korea, September 23 - 26, 2014) The annual CHES workshop highlights new results in the design and analysis of cryptographic hardware and software implementations. CHES provides a valuable connection between the research and cryptographic...

Nullcon 2015 (Goa, India, February 4 - 7, 2015) Nullcon discusses and showcase the future of information security, next-generation of offensive and defensive security technology as well as unknown threats

Upcoming Events

Resilience Week (Denver, Colorado, USA, August 19 - 21, 2014) Symposia dedicated to promising research in resilient systems that will protect critical cyber-physical infrastructures from unexpected and malicious threats—securing our way of life.

AFCEA Technology & Cyber Day (Tinker AFB, Oklahoma, USA, August 21, 2014) The Armed Forces Communications & Electronics Association (AFCEA) — Oklahoma City Chapter will once again host the 10th Annual Information Technology & Cyber Security Day at Tinker AFB. This is the only...

c0c0n: International Information Security and Hacking Conference (, January 1, 1970) c0c0n, previously known as Cyber Safe, is an annual event conducted as part of the International Information Security Day. The Information Security Research Association along with Matriux Security Community...

Build IT Break IT Fix IT: Build IT (Online, August 28, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...

The Hackers Conference (New Delhi, India, August 30, 2014) The Hackers Conference is an unique event, where the best of minds in the hacking world, leaders in the information security industry and the cyber community along with policymakers and government representatives...

SEACRYPT 2013 (Vienna, Austria, September 2 - 4, 2014) The purpose of SECRYPT 2014, the International Conference on Security and Cryptography, is to bring together researchers, mathematicians, engineers and practitioners interested on security aspects related...

Build IT Break IT Fix IT: Break IT (Online, September 4, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...

Security B-Sides Cape Breton (Sydney, Nova Scotia, Canada, September 5, 2014) Security B-Sides Cape Breton is an open platform that gives security experts, enthusiasts, and industry professionals the opportunity to share ideas, insights, and develop longstanding relationships with...

BalCCon2k14: Balkan Computer Congress (Novi Sad, Serbia, September 5 - 7, 2014) The Balkan Computer Congress is an international hacker conference organized by LUGoNS — Linux Users Group of Novi Sad and Wau Holland Foundation from Hamburg and Berlin. It is the second conference...

Ground Zero Summit, Sri Lanka (Colombo, Sri Lanka, September 9 - 10, 2014) Ground Zero Summit 2014, Colombo will be a unique gathering of Cyber Security Researchers, Hackers, CERTs, Corporates and Government officials to discuss latest hacks, exploits, research and cyber threats.

Detroit SecureWorld (Detroit, Michigan, USA, September 9 - 10, 2014) Two days of cyber security education and networking. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has...

Cyber Attack Against Payment Processes Exercise 1 (Online, September 9 - 10, 2014) FS-ISAC, the Financial Services Information Sharing and Analysis Center will conduct its fifth annual simulated cyber security exercise related to payment processes used by banks, community institutions,...

AFCEA TechNet Augusta 2014: Achieving Force 2025 Through Signals and Cyber (Augusta, Georgia, USA, September 9 - 11, 2014) The overall theme of TechNet Augusta 2014 is "Achieving Force 2025 Through Signals and Cyber." The overall focus is on Army ground forces, including Joint component interface, other Department of Defense...

Build IT Break IT Fix IT: Fix IT (Online, September 12, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...

Suits and Spooks London (London, England, UK, September 12, 2014) On September 12th, in London's South bank neighborhood of Southwork, approximately 50 former intelligence officials, corporate executives, and security practitioners from the U.S. and the EU will gather...

NOPcon Security Conference (Istanbul, Turkey, September 16, 2014) NOPcon is a non-profit hacker conference. It is the only geek-friendly conference without sales pitches in Turkey. The conference aims to learn and exchange ideas and experiences between security researchers,...

5th Annual Billington Cybersecurity Summit (Washington, DC, USA, September 16, 2014) The 5th Annual Billington Cybersecurity Summit, a leading conference produced by Billington CyberSecurity, will feature an all-star cast of cybersecurity speakers including Admiral Michael Rogers, Commander,...

SINET Global Summit (London, England, UK, September 16 - 17, 2014) "Advancing Global Collaboration and Innovation." Global Summit focuses on building international public-private partnerships that will improve the protection of our respective homeland's critical infrastructures,...

Cyber Attack Against Payment Processes Exercise 2 (Online, September 16 - 17, 2014) FS-ISAC, the Financial Services Information Sharing and Analysis Center will conduct its fifth annual simulated cyber security exercise related to payment processes used by banks, community institutions,...

Global Identity Summit (Tampa, Florida, USA, September 16 - 18, 2014) The Global Identity Summit is focused on identity management solutions for corporate, defense and homeland security communities. This conference and associated exhibition bring together a distinctive,...

Fraud Summit Toronto (Toronto, Ontario, Canada, September 17, 2014) From account takeover to payment card fraud and the emerging mobile threatscape, the ISMG Fraud Summit series is where thought-leaders meet to exchange insights on today's top schemes and the technology...

Defense Intelligence Agency (DIA)/National Intelligence University (NIU) Open House (Washington, DC, USA, September 17, 2014) On September 17, 2014, the National Intelligence University (NIU) will hold a Tech Expo as part of its annual "NIU OUTREACH DAY" in the Tighe Lobby of DIA Headquarters on Joint Base Bolling-Anacostia.

Cloud Security Alliance Congress 2014 (, January 1, 1970) This year, the CSA and the International Association of Privacy Professionals (IAPP) are combining their Congress US and Privacy Academy events into a conference in the heart of Silicon Valley that will...

CSA Congress 2014 & IAPP Privacy Academy 2014 (San Jose, California, USA, September 17 - 19, 2014) This year, the CSA and the International Association of Privacy Professionals (IAPP) are combining their Congress US and Privacy Academy events into a conference in the heart of Silicon Valley. This conference...

Ft. Meade Technology Expo (Fort Meade, Maryland, USA, September 18, 2014) The Ft. Meade Technology Expo is a one-day event held at the Officers' Club (Club Meade) on base. Industry vendors will have the unique opportunity to showcase their products and services to personnel...

The 2014 Cyber Security Summit (New York, New York, USA, September 18, 2014) The Cyber Security Summit, an exclusive conference series sponsored by The Wall Street Journal, has announced their second annual event in New York City. The event will connect C-Level & Senior Executives...

NYIT Cyber Security Conference (New York, New York, USA, September 18, 2014) Presented by NYIT's School of Engineering and Computing Sciences, this conference will address a broad range of pressing topics including privacy; innovations in enterprise security; systems security and...

Dutch Open Hackathon (Amsterdam, the Netherlands, September 20 - 21, 2014) Join leading Dutch companies, during a 30-hour hackathon, as they open up APIs and technologies. Work together and develop new applications and drive global innovation

St. Louis SecureWorld (, January 1, 1970) Offering two days of cyber security education. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has emerged...

Rock Stars of Cybersecurity (Austin, Texas, USA, September 24, 2014) The unprecedented Target breach and NSA spying scandal have put cybersecurity in the global spotlight. With cyberattacks on the rise, it is now even more important to learn how to identify weaknesses and...

VB2014 (, January 1, 1970) Over its 24-year history, the VB conference has become a major highlight of the IT security calendar, with many of its regular attendees citing it as the security event of the year. The conference provides...

DerbyCon 4.0 (Louisville, Kentucky, USA, September 24 - 28, 2014) Welcome to DerbyCon 4.0 — "Family Rootz". This is the place where security professionals from all over the world come to hang out. DerbyCon 4.0 will be held September 24-28th, 2014. DerbyCon 2013...

BruCON 2014 (Ghent, Belgium, September 25 - 26, 2014) BruCON is an annual security and hacker conference providing two days of an interesting atmosphere for open discussions of critical infosec issues, privacy, information technology and its cultural/technical...

ROOTCON 8 (, January 1, 1970) ROOTCON is the first hacking convention in the Philippines. A hacker conference and not a seminar, training or a workshop. It will feature the following tracks: advanced HTTP header security analysis,...

INTEROP (New York, New York, USA, September 29 - October 3, 2014) Interop returns to New York with practical and visionary conference sessions designed to help you accelerate your career. This year's conference tracks include: Applications, Business of IT, Cloud Connect...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.