skip navigation

More signal. Less noise.

Daily briefing.

ISIS barbarism continues to cast its shadow across cyberspace, particularly in social media. Sympathizers with the caliphate may have branched into more sophisticated hacking, as a group calling itself "Lizard Squad" boasts responsibility for a DDoS attack on Sony (and a threat to a Sony executive's aircraft). Lizard Squad, whose logo's monocle appears to be an homage to Lulzsec, seems an unlikely supporter of a caliphate, but the DDoS and threat they claim are quite real.

Israeli authorities claim to have stopped "massive" cyber attacks during Gaza fighting. They also claim Iranian involvement in cyber operations against Israel.

China continues to probe Taiwanese networks.

South Korean authorities arrest a hacker implicated in a data theft affecting some 27 million.

The US Secret Service describes last winter's Target breach as extending to one thousand other businesses.

Proofpoint reports discovering a phishing campaign targeting JPMorgan customers.

The Community Health Services breach may represent an inflection point for the health care sector. Studies continue to call that sector out as a security laggard. In the US, it faces a carrot (the US FBI and DHS both look for more effective ways of sharing cyber threat information) and a stick (upcoming HHS HIPAA audits).

Financial watchdog Isoco warns the next global "black swan" event will be a cyber attack.

More evidence of leakers within NSA and GCHQ: the Tor Project complains the agencies are trying to compromise Tor anonymity, but with indifferent success because their security officers are tipping off Tor developers to vulnerabilities.

Notes.

Today's issue includes events affecting China, European Union, Iran, Iraq, Israel, Japan, Republic of Korea, Lebanon, NATO, New Zealand, Palestinian Territories, Russia, Syria, Taiwan, United Kingdom, United States.

Cyber Attacks, Threats, and Vulnerabilities

Jihad in a social media age: how can the west win an online war? (Guardian) James Foley's murder highlights how the use of film, tweets and blogs to further the aims of Isis is now a major security issue

Sony says 'high traffic' downs PlayStation, Entertainment networks (IDG via CSO) Sony said Sunday that 'high traffic' downed its PlayStation and Entertainment networks, with the group claiming responsibility also apparently involved in a security threat concerning a flight carrying a Sony executive

PlayStation Network Suffers DDOS Attack, Hackers Claim To Have Grounded SOE President’s Plane (TechCrunch) PlayStation Network is currently experiencing mass outages for North American users, and the reason behind the downtime is a DDOS attack for which hacker group Lizard Squad has claimed responsibility. Sony says there haven't been any personal details leaked in the attack, but the rolling outage persists in various locales, some ten hours or more after the attack began

IDF and ISA Thwarted Massive Cyber Attack (Israel Defense) During Operation Protective Edge, pro-Palestinian hackers attempted a major cyber attack against Israel. IDF and Israeli security forces foiled the attack, but hackers remain determined to harm essential Israeli infrastructure

IDF officer blames Iran for conducting cyber attacks during Gaza bombings (HackRead) Israeli defense forces officer claims that Iran happens to be involved in various cyber-attacks which took place during the Gaza war. The Israeli military and civilian websites were under massive cyber attack during Israeli bombing on Gaza

China's Cyber Warriors Keep Clicking at Taiwan Shows Reality of Detente (Bloomberg) "Why don't you guys use WeChat, is it because it's from China?"

27 million South Koreans affected by data breach (CSO) 220 million records taken by criminals

More Than 1,000 Businesses Hit by Same Cyber Attack as Target (Mashable) Target wasn't the only business that experienced a cyber attack that compromised tens of millions of its customers' credit cards, according to the Secret Service

Questions about recent cyber attacks answered (Wilkes-Barre Times Leader) Cyber attacks on Community Health Systems Inc. in April and June copied and transferred the data of 4.5 million patients

Proofpoint: Email phishing campaign targeting JPMorgan customers (Uncover California) Security researchers with corporate e-mail provider Proofpoint Inc have revealed that an unusual email 'phishing' campaign was launched by fraudsters on Tuesday, to target the customers of JPMorgan Chase & Co. — the top- ranking US bank in terms of assets

UPS Store data breach — the post mortem can wait, it's time to warn and advise the victims (Hot for Security) Up to 100,000 customers of The UPS Store may have reason to worry right now, after it was disclosed this week the company announced that it had suffered a massive data breach at 51 of its sites across the United States

UPS data breach does not affect exchange customers (MIlitary Times) Military shoppers who made purchases or shipped packages through The UPS Store locations operated through the Army and Air Force Exchange Service were not affected by the data breach involving about 1 percent of The UPS Store locations nationwide, AAFES officials said

Hacking Gmail with 92 percent success (Phys.org) A team of researchers, including an assistant professor at the University of California, Riverside Bourns College of Engineering, have identified a weakness believed to exist in Android, Windows and iOS mobile operating systems that could be used to obtain personal information from unsuspecting users. They demonstrated the hack in an Android phone

Apple iOS malware gets onto 75,000 iPhones, steals ad clicks (Naked Security) You don't see a lot of malware for iPhones or iPads

Bitcoin-themed phishing campaign creates quite a stir (Help Net Security) The latest massive email phishing campaign targeting Bitcoin users has had a unexpected click-through rate

GCHQ and NSA security staff tip-off Tor developers over bugs (Computing) Andrew Lewman, executive director of the Tor Project, has accused US and UK security services of repeatedly attempting to hack the anonymous web-browsing tool and infrastructure — but revealed that their efforts are being undermined by insiders tipping them off about bugs and vulnerabilities so that they can be fixed before security services exploit them

Bulletin (SB14-237) Vulnerability Summary for the Week of August 18, 2014 (US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week

Security Patches, Mitigations, and Software Updates

Akeeba Patches Bypass Vulnerability in Joomla (Threatpost) The developers behind Akeeba, an extension for content management systems that lets users backup their work, fixed an outstanding issue this week that could've let anyone download site backups, passwords and user lists

Cyber Trends

Market watchdog warns on danger of cyber attack (Financial Times) A global watchdog has sounded the alarm about the growing danger of cyber attacks, on financial markets, warning that firms and regulators around the world need to address the "uneven" response to the threat of online assaults

What Effect are New Regulatory Requirements Having on Risk and Insurance Managers? (Willis Wire) While I have been a broker for eight years, the 20-plus years I spent as a risk manager at a financial institution still dominate my outlook on issues. I will no longer fight it — resistance is futile!

As security breach reports mount, experts fear alert fatigue (CNET) The geopolitical landscape is ripe for hacks, attacks, and exploits, but just because big breaches are being reported more often doesn't mean you should stop caring

CHS Breach a Sign of Health Care's Security Illness (eWeek) The health care industry spends less on IT security than other industries, and data shows that breaches are on the rise

Money Is the Best Bait for Phishers (PC Magazine) We know cybercriminals launch phishing campaigns to steal sensitive data from a variety of users. Not surprisingly, phishers are going after the industries that involve a lot of money. Cybercrime protection company PhishLabs broke down some of the phishing kits used in these dangerous attacks

Agari Q2 Email TrustIndex Shows Brands Remain Under Persistent Email Cyberattack; Banks Are 15 Times More Likely to Be Spoofed Than (BusinessWire) Report indicates Travel and Financial Services sectors under siege; Social companies lead in preventing attacks while health care sector remains in critical condition

Europe Bombarded With Cyber Attacks from Russia (Infosecurity Magazine) The majority of cyber attacks on northern European targets come from machines in Russia, while China is the number one source of threats aimed at the US, according to new honeypot data collected by Alert Logic

NSS Labs Cyber Resilience Report (Internet Storm Center) Bob Walder and Chris Morales of NSS Labs published an interesting brief. Based on last year IPS, firewall and endpoint protection tests, the effectiveness of the best device scored was 98.5%

Why you're not as secure as you think you are (Help Net Security) There are 2.4 billion Internet users in the world today. Many of these users, in good faith, leave their personal online security up to their service providers. Sadly, time and time again, we see these companies fail to effectively protect sensitive customer data

How to Save the Net: Build a Backup (Wired) You may have had the bad luck of being stuck on a runway when a router failure in Utah grounded commercial flights around the country for several hours. Or maybe you were frustrated by not being able to access government websites the day the .gov domain administration had a glitch in its system. These minor mishaps over the past decade are early rumblings of an uncomfortable truth: The Internet is more fragile than it appears

Marketplace

Casualties of Cyber Warfare (The Diplomat) American and Chinese companies are getting caught in the crossfire of the brewing cyber war

Henri Eliot: Where cybersecurity and the boardroom intersect (New Zealand Herald) Cyber security is a significant risk that can have a material impact. Boards should proactively ask questions of management, champion education and awareness programs company-wide, and treat risk as a priority. As cyber security issues increase and become more visible, boards may decide to take an active role in understanding the risks associated with those issues

DISA Launches 5 Cloud Tests, Warns On Industry Consolidation (Breaking Defense) "Remember the peace dividend we took in the Clinton years in the '90s? Welcome back," said Douglas Packard. "That's where we're at"

DISA looks to intelligence community for cloud tips (C4ISR&Networks) As the Defense Information Systems Agency negotiates its path toward cloud services and broader IT upgrades, officials there may be taking some tips from their Fort Meade, Maryland, neighbors

Polytron Game Studio Founder Sells Company After Experiencing Cyber Attack From Hackers (Beauty World News) Phil Fish, founder of the indie game developer Polytron Corporation and designer of the 2012 puzzle-platform game "Fez," announced that he is selling his company after experiencing a cyber attack from hackers, according to Paste Magazine

IBM wants to invest three billion USD in research in the coming years (The Diplomat Bucharest) American-based hardware and software company International Business Machines (IBM), one of the largest information technology and service provider, announced its intent to invest three billion USD over the next five years in research, to develop a new way to generate competitive advantages for companies in the hardware business

PhishLabs Named to Inc. 5000 List of Fastest-Growing Private Companies (Virtual Strategy Magazine) In its first year on the list, PhishLabs ranks No. 1889 with 218% revenue growth from 2010 to 2013

Disaster Recovery and Data Security Excellence Propel eMazzanti to Fifth Consecutive Ranking on Inc. 5000 List (Digital Journal) For the fifth year in a row, Inc. magazine has ranked eMazzanti Technologies among the top fastest growing private companies in America in its annual Inc. 5000 list. CEO, Carl Mazzanti attributes the achievement to a relentless pursuit of business continuity and data security

NQ Mobile: Why Investors Should Look Deeper Beyond The Fluff (Seeking Alpha) After following the situation with NQ Mobile (NYSE:NQ), it seems that many of those who are still bullish see the partnerships the company has announced as a validation that they are legitimate

Former CIA CTO joins Stateless Networks advisory board (FCW) Gus Hunt, former technology head at the CIA, has been named to Stateless Networks' board of advisors

Products, Services, and Solutions

China developing its own OS to compete with Apple, Microsoft (Reuters via New York Post) China could have a new homegrown operating system by October to take on imported rivals such as Microsoft Corp, Google Inc and Apple Inc, Xinhua news agency said on Sunday

IONU Security Delivers Topic-Based Messaging and Personal Device Management Capabilities (IT News Online) IONU Security Inc., the worldwide leader in Transparent Security™, today announced the latest release of its secure messaging solution, InvisiMessage™. This release of InvisiMessage delivers secure Topic-Based Messaging to IONU users

YOU SHALL NOT PASS! Intel, HyTrust geo-fence wandering virty servers (Register) You. Virtual workload. Go sit over there, and stay there

TraceSecurity Integrates with Tenable Network Security to Provide Vulnerability Management for IT GRC Programs (BusinessWire) Seamless integration enables TraceCSO customers to leverage Tenable's vulnerability data

Mom 'Ignore No More' app for Teenager Responsiveness Goes Viral (Techzone360) If you have not seen it yet you are probably at this point in the minority. The "IT" is a story about the mother of a teenager in Houston, TX who was frustrated about her son's inability to respond to her inquiries about his whereabouts or status, literally and figuratively took matters into her own hands and created the "Ignore No More" app

Logentries Announces Machine Learning Analytics for IT Ops Monitoring and Real-time Alerting (IT Business Net) Logentries, the log management and analytics service built for the cloud, today announced new Anomaly Detection and Inactivity Alerting to help Dev and IT Ops

Technologies, Techniques, and Standards

Control Android app permissions with NativeWrap (Help Net Security) Tired with using mobile apps that demand unneeded permissions that open the door to data collection and worse? Researchers from North Carolina State University have come up with a brilliant solution to the problem

Health system adapts NIST framework to meet security risk needs (FierceHealthIT) Data breaches have become the "inciting incident" that — much like in a story — precipitates the plot, writes Christopher Paidhrin in a blog post for HealthcareInfoSecurity.com. Now, he says, that incident must lead to a refocusing of thinking and behavior in IT security

Agencies Get New Guidelines For OK'ing Apps (Nextgov) The National Institute of Standards and Technology has prepared new agency guidelines for screening commercial apps before federal employees download them

Why Companies Need a Business Continuity Plan (Forbes) Brian White is a Principal at The Chertoff Group, a premiere global advisory firm focused exclusively on the security and risk management sector. He is a subject matter expert on corporate risk management strategies with experience both in the public and private sectors

Mobile Device Management: The Buying Basics (eSecurity Planet) Mobile device management (MDM) can help enterprises minimize security risks associated with BYOD. Here is what you need to know if you plan to purchase an MDM system

Academia

'Best of best' cyber defense warriors train at Brookdale (Asbury Park Press) It is no accident that there is a connection here to "Top Gun," the iconic film about fighter pilots learning to excel in the wild blue yonder. While those post-Vietnam pilots reached new heights in the nation's efforts to keep foreign predators in check, there now is another generation of "aces" hard at work at Brookdale Community College

Legislation, Policy, and Regulation

NATO needs strong policy against cyber threats (Boston Globe) NATO needs to get serious about the potential for cyber conflict. That means formulating a clearly defined policy and deciding upon an appropriate response

How Will NATO Adapt to Cyber Threats? (VPN Creative) Wiith increasing cyber attacks on government organizations, NATO (North Atlantic Treaty Organization) needs to wake up to the possibility of cyber warfare

US agencies to release cyberthreat info faster to healthcare industry (Computerworld) Representatives of the FBI and DHS say they're looking at ways to get more information into the hands of health-care providers

NSA official: 'Much easier' to explain operations after Snowden (The Hill) The official in charge of making sure the National Security Agency is complying with the law says it's been "much easier" to talk about his agency ever since Edward Snowden revealed details of its operations

Newly Declassified Documents Regarding the Now-Discontinued NSA Bulk Electronic Communications Metadata Pursuant to Section 402 of the Foreign Intelligence Surveillance Act (IC on the Record) Following a declassification review by the Executive Branch, the Department of Justice released on August 6, 2014, in redacted form, 38 documents relating to the now-discontinued NSA program to collect bulk electronic communications metadata pursuant to Section 402 of the FISA

Counterterrorism has entered a new dangerous phase (Seattle Times) Ten years after the 9/11 Commission Report, the fight against terrorism has entered a new and dangerous phase, writes guest columnist Slade Gorton

White House cybersecurity czar brags about his lack of technical expertise (Vox) Michael Daniel is the White House's cybersecurity coordinator, the man who "leads the interagency development of national cybersecurity strategy and policy" for the president. And in a recent interview with GovInfoSecurity, he argued that his lack of technical expertise gave him an advantage in doing that job

Exclusive: Todd Park stepping down as America's chief technology officer (Fortune) America's second chief technology officer is moving on

Litigation, Investigation, and Law Enforcement

Official says hackers hit up to 25,000 fed workers (AP via Columbus Ledger-Enquirer) The internal records of as many as 25,000 Homeland Security Department employees were exposed during a recent computer break-in at a federal contractor that handles security clearances, an agency official said Friday

Mac McMillan: 'Disparate' health privacy requirements overwhelming for providers (FierceHealthIT) As the U.S. Department of Health and Human Services' Office for Civil Rights ramps up its audits of healthcare entities in the coming months, there is a sense among some that there will be a flood of fines levied compared to actions that have already been taken

Russian Hackers Stockpile Over One Billion Internet Credentials (Metropolitan Corporate Counsel) A Russian hacking group reportedly engaged in the largest-known cyber attack by amassing over 1.2 billion unique sets of usernames and passwords and 500 million e-mail addresses from more than 420,000 web and FTP sites

Prosecutors hit Silk Road suspect Ross Ulbricht with new drug charges (Ars Technica) Young Texan now formally accused of "narcotics trafficking" among other charges

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

ToorCon San Diego (San Diego, California, USA, October 22 - 26, 2014) For hackers like you, because what could possibly go wrong?

Upcoming Events

Build IT Break IT Fix IT: Build IT (Online, August 28, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...

The Hackers Conference (New Delhi, India, August 30, 2014) The Hackers Conference is an unique event, where the best of minds in the hacking world, leaders in the information security industry and the cyber community along with policymakers and government representatives...

SEACRYPT 2013 (Vienna, Austria, September 2 - 4, 2014) The purpose of SECRYPT 2014, the International Conference on Security and Cryptography, is to bring together researchers, mathematicians, engineers and practitioners interested on security aspects related...

Build IT Break IT Fix IT: Break IT (Online, September 4, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...

Security B-Sides Cape Breton (Sydney, Nova Scotia, Canada, September 5, 2014) Security B-Sides Cape Breton is an open platform that gives security experts, enthusiasts, and industry professionals the opportunity to share ideas, insights, and develop longstanding relationships with...

BalCCon2k14: Balkan Computer Congress (Novi Sad, Serbia, September 5 - 7, 2014) The Balkan Computer Congress is an international hacker conference organized by LUGoNS — Linux Users Group of Novi Sad and Wau Holland Foundation from Hamburg and Berlin. It is the second conference...

Ground Zero Summit, Sri Lanka (Colombo, Sri Lanka, September 9 - 10, 2014) Ground Zero Summit 2014, Colombo will be a unique gathering of Cyber Security Researchers, Hackers, CERTs, Corporates and Government officials to discuss latest hacks, exploits, research and cyber threats.

Detroit SecureWorld (Detroit, Michigan, USA, September 9 - 10, 2014) Two days of cyber security education and networking. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has...

Cyber Attack Against Payment Processes Exercise 1 (Online, September 9 - 10, 2014) FS-ISAC, the Financial Services Information Sharing and Analysis Center will conduct its fifth annual simulated cyber security exercise related to payment processes used by banks, community institutions,...

AFCEA TechNet Augusta 2014: Achieving Force 2025 Through Signals and Cyber (Augusta, Georgia, USA, September 9 - 11, 2014) The overall theme of TechNet Augusta 2014 is "Achieving Force 2025 Through Signals and Cyber." The overall focus is on Army ground forces, including Joint component interface, other Department of Defense...

Build IT Break IT Fix IT: Fix IT (Online, September 12, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...

Suits and Spooks London (London, England, UK, September 12, 2014) On September 12th, in London's South bank neighborhood of Southwork, approximately 50 former intelligence officials, corporate executives, and security practitioners from the U.S. and the EU will gather...

NOPcon Security Conference (Istanbul, Turkey, September 16, 2014) NOPcon is a non-profit hacker conference. It is the only geek-friendly conference without sales pitches in Turkey. The conference aims to learn and exchange ideas and experiences between security researchers,...

5th Annual Billington Cybersecurity Summit (Washington, DC, USA, September 16, 2014) The 5th Annual Billington Cybersecurity Summit, a leading conference produced by Billington CyberSecurity, will feature an all-star cast of cybersecurity speakers including Admiral Michael Rogers, Commander,...

SINET Global Summit (London, England, UK, September 16 - 17, 2014) "Advancing Global Collaboration and Innovation." Global Summit focuses on building international public-private partnerships that will improve the protection of our respective homeland's critical infrastructures,...

Cyber Attack Against Payment Processes Exercise 2 (Online, September 16 - 17, 2014) FS-ISAC, the Financial Services Information Sharing and Analysis Center will conduct its fifth annual simulated cyber security exercise related to payment processes used by banks, community institutions,...

Global Identity Summit (Tampa, Florida, USA, September 16 - 18, 2014) The Global Identity Summit is focused on identity management solutions for corporate, defense and homeland security communities. This conference and associated exhibition bring together a distinctive,...

Fraud Summit Toronto (Toronto, Ontario, Canada, September 17, 2014) From account takeover to payment card fraud and the emerging mobile threatscape, the ISMG Fraud Summit series is where thought-leaders meet to exchange insights on today's top schemes and the technology...

Defense Intelligence Agency (DIA)/National Intelligence University (NIU) Open House (Washington, DC, USA, September 17, 2014) On September 17, 2014, the National Intelligence University (NIU) will hold a Tech Expo as part of its annual "NIU OUTREACH DAY" in the Tighe Lobby of DIA Headquarters on Joint Base Bolling-Anacostia.

Cloud Security Alliance Congress 2014 (, January 1, 1970) This year, the CSA and the International Association of Privacy Professionals (IAPP) are combining their Congress US and Privacy Academy events into a conference in the heart of Silicon Valley that will...

CSA Congress 2014 & IAPP Privacy Academy 2014 (San Jose, California, USA, September 17 - 19, 2014) This year, the CSA and the International Association of Privacy Professionals (IAPP) are combining their Congress US and Privacy Academy events into a conference in the heart of Silicon Valley. This conference...

Ft. Meade Technology Expo (Fort Meade, Maryland, USA, September 18, 2014) The Ft. Meade Technology Expo is a one-day event held at the Officers' Club (Club Meade) on base. Industry vendors will have the unique opportunity to showcase their products and services to personnel...

The 2014 Cyber Security Summit (New York, New York, USA, September 18, 2014) The Cyber Security Summit, an exclusive conference series sponsored by The Wall Street Journal, has announced their second annual event in New York City. The event will connect C-Level & Senior Executives...

NYIT Cyber Security Conference (New York, New York, USA, September 18, 2014) Presented by NYIT's School of Engineering and Computing Sciences, this conference will address a broad range of pressing topics including privacy; innovations in enterprise security; systems security and...

Dutch Open Hackathon (Amsterdam, the Netherlands, September 20 - 21, 2014) Join leading Dutch companies, during a 30-hour hackathon, as they open up APIs and technologies. Work together and develop new applications and drive global innovation

St. Louis SecureWorld (, January 1, 1970) Offering two days of cyber security education. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has emerged...

Workshop on Cryptographic Hardware and Embedded Systems 2014 (CHES 2014) (Busan, Korea, September 23 - 26, 2014) The annual CHES workshop highlights new results in the design and analysis of cryptographic hardware and software implementations. CHES provides a valuable connection between the research and cryptographic...

Rock Stars of Cybersecurity (Austin, Texas, USA, September 24, 2014) The unprecedented Target breach and NSA spying scandal have put cybersecurity in the global spotlight. With cyberattacks on the rise, it is now even more important to learn how to identify weaknesses and...

VB2014 (, January 1, 1970) Over its 24-year history, the VB conference has become a major highlight of the IT security calendar, with many of its regular attendees citing it as the security event of the year. The conference provides...

DerbyCon 4.0 (Louisville, Kentucky, USA, September 24 - 28, 2014) Welcome to DerbyCon 4.0 — "Family Rootz". This is the place where security professionals from all over the world come to hang out. DerbyCon 4.0 will be held September 24-28th, 2014. DerbyCon 2013...

BruCON 2014 (Ghent, Belgium, September 25 - 26, 2014) BruCON is an annual security and hacker conference providing two days of an interesting atmosphere for open discussions of critical infosec issues, privacy, information technology and its cultural/technical...

ROOTCON 8 (, January 1, 1970) ROOTCON is the first hacking convention in the Philippines. A hacker conference and not a seminar, training or a workshop. It will feature the following tracks: advanced HTTP header security analysis,...

INTEROP (New York, New York, USA, September 29 - October 3, 2014) Interop returns to New York with practical and visionary conference sessions designed to help you accelerate your career. This year's conference tracks include: Applications, Business of IT, Cloud Connect...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.