skip navigation

More signal. Less noise.

Daily briefing.

ISIS continues its influential, brutalizing, information operations in social media.

Lizard Squad (either ISIS's cyber arm or a pasty parental basement dweller, depending on whom you believe) claims to have taken down Vatican websites in a "jihad" promising the death of "all kuffar," which at least represents a gesture toward ISIS-like rhetoric, but ample grounds for skepticism remain. Among those grounds: hacker "FamedGod" says s/he, not Lizard Squad, hit Sony over the weekend. Observers agree, however, that the bomb threat against American Airlines Flight 362 was indeed Lizard Squad's work.

The FBI and DHS warn that ISIS is expected to retaliate against the US for airstrikes. Physical retaliation is the principal concern, but cyber operations (or at least cyber rioting) may also be expected.

Russian-speakers are victimized by self-propagating ransomware. They're also enticed into criminal botnets by patriotic phishing.

Blue Coat points out the threat of "one-day wonders" — they've found 470 million sites that existed for less than twenty-four hours, and 22% of these facilitated attacks.

Krebs sees signs that Dairy Queen may be the latest large retailer to succumb to cyber attack.

Researchers report new malware evasion techniques that involve using lists of known malware researchers to cue quiescence.

Facebook works on a patch for its iOS Messenger flaw that permitted unauthorized phone calls. Google makes fifty fixes to Chrome.

The US Department of Homeland Security's "Enhanced Cybersecurity Services" have fewer users than hoped. Prospective customers find them either too costly to implement or too difficult to find.

Notes.

Today's issue includes events affecting Canada, China, Colombia, India, Ireland, Israel, Japan, Netherlands, Russia, Syria, United States, Vatican.

Cyber Attacks, Threats, and Vulnerabilities

ISIS co-opts Twitter hashtags to spread threats, propaganda (Ars Technica) Jihadi activists employ a ruthless and deft social media strategy

"Lizard Squad" hackers force PSN offline and Sony exec from the sky (Naked Security) Hackers calling themselves "Lizard Squad" tweeted a bomb threat that forced a plane with Sony Online Entertainment's president on board to divert for an emergency landing on Sunday

Sony, XBox Victims Of DDoS, Hacktivist Threats (Dark Reading) Hacktivists from Anonymous and from a presumed Islamic extremist group targeted a variety of online gaming services

Terrorist ISIS Lizard Squad Tweet Attack On Microsoft Xbox Live After PlayStation Network Hack Allegations (Classicalite) Lizard Squad, the terrorist ISIS linked hacker group who has taken responsibility for this weekend's attack on the PlayStation Network, has now set their site on Microsoft's Xbox Live network. However, Lizard Squad may have not been the hackers that took down PSN. Anonymous hacker FamedGod has released a video, taking credit for the hack

'Lizard Squad' claims to have taken down Vatican website; invokes 'jihad', 'ISIS' (Twitchy) This is the same group claiming to have taken down PlayStation Network and who claimed there were explosives on board American Airlines flight 362

Who is Lizard Squad, the alleged PSN hacker? (Daily Dot) Shady hackers have claimed responsibility for cyberattacks that have knocked some of the biggest names in gaming offline

Self-propagating ransomware written in Windows batch hits Russian-speaking countries (Avast! Blog) Recently a lot of users in Russian-speaking countries received emails similar to the message below. It says that some changes in an "agreement" were made and the victim needs to check them before signing the document

Show Mother Russia you love her: Click HERE and AHHH NYET! (Register) That Kelhios badness is infecting you — securobods

Russian Hackers and What It Means for Your Website (Business2Community) A group of Russian hackers, dubbed the CyberVor hackers by Hold Security, stole more than one billion passwords from sites both big and small this year. The group used a botnet to steal the passwords from an estimated 400,000 sites

Blue Coat Reveals Security Risks From "One-Day Wonders" Websites (Dark Reading) Research Study finds 470 Million Websites Exist for Less Than 24 hours; 22 Percent Used to Facilitate Attacks

DQ Breach? HQ Says No, But Would it Know? (Krebs on Security) Sources in the financial industry say they're seeing signs that Dairy Queen may be the latest retail chain to be victimized by cybercrooks bent on stealing credit and debit card data. Dairy Queen says it has no indication of a card breach at any of its thousands of locations, but the company also acknowledges that nearly all stores are franchises and that there is no established company process or requirement that franchisees communicate security issues or card breaches to Dairy Queen headquarters

Researchers warn about schemes that lead to FlashPack exploit kit (Help Net Security) Security researchers have spotted two different online schemes that lead to pages hosting the FlashPack exploit kit

Big GameOver Zeus Hunting: Variants in the Wild or a Botnet Resurgence? (Damballa: The Day Before Zero) The million dollar question seems to be: Is GameOver Zeus (GoZ) making a comeback? The prolific botnet responsible for a cyber-pandemic was disrupted in June. Since the international take-down effort was announced in June, the security community has held its breath

Researcher details how malware gives AV the slip (Register) 'They're coming! Everyone back to your places!'

Duping the machine — the cunning malware that throws off researchers (Naked Security) The exponential explosion of malware in recent years has seen the rise of automated analysis environments — or "Sandboxes" — as an essential means of providing detailed and pertinent information about a sample, in a timely manner

Is massive DNS hack responsible for Charter Internet outage? (NetworkWorld) Charter Communications has suffered major Internet outages across the U.S. Customers are reporting that changing the DNS IP addresses have restored service, fueling speculation that the company was a victim of a massive DNS hack

Google Image Search Hacked? Search results filled with Russian car crash images (HackRead) Users witness looking at pictures of Russian car crash regardless of what they searched on Google Images. If someone searched for 'cat' the search result came up with a multiple images of the car crash — speculations were that Google Image search result service was hacked

Cellphone surveillance systems can track almost anybody (Help Net Security) The surveillance tech industry is booming, and we should be worried about it

Security Patches, Mitigations, and Software Updates

Facebook to fix flaw that can force iPhones to make calls (Help Net Security) Facebook will soon be pushing out an update to its iOS Messenger app meant to patch a vulnerability that could allow attackers to place pricy calls from users' phones by simply making them click on a web link

50 Security Flaws Fixed in Google Chrome (Threatpost) Google has fixed 50 security vulnerabilities in its Chrome browser, including a critical string of bugs that can allow an attacker to execute arbitrary code outside of the browser's sandbox. This is one of the larger batches of fixes that Google has produced for Chrome recently

Cyber Trends

The increasing prevalence and complexity of malware (Cisco Blog) In recent months, many organizations are becoming more interested in the information security landscape and how these threats can affect their business today

Shadow cloud services pose a growing risk to enterprises (Computerworld) Non-approved SaaS apps are growing rapidly, says PwC

RSA: Gateway to next generation security (TechDay) Businesses need to fundamentally evolve their approaches — yes, approaches, plural — to security, says RSA's Steve Schlarman

Are Connected Cars on a Collision Course with Network Security? (Infosec Island) Flipping through any consumer publication that rates vehicles, you'll see all the metrics you would expect — from safety and performance (acceleration, braking, etc.) to comfort, convenience and fuel economy

McAfee's Hatter warns of growing security threats from smart phones and tablets (Independent) Patty Hatter warned event delegates of technology risks

Top 5 Reasons Your Small Business Website is Under Attack (Dark Reading) There is no such thing as "too small to hack." If a business has a website, hackers can exploit it

Cybersecurity: How well are Latin American banks protected against cyber attacks? (JDSupra) Inter-American Dialogue's Latin America Advisor asked Marcela Cristina Blanco, associate attorney in Diaz Reus' Bogota, Colombia office: How Well Do Latin American Banks Protect Against Cyber Attacks?

Trend Micro security report: Is India getting ready to become the top malware victim? (Infotech Lead) India is among the top three countries for malware attacks on online banking, behind Japan and the U.S., said a Trend Micro report that covers on Cyber threats, data breaches and big vulnerabilities

Marketplace

Are Cyber-Security/Anti-Hacking Stocks the Next Bull Market? (Equities.com) The Financial Times, citing a global watchdog, recently reported about the rising danger of cyber-attacks on financial markets. According to Greg Medcraft, Chairman of the Board of the International Organization of Securities Commissions (IOSCO), the next major financial shock will come from cyber space

Qualcomm, IBM Try Conciliation In China Clashes (Seeking Alpha) After months of hostile exchanges, accusations and negative publicity, the tone in a series of disputes between Chinese and foreign companies and governments abruptly shifted late last week with new signs of conciliation from both the foreign companies and Chinese government

ICBC deal shows IBM still engaged in China (IFP) Industrial and Commercial Bank of China (ICBC) has deployed a new IBM mainframe computer system, the two companies said on Tuesday, boosting the U.S. technology giant's credentials in the country

Allied Minds Announces the Formation of Whitewood Encryption Systems, Inc. (BusinessWire) Allied Minds (LSE: ALM), an innovative U.S. science and technology development and commercialization company, announced today the formation of Whitewood Encryption Systems, Inc., a builder of next-generation systems of data encryption that leverage advanced cryptography technologies emerging from U.S. centers of research excellence. Additionally, the company announced today it has exclusively licensed intellectual property from Los Alamos National Laboratory for quantum cryptography

Fortinet Sets Up Research & Development Center in Singapore (CNN) Extends leading network security vendor's innovation efforts to protect enterprises amid an environment of escalating cyber threats

InfoReliance Wins DHS Contract to Provide Specialized Security Services for the National Cyber Protection System (Power Engineering) InfoReliance has been selected by the Department of Homeland Security (DHS) Office of Cybersecurity and Communications (CS&C) to provide Specialized Security Services (SSS) to the National Cybersecurity Protection System (NCPS) (operationally known as EINSTEIN) and Enhanced Cybersecurity Services (ECS) Programs, as well as other Network Security Deployment (NSD) supported initiatives. This $65 Million contract is the second DHS contract InfoReliance has been awarded in the past 6 months; their first win was as the technical lead of the Metrica Team Venture CDM Federal Dashboard Deployment

Qubitekk to Receive Federal Funding to Help Protect Nation's Power Grid from Cyber Attack (PRNewswire) San Diego startup Qubitekk will benefit from a $3M Department of Energy grant to speed the development of unhackable quantum encryption technology that will protect the country's power grid from cyber attack

Gemalto selected by NTT DOCOMO for its NFC Services (MarketWatch) Gemalto (Euronext NL0000400653), the world leader in digital security, announces the selection by NTT DOCOMO, INC., the No.1 mobile operator in Japan with over 63 million subscribers, for its mobile NFC services

The Black Hat evolution (CSO) Black Hat is still a must attend event, but not for the same reasons

Former HP Executive Joins Fast Growing Competitor (Broadway World) Checkmarx, a leading provider of application security solutions, today announced the appointment of Ron Kormanek as its VP of Sales for North America. Ron formerly held the position as VP of Sales for Eastern United States for Hewlett-Packard Enterprise Security Products Group, which included responsibility for HP Fortify, a major competitor to Checkmarx

Products, Services, and Solutions

Sophos and Check Point Partner to Protect Corporate Networks From Non-Compliant Mobile Devices (MarketWatch) Leading cyber security company Sophos, and Check Point Software Technologies Ltd., the world leader in securing the Internet, today announced a partnership to provide integration between Sophos' Enterprise Mobility Management (EMM) solution, Sophos Mobile Control (SMC) 4.0, and Check Point's Mobile VPN

Hot Alert: FireEye (NASDAQ:FEYE) (CrazyJoys) Hot Alert : WPCS International Incorporated (NASDAQ:WPCS), FireEye (NASDAQ:FEYE), Ryanair (NASDAQ:RYAAY), Mitsubishi UFJ Financial Group (NYSE:MTU), Portfolio Recovery Associates Inc. (NASDAQ:PRAA) August 26, 2014 | By Erin Rice FireEye, Inc. (NASDAQ:FEYE) announced the Cyber Risk Evaluation and Threat Engagement (CREATE™) program, addressing insurance brokers' and underwriters' critical need to gain visibility into enterprises' exposure to cyber threats. Lockton, Inc., the largest privately held, independent insurance broker in the world, will serve as the CREATE program's inaugural partner

How Does FireEye Find So Many Zero-Day Flaws? (eWeek) Dave Merkel, CTO of FireEye, explains why zero-day vulnerability disclosure is just a byproduct of what his company is really all about

Chris Petersen: LogRhythm Launches Threat Intell Ecosystem to Expand Security Coverage (ExecutiveBiz) Symantec has joined CrowdStrike, Norse, ThreatStream and Webroot as partners in LogRhythm's threat intelligence vendor consortium that aims to provide a platform for security analytics and intelligence services against cyber threats

Tufin Teams with VMware On Advanced Security Services For The Software-Defined Data Center (Sys-Con Media) Companies collaborate to help orchestrate micro-segmentation across physical and virtual networks

Online Tools For Bug Disclosure Abound (Dark Reading) What's driving the bounty of software vulnerability disclosure offerings today from Bugcrowd, HackerOne, and Synack

Sponsor Blog: Riverbed Federal Offers Rapid and Easy Solutions to Counter Cybersecurity Challenges (SIGNAL) Federal agencies are always looking for ways to spend their security dollars more efficiently. Cyber Attack Defenders recently sat down with Sean Applegate, director of technology strategy at Riverbed Federal, who provided some tips on how agencies can boost their security capabilities while cutting costs by coordinating their investments in network and security monitoring

Technologies, Techniques, and Standards

Using PowerShell and JEA to Secure Windows Server Systems (eSecurity Planet) Microsoft Windows PowerShell and JEA simplify the process of moving from global administrator accounts to limited local accounts, a best practice in securing Windows Server-based systems

Netflix open sources internal threat monitoring tools (IDG via CSO) Netflix has released three internal tools it uses to catch hints on the Web that hackers might target its services

Do Not Track — the privacy standard that's melting away (Naked Security) Do Not Track, the privacy standard that's supposed to address one of the biggest issues of the 21st century internet — how you control who can track what you're doing online — isn't in the news. Again

Why every security-conscious organization needs a honeypot (Help Net Security) You've probably heard the phrase about "canaries in a coal mine." In the mid 1900s, a guy named John Haldane figured out that birds die pretty quickly when poisoned by carbon monoxide, after which coal miners started using them as early warning systems for toxic gas. We need the same for computer security. No defense is infallible, so organizations need digital canaries to warn us about poisoned networks

FireEye Founder: Bitcoin Could Secure Our Global Payments Infrastructure (CoinDesk) The promise of digital currency technology and its potential applications has drawn a number of investors to the ecosystem, each with unique backgrounds and expertise

How important is website security? (Help Net Security) In this interview, Nicholas Sciberras, Product Manager at Acunetix, illustrates why website security should be a priority in any organization. He talks about the challenges involved in auditing website security, illustrates the pros and cons of using remote vs. in-house security testing, and more

Cards emerge as key player in authentication (Federal Times) Another day, another massive security breach: The online theft of usernames, passwords and personally identifiable information is now so common many people barely think twice about it. But when it's the federal government that's been hacked, the situation takes on a different urgency

Research and Development

VXer fighters get new stealth weapon in war of the (mal)wares (Register) Foiled traditional systems force white hats to bare metal

Feds Creating Database to Track 'Hate Speech' on Twitter (Washington Free Beacon) $1 Million study focuses on internet memes, 'misinformation' in political campaigns

Academia

NYU launches largest cyber security student contests (Help Net Security) Even before the academic semester starts, students from across the globe have begun registering for the largest set of student cyber security competitions in the world: the NYU Polytechnic School of Engineering Cyber Security Awareness Week

Raytheon's Cyber Defense Tournament Helps to Grow the Next Generation of Defense Tech Experts (InTheCapital) Earlier this year, a team of students from the University of Central Florida won the Raytheon-sponsored National Cyber Collegiate Defense Competition — America's largest cyber tournament for college students. The competition meant to help develop more young Americans to fill the nation's critical need for cyber talent and to inspire the incredible bright minds on school grounds succeeded in emphasizing the importance of growing the next generation of defense technology experts here in the U.S

Legislation, Policy, and Regulation

The Landmark file: Inside Canadian cyber-security agency's 'target the world' strategy (Globe and Mail) When Canadian intelligence officials speak about today's spying, they can reveal great ambition

DHS cybersecurity program finds few takers (Security InfoWatch) Agency's "Enhanced Cybersecurity Services" program was expanded last year, but word of the initiative seems to be failing to reach state security officials

Cybersecurity Is A Severe And Growing Challenge For Government Contractors (Forbes) Government contractors are attractive targets for cyber attacks because the U.S. federal government — the largest producer, collector, consumer, and disseminator of data in the world — entrusts sensitive information to these private companies. This includes everything from national security secrets, to information on the nation's military and critical infrastructure, to the personal information of all U.S. citizens and residents

California governor signs kill switch bill into law (FierceMobileIT) The on-again, off-again saga of smartphone kill switches in California is now officially on-again, as Governor Jerry Brown (D) Monday signed a bill mandating the anti-theft features as of July 2015

Litigation, Investigation, and Law Enforcement

Deputizing the Cyber Posse: The Next Frontier of Public-Private Partnership (Forbes) Facing a dire threat to the citizens of Tombstone by criminals, Wyatt Earp requested, and was granted, federal law enforcement authority and permitted to assemble a posse of gunmen to protect his family and to hunt for the men who had shot his brother. For $5 a day, these men were willing to place themselves in extreme danger to help Deputy U.S. Marshal Wyatt Earp enforce the law

How a Chinese National Gained Access to Arizona's Terror Center (ProPublica) The un-vetted computer engineer plugged into law enforcement networks and a database of 5 million Arizona drivers in a possible breach that was kept secret for years

Chinese authorities target Internet Explorer and Windows Media Player in antitrust case (Win Buzzer) After raiding Microsoft's offices in Beijing, Shanghai, Guangzhou and Chengdu last month due to issues with "compatibility, bundling and document authentication", Chinese regulators are now targeting the Redmond-based giant's web browser and media player

Alabamians file lawsuit against hospital chain after cyber-attack by Chinese hackers (al.com) Five Alabamians have filed a federal class action lawsuit against a Tennessee-based hospital system after 4.5 million people across the U.S. were affected by a data breach

Data Breaches in the Cloud: Who's Responsible? (Government Technology) The cloud multiplier effect means data breaches in the cloud are increasing — and becoming more costly. With so many states and localities opting to host their data there, what happens when breaches occur?

Former HHS Cyber Security Director Convicted For Child Porn (Daily Caller) Former acting director of cyber security for the Department of Health and Human Services Timothy DeFoggi was convicted for a myriad of gruesome child pornography charges Tuesday, the Department of Justice announced

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Build IT Break IT Fix IT: Build IT (Online, August 28, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...

The Hackers Conference (New Delhi, India, August 30, 2014) The Hackers Conference is an unique event, where the best of minds in the hacking world, leaders in the information security industry and the cyber community along with policymakers and government representatives...

SEACRYPT 2013 (Vienna, Austria, September 2 - 4, 2014) The purpose of SECRYPT 2014, the International Conference on Security and Cryptography, is to bring together researchers, mathematicians, engineers and practitioners interested on security aspects related...

Build IT Break IT Fix IT: Break IT (Online, September 4, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...

Security B-Sides Cape Breton (Sydney, Nova Scotia, Canada, September 5, 2014) Security B-Sides Cape Breton is an open platform that gives security experts, enthusiasts, and industry professionals the opportunity to share ideas, insights, and develop longstanding relationships with...

BalCCon2k14: Balkan Computer Congress (Novi Sad, Serbia, September 5 - 7, 2014) The Balkan Computer Congress is an international hacker conference organized by LUGoNS — Linux Users Group of Novi Sad and Wau Holland Foundation from Hamburg and Berlin. It is the second conference...

Ground Zero Summit, Sri Lanka (Colombo, Sri Lanka, September 9 - 10, 2014) Ground Zero Summit 2014, Colombo will be a unique gathering of Cyber Security Researchers, Hackers, CERTs, Corporates and Government officials to discuss latest hacks, exploits, research and cyber threats.

Detroit SecureWorld (Detroit, Michigan, USA, September 9 - 10, 2014) Two days of cyber security education and networking. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has...

Cyber Attack Against Payment Processes Exercise 1 (Online, September 9 - 10, 2014) FS-ISAC, the Financial Services Information Sharing and Analysis Center will conduct its fifth annual simulated cyber security exercise related to payment processes used by banks, community institutions,...

AFCEA TechNet Augusta 2014: Achieving Force 2025 Through Signals and Cyber (Augusta, Georgia, USA, September 9 - 11, 2014) The overall theme of TechNet Augusta 2014 is "Achieving Force 2025 Through Signals and Cyber." The overall focus is on Army ground forces, including Joint component interface, other Department of Defense...

Build IT Break IT Fix IT: Fix IT (Online, September 12, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...

Suits and Spooks London (London, England, UK, September 12, 2014) On September 12th, in London's South bank neighborhood of Southwork, approximately 50 former intelligence officials, corporate executives, and security practitioners from the U.S. and the EU will gather...

NOPcon Security Conference (Istanbul, Turkey, September 16, 2014) NOPcon is a non-profit hacker conference. It is the only geek-friendly conference without sales pitches in Turkey. The conference aims to learn and exchange ideas and experiences between security researchers,...

5th Annual Billington Cybersecurity Summit (Washington, DC, USA, September 16, 2014) The 5th Annual Billington Cybersecurity Summit, a leading conference produced by Billington CyberSecurity, will feature an all-star cast of cybersecurity speakers including Admiral Michael Rogers, Commander,...

SINET Global Summit (London, England, UK, September 16 - 17, 2014) "Advancing Global Collaboration and Innovation." Global Summit focuses on building international public-private partnerships that will improve the protection of our respective homeland's critical infrastructures,...

Cyber Attack Against Payment Processes Exercise 2 (Online, September 16 - 17, 2014) FS-ISAC, the Financial Services Information Sharing and Analysis Center will conduct its fifth annual simulated cyber security exercise related to payment processes used by banks, community institutions,...

Global Identity Summit (Tampa, Florida, USA, September 16 - 18, 2014) The Global Identity Summit is focused on identity management solutions for corporate, defense and homeland security communities. This conference and associated exhibition bring together a distinctive,...

Fraud Summit Toronto (Toronto, Ontario, Canada, September 17, 2014) From account takeover to payment card fraud and the emerging mobile threatscape, the ISMG Fraud Summit series is where thought-leaders meet to exchange insights on today's top schemes and the technology...

Defense Intelligence Agency (DIA)/National Intelligence University (NIU) Open House (Washington, DC, USA, September 17, 2014) On September 17, 2014, the National Intelligence University (NIU) will hold a Tech Expo as part of its annual "NIU OUTREACH DAY" in the Tighe Lobby of DIA Headquarters on Joint Base Bolling-Anacostia.

Cloud Security Alliance Congress 2014 (, January 1, 1970) This year, the CSA and the International Association of Privacy Professionals (IAPP) are combining their Congress US and Privacy Academy events into a conference in the heart of Silicon Valley that will...

ICS-ISAC Fall Conference (Atlanta, Georgia, USA, September 17 - 20, 2014) Cybersecurity issues — such as the DHS release of Operation Aurora information; legislation like CISA (S. 2588), CIRDA (H.R. 2952) & H.R. 3696; and the NIST Cybersecurity Framework — can leave...

Ft. Meade Technology Expo (Fort Meade, Maryland, USA, September 18, 2014) The Ft. Meade Technology Expo is a one-day event held at the Officers' Club (Club Meade) on base. Industry vendors will have the unique opportunity to showcase their products and services to personnel...

The 2014 Cyber Security Summit (New York, New York, USA, September 18, 2014) The Cyber Security Summit, an exclusive conference series sponsored by The Wall Street Journal, has announced their second annual event in New York City. The event will connect C-Level & Senior Executives...

NYIT Cyber Security Conference (New York, New York, USA, September 18, 2014) Presented by NYIT's School of Engineering and Computing Sciences, this conference will address a broad range of pressing topics including privacy; innovations in enterprise security; systems security and...

Dutch Open Hackathon (Amsterdam, the Netherlands, September 20 - 21, 2014) Join leading Dutch companies, during a 30-hour hackathon, as they open up APIs and technologies. Work together and develop new applications and drive global innovation

St. Louis SecureWorld (, January 1, 1970) Offering two days of cyber security education. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has emerged...

Workshop on Cryptographic Hardware and Embedded Systems 2014 (CHES 2014) (Busan, Korea, September 23 - 26, 2014) The annual CHES workshop highlights new results in the design and analysis of cryptographic hardware and software implementations. CHES provides a valuable connection between the research and cryptographic...

Rock Stars of Cybersecurity (Austin, Texas, USA, September 24, 2014) The unprecedented Target breach and NSA spying scandal have put cybersecurity in the global spotlight. With cyberattacks on the rise, it is now even more important to learn how to identify weaknesses and...

VB2014 (, January 1, 1970) Over its 24-year history, the VB conference has become a major highlight of the IT security calendar, with many of its regular attendees citing it as the security event of the year. The conference provides...

DerbyCon 4.0 (Louisville, Kentucky, USA, September 24 - 28, 2014) Welcome to DerbyCon 4.0 — "Family Rootz". This is the place where security professionals from all over the world come to hang out. DerbyCon 4.0 will be held September 24-28th, 2014. DerbyCon 2013...

BruCON 2014 (Ghent, Belgium, September 25 - 26, 2014) BruCON is an annual security and hacker conference providing two days of an interesting atmosphere for open discussions of critical infosec issues, privacy, information technology and its cultural/technical...

ROOTCON 8 (, January 1, 1970) ROOTCON is the first hacking convention in the Philippines. A hacker conference and not a seminar, training or a workshop. It will feature the following tracks: advanced HTTP header security analysis,...

INTEROP (New York, New York, USA, September 29 - October 3, 2014) Interop returns to New York with practical and visionary conference sessions designed to help you accelerate your career. This year's conference tracks include: Applications, Business of IT, Cloud Connect...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.