skip navigation

More signal. Less noise.

Daily briefing.

June 4 marks the twenty-fifth anniversary of the Tiananmen Square protests, with both hacktivists and Chinese security authorities expected to observe it in their diverse ways. Increased social media censorship is already reported in China.

In the Middle East, FireEye reports that the Molerat hacktivists are back. Possibly associated with the "Gaza Hackers Team," the Molerats have reopened campaigns against European and US government agencies with unsophisticated attacks (commonly known malware, no zero-days). FireEye hesitates to attribute control of the Molerats to any government.

The Syrian Electronic Army resumes its hacks against media outlets deemed insufficiently admiring of the Assad regime. CSO describes what it's like to be on the receiving end of the SEA's attentions. Like the Molerats, they're neither particularly skillful nor innovative, but they're a dangerous nuisance nonetheless.

Heartbleed remains a risk, but don't be taken in by Heartbleed-removal phishing.

TrueCrypt may be returning under new management.

An international police effort cripples the GOZeuS botnet and its CryptoLocker payloads, but authorities warn that Windows users in particular should expect a dangerous residual attack wave in about two weeks. The UK's NCA offers some useful advice on protection. FBI investigation has led to the indictment of Russian GOZeus mob boss Evgeniy Bogachev. (US readers will find his mug shot in post offices nationwide.) Information sharing with businesses contributed to the investigation.

A Fedsoop leader calls for formation of a US Federal cyber police agency, but it seems the country may already have one in the FBI's Pittsburgh office.

Notes.

Today's issue includes events affecting Australia, China, European Union, Israel, Latvia, Macedonia, New Zealand, Palestinian Territories, Russia, Slovenia, Syria, Turkey, Ukraine, United Kingdom, United Nations, United States..

Cyber Attacks, Threats, and Vulnerabilities

Cyber Crackdown On June 4 Anniversary Forums (New Tang Dynasty Television) A social network meeting to commemorate the 25th Anniversary of June 4 Massacre experienced an unprecedented cyber attack. The Internet conference room was interfered and multiple backup conference rooms were also attacked. The web servers were down and the live broadcast websites were also down. The entire activities were seriously jeopardized. Organizers explain the meeting's theme as "Down the CCP" and believed the Communist regime conducted the attack

Middle East hackers target Europe and US (Financial Times) A group of Middle Eastern hackers has targeted European national governments and a major US financial institution in a recent cyber espionage campaign, according to research by FireEye, the US cyber security company

Molerats Cyber-Attack Activity Escalating (eWeek) New attacks reported by FireEye show China isn't the only part of the world targeting the U.S. with cyber-espionage

Inside an attack by the Syrian Electronic Army (CSO) The pro-Assad hacker's aren't all that special really, but don't think them harmless

'Two Weeks' To Prepare For Cyber Attack (Sky News) The rogue software can silently spy on users' bank account details and demand a ransom for regaining access to files

Protect yourself against new malware threat on Windows computers (GetSafeOnline) This page has been created to help you protect your computer, your finances, your identity and your family against a new global online threat. The threat is targeted at random private individuals and small businesses, so it is critical that you read this page and apply our advice immediately if you have a computer running any version of the Windows operating system — including Windows running as a virtual machine on an Apple Mac, any server running Windows and Windows embedded. This is not a case of isolated attacks, as over 15,000 computers in the UK alone are thought to have been already affected

Serious flaw in GnuTLS library endangers SSL clients and systems (IT World) A vulnerability patched in the GnuTLS library can potentially be exploited from malicious servers to execute malware on computers

Dangerous App Boasts a Million Downloads on Google Play (eSecurity Planet) The file management and optimization app is capable of sending SMS messages to premium rate numbers without the user's consent

Heartbleed Exploitable Over Enterprise Wireless Networks (Threatpost) Regardless that the fervor over the Heartbleed OpenSSL vulnerability has died down considerably, patching the bug should remain a top priority for enterprises because researchers continue to find new exploit vectors

SSL: Security's Best Friend Or Worst Enemy? (Dark Reading) A new report shows that applications using SSL are on the rise in enterprises, putting them at greater risk of attacks that hide in plain sight or use vulnerabilities like Heartbleed

Phishing campaign touts fake 'Heartbleed removal' tool (ComputerWorld) The program attached to the emails is actually a keylogger, according to Trend Micro

Beware the next circle of hell: Unpatchable systems (InfoWorld) Insecure by design and trusted by default, embedded systems present security concerns that could prove crippling

Researchers: Mobile Applications Pose Rapidly Growing Threat To Enterprises (Dark Reading) The average user has about 200 apps running on his smartphone — and they're not all safe, Mojave Networks study says

Linkin Park's Facebook page suffers hack attack (Hot for Security) The official Facebook page of rock band Linkin Park has been hacked, and its 62 million fans bombarded with spam messages containing coarse images and out-of-character links to third-party sites

Power Equipment Direct Acknowledges Data Breach (eSecurity Planet) Screenshots of checkout pages were stolen from the evening of May 4, 2014 until the morning of May 5, 2014

Stolen Laptop Exposes 46,771 Insurance Clients' Data (eSecurity Planet) The laptop contained 46,771 Union Labor Life benefit plan participants' names, addresses and Social Security numbers

Security Patches, Mitigations, and Software Updates

Apple announces OS X Yosemite (IT World) Apple on Monday announced that the next version of the Mac OS — dubbed OS X Yosemite, after the popular National Park in California — will be available as a free upgrade to the public this fall

Cyber Trends

Latin American + Caribbean Cyber Security Trends (Symantec) This report provides an overview of cybersecurity and cybercrime related developments in Latin America and the Caribbean in 2013. It assesses the major trends in the region in terms of the threats to the cyber domain and those who depend on it, from government institutions to private enterprises to individual users. It also takes stock of the advances made by government authorities to better address the challenges they face in an increasingly connected and ICT-dependent world

Enterprises need to reinstate the security perimeter eroded by mobility: Q&A with Martyn Wiltshire of SanDisk (FierceMobileIT) The mobility trend is driving major changes throughout the enterprises, especially within IT departments. They are being challenged to enable the worker productivity these devices promise, while ensuring that corporate networks and data remain secure

Cloud more secure that ever, but transparency needed: Verizon (ARN) Telecommunications vendor positions transparency as an enabler for security in the Cloud

CHART: The Dizzying Complexity Of Cyber Warfare (Business Insider) In January of 2013, the Pentagon's Defense Science Board released an alarming report about the military's vulnerability to an advanced cyber attack. "The cyber threat is serious," the report states in its opening pages, "and [the] United States cannot be confident that our critical Information Technology systems will work under attack from a sophisticated and well-resourced opponent"

Internet voting: A really bad idea whose time has come (ZDNet) Believe it or not, most states have some provisions for allowing people to vote over the Internet. The pressure is on to expand it, even though a secure online voting system is impossible using today's technology

Building Security's Brand for Better Buy-in (Security Magazine) In a wired world that is also full of risk, an enterprise's reputation can be destroyed in hours

Marketplace

Hacker Conference Will Invite Feds Back — in 2016 (Nextgov) The Defense Advanced Research Projects Agency is expected to announce on Tuesday a deal with DEF CON to hold the final round of DARPA's two-year Cyber Grand Challenge at the organization's 2016 Las Vegas conference.

Splunk Disappoints with Full Year Revenue Guidance; OmniVision Technologies Soars to New Yearly High (Baystreet) Splunk, Inc. (NASDAQ: SPLK) shares closed down 16.35% on about 19.3 million shares traded. The stock was a big decliner on the NASDAQ this past Friday and even hit a new yearly low of $41.05. The company revealed guidance for full-year revenue that was in line with analysts' expectation while investors waited for raised guiadance. Splunk's management expects fiscal 2015 revenue between $402 million and $410 million, just shy of an average $410.9 million estimated by analysts surveyed by Thomson Reuters

CSC opens Australian Security Operations Centre (ZDNet) CSC has announced the opening of a new Australian Security Operations Centre, with the Sydney-based centre one of only five such operations globally for the company

CACI nabs $41M contract to support Army SIGINT system (Washington Technology) CACI International has won a $41 million contract to provide lifecycle support for the Army's airborne signals intelligence location and dissemination system

MacAulay-Brown, Inc. Appoints Industry Veteran to Drive Strategic Business Initiatives Throughout the Department of Defense, Special Operations and Homeland Security (Globe News Wire) MacAulay-Brown, Inc. (MacB), a leading National Security company delivering advanced engineering services and product solutions to Defense, Intelligence, Special Operations Forces, Homeland Security and Federal agencies, announced today that Bill Callaghan has joined the company as Vice President of Business Development. Based out of Shalimar, Fla., Callaghan will report directly to Fred Norman, Senior Vice President and General Manager of MacB's Mission Systems Group

Products, Services, and Solutions

TrueCrypt Is Back, But Should It Be? (Forbes) Last week I wrote about the suspicious and abrupt announcement that TrueCrypt, a popular free open source encryption solution, was being abandoned and is considered "harmful and no longer secure". In the article I covered the potential motives for this including the technical challenges with producing full disk encryption on modern hardware and operating systems. Whilst at this time there is little to add in terms of the potential motives for this sudden announcement a variety of interesting things have happened to the project since — including announcements that mean TrueCrypt may not be as dead as we thought

TrueCrypt Cryptanalysis to Include Crowdsourcing Aspect (Threatpost) TrueCrypt may yet get forked, but it won't come at the hands of the Open Crypto Audit Project (OCAP), which has a working plan to move forward with a cryptanalysis of the open source encryption software

Open Crypt Audit Project considers taking over development of TrueCrypt (Help Net Security) The unexpected notice saying TrueCrypt isn't safe, which has apparently been posted last week by the developers of the software, took the security community by surprise and had opened the door for a lot of speculations

With Apple's blessing, a private search option arrives in Safari (Ars Technica) DuckDuckGo doesn't track users, says traffic rose 300 percent post-Snowden

Palo Alto and Fortinet Team Up on Cyber Threat-sharing (Infosecurity Magazine) Member organizations will be required to share at least 1,000 malware samples per day

FireEye Inc (NASDAQ:FEYE): Launches Network Threat Prevention Platform With IPS (US Trade Voice) FireEye Inc (NASDAQ:FEYE) has announced that it will launch the new Network Threat Prevention Platform with the new IPS features starting from June 2, 2014. FireEye is a leading name in the world of security applications that deals with the advanced cyber attacks. The new platform with IPS will be available as an add-on license to the NX series

Trend Micro and Broadcom Collaborate to Provide Home Gateway Security Solution (Wall Street Journal) Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global pioneer in security software, announced today a joint collaboration with Broadcom Corporation in the development of an integrated security solution optimized to protect home security networks from cyber threats and improve network visibility without compromising performance

Softpedia Editor's Review for USB Flash Security (Softpedia) An intuitive and reliable software solution that can protect the documents on your USB flash drive with a password of your choosing

NAS, Swett & Crawford to offer "state-of-the-art" cyber coverage (Insurance Business) According to a global survey conducted by the Economist Intelligence Unit, 80% of business executives do not feel adequately prepared to handle a cyber attack, even though 77% of companies have been the victims of cyber crimes in the past two years

Procera Networks' NAVL Engine Selected by Connectem for Industry's First Virtual Evolved Packet Core Solution (Wall Street Journal) NAVL OEM embedded software engine provides Internet intelligence through deep packet inspection for vEPC product in a virtualized environment

Argus v3.0.6 — Real Time Auditing Network Activity (Kitploit) Argus is a fixed-model Real Time Flow Monitor designed to track and report on the status and performance of all network transactions seen in a data network traffic stream. Argus provides a common data format for reporting flow metrics such as connectivity, capacity, demand, loss, delay, and jitter on a per transaction basis. The record format that Argus uses is flexible and extensible, supporting generic flow identifiers and metrics, as well as application/protocol specific information

Lumension Launches Mobile Device Management on Endpoint Management and Security Suite (Digital Journal) Concern over risk brought by mobile devices continue to keep IT security pros up at night — 75 percent of respondents to the fifth annual State of the Endpoint study by the Ponemon Institute say it's now their top risk, an increase of 733 percent from 2010

Technologies, Techniques, and Standards

Following the framework: Government standards (SC Magazine) Guidelines and practices to help key organizations reduce their internet-based risk. Delivering an accessible roadmap to guide the array of the nation's most vital organizations through cyber crisis does sound like a pretty tall order. That may be the reason why the very tool that sets out to do that is meeting with such a mixed bag of praise and criticism

How the NSA Could Bug Your Powered-Off Phone, and How to Stop Them (Wired) Just because you turned off your phone doesn't mean the NSA isn't using it to spy on you

Why endpoint backup is critical (Help Net Security) Enterprises are at an increasing risk for data loss due to the growing amount of company data stored on endpoints—the laptops, smartphones, tablets and other devices which reside on the edge of the network

Threat intelligence versus risk: How much cybersecurity is enough? (TechTarget) Security officers who view threat intelligence and risk management as the cornerstone of their security programs may have advantages over peers who face constraints when it comes to taking advantage of the available data

Cyber event triggered process rethink, says US national lab CIO (CIO UK) Tech chief Mike Bartell also feels IT enablement paradigm particularly relevant for Oak Ridge National Laboratory

A journey to abused FTP sites (story of: Shells, Malware, Bots, DDoS & Spam) - Part 1 (Malware Must Die!) If you are having an experience as a system administration in an ISP, IDC or etc internet portal, security issues is part of the job description; you'll deal with IDS alerts, IR cases, and some claims to follow in your watched network territory. In my day work, I am receiving the cases escalated to my mailboxes from sysadmins of various services for those cases. If you are a "sysadmin" maybe this post will be a fine reading to you

A journey to abused FTP sites (story of: Shells, Malware, Bots, DDoS & Spam) - Part 2 (Malware Must Die!) As per explained in the first part, there were some IRC bots detected in the abused FTP sites reported, one of the bots called pbot(s), and in this part we will explain how the IRC Bot PHP Pbot evolved. In all of the cases 4, 5, 6 and 7 there are pbots found. I guess the IDS scanner can detect some significant strings to filter this contents of these bot's codes, good job

It's time to quarantine infected computers (Trend Micro CounterMeasures) Quarantine is a word derived from the the 17th century Venetian for 40 (quaranta). The purpose of quarantine is to separate and restrict the movement of otherwise healthy organisms who may have been exposed to disease, to see if they become ill. The 40 day period was designed to identify carriers of the Bubonic plague or Black Death, before they could go ashore and spread the contagion more widely. Desperate times call for desperate measures, nevertheless the concept was widely adopted and remains with us to this day

How The Math Of Biometric Authentication Adds Up (Dark Reading) Yes, it's true that if your authentication scheme only allows a single fingerprint you only have 10 choices. But there's no rule that says it has to be one, and only one

What the NSA can (and can't) mine from intercepted photos (Ars Technica) While facial recognition is getting easier, obtaining the images isn't

Design and Innovation

Twitter's new typeface neglects the countries where it's growing the fastest (Quartz) When companies tweak their designs, it often seems like little more than changing the drapes—or, literally, moving a few pixels around. But sometimes small changes reorient the user experience or quietly herald a shift in corporate strategy. So what to make of Twitter's May 30 announcement that it was switching its main typeface from Neue Helvetica to Gotham?

Apple just took another step towards obscuring the way the web works (Quartz) At Apple's Worldwide Developer Conference today the company rolled out a new look for its web browser, Safari. Apple executives didn't point it out, but sharp-eyed observers have noticed one significant change to the interface. The address bar truncates URLs to the domain-name level

Research and Development

Automating Cybersecurity (New York Times) If only computers themselves were smart enough to fight off malevolent hackers

Cyber Security Research Alliance Workshop Pursuing 'Roots of Trust' Research Focus to Protect Cyber Physical Systems (Broadway World) Cyber Security Research Alliance Workshop Pursuing 'Roots of Trust' Research Focus to Protect Cyber Physical Systems The Cyber Security Research Alliance (CSRA) today announced that it will prioritize research in "Roots of Trust" for cyber physical systems (CPS), to help address growing cyber security threats to public and private critical infrastructure. With this affirmation of the CSRA's research direction, additional industry participation in CSRA is now sought, to bring industry perspectives and insights to the early stages of research, and later to leverage industry strengths for the transition from research to practice

Academia

ISU cyber-security program earns national recognition (Des Moines Register) Iowa State University has been recognized as one of the nation's top cyber-security programs

Legislation, Policy, and Regulation

White House security strategy maintains pressure for congressional action on cyber (Inside Cybersecurity) The White House's upcoming National Security Strategy, which is not expected to offer much on cybersecurity, could serve to underscore the administration's stance on the need for congressional action to achieve national cybersecurity objectives

Agencies Seek Better DHS Incident Response Aid (GovInfoSecurity) GAO report: agencies provide pros, cons on DHS assistance

DISA searches for fit with evolving Cyber Command (Federal Times) As the Defense Department continues to build up its cyber forces, including with the hiring of some 6,000 cyber professionals in the coming months, officials are starting to piece together exactly where the Defense Information Systems Agency will fit in

Operationalizing Cyber is New Commander's Biggest Challenge ( American Forces Press Service) U.S. Cyber Command's greatest challenge is to operationalize cyberspace to turn the electro-digital network of networks into a command-and-control environment where warriors can see the adversary and whose operations defense leaders can integrate into options for commanders and policymakers, the new director of the National Security Agency and commander of U.S. Cyber Command said here last week

Military Evaluates Future Cyberforce (SIGNAL) The National Guard is receiving special attention, as experts determine how to optimize its resources

Don't let US freedoms tumble in balancing privacy, security (Youngstown Vindicator) Ever since the devastating 9/11 terrorist attacks on America, maintaining a proper balance between personal privacy and national security often has required the dexterity, tenacity and agility of a skillful high-wire artist

Is it finally time for federal cybersecurity law enforcement? (Fedscoop) Greetings to all my fellow techies. This week CNN reported that with the year not yet half over, 47 percent of all Americans have had their personal information stolen online. These thefts come from many of the high-profile attacks, like what happened with Target, Adobe, Snapchat, Neiman Marcus, Michaels, AOL and eBay, but not any of the smaller, likely unreported breaches that happen every day

Free DHS Cyber Assessments (ISS Source) Cyber attacks are growing and most people cannot deny that, but for the small- to medium-sized manufacturers, the idea of taking on a cyber security program can be daunting. That is why the Department of Homeland Security's (DHS) Office of Cybersecurity & Communications (CS&C) will conduct complimentary and voluntary assessments to evaluate operational resilience and cyber security capabilities within critical infrastructure sectors, as well as state, local, tribal, and territorial governments

12,000 Europeans ask Google to forget them (Naked Security) On the first day that Google unenthusiastically provided a form to allow Europeans to ask that their pasts be e-forgotten, 12,000 made the request, according to Agence-France Presse

Litigation, Investigation, and Law Enforcement

U.S. v Evgeniy Mikhailovich Bogachev et al and Disruption of Gameover Zeus and Cryptolocker (US Department of Justice) Due to public interest in this case, the Department of Justice is releasing documents that may not be in an accessible format. If you have a disability and the format of any material on the site interferes with your ability to access some information, please email the Department of Justice webmaster at webmaster@usdoj.gov or contact Office of Public Affairs at 202.514.2007. To enable us to respond in a manner that will be of most help to you, please indicate the nature of the accessibility problem, your preferred format (electronic format (ASCII, etc.), standard print, large print, etc.), the web address of the requested material, and your full contact information so we can reach you if questions arise while fulfilling your request

International action against Gameover Zeus botnet and CyptoLocker ransomware (Help Net Security) On Friday, 30 May 2014, law enforcement agencies from across the world, supported by the European Cybercrime Centre (EC3) at Europol, joined forces in a coordinated action led by the FBI which ensured the disruption of the Gameover Zeus botnet and the seizure of computer servers crucial to the malicious software known as CryptoLocker

FBI, EuroPol And NCA Hijack Botnet And What You Should Do (Forbes) I love it when life is made hard for cyber criminals, but the truth is it doesn't happen very often . You would think writing malicious code is hard, but it often isn't. You would think that users follow simple security best practice and that attackers have to come up with new high end attacks, but they often do not. It is therefore a good day when law enforcement or the legitimate Internet user community get one up on the cyber criminals. Today is such a day

Has CryptoLocker been cracked? Is Gameover over? (Naked Security) Gameover, also known as Gameover Zeus, is one of the most notorious botnets of recent times, used to grab covert control of innocent users' computers and to "borrow" them to carry out cybercrime on a giant scale

Evgeniy Bogachev: The shaven-headed hacker who likes to go boating around the Black Sea (Graham Cluley) Have you seen this man? If so, the FBI would love to know his whereabouts

Russian Evgeniy Bogachev sought over cybercrime botnet (BBC News) The US has charged a Russian man with being behind a major cybercrime operation that affected individuals and businesses worldwide

Pittsburgh FBI agents help to nab Russian-based cybercrime schemes (Pittsburgh Tribune-Review) FBI cyber agents in Pittsburgh helped bring down two Russian-based cybercrime schemes that infected more than a half-million computers around the world and stole more than $100 million in the United States alone

Businesses can do more in battle against Gameover Zeus-like botnets (CSO) More cooperation and sharing information with law enforcement can be more effective in battling botnets than spending more money on technology, experts say

No public action on China cyber spy case despite attorney general's pledge (AP via the Fort Frances Times) In the two weeks since the Obama administration, with fanfare, accused five Chinese military officers of hacking into American companies to steal trade secrets, they have yet to be placed on Interpol's public listing of international fugitives, and there is no evidence that China would even entertain a formal request by the U.S. to extradite them

What Are Today's Top Cyber Crime Threats? (Bloomberg TV) Tom Kellerman, chief cybersecurity officer at Trend Micro, and Gene West, an instructor at the FBI National Academy, discuss combating cyber crime with Trish Regan on Bloomberg Television's "Street Smart"

Former NSA head: Snowden has done irreparable harm to national security (Washington Post) Former National Security Agency director Michael Hayden, speaking on CBS's "Face the Nation," insisted that Edward Snowden has harmed national security by disclosing previously classified NSA data-collection programs to The Washington Post and other news media outlets

U.S. Destroyed Key Spy Records, EFF Claims (Courthouse News Service) The government violated court orders to preserve records showing that the National Security Agency illegally spied on ordinary Americans, a digital watchdog group says

Federal Information Security Management Act Audit for Fiscal Year 2013 (US Department of Veterans Affairs) Attached is our report on the performance audit we conducted to evaluate the Department of Veterans Affairs' (VA) compliance with the Federal Information Security Management Act of 2002 (FISMA) for the federal fiscal year ending September 30, 2013 in accordance with guidelines issued by the United States Office of Management and Budget (OMB) and applicable National Institute for Standards and Technology (NIST) information security guidelines

Reported Paris Hilton hacker cops to new intrusions targeting police (Ars Technica) Two-year hacking spree ransacked e-mail account belonging to chief of police

Hospital Employee Pleads Guilty to Identity Theft (eSecurity Planet) Detrius Elliott stole the identities of at least 78 hospital patients' financial guarantors

Alleged robber caught after trying to befriend his victim on Facebook (Naked Security) An alleged robber who police say bashed a woman on the head before robbing her was caught after he tried to befriend her on Facebook the next day

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Area41 (, January 1, 1970) Area41 is an international security technology and research conference offering both trainings/workshops and traditional presentation tracks.

The Device Developers' Conference: Manchester (Manchester, England, UK, June 3, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...

17th Annual New York State Cyber Security Conference and 9th Annual Symposium on Information Assurance (Albany, New York, USA, June 3 - 4, 2014) The 17th Annual New York State Cyber Security Conference (NYSCSC '14) and 9th Annual Symposium on Information Assurance (ASIA '14) is a two day event co-hosted by the New York State Office of Information...

NSA SIGINT Development Conference 2014 (, January 1, 1970) This classified conference will focus on the preeminent intelligence issues facing those who are tasked with SIGINT as part of their mission. Over 1500 participants from the US intelligence community and...

Cyber Security Summit (Huntsville, Alabama, USA, June 4 - 5, 2014) The North Alabama Chapter of the Information Systems Security Association and Cyber Huntsville Corporation are hosting the 6th annual Cyber Security Summit June 4-5 in the South Hall of the Von Braun Center.

AFCEA Presents: Insider Threat to Small Business (Fairfax, Virginia, USA, June 5, 2014) One of the biggest myths is that "I'm too small for cyber attackers to care about me." This common misperception leads to tremendous vulnerabilities as companies do not understand implications for their...

The Device Developers' Conference: Scotland (Uphall, Scotland, UK, June 5, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...

The 2014 Cyber Security Summit (DC Metro) (Tysons Corner, Virginia, USA, June 5, 2014) The Cyber Security Summit, an exclusive conference series sponsored by The Wall Street Journal, has announced their inaugural DC Metro event. The event will connect C-Level & Senior Executives responsible...

MIT Technology Review Digital Summit (, January 1, 1970) The MIT Technology Review Digital Summit examines tomorrow's digital technologies and explains their global impact on both business and society. You'll get insider access to the innovative people and companies...

Cyber 5.0 Conference (Laurel, Maryland, USA, June 10, 2014) The mission of the Cyber Conference is to provide a forum for small and mid-sized businesses in Howard County and the region to access industry and government leaders with current information on cybersecurity...

What to Consider when Preparing to Purchase Cyber Insurance Webinar (Webinar, June 11, 2014) With the many cyber/data breach insurance policies that are available today, there are important considerations that organizations need to know before purchasing cyber/data breach insurance coverage. Join...

Global Summit on Computer and Information Technology (, January 1, 1970) The summit is hosting multiple conferences in different areas of Computer & Information Technology. CIT is a major platform for researchers and industry practitioners from different fields of computer...

NRC Cyber Security Seminar/ISSO Security Workshop (Bethesda, Maryland, USA, June 16, 2014) NRC will be hosting its second NRC Semi-Annual All-Hands ISSO Workshop. This workshop will consist of computer security policy, standards, cybersecurity, guidance, FISMA compliance, and training updates.

2014 Spring National SBIR Conference (Washington, DC, USA, June 16 - 18, 2013) SBIR/STTR programs are the nation's largest source of early stage / high risk R&D funding for small business. At this conference you'll learn how to participate and compete for funding in these two programs...

18th Annual Colloquium for Information Systems Security Education (, January 1, 1970) The Colloquium recognizes that the protection of information and infrastructures that are used to create, store, process, and communicate information is vital to business continuity and security. The Colloquium's...

MeriTalk's Cyber Security Brainstorm (Washington, DC, USA, June 18, 2014) This second annual event will take place on Wednesday, June 18 2014 at the Newseum in Washington D.C. The event will bring together Federal cyber security experts to share best practices, collaborate on...

Suits and Spooks New York (, January 1, 1970) Not another hacker conference. Suits and Spooks is a unique gathering of experts, executives, operators, and policymakers who discuss hard challenges in a private setting over two days. Suits and Spooks...

SANSFIRE (Baltimore, Maryland, USA, June 21 - 30, 2014) For more than 10 years, the Internet Storm Center has been providing free analysis and warning to our community. SANSFIRE 2014 is not just another training event. It is our annual "ISC Powered" event.

26th Annual FIRST Conference (Boston, Massachusetts, USA, June 22 - 27, 2014) The Forum of Incident Response and Security Teams (FIRST) is a global non-profit organization dedicated to bringing together computer security incident response teams (CSIRTs) and includes response teams...

Gartner Security & Risk Management Summit 2014 (National Harbor, Maryland, US, June 23 - 26, 2014) The Gartner Security & Risk Management Summit is the only time when the entire Gartner analyst and security and risk management community come together in one location to bring the latest research, insights...

AFCEA International Cyber Symposium (Baltimore, Maryland, USA, June 24 - 25, 2014) National security is continuously being redefined as awareness of the cyberspace domain evolves. Cyber threats and challenges grow every day. Successfully defending our networks requires a team approach.

United Nations Interregional Crime and Justice Research Institute Cyber Threats Workshop (Turin, Italy, June 27 - 29, 2014) The United Nations Interregional Crime and Justice Research Institute (UNICRI) is organizing a series of workshops and short courses within the framework of the UNICRI Journalism and Public Information...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.