skip navigation

More signal. Less noise.

Daily briefing.

As the EU this morning announces a sanction list of Russian interventionists and Crimean separatists, Crimea's breakaway parliament accuses the US of waging cyber warfare against the peninsula. Elsewhere, apparent hacktivists attacked various NATO sites over the weekend, citing allegations of NATO interference in Ukrainian affairs. This hacktivist group goes by "CyberBerkut," professes loyalty to deposed, pro-Russian president Viktor Yanukovych, and accuses the "Kiev Junta" of having hired Estonian-based NATO cyber operators to "suppress the truth" about Ukraine. It would be rash to regard CyberBerkut as operating independently of Russia's FSB.

Moscow has, probably correctly, attributed recent anti-Russian DDoS campaigns to Anonymous Caucasus, and not to Ukrainian hacktivists or government operators.

In the Middle East, the Syrian Electronic Army downs sites belonging to anti-Assad forces. The SEA also claims to have compromised US Central Command networks, but CENTCOM calls hogwash on this.

Flight MH370's disappearance remains mysterious. The incident has three cyber angles: the (far-fetched) possibility that the aircraft had been hijacked with the aid of hacking (lent currency by British security experts), the (real, extensive) importance digital forensics plays in the search, and the (depressing) uses the tragedy is finding as criminal phishbait.

LightsOut malware targeting electrical distribution is being distributed via energy sector watering holes.

In the US, Senator Feinstein's animadversions concerning CIA cyber operations draw analysis as a political pivot (and are described by former DCI Hayden as "a bit of a reach"). Representative Ruppersberger's newfound surveillance skepticism also attracts notice.

Investigators probe Communications Security Establishment Canada.

Notes.

Today's issue includes events affecting Canada, China, Estonia, Germany, Israel, Japan, Malaysia, Russia, Singapore, Syria, Ukraine, United Kingdom, United States..

Cyber Attacks, Threats, and Vulnerabilities

Crimean govt: Referendum website downed by cyber-attack from US (Russia Today) The official website of the Crimean referendum is down due to a cyber-attack that originated from the US, Crimean authorities say

UPDATE 3—NATO websites hit in cyber attack linked to Crimea tension (Reuters) Hackers brought down several public NATO websites, the alliance said on Sunday, in what appeared to be the latest escalation in cyberspace over growing tensions over Crimea

Kremlin says DDoS-attack unrelated to events in Ukraine (ITAR TASS) Earlier, the Kremlin's press service has confirmed that the official website of the Russian president became target of a cyber attack

Why There's No Real Cyberwar in the Ukraine Conflict (IEEE Spectrum) Warnings of a cyberwar between Ukraine and Russia over the recent Crimean crisis have been greatly exaggerated. From the start, Russia seems to have relied upon traditional military force and a barrage of old-fashioned "information war" propaganda in its swift takeover of Crimea. Whatever cyber attacks that have occurred so far probably represent the work of Russian or Ukrainian "hacktivists" rather than strategic military strikes, experts say

Syrian Electronic Army Hacks Website of Syrian National Coalition (Softpedia) The Syrian Electronic Army has breached and defaced the official website of the National Coalition for Syrian Revolutionary and Opposition Forces. A number of other sites related to the organization have also been targeted

Syrian Electronic Army claims they hacked U.S. Central Command (Albawaba News) Hackers loyal to Syrian President Bashar al Assad say they have accessed US military documents after penetrating the network of US Central Command (CENTCOM)

Centcom denies claims its computers were hacked (Tampa Tribune) U.S. Central Command is denying a claim made today by a pro Assad hacking group that it penetrated the command's computer system

New theory of 'Cyber Hijack' emerges (The Nation) A British anti-terrorism expert claimed cyber terrorists could have used a series of "codes" to hack the in-flight entertainment system and infiltrate the security software of the missing Malaysia Airlines MH 370 flight, reported International Business Times online on Monday

"Malaysian Airlines flight MH370 found" video is a scam (Help Net Security) Cyber scammers are misusing the public's interest in the fate of the recently disappeared plane on Malaysia Airlines flight MH370 to lure users into filling in online surveys and downloading malware

Multiple spamvertised bogus online casino themed campaigns intercepted in the wild (Webroot Threat Blog) Regular readers of Webroot's Threat Blog are familiar with our series of posts detailing the proliferation of social engineering driven, privacy-violating campaigns serving W32/Casino variants. Relying on affiliate based revenue sharing schemes and spamvertised campaigns as the primary distribution vectors, the rogue operators behind them continue tricking tens of thousands of gullible users into installing the malicious applications

Oracle VirtualBox Memory Corruption Vulnerabilities Uncovered (SecurityWeek) Researchers at Core Security uncovered a set of serious vulnerabilities affecting Oracle VirtualBox that can be targeted to remotely execute code

LightOut is Latest Cyber Threat to Target Energy Sector (InfoSecurity Magazine) What happens when the energy grid goes down? Well the lights, of course, go out. A fresh advanced persistent threat (APT) targeting the energy sector is thus aptly named LightsOut, and like previous attacks, it used a watering hole method to start its system compromise

SCADA Vulnerabilities Identified in Power, Petrochemical Plants (Threatpost) More than 7,600 different power, chemical and petrochemical plants may still be vulnerable to a handful of SCADA vulnerabilities made public this week

Invitations for Grand Theft Auto 5 PC Beta Testing Hide Malware (Softpedia) The PC version of Grand Theft Auto (GTA) 5 might become available at some point, but for the time being, it doesn't exist, not even in Beta. If you receive an email that appears to be an invitation for Beta testing, don't click on the links and don't open the attachment

Hackers Who Hijacked Mt. Gox CEO's Blog Tricked People into Installing Bitcoin Stealer (Softpedia) Last week, hackers breached and defaced the blog of Mark Karpeles, the CEO of the Bitcoin exchange Mt. Gox. They claimed to have exposed Karpeles' lies about hundreds of thousands of customer Bitcoins being stolen. However, experts say the attackers had a different agenda

Did Target's Security Blow it or Just Get Blown Up with Noisy Alerts? (Damballa) I'm going to play devil's advocate and challenge the notion that Target's security team was an epic failure

Banking Malware: Sophistication Rises In Longtime Botnet Families (CRN) Banking Trojans have long been stealing account credentials and draining accounts, and they have been steadily increasing. The malware can blow past most two-factor authentication and password schemes

The Long Tail of ColdFusion Fail (Krebs on Security) Earlier this month, I published a story about a criminal hacking gang using Adobe ColdFusion vulnerabilities to build a botnet of hacked e-commerce sites that were milked for customer credit card data. Today's post examines the impact that this botnet has had on several businesses, as well as the important and costly lessons these companies learned from the intrusions

Cancer email scam carrying Zeus malware hits thousands (Inquirer) Sick email hoax carries a Trojan that wants to steal your credentials

HealthSource of Ohio Data Breach Exposes 8,800 Patients' Personal Info (eSecurity Planet) Names, addresses and phone numbers were exposed, along with some Social Security numbers and credit card numbers

Seattle Archdiocese Hacked (eSecurity Planet) As many as 90,000 employees and volunteers may be affected

Stolen Backup Drives Expose Silversage Advisors Data (eSecurity Planet) Customers' names, mailing addresses, Social Security numbers, driver's license numbers and account information may have been exposed

Security Patches, Mitigations, and Software Updates

Twitter enables StartTLS for Secure Emails to prevent Snooping (The Hacker News) Twitter is taking users' privacy and security very seriously and in an effort to prevent Government snooping, the company has secured your Twitter emails with with TLS (Transport Layer Security)

Cyber Trends

Making the power grid safer by planning for failure (Reuters) Simultaneous attacks on just nine substations could black out the entire United States, according to a report in the Wall Street Journal, based on a confidential study by energy regulators

A Short History of Spam (Counterpunch) Objects can talk in cartoons and fairy tales: toys tell their stories. Now our domestic appliances have begun to speak, and they would like to sell us pills and porn, and for us to give them our bank details

Marketplace

Lockheed Martin Moves To Dominate Cyber Defense Of Electric Grid & Energy Complex (Forbes) Lockheed Marin, the world's biggest defense company, did something unusual this week. It bought a commercial cybersecurity firm called Industrial Defender. The firm is a leading player in the rapidly growing business of protecting electric grids, oil pipelines and chemical plants against cyber threats. What's unusual isn't the fact that a military contractor is buying a commercial firm; Lockheed has invested extensively in commercial ventures ranging from renewable energy to aquaculture to deep-sea mining to pilot training. What's unusual is that the company is looking outside its sprawling information-technology unit for cyber expertise. Near as I can tell, this is the first time Lockheed Martin has ever bought a cybersecurity provider

Why Home Security Providers Should Feel Insecure In The Smart Home Era (Forbes) When you look for areas ripe for disruption in the smart home era, home security monitoring is near the top of the list

Cabinet Office launches Cyber Security Challenge 'masterclass' (Computing) Minister for the Cabinet Office Francis Maude today launched a masterclass in which amateur cyber defenders will compete to protect the City of London from a simulated cyber attack

We never shared client data with NSA: IBM (Dehli Daily News) In an apparent effort to distance itself from the US National Security Agency and its controversial snooping programme, US technology giant IBM on Friday released a letter claiming that the company never cooperated with the NSA

How Belfast can tap into the future of safer software (Belfast Telegraph) Northern Ireland could be a hub for the development of software to help fight cyber crime and data fraud, a global conference in Belfast has heard

Lookout Names Former Akamai Exec Jim Dolce as CEO (SecurityWeek) Mobile security firm Lookout, Inc. announced on Thursday that Jim Dolce has taken the role as the CEO of the company, replacing Founder John Hering

Products, Services, and Solutions

AlienVault Unified Security Management: Real-Time Threat Detection Starting on Day 1 (The Hacker News) IT Infrastructure of organizations is growing ever more distributed, complex and difficult to manage. To manage such networks, a log management solution is not enough

Raytheon cross domain product awarded top honors at Info Security's Global Excellence Awards (Wall Street Journal) Trusted Thin Client® recognized as a gold winner in "Security Products and Solutions for Government"

Technologies, Techniques, and Standards

Who is winning the 'crypto-war'? (BBC) In the war over encryption between the NSA and privacy activists, who is winning? Ladar Levison sits exhausted, slumped on a sofa with his dog Princess on his lap. He is surrounded by boxes after he moved into a new house in the suburbs of Dallas, Texas, the previous day

Fred Cohen on Simplifying Security Assessments for Critical Infrastructure (Tripwire: The State of Security) "In order to know what's going on in an enterprise you need to do a study that takes 6 months and costs $250,000," said Fred Cohen of Fearless Security in conversation with Chris Blask, Chair of the Industrial Control System Information Sharing and Analysis Center (ICS-ISAC), at the 2014 RSA Conference in San Francisco

Mastering 4 Stages of Malware Analysis (Lenny Zeltser on Security) Examining malicious software involves a variety of tasks, some simpler than others. These efforts can be grouped into stages based on the nature of the associated malware analysis techniques. Layered on top of each other, these stages form a pyramid that grows upwards in complexity. The closer you get to the top, the more burdensome the effort and the less common the skill set

Gone phishing: Army uses Thrift Savings Plan in fake e-mail to test cybersecurity awareness (Washington Post) An ominous e-mail message landed in the inboxes of a small group of U.S. Army employees last month, warning of a security breach in their federal retirement plans and urging them to log in and check their accounts

Social engineering attacks: Is security focused on the wrong problem? (TechTarget) Malicious social-engineering attacks are on the rise and branching out far beyond simply targeting the financial sector. While some organizations develop employee-awareness training or solicit pen testing, or use some combination of the two, these preventive tactics can only go so far

A risk equation unravels the cloud security paradox (TechTarget) How many times have you heard "the cloud provides better security" or "the cloud provides worse security" than your own environment? We've all witnessed this ongoing debate countless times in recent years. Usually, the proponents on both sides of the argument take a position based on a subset of information and some presumed state of affairs in today's data centers

Big data is not little data writ large — it changes everything (TechTarget) The origins of confusion … The real challenge with big data is that it is called big data. The nomenclature (thanks, marketing!) stimulates a reflexive response — an almost instantaneous, emotional and physiological need to compare the target term big data with its seemingly diminutive predecessor, simply data — or, as I now like to call it, little data

Mobile VPNs: Battered but not broken (ComputerWeekly) Security chiefs would be forgiven for worrying about their virtual private networks (VPNs), especially those sitting on employee-owned mobiles

UK holds cyberwar game in Churchill's WW2 bunker (AP via WTVM 9) Bent over their computers in a World War II-era bunker beneath London's streets, dozens of young techies have spent Friday racing to understand why Britain's banking network suddenly seems to have gone offline

Research and Development

New Authenticated Encryption Algorithm Features Robust Resistance to Multiple Misuse (MarketWatch) Nippon Telegraph and Telephone Corporation (tokyo:9432) and Mitsubishi Electric Corporation (tokyo:6503) announced today that in collaboration with the University of Fukui they have jointly developed an authenticated encryption algorithm offering robust resistance to multiple misuse. The algorithm has been entered in the Competition for Authenticated Encryption: Security, Applicability, and Robustness (CAESAR) project, based on which the algorithm is expected to be deployed for increasingly secure and reliable information technology

Phone record surveillance can yield vast amounts of information (Imperial Valley News) The National Security Agency's mass surveillance of telephone metadata could yield detailed information about the private lives of individuals far beyond what the federal government claims, according to new Stanford research

Legislation, Policy, and Regulation

Draft EU-U.S. trade 'declaration' seeks to preserve long-standing privacy deal (Inside Cybersecurity) Trade negotiators from the European Union and the United States who have been meeting this week in Brussels have drafted a "declaration" on the progress of the talks that includes language on digital data flows intended to protect a long-standing agreement on protecting private information

China censors hit popular WeChat accounts (C/Net) Government watchdogs have scrubbed from the Web the accounts of several journalists as Beijing wraps up its annual parliament meeting

Feinstein's CIA accusation seen as possible pivot (Orange County Register) Comedian Jon Stewart skewered Sen. Dianne Feinstein this week, mocking the longtime defender of aggressive intelligence gathering for being outraged when she discovered the CIA's spying was turned, as she alleges, on her own Senate staff

Michael Hayden: Dianne Feinstein charge 'a reach' (Politico) Former Central Intelligence Agency and National Security Agency Director Michael Hayden dismissed charges made earlier this week that the CIA spied on Senate Intelligence Committee staffers, saying to call it such is "a bit of a reach"

Ruppersberger's change of heart on the NSA [Editorial] (Baltimore Sun) Our view: The Maryland congressman has been a staunch defender of U.S. intelligence practices, so his acknowledgment of the need for reform demands attention

US Cyber Moves Beyond Protection (Defense News) Arguments for boosting US cyber spending over the past couple of years have largely begun with the need to greatly improve the resilience of government networks and ended with a call to grow the cyber force

Is Snowden reshaping global privacy? (Naked Security) This week, the European Parliament met and discussed written testimony from US whistleblower Edward Snowden

It's time to let Snowden go (Slate via the Orlando Sun-Sentinel) Edward Snowden lit up the audience this week at SXSW in Austin, Texas. Speaking via webcast from Russia, he covered everything from personal encryption tactics to the future of American democracy. The encrypted interview might have had terrible audio — but the content was excellent. Whatever policy and social reforms come out of his revelations will either revitalize or discourage America's democratic progress

National Security Agency Misreads PR (O'Dwyer's) There is nothing wrong with the National Security Agency stealing or subverting encrypted material or stockpiling the data of American citizens, according to Vice Admiral Michael Rogers, who is Obama's choice to lead the spy agency

Cyber Command headed toward unified command status (Federal News Radio) Four years after its inception, the time has come to elevate U.S. Cyber Command to the status of a full unified combatant command, its outgoing chief said Wednesday

Gen. Keith Alexander: We Will Miss You (Lawfare) Throughout American history occasional strategic thinkers have transformed the way we think about new domains of warfare and security. Alfred Thayer Mahan conceived of the geostrategic role of sea power in a way that deeply influenced ideas about the role and importance of naval capabilities. General Billy Mitchell predicted the revolutionary effects of air power on 20th century warfare

Department of Defense Whistleblower Program (Department of Defense Inspector General) Inspectors General need sources. Our investigators, auditors, evaluators and inspectors rely on whistleblowers to provide information as a source of allegations and as original and corroborating evidence. Federal employees within the Executive are required to report corruption. When they do so through the Inspector General Act of 1978, the DoD IG can investigate alleged reprisal against those whistleblowers. Whistleblowing is not a 'nice to have' function; it is essential to the national security and defense mission of the Federal government

Defense Department Adopts NIST Security Standards (Dark Reading) DOD replaces longstanding information assurance process with NIST's holistic "built-in, not bolt-on," risk-focused security approach

White House exec joins DHS cyber team (Federal Times) The Department of Homeland Security has filled key roles within its Office of Cybersecurity and Communications (CS&C), the agency announced Wednesday

UK and Israel sign digital government agreement (ComputerWeekly) The UK and Israel have signed a memorandum of understanding (MoU) on digital government to benefit citizens, businesses and respective economies

James Brokenshire on the cyber role of the National Crime Agency (Computing) Immigration minister James Brokenshire, until recently security minister at Whitehall, has laid out the challenge ahead for the National Crime Agency (NCA), in an exclusive interview with Computing

This Open Source Coder Wants to be a Congressman (Wired) The patent system. Online privacy law. Bitcoin regulations. Net neutrality rules. In the coming years, policy makers may have as much influence on technology as the world's hackers do — if not more. So it should come as little surprise that a hacker is running for Congress

Singapore to Regulate Bitcoin Exchanges, Vendors (AFP via SecurityWeek) Singapore's central bank said Thursday it will regulate "intermediaries" for the Bitcoin virtual currency to prevent them from being used for money laundering and terrorist financing

In sudden announcement, US to give up control of DNS root zone (Ars Technica) In a historic decision on Friday, the United States has decided to give up control of the authoritative root zone file, which contains all names and addresses of all top-level domain names.

Congress nudged by NSA nominee to revive CISPA as intelligence reforms take shape (ZDNet) The NSA chief-in-waiting's testimony to Congress may be enough to inspire lawmakers to revive old cybersecurity legislation, which would indemnify Silicon Valley technology giants from sharing their users' data with the government

Litigation, Investigation, and Law Enforcement

Canada's electronic spy agency uncovers wrongdoing, ethics breaches (Canadian Press via the Brandon Sun) An investigation at Canada's secretive eavesdropping agency has uncovered misuse of public assets and "serious breaches" of the spy outfit's values and ethics code

Germany to probe wiretapping scandal (Turkish Press) German politicians are to invite U.S. whistleblower Edward Snowden to give evidence as part of a new investigation into the National Security Agency's phone and internet surveillance of senior German leaders, including Chancellor Angela Merkel

Don't upload health care data to Google cloud, UK groups say (TechWorld) Such sensitive data should never be uploaded to a provider outside the jurisdiction of the U.K, the groups said

NRA files 'Friend of the Court Brief' in appeal of NSA spying case (Examiner) On Friday, the National Rifle Association (NRA) announced through media communications that it has filed a brief in the United States Court of Appeals for the Second Circuit concerning the National Security Agency (NSA) spying case

Northwest Regional Computer Forensics Lab Receives Prestigious Accreditation (FBI) The American Society of Crime Laboratory Directors/Laboratory Accreditation Board (ASCLD/LAB) International recently accredited the Northwest Regional Computer Forensics Laboratory (NWRCFL) in digital and multimedia evidence

MtGox knowingly traded non-existent bitcoins for two weeks, filing shows (The Guardian) Collapsed bitcoin exchange reported loss of 'hundreds of thousands' of bitcoin two weeks before closing doors

Mind your wallet: The underworld loves Bitcoin (Indian Express) Criminals may already have made off with up to $500 million worth of Bitcoins since the virtual currency launched in 2009 — and you can double that if it turns out they emptied Mt Gox

Cyber gang behind £1.25m 'KVM' bank fraud convicted (SC Magazine) Members of a cyber crime gang that stole more than £1.25 million from Barclays Bank using a 'KVM' device have been convicted at Southwark Crown Court

What Did Weintraub Know About Madoff Ponzi Scheme? (InformationWeek) Defense attorney suggests that Liz Weintraub, Madoff's deceased former head of IT, helped devise the deceptive code that enabled Ponzi scheme

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Fourth Annual China Defense and Security Conference (Washington, DC, USA, March 25, 2014) The Jamestown Foundation will hold its Fourth Annual China Defense and Security Conference on March 25 in Washington, D.C. In keeping with the Foundation's mission, the conference will focus on understanding...

Nuclear Regulatory Commission ISSO Security Workshop (, January 1, 1970) Exhibitors will have the opportunity to showcase cutting-edge products and services available in today's market. All companies specializing in products and services that would benefit the NRC workforce...

ICS Summit 2014 (Lake Buena Vista, Florida, US, March 17 - 18, 2014) The 9th Annual North American ICS Security Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset...

27th Annual Federal Information Systems Security Educators' Association (FISSEA) Conference (, January 1, 1970) The 27th Annual Federal Information Systems Security Educators' Association (FISSEA) Conference will be held at the National Institute of Standards and Technology on March 18-20, 2014, exhibits will be...

Security Policy Reform Implications for Industry: Maintaining Momentum for Transformational Change (Chantilly, Virginia, USA, March 20, 2014) Join INSA's Security Policy Reform Council for Security Policy Reform Implications for Industry: Maintaining Momentum for Transformational Change at the SI Organization in Chantilly, VA. This unclassified,...

Suits and Spooks Singapore (, January 1, 1970) Our first international Suits and Spooks conference will be held in Singapore with a visit to Malaysia on March 20-21, 2014. The focus will be on how multi-national corporations can profitably operate...

MCT-Congress: Going Mobile with Clinical Trials (Edinburgh, Scotland, UK, March 20 - 21, 2014) It is almost inevitable that mHealth solutions will be adopted across healthcare systems worldwide over the next decade. What is less clear is the impact that mobile solutions are having and could have...

Cyber Security for Energy & Utilities (, January 1, 1970) Following the rapid evolution of the cyber and digital world, IT Security Directors, Information Security Directors, Chief Security Officers, Chief Information Officers and many more will gather at the...

Veritas 2014 (, January 1, 1970) At Veritas 2014, hear directly from the big data experts in top tier retail finance who are now implementing strategy and starting to yield real commercial value. Experts dedicated to Big Data in the...

Black Hat Asia (, January 1, 1970) Black Hat is returning to Asia for the first time since 2008, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four...

SEC Cybersecurity Roundtable (Washington, DC, USA, March 26, 2014) The Securities and Exchange Commission today announced that it will host a roundtable next month to discuss cybersecurity and the issues and challenges it raises for market participants and public companies,...

Cyber Security Management for Oil and Gas (, January 1, 1970) Attend to gain cutting-edge information from oil and gas cyber security experts on: Using the very latest in intelligence techniques to find and neutralize the newest threats in time. Preventing security...

ISSA Colorado Springs — Cyber Focus Day (Colorado Springs, Colorado, USA, March 27, 2014) Join us for the Information Systems Security Association (ISSA) — Colorado Springs Chapter — Cyber Focus Day set to take on Thursday, March 27, 2014 at Colorado Technical University (CTU).

Financial Incentives for Cybersecurity Businesses (Elkridge, Maryland, USA, March 27, 2014) Learn the details and take the opportunity to ask questions of leading experts on how to apply for tax credits (Cyber Tax Credits, Research Tax Credits, Security Clearance Tax Credits, Secured Space Tax...

CyberBiz Summit (Linthicum, Maryland, USA, March 28, 2014) Learn first-hand how to get your cyber business started, how to raise capital, and what to do to make it happen. Join us for four informative sessions, networking and breakfast at the BWI Westin on Friday,...

Corporate Counter-Terrorism: the Role of Private Companies in National Security (Washington, DC, USA, March 28, 2014) The 2014 American University Business Law Review Symposium will address the growing role of corporate America in governmental counter-terrorism programs, including the bulk metadata and PRISM surveillance...

SyScan 2014 (Singapore, March 31 - April 4, 2014) SyScan is a deep knowledge technical security conference. It is the aspiration of SyScan to congregate in Asia the best security experts in their various fields, to share their research, discovery and...

Interop Conference (, January 1, 1970) Interop Conference sessions help you find actionable solutions to your current IT headaches and plan for future developments.

NSA Hawaii (, January 1, 1970) Be a part of the 2nd Annual Information Technology Expo set to take place at the new National Security Agency (NSA) Regional Operations Center in Wahiawa, HI. The event is being sponsored once again by...

InfoSec World Conference & Expo 2014 (, January 1, 1970) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen...

NIST IT Security Day (Gaithersburg, Maryland, USA, April 8, 2014) The Office of the Chief Information Officer, OCIO, is hosting NIST IT Security Day as a means to heighten awareness for all NIST users on the many aspects of operational information technology security...

IT Security Entrepreneurs Forum (ITSEF) 2014 (, January 1, 1970) IT Security Entrepreneurs Forum (ITSEF) is SINET's flagship event, designed to bridge the gap between the Federal Government and private industry. ITSEF brings unique value to the Cybersecurity community...

Women in Cyber­security Conference (Nashville, Tennessee, USA, April 11 - 12, 2014) WiCyS is an effort to bring together women (students/faculty/researchers/professionals) in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring.

Suits and Spooks San Francisco (, January 1, 1970) S3+: Surveillance, Security, Sovereignty and other Critical Issues. Not another hacker conference. Suits and Spooks is a unique gathering of experts, executives, operators, and policymakers who discuss...

East Africa Banking and ICT Summit (Kampala, Uganda, April 25, 2014) The global event series for Banking and ICT Summit enters its third year. The summit will continue to provide delegates with technical & practical sessions, lectures and showcase for banking and ICT innovations,...

National Collegiate Defense Cyber Competition (, January 1, 1970) Registration for the 2014 CCDC season is underway! Visit your region's website or contact your regional for registration and competition information.

InfoSecIndy (Indianapolis, Indiana, USA, April 26 - 27, 2014) Join us on April 26-27, 2014 in Indianapolis, Indiana for the premier Midwest Information Security and Digital Forensics Conference.

Infosecurity Europe 2014 (, January 1, 1970) Infosecurity Europe is Europe's number one Information Security event. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and over 12,000...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.