skip navigation

More signal. Less noise.

Daily briefing.

Russian arms export agency Rosoboronexport denies it lost any sensitive data in a cyber attack it sustained some two weeks ago at the outset of the crisis in Crimea. The US looks into its electronic surveillance performance during that crisis.

Algeria's election season opens with a round of cyber attacks on campaign sites.

Microsoft warns that a Word zero-day is being actively exploited in the wild. Targeted attacks are using booby-trapped RTF files to gain control of compromised machines via a memory corruption bug. Word 2010 is principally affected, but other versions are also affected: Word 2003, 2007, and 2013 for Windows; Microsoft Office for Mac 2011; and multiple versions of Microsoft SharePoint Server. Viewing an email in an Outlook preview pane can be sufficient to infect a device. Microsoft has issued notes on mitigation.

GitHub developers may have revealed their AWS keys.

Distributed denial-of-service campaigns reappear. Researchers claim to have found a DDoS exploit for Android. Hootsuite is back online, but Basecamp is subjected to an extortion-motivated DDoS attack.

BitCrypt malware combines ransomware with Bitcoin theft. A new Android malware family (ANDROIDOS_KAGECOIN.HBT) mines Bitcoins, Litecoins, and Dogecoins. And Blockchain users are phished for Bitcoins.

MH370 seems not to have been hacked, but concerns about avionics vulnerabilities remain.

Business leaders call for more threat information sharing.

Palo Alto Networks buys Cyvera for $200M (and sees its share price take a hit).

China demands an explanation of alleged US Huawei hacking.

The US Administration and Congress seem poised to limit surveillance.

Notes.

Today's issue includes events affecting Algeria, Australia, China, France, India, Israel, Malaysia, Russia, Switzerland, Turkey, Ukraine, United Arab Emirates, United Kingdom, United States..

Cyber Attacks, Threats, and Vulnerabilities

Rosoboronexport Denies Loss of Confidential Data in Cyber Attack (Defense World) Rosoboronexport today denied any loss of confidential data that was said to be the result of a targeted cyber attack a fortnight ago

U.S. Scurries to Shore Up Spying on Russia (Wall Street Journal) In Crimea, Russia may have gotten a jump on West by evading U.S. eavesdropping

Bouteflika website cyber attack as Algeria vote campaign opens (BizCommunity) President Abdelaziz Bouteflika's website was inaccessible Sunday at the start of campaigning for Algeria's 17 April election as his camp reported a cyber attack

Zero-day vulnerability in Microsoft Word under active attack (Ars Technica) People using Word 2010 with Outlook should take immediate action, company warns

Just previewing an Outlook email could infect your computer. Microsoft warns of zero-day flaw (Graham Cluley) RTF? WTF! Microsoft hasn't patched against this zero-day vulnerability yet, which is actively exploited by malicious hackers

10,000 GitHub users inadvertently reveal their AWS secret access keys (Help Net Security) GitHub developers who are also Amazon Web Services users are advised to check the code they made public on their project pages and to delete secret access keys for their AWS account they may have posted inadvertently

Malicious apps can hose Android phones, erase data, researchers warn (Ars Technica) Denial-of-service exploit may also work against official Google Play market

Blackmail DDOS Attack Takes Out Major Online Chat Service (Gizmodo) The popular group chat system Campfire is currently being nailed with a DDoS attack. Turns out some blackmailing hackers are trying to extort money from the provider. They're refusing to negotiate

Attackers to Basecamp: If you ever want to get back online, pay us or else (Ars Technica) Site fights back against extortion-motivated denial-of-service assaults

Hootsuite Back Online Following Denial of Service Attack (Threatpost) Social media management system Hootsuite recovered rapidly from a denial of service (DoS) attack late last week, bouncing back after only being offline for a few hours Thursday morning

Ransomware and Bitcoin Theft Combine in BitCrypt (TrendLabs Security Intelligence Blog) CryptoLocker and other such ransomware threats have been a significant problem for some time now, but recently we've seen a new addition to the ransomware scene. This new threat, which calls itself BitCrypt, adds a unique angle to ransomware: it steals funds from various cryptocurrency wallets as well

Mobile Malware Mines Dogecoins and Litecoins for Bitcoin Payout (TrendLabs Security Intelligence Blog) Recently, other researchers reported that a new Android malware family (detected as ANDROIDOS_KAGECOIN.HBT) had cryptocurrency mining capabilities. Based on our analysis, we have found that this malware is involved in the mining for various digital currencies, including Bitcoin, Litecoin, and Dogecoin. This has real consequences for users: shorter battery life, increased wear and tear, all of which could lead to a shorter device lifespan

Bitcoin phishing attack targets Blockchain users (Graham Cluley) If you're an advocate for the Bitcoin digital currency be on your guard, because phishers are after your cash

Guess Who's Spying on Huawei? (Slate) The New York Times reported over the weekend, based on files provided by Edward Snowden, that the National Security Administration has been hacking into the servers of Chinese telecommunications giant, Huawei. The story is not particularly surprising, though it is somewhat ironic given that for years, the U.S. government has been warning that Huawei's servers aren't safe given the risk of spying by Chinese intelligence

Vodafone, Airtel and Idea may have been compromised by National Security Agency (dna india) GSM players Vodafone, Airtel and Idea, which use Huawei equipment, may have been compromised by the National Security Agency (NSA), the spy unit of the US

The Mobile Cybercriminal Underground Market in China (Trend Micro) Places in the Internet where cybercriminals converge to sell and buy different products and services exist. Instead of creating their own attack tools from scratch, they can instead purchase what they need from peers who offer competitive prices. Like any other market, the laws of supply and demand dictate prices and feature offerings. But what's more interesting to note is that recently, prices have been going down

How to steal a Facebook page, with help from Mark Zukcemberng (Graham Cluley) Reader "Jeremy M" has got in touch, with an amusing example of an attempted attack that has been seen on Facebook

Employee with Minnesota-based insurer risks data of 38K members (SC Magazine) Roughly 38,000 members of Minnesota-based HealthPartners may have personal information at risk after an employee brought home electronic files containing the data, showed the files to a family member for help with formatting, and transferred the files to their own devices, between 2008 and 2010

Malaysia Airlines Flight MH370: Are planes vulnerable to cyber-attack? (Christian Science Monitor) Malaysia Airlines Flight MH370, the Boeing 777 that Malaysia says went down in the Indian Ocean, likely was not the target of a cyber-attack, experts say. But, they add, the vulnerabilities of such planes are quite real

Black Market for Malware and Cyber Weapons is Thriving (Foreign Policy) The world of computer hackers who sell stolen credit card numbers, spyware, and cyber weapons is often likened to an "underground," a word that implies the existence of a place cut off from most Internet users and existing in a corner of the Web that most people never see. But a new report concludes that the markets actually function more like thriving bazaars subject to the same economic forces as legitimate stores. And just like those legitimate stores, the bazaars aren't that hard to find

Bulletin (SB14-083): Vulnerability Summary for the Week of March 17, 2014 (US CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information

Security Patches, Mitigations, and Software Updates

Microsoft security advisory: Vulnerability in Microsoft Word could allow remote code execution (Microsoft Support) Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security advisory contains additional security-related information

Now Tumblr gets two-factor authentication, boosts security for users against account hijacks (Graham Cluley) Tumblr has today announced a new feature, which I would urge all users to consider enabling

Isn't It Time Oracle Gave Us Monthly Security Updates for Java? (Lumension) In some ways, it could be argued that Java is an incredible success. I'm serious. Stop laughing at the back. You see, according to Oracle, Java's developer, the product is used on over 3 billion different devices worldwide. That *is* impressive. But, for those of us concerned with securing systems and keeping computer data safe, it's been a nightmare

Cyber Trends

Gulf nations must unite to fight cyber threats, says former FBI chief (The National) Cooperation is key when it comes to tackling the constantly adapting threat from cyber criminals. That was the advice given by the former FBI cyber security unit chief, Don Codling, at a conference in Abu Dhabi

How Companies—Together—Can Stop Cyberattacks (Wall Street Journal) Millions of consumers were impacted by recent large-scale credit-card data breaches at retailers. These breaches have resurrected the issue of cybersecurity for policy makers. The financial-services sector has successfully tackled cyberattacks for decades, but consumers interact with many others in the "payments ecosystem" when making purchases. The security of cybersystems is only as strong as the weakest link in the system

Have you sold your online soul for a mess of potage? (ComputerWeekly) It is not just smart TVs that require you to agree to global surveillance by you technology or service provider and those to whom they decide to provide information. Do you care?

Shift in big data: From standalone product to 'feature inside' (FierceBigData) For a while now, big data has steadily become the root of decision-making in every aspect of business. It should come as no surprise then that its emerging ubiquity would move it to feature rather than standalone status—that it would become part of all software. Movement on that front is already in evidence. Here is what's happening now

Momentum of big data overwhelms experts' expectations (FierceBigData) Even the most accomplished experts in the big data field have been taken aback and completely overwhelmed by how fast and drastically big data is changing our lives. While change has always been the only constant, change this constant and on this scale is a completely new experience

These companies are mining the world's data by selling street lights and farm drones (Quartz) Few tech bigwigs get excited about disrupting nitty-gritty municipal markets like street lighting. Even fewer have ever set foot on an actual farm, much less thought of technology designed for one. But the boring world of basic needs and utilities hides huge opportunity for tech's favourite revenue source: data

Marketplace

Intelligence community IT integration contract could be worth $6B (FierceGovIT) Federal intelligence agencies could spend up to $6 billion over five years on a wide-ranging information technology contract aiming to integrate IT services into a common environment

Polish Government Announces $100M Fund To Support Ukrainian Startups (TechCrunch) Poland is to put $100 million (300 million Zloty) into supporting small Ukrainian companies, which will obviously include tech companies by implication, and allow more Ukrainian companies to list on its stock exchange. "We do this to support the new Ukrainian industry, new business and build a new middle class," sad President Bronislaw Komorowski told Polish newspaper Gazeta

Palo Alto Networks To Acquire Cyvera For Approximately $200 Million (Dark Reading) Cyvera provides cyberdefense solutions that protect organizations from sophisticated, targeted cyberattacks

Palo Alto Networks to buy Israeli cybersecurity firm (Reuters via the Chicago Tribune) Palo Alto Networks Inc , which makes firewalls to protect companies from cyber attacks, said it would buy a tiny Israeli security firm, Cyvera, for about $200 million in a move that some analysts expect will crimp profits over the next few years. Palo Alto's shares fell as much as 7 percent in late morning trading

Don't Fiddle While FireEye Burns… (Nasdaq) FireEye's (FEYE) rising stock price brings back vivid memories of my tenure at Goldman Sachs during the Internet bubble. A stock would be deemed "cheap", because it was trading at only 30x revenue (while its peers were trading at 40x). I thought those days were over. Yet, FEYE (a fairly recent IPO) now trades at roughly 30x 2014 revenue (at the time of publication in PTT). As a former portfolio manager, I can't justify this on any metric. In my recollection, investors have never been able to make money on established companies trading at 30+ times projected revenue

Application Software Industry Announce Survey Results and New Applications - Analyst Notes on FireEye, Splunk, Red Hat, CommVault Systems, and Intuit (MarketWatch) Today, Analysts Review released its analysts' notes regarding FireEye, Inc. FEYE +1.97%, Splunk, Inc. SPLK +0.23%, Red Hat, Inc. RHT -0.01%, CommVault Systems, Inc. CVLT -0.01%, and Intuit Inc. INTU -0.02%. Private wealth members receive these notes ahead of publication

Phoenix Datacom to augment digital forensics capabilities for UK Government Departments and Enterprise customers (Digital Journal) Phoenix Datacom, the UK's most technically competent provider of solutions and professional services to enhance the performance and security of networks and applications has partnered with Guidance Software — recognised industry leader for digital investigative solutions

BAE Systems Unit To Hire 300 High Technology Graduates In Two Years (Bernama) BAE Systems Applied Intelligence is ramping up its cyber intelligence operations in Malaysia by hiring 300 high technology graduates in the next two years

Microsoft set to roll out anti-cybercrime strategy in Europe (ComputerWeekly) Microsoft plans to expand its botnet disruption strategy beyond the US through public-private partnerships (PPPs) in Europe and other regions of the world

Microsoft to Include Itself in Future Transparency Reports (InfoSecurity Magazine) Microsoft has stated that it conducted a search of the emails of one of its own users while looking for the source of stolen Windows IP. It did this on its own cognizance without prior court order. Details became available court filings accusing a previous employee of the 'Theft of Trade Secrets'

Microsoft Says: Come Back with a Warrant, Unless You're Microsoft (EFF via infosec island) EFF has long argued that law enforcement agencies must get a warrant when they ask Internet companies for the content of their users' communications. In 2013, as part of our annual Who Has Your Back report, we started awarding stars to companies that require warrants for content. It is now unclear whether Microsoft, one of our inaugural "gold star" companies in that category, is willing to live by its own maxim

Worried about the government? Internet giants also dip their hands in the cookie jar (IT World) Security protections have been tightened at many of the major online services, as firms like Google and Microsoft pledge to protect their users against unwanted prying eyes. But while many people fret about unwarranted government access to their data, the Internet firms themselves play by their own set of rules

Newest bug bounty touts $10K rewards, appeals for help in finding Flash flaws (ComputerWorld) Vulnerability broker mocks talk of "heroes" who find bugs

Former FBI Director Mueller Joins Wilmer (Legal Times) Former Federal Bureau of Investigations Director Robert Mueller III has joined Wilmer Cutler Pickering Hale and Dorr as an equity partner, the firm said Monday

Products, Services, and Solutions

Former NSA And Google engineers Launch A New And More Secure Disconnect Search (Dark Reading) Disconnect Search protects users' privacy in four ways

Lumeta Announces Integration With Allgress (Dark Reading) Integrated solution includes centralized data store

Lancope Unveils New Version of StealthWatch System (Dark Reading) StealthWatch 6.5 delivers enhanced usability and security analytics

Privus: Fully Encrypted Email, Chat and Texting made Simple (Kickstarter) An absolutely uncrackable encrypted email service that's as easy to use as Gmail, and lets you keep your existing email address

Trend Micro extends mobile security portfolio (ITWeb) Internet security company Trend Micro has unveiled a set of solutions to combat the unprecedented array of cyber attacks that are continually victimising individuals and enterprises via mobile platforms

Foundation to fight cybercrime by offering free advice on domain-name security (NetworkWorld) Goal of Secure Domain Foundation is help domain name registrars and others adopt best security practices

Product pitch: ForgeRock Identity Relationship Management (Help Net Security) In this product pitch recorded at RSA Conference 2014, Daniel Raskin, VP of Marketing at ForgeRock, talks about Identity Relationship Management

Multiven Launches Pearl Guard to Defend IT & Network Devices Against Cyber-Attacks (WebWire) Multiven today launched Pearl Guard, a new service offering that provides businesses, telcos, government agencies as well as owners and operators of Internet-enabled devices with during-breach expert technology support to defend against any computer network attack, restore software configurations and replace damaged equipment within 24 hours of a cyber-attack

WhiteHat Releases Aviator Browser for Windows (Threatpost) Keeping Web sessions private and secure can be a daunting task, especially for users who may not be so familiar with how to lock down their browsers, but WhiteHat Security is trying to make that process simpler with the release of a beta version of its Aviator browser for Windows

A thin lifeline for XP users: New Malwarebytes suite will support the older OS (CSO) The new Anti-Malware Premium suite unites five technologies under a new interface, including a behavior-based detection engine

Technologies, Techniques, and Standards

How To Secure Your WordPress Website From Hackers (Forbes) Millions of websites are powered by WordPress software and there's a reason for that. WordPress is the most developer-friendly content management system out there, so you can essentially do anything you want with it. Unfortunately, that has some downsides as well

Integrating Physical Security Sensors (Internet Storm Center) I have been playing for a few years now with different network connected devices. As a "security guy", a lot of this research has been about vulnerability in these devices, or what we sometimes call the "Internet of Things". Over the years, I also learned to appreciated the ability of these devices to deliver physical context to some events that I may see in my logs, and I started to add the state reported from some of these devices to my syslog collector feeding into my SIM (right now not a full SIM, but Splunk for the most part).

Prezi Got Pwned: A Tale of Responsible Disclosure (Engineering at Prezi) The emails that arrive in a security engineer's inbox can be put into three broad categories

Research and Development

Academics Spy Weaknesses in Bitcoin's Foundations (MIT Technology Review) One thing cannot be disputed about the person (or persons) responsible for creating Bitcoin: they were skilled in math, and expert at coding. Five years after the Bitcoin software was first released, no major fixes have been needed to the core code, which uses cryptography to generate and transfer virtual money

Why Google Glass security remains a work in progress (CSO via TechHive) University researchers' recent experiment with spyware for Google Glass has demonstrated that lots of security work remains before the head-mounted computer eyepiece is available for consumers

Cybersecurity Lies Take Longer than Cybersecurity Truth (SIGNAL Magazine) Attacks on a computer's Basic Input/Output System (BIOS) do not receive a lot of attention, and protecting against them is often not a priority, but they are on the rise, say researchers at The MITRE Corporation, a not-for-profit research organization funded by the U.S. government. The MITRE team is developing tools to protect against BIOS attacks and is searching for organizations to help evaluate those tools

Academia

Slideshow Outlines Cyberwar Training for Chinese Students (Epoch Times) Computer science students in China are exhorted to "shoulder the responsibility of safeguarding [China's] cyber sovereignty, and engage in the arduous task of cyber battle," according to an "Introduction to Computing" presentation from China's East China University of Science and Technology

Cyber Security Research Alliance Initiates First Research and Development Projects with Drexel University and George Mason University (IT Business Net) The Cyber Security Research Alliance (CSRA) today announced the selection of its first academic research partners who will work together to advance cyber physical system security in transportation vehicles, medical devices and the power grid. Drexel University and George Mason University will begin their research with a survey and taxonomy

UD hires national defense expert Starnes Walker to lead new cybersecurity initiative (Broadway World) UD hires national defense expert Starnes Walker to lead new cybersecurity initiative The University of Delaware Cybersecurity Initiative (UDCSI), which emphasizes issues facing corporate America, has named a leading national expert as founding director

Legislation, Policy, and Regulation

Obama to Call for End to N.S.A.'s Bulk Data Collection (New York Times) The Obama administration is preparing to unveil a legislative proposal for a far-reaching overhaul of the National Security Agency's once-secret bulk phone records program in a way that — if approved by Congress — would end the aspect that has most alarmed privacy advocates since its existence was leaked last year, according to senior administration officials

Ruppersberger bill would end NSA bulk telephone data collection (Baltimore Sun) Rep. C.A. Dutch Ruppersberger, the top Democrat on the House Intelligence Committee, plans to introduce bipartisan legislation Tuesday that would end the National Security Agency's bulk collection of U.S. telephone and email data — the surveillance program that has drawn fire from privacy advocates, civil libertarians and some lawmakers since it was revealed last year

Obama reassures Internet CEOs on tech privacy (News Herald) A week before a self-imposed deadline for a review of National Security Agency programs, President Barack Obama sought Friday to assure leading Internet and tech executives that his administration is committed to protecting people's privacy

Opinion: The Feud Between the CIA and the Senate Is Not a Problem — It's a Glimmer of Hope (The Atlantic via Government Executive) Political reporters are often unaware of the assumptions baked into the stories they write. Take the dispute between the Senate Intelligence Committee and the CIA. Politico's latest on the subject: "Dianne Feinstein-CIA feud enters uncharted territory." Here is the lede

China calls on US to quit spying on its companies (The Hill) China is calling on the United States to explain its use of cyberespionage and to stop spying on its companies after a report revealed the National Security Agency hacked into the servers of a major Chinese company

Turkey Twitter ban is 'a losing battle', expert claims (BBC) The Turkish government is "fighting a losing battle" in banning social media network Twitter, experts have said. Locals continue to tweet via virtual private networks (VPN), anonymous web browser Tor and text messages, said security expert Rik Ferguson

Want to be anonymous? Now you have a right to be (Sydney Morning Herald) Australian citizens now have the right to remain anonymous or use a pseudonym when interacting with government agencies, private health service providers, and large organisations under new privacy laws

Reporting cyber attacks should be "a legal requirement" (SC Magazine) The opposition Labour party is calling for new laws to be introduced so that businesses are forced to report when they have been hit by a cyber attack

White House, Treasury officials to appear at SEC cyber security event (Reuters via the Chicago Tribune) Cyber security experts from the White House, Treasury Department and Department of Homeland Security will be among panelists appearing on Wednesday at a roundtable on the challenges hackers pose to public companies and financial markets

Advocates Seek 'Smart Regulation' of Surveillance Technology (Threatpost) Politicians and policy analysts, discussing the issue in a panel Monday, said that there is room for sensible regulation without repeating the mistakes of the Crypto Wars of the 1990s

Litigation, Investigation, and Law Enforcement

Twitter, Facebook sued for 'abusive' methods (The Local (French Edition)) A French consumer watchdog group announced on Tuesday it was suing Twitter, Facebook and Google for allegedly breaking France's privacy laws. The lawsuit is the latest in a battle over privacy protection on social networks in France

Facebook's online teen privacy argument challenged in California court (Naked Security) A long-running legal dispute that was settled is now bubbling up once again. Namely, the way that Facebook appropriates children and teen users' names and photos for "Sponsored Story" ads when users "Like" something, regardless of whether such users want to be seen as endorsing the subject of their thumbs-upping

Snowden's latest NSA claims strain credulity (FierceBigData) One of the more appalling things about the Snowden revelations is how quickly he was embraced as either hero or villain. In the court of public opinion, judgment is often made based on emotion and not much else. But now that the heat of the moment has passed, it's time to look at the evolving evidence with a more discerning eye. "As each new allegation about the National Security Agency's data-gathering capabilities hits the news, one has to wonder how much of it is true and how much is sensationalism," writes Wayne Rash in eWeek

U.S. notified 3,000 companies in 2013 about cyberattacks (Washington Post) Federal agents notified more than 3,000 U.S. companies last year that their computer systems had been hacked, White House officials have told industry executives, marking the first time the government has revealed how often it tipped off the private sector to cyberintrusions

California's DMV Investigates Card Processing Breach (InfoSecurity Magazine) When Brian Krebs learned of a private MasterCard warning being circulated to banks, he challenged the DMV — and only then did it issue a public statement that it was indeed investigating a potential security issue

Judge to porn trolls: IP addresses aren't people (Ars Technica) Adult film company Malibu Media has sometimes been called a "porn troll," or "copyright troll," because it has sued hundreds of people for allegedly illegal downloads of pornographic movies that it owns. Malibu is believed to have filed over 1,000 such lawsuits

When gov't spies fake your company's website, what can be done? (Ars Technica) Intel agencies' techno-impersonations wouldn't be immune from trademark law.

US gov't secures first-ever win against Android app pirates (Ars Technica) Two men could face a maximum sentence of 5 years in prison and a $250,000 fine

Stanford Hospital, Contractor to Pay $4.1 Million for 2010 Data Breach (eSecurity Planet) The breach exposed 20,000 emergency room patients' medical information

Judge Refuses to Dismiss Confession, Evidence in Reuters Employee Hacking Case (Wired) A federal judge has refused to dismiss a recorded confession and computer evidence collected in the case of Mathew Keys, a former Reuters employee accused of conspiring with members of Anonymous to hack his former employer

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

SOURCE (, January 1, 1970) The purpose of SOURCE Conference is to bridge the gap between technical excellence and business acumen within the security industry. SOURCE fosters a community of learning where business and security professionals...

Cyber Security for Energy & Utilities (, January 1, 1970) Following the rapid evolution of the cyber and digital world, IT Security Directors, Information Security Directors, Chief Security Officers, Chief Information Officers and many more will gather at the...

Fourth Annual China Defense and Security Conference (Washington, DC, USA, March 25, 2014) The Jamestown Foundation will hold its Fourth Annual China Defense and Security Conference on March 25 in Washington, D.C. In keeping with the Foundation's mission, the conference will focus on understanding...

Veritas 2014 (, January 1, 1970) At Veritas 2014, hear directly from the big data experts in top tier retail finance who are now implementing strategy and starting to yield real commercial value. Experts dedicated to Big Data in the...

Black Hat Asia (, January 1, 1970) Black Hat is returning to Asia for the first time since 2008, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four...

SEC Cybersecurity Roundtable (Washington, DC, USA, March 26, 2014) The Securities and Exchange Commission today announced that it will host a roundtable next month to discuss cybersecurity and the issues and challenges it raises for market participants and public companies,...

Cyber Security Management for Oil and Gas (, January 1, 1970) Attend to gain cutting-edge information from oil and gas cyber security experts on: Using the very latest in intelligence techniques to find and neutralize the newest threats in time. Preventing security...

Financial Incentives for Cybersecurity Businesses (Elkridge, Maryland, USA, March 27, 2014) Learn the details and take the opportunity to ask questions of leading experts on how to apply for tax credits (Cyber Tax Credits, Research Tax Credits, Security Clearance Tax Credits, Secured Space Tax...

ISSA Colorado Springs — Cyber Focus Day (Colorado Springs, Colorado, USA, March 27, 2014) Join us for the Information Systems Security Association (ISSA) — Colorado Springs Chapter — Cyber Focus Day set to take on Thursday, March 27, 2014 at Colorado Technical University (CTU).

Corporate Counter-Terrorism: the Role of Private Companies in National Security (Washington, DC, USA, March 28, 2014) The 2014 American University Business Law Review Symposium will address the growing role of corporate America in governmental counter-terrorism programs, including the bulk metadata and PRISM surveillance...

CyberBiz Summit (Linthicum, Maryland, USA, March 28, 2014) Learn first-hand how to get your cyber business started, how to raise capital, and what to do to make it happen. Join us for four informative sessions, networking and breakfast at the BWI Westin on Friday,...

Cyber Saturdays (Laurel, Maryland, USA, March 29, 2014) Are you a community college student with an interest in network security or information assurance? Would you like to test your skills in a fast-paced game environment? If so, one if Capitol College's upcoming...

Interop Conference (, January 1, 1970) Interop Conference sessions help you find actionable solutions to your current IT headaches and plan for future developments.

SyScan 2014 (Singapore, March 31 - April 4, 2014) SyScan is a deep knowledge technical security conference. It is the aspiration of SyScan to congregate in Asia the best security experts in their various fields, to share their research, discovery and...

NSA Hawaii (, January 1, 1970) Be a part of the 2nd Annual Information Technology Expo set to take place at the new National Security Agency (NSA) Regional Operations Center in Wahiawa, HI. The event is being sponsored once again by...

InfoSec World Conference & Expo 2014 (, January 1, 1970) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen...

NIST IT Security Day (Gaithersburg, Maryland, USA, April 8, 2014) The Office of the Chief Information Officer, OCIO, is hosting NIST IT Security Day as a means to heighten awareness for all NIST users on the many aspects of operational information technology security...

IT Security Entrepreneurs Forum (ITSEF) 2014 (, January 1, 1970) IT Security Entrepreneurs Forum (ITSEF) is SINET's flagship event, designed to bridge the gap between the Federal Government and private industry. ITSEF brings unique value to the Cybersecurity community...

Women in Cybersecurity Conference (, January 1, 1970) WiCyS is an effort to bring together women (students/faculty/researchers/professionals) in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring.

Suits and Spooks San Francisco (, January 1, 1970) S3+: Surveillance, Security, Sovereignty and other Critical Issues. Not another hacker conference. Suits and Spooks is a unique gathering of experts, executives, operators, and policymakers who discuss...

East Africa Banking and ICT Summit (Kampala, Uganda, April 25, 2014) The global event series for Banking and ICT Summit enters its third year. The summit will continue to provide delegates with technical & practical sessions, lectures and showcase for banking and ICT innovations,...

National Collegiate Defense Cyber Competition (, January 1, 1970) Registration for the 2014 CCDC season is underway! Visit your region's website or contact your regional for registration and competition information.

InfoSecIndy (Indianapolis, Indiana, USA, April 26 - 27, 2014) Join us on April 26-27, 2014 in Indianapolis, Indiana for the premier Midwest Information Security and Digital Forensics Conference.

Infosecurity Europe 2014 (, January 1, 1970) Infosecurity Europe is Europe's number one Information Security event. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and over 12,000...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.