skip navigation

More signal. Less noise.

Daily briefing.

Sino-Vietnamese maritime disputes continue to be fought in cyberspace, with China apparently playing offense. Media in other Southeast Asian countries lend a sympathetic ear to former US National Security Advisor Donilon's warnings concerning Chinese cyber threats.

Al Qaeda has apparently, as widely feared and reported, changed its communication tools after reading Snowden's leaks. But this may not be entirely a bad thing, as some observers note that a change to do-it-yourself crypto may have made the terrorist organization's communications easier to read: home-brew crypto seems, Schneier notes, to be "snake oil."

Dark Reading continues its series on Iran's "Ajax Security Team."

Polymorphic malware VOBFUS evolves into polylingual variants, the better to phish its way into targets' networks.

The cyber insurance market may be burgeoning, but it's still immature. AppRiver surveyed "security professionals" at the recent Infosecurity Europe expo and found them skeptical: coverage is expensive and they doubt claims would be paid. This suggests compliance-heavy clauses in policies and lack of consensus over risk management more than it does widespread experience of claims being denied.

That the business risk of cyber incidents is real none would deny. A study of consumer attitudes finds data breaches very damaging to brand reputation. Retailers take note and form R-CISC, the Retail Cyber Intelligence Sharing Center.

Some "anonymous" services hedge their promises: they'll reveal your identity to police, in response to subpoenas, etc., which shows the shakiness of anonymity secured by third parties.

The FBI hints major arrests in cyber cases are coming soon.

Notes.

Today's issue includes events affecting Bangladesh, Belgium, China, Germany, Iran, Netherlands, New Zealand, Spain, United Kingdom, United States, and Vietnam..

Cyber Attacks, Threats, and Vulnerabilities

Vietnam Government Sites Defaced by Chinese Hackers as Sea Tension Ignite (Nextgov) About 220 local Vietnamese sites were apparently affected

China Increases Cyber Attacks On Vietnam During South China Sea Dispute — Vietnam Fears All-Out Cyber War (Peace and Freedom) Vietnam's Internet system runs the risk of being paralyzed when Chinese hackers launch bigger attacks

Al-Qaeda's new homebrew crypto apps may make US intel-gathering easier (Ars Technica) NSA spying revelations led to development of three new encryption apps

On The Trail of An Iranian Hacking Operation (Dark Reading) The Iranian Ajax Security Team of hackers went from high-profile hacktivists posturing on Facebook to cyberspies encrypting stolen information from defense contractors

FCC Employees, is your Internet running sluggish today? (Nextgov) Some website operators are slowing down Federal Communications Commission employees' access to their sites in protest of potential paid Internet fast lane regulations. On Thursday, FCC Chairman Tom Wheeler is expected to release a proposal that would let broadband providers charge sites for bandwidth-heavy content

VOBFUS Evolves, Adds Multiple Languages (Security Intelligence Blog) VOBFUS malware is known for its polymorphic abilities, which allow for easy generation of new variants. We recently came across one variant that replaces these abilities for one never seen in VOBFUS malware before—the ability to "speak" several languages

Phishing campaigns target diverse webmail users at once (Help Net Security) Every now and then, phishers mount campaigns that simultaneously target users of different online services

Email Attackers Switch to 'Blitzkrieg' Tactics to Maximize Impact (Infosecurity Magazine) Agari TrustIndex reports cyber gangs are increasingly 'weaponizing' their malicious emails with sophisticated threats

New browser hijacker/click fraud malware threatens Windows users (Help Net Security) In its latest Security Intelligence Report, Microsoft has noted that malware designed to make money for the attacker via click fraud, performing Bitcoin mining, and redirecting search results, has been plentiful in the last quarter of 2014

Is Elderwood the digital arms dealer that fuelled attacks on Google? (The Guardian) Researchers believe group may have been selling attack code to cyber espionage hackers since 2009

Student who exposed Covert Redirect deflects findings away from ID protocols (ZDNet) What started out as hunting bug bounties eventually turned into Internet scare

Bangladesh Internet Domain '.bd' is vulnerable to Hacking, using outdated software (Hackers News Bulletin) Experts say that Bangladesh's own internet country code top-level domain ".bd" is one of the worst managed domains in the world

Antiwar.com Servers Hacked by Industrial Strength Malware (HackRead) Antiwar.com, a libertarian website known for its non-interventionism and war opposing views has its server hacked just few hours after launching its fundraising drive

Point DNS blitzed by mystery DDoS assault (The Register) DNS flood washes over company servers

DNS Flood of 1.5 Billion Requests a Minute, Fueled by DDoS Protection Services (Incapsula) Several days ago one of our clients became the target of a massive DNS DDoS attack, peaking at approximately 25Mpps (Million packets per second)

Social Science Site Using Azure Loses Data (InformationWeek) Dedoose, a data analytics system, suffered a failure on Azure that may mean three weeks of lost data for customers

The Emerging Threat to Satellite Communications (Threatpost) When new technologies or platforms emerge, they tend to follow a familiar trajectory in terms of security. The evolution typically goes through something like the following stages: Hey, look what we built; huh, no, we didn't think about that problem; we're very serious about security; ok, now we're actually serious about security

Security Patches, Mitigations, and Software Updates

PayPal Fixes Vulnerabilities In MultiOrder Shipping Application (SecurityWeek) PayPal has fixed a filter bypass flaw and a persistent input validation vulnerability affecting its MultiOrder Shipping application

Cyber Trends

Cyber Crooks Are Winning Tech War, And Silicon Valley Is Losing (Wall Street Journal) The area between San Jose and San Francisco is "one of the most attacked areas of the world"

Selling Your Bulk Online Data Really Means Selling Your Autonomy (New Republic) In March, a Dutch student called Shawn Buckles placed his personal data on the market. He offered to hand over all of his most intimate electronic matter—e-mails, health records, calendars, geolocational data—to the highest bidder. By mid-April, Buckles had received 53 offers. The winner of the auction was The Next Web, a popular site for technology news. It shelled out $480 for his data soul

Shadow IT: Honey Badger Better Care (InformationWeek) Use of Dropbox and other consumer services is exploding in enterprises, yet companies turn a blind eye to the security risks. This sends the wrong message to cloud service providers

Dispelling The Myths Of Cyber Security (Dark Reading) Perfect security that focuses on eliminating threats is too expensive and impossible to achieve. Better to think about consequence management

REUTERS SUMMIT-Lockheed says cyber attacks quadrupled since 2007 (Reuters) Lockheed Martin Corp, the No. 1 provider of information technology to the U.S. government and the top Pentagon supplier, said on Wednesday the number of sophisticated cyber campaigns aimed at its computer networks had more than quadrupled since 2007

New NSA Chief expects attacks attempting to damage, destroy critical infrastructure (Network World) Officials and experts talk privacy, security and cyberattacks at Reuters Cybersecurity Summit

U.S. must crack down on China's cyber threats (ComputerWorld) Donilon, speaking at the annual FOSE government IT conference, warned that continued "cyber-enabled economic theft" on the part of the Chinese imperils the half a trillion-dollar economic relationship between the two superpowers

Marketplace

Cyber liability insurance isn't worth the cost (Microscope) Cyber liability insurance isn't worth the paper it's written on according to the majority of security professionals canvassed at this year's Infosecurity Europe exhibition

Security Think Tank: Cyber insurance is a two-way street (ComputerWeekly) The idea of insurance is not to ensure that something happens, but to ensure that if something does happen, then the insured company will receive compensation to help remediate the situation. This pertains to physical health insurance or security health insurance

No Silver Bullets: Insuring Against Cyber Threats (Cyveillance) The information age has long outgrown its infancy, and the widespread adoption of new technologies and products mark a stronger developed environment today. Fittingly, this more mature landscape presents more seasoned solutions for challenges along the way. Cyber threats are one of the biggest challenges; they are here to stay, and they come in many different forms: from careless employees leaking information, technical failures, brand reputation issues, and online activism, to deliberate hacking attacks and industrial or state-sponsored espionage

Study: Data Breaches Make Huge Impact On Brand Reputation (Dark Reading) Consumers rank data breaches and poor customer service high in their effects on brand perception

Retailers Launch Cyber Info-Sharing Center (BankInfoSecurity) In the wake of large-scale data breaches against retailers such as Target, Neiman Marcus and Michaels, the Retail Industry Leaders Association has launched the Retail Cyber Intelligence Sharing Center in an effort to strengthen defenses against cyber-attacks and protect consumers

Hortonworks Buys Big Data Security Specialist, Will Donate IP to Apache (CIO) In an effort to provide a single-pane-of-glass view of data security, authorization, auditing and overall governance for Hadoop, Hortonworks has acquired big data security specialist XA Secure. The vendor says it plans to donate XA Secure's intellectual property to the open source community

Bad news for Cryptocat as it debuts Encrypted Facebook Chat (Help Net Security) Mere days after Cryptocat creator Nadim Kobeissi announced that the latest update of the popular software will allow Facebook users to use encrypted chat, the social network has made known its intention of shutting down its Chat API/XMPP Services by April 30th 2015

Battered Security Software Stocks That May Have 70% Upside (24/7 Wall Street) Sometimes despite good earnings and outlooks, great stocks get caught up in sell-offs like the one we experienced from late February through much of April. What started as biotech sell-off turned into an "anything momentum and rich" sell-off, which in some cases threw the proverbial baby out with the bath water. In a new report, the analysts at Oppenheimer point out that for most of the top security software stocks first-quarter earnings were very good. Their field checks and conversations with chief information officers suggest security remains a top spending priority, driven by complex network attacks and an increased regulatory environment

Scooplet: A New Cyberalliance (Politico) The Chertoff Group and Edelman are announcing a cybersecurity partnership later today for their financial services, energy, technology, health care and retail clients. Among a long list of services, the security consulting shop helmed by the former Homeland Security chief and the PR firm will team up to offer physical and cyber risk assessments, scenario planning and exercises, media training and vendor risk management assessments

OpenDNS Raises $35M From Cisco For Its Cloud-Based Enterprise Network Security As A Service (TechCrunch) Cloud-based enterprise network security company OpenDNS has raised $35 million in Series C funding from Greylock Partners, Sequoia Capital, Sutter Hill Ventures, Glynn Capital, Cisco, Evolution Equity, Lumia Capital, Mohr Davidow Ventures, and Northgate Capital. This brings the company's total funding to $53 million

Netskope Brings In $35 Million More As Cloud Security Competition Heats Up (TechCrunch) When it comes to understanding the profusion of applications employees are using to conduct business, IT departments are increasingly lost in the cloud

How much do cyberprofessionals rake in? (Washington Business Journal) Cyberprofessionals don't have it bad. But not all of them have it as good as some expected either

Products, Services, and Solutions

Whistleblowers Beware: Apps Like Whisper and Secret Will Rat You Out (Wired) Anonymously spilling personal gossip and corporate secrets online is all fun and games—until someone gets a subpoena

HOSTING Expands Security Offering With Latest Alert Logic Threat Manager Solution (MarketWatch) HOSTING, the leading managed cloud hosting provider for mid-sized enterprises, today announced availability of a new security offering delivered by longtime partner, Alert Logic, the leading provider of security-as-a-service solutions for the cloud

Is Comodo Antivirus better then Avast, Norton and BitDefender software? (Alpha Wired) Today we will discuss whether Comodo antivirus is better then the big dogs out there, such as avast, norton and bitdefender. We primarily picked the big 3 seeing as they rank the highest in the antivirus department

Fortinet Unveils FortiOS 5.2 to Fight APTs (ComputerWorld) This release incorporates numerous innovations that strengthen Fortinet's Advanced Threat Protection Framework, providing enterprises with a cohesive and coordinated way to combat Advanced Persistent Threats (APTs), zero-day attacks and other sophisticated malware

Qubitekk Unveils First Plug-And-Play Quantum Source For Emerging Quantum Computing And Quantum Cryptography Marketplace (MarketWatch) Device can significantly reduce the development time associated with emerging quantum computer designs. Can be used to produce quantum repeaters and quantum memory devices. First application is quantum encryption to protect critical infrastructure from cyber attack. Future applications unlimited. Developed by Dept. of Energy quantum entanglement scientist

LanGuard 2014 R2 comes with enhanced vulnerability assessment, patch management (Help Net Security) GFI Software released GFI LanGuard 2014 R2, the latest version of the company's comprehensive network vulnerability scanning and patch management solution

Technologies, Techniques, and Standards

NIST launches post-NSA review into crypto guidance (IT News) The United States National Institute of Standards and Technology (NIST) today said it has commenced a review of its cryptographic standards, following recent claims the country's National Security Agency deliberately weakened some of the encryption schemes it helped develop

NIST's dream: Integrating security into design (FCW) The National Institute of Standards and Technology hopes its new guidelines for IT security will beget a systems engineering process in which security is intrinsic to product design rather than an afterthought

Ron Ross dissects NIST's newest guidance — what it means for agencies (FierceGovernmentIT) The National Institute of Standards and Technology issued a new draft publication May 13, which aims to help agencies build or acquire IT systems with better security baked in from the start, by outlining best practices and recognized software engineering principals

Reining in out-of-control security alerts (CSO) Enterprises overwhelmed with security alerts have several options to reduce the noise, while improving network defenses

For protection against the next Heartbleed, look no further than FedRAMP (FierceGovernmentIT) Depending on where you stand, FedRAMP is a lot of things — a cloud certification process, a vetting tool for acquisition, but for agencies it could be a dependable line of defense against the next Heartbleed-like vulnerability

AusCERT 2014: 45 year-old Internet protocols need "re-programming", says Verizon VP (ComputerWorld) US national security policy vice president Marcus Sachs says the protocols were never designed for cyber threats

Locating ICS and SCADA Systems on .edu Networks with Shodan (Tripwire: The State of Security) I wrestled with a myself for a long time about whether or not to publish this article, but the time has come for education and action regarding exposed SCADA/ICS in the .edu sector. The goal of this post is to encourage security teams at .edus to proactively discover, enumerate, inventory and classify SCADA/ICS devices on their networks in order to mitigate risk. I assume no responsibility for misuse or impact arising from this sharing of information

Privacy, National Security and Mass Surveillance: the Role of Crypto (Tripwire: The State of Security) In the first article in this three-part series, we examined some of the contradictory elements regarding the government's "ability to use cyberspace" and how privacy concerns may hinder government's national security objectives, and in the second installment we discussed feedback from the CSFI membership regarding the conflict between security and privacy demands. In this final article in the series we will examine the role cryptography plays in the security vs. privacy debate

How to Catch a Hacker in the Act (Motherboard) "As today 25 March 2014, PayPal is launching a new survey program. All customers are welcome to participate this survey. The survey will take 5 minutes and for your effort and understanding PayPal will select most of the customers that takes this survey and reward them with £25.00." This is the usual sort of ungrammatical nonsense that pours into our email inboxes every day, asking the recipient to click on a malware-containing attachment that, hopefully, most of us know to ignore

DISA's push toward a mobility ecosystem (Federal Times) The organisms in an ecosystem coexist in a community that is a careful balance, inextricably linked to each other for their survival. In technology the use of "ecosystem" is a common metaphor, and while it's a little bit different, some of the central tenets are the same: a harmonious, shared environment that is sustainable, scalable and controlled

Research and Development

DARPA Sets Cyber Foundations with 'Plan X' (Defense Tech) Defense Advanced Research Project Agency leaders told lawmakers the agency is making progress with an ongoing cyber security project known as Plan X to increase cyber visibility and provide a new foundation for the fast-developing world of cyber warfare moving into the future

Academia

Landover pilot program teaches elementary students programming fundamentals (Gazette.net) William Paca sixth-graders design games, learn math concepts

American college students still aren't flocking to computer science (IT World) Despite the hot job market and competitive salaries, the share of Computer Science degrees as a percentage of BA degrees has remained essentially unchanged since 1981, according to data from the National Center for Educational Statistics' Digest of Educational Statistics. If history is any indication, it will take a cultural phenomenon to shift the percentage higher

Legislation, Policy, and Regulation

Condoleezza Rice defends NSA spying at tech conference (San Jose Mercury News) Hundreds of venture capitalists and entrepreneurs heard a rousing defense of the National Security Agency from former Secretary of State Condoleezza Rice, who on Wednesday vigorously worked to justify the security complex created during her tenure in the White House and lambasted recent whistle-blowing efforts to expose the agency's spying programs

It's sometimes okay for democracies to pretend that leaks do not happen (Washington Post) In recent days a storm has been brewing over the Office of Director of National Intelligence's (ODNI's) update to the regulations (more formally, the 'pre-publication review standard') its employees must follow prior to disclosing intelligence-related information

Internet NZ: PM needs to front up about GCSB links (New Zealand Herald) John Key needs to front up about the involvement of the GCSB in the National Security Agency's international spies' club, says the internet lobby group

Halvorsen Named Acting Defense Department CIO (SIGNAL) Terry Halvorsen, currently the U.S. Navy's chief information officer (CIO), will take over as the Defense Department's acting CIO in a week, a position vacated somewhat abruptly by Teri Takai when she announced at the end of April that she would be leaving the post by May 2

Litigation, Investigation, and Law Enforcement

ODNI and DOJ release additional declassified FISC filings and orders related to Section 215 of the USA Patriot Act (IC on the Record) Today the Office of the Director of National Intelligence and the Department of Justice released, in redacted form, a previously classified series of Foreign Intelligence Surveillance Court filings and orders from 2009-2010 concerning the collection of bulk telephony metadata under Section 215 of the USA Patriot Act. These documents relate to a robust interaction that occurred between the Department of Justice and a telecommunications service provider that included the provider's review of prior FISC applications, orders and opinions, regarding lawful compliance with those orders

U.S. revealed secret legal basis for NSA program to Sprint, documents show (Washington Post) Under threat of a court challenge, the Obama administration in 2010 revealed to Sprint the secret legal basis of a then-classified program that collected Americans' phone records by the billions for counterterrorism purposes, according to newly declassified documents and interviews

FBI plans cyber crime crackdown, arrests coming in weeks (Reuters) The FBI is getting more aggressive in pursuing cyber criminals and expects to announce searches, indictments and multiple arrests over the next several weeks, the agency's official in charge of combating cyber crime said on Wednesday

The Future of Crime: 8 Cyber-Crimes to Expect in Next 20 Years (Fox Business) Forget everything you think you know about crime. In the next 20 years, "traditional" crime as we know it today will be largely replaced by cyber-crime

Google and Facebook join forces to take down fake tech support scammers (Naked Security) Web giants Google and Facebook have announced that they recently took down 4,000 suspicious advertiser accounts linked to more than 2,400 tech support websites

Surprise! Google chairman blasts EU's privacy ruling (The Register) Press slavishly reports that take-down requests will engulf ad giant

Google Gets New Requests To Be 'Forgotten' Following Ruling, Plans Request Mechanism For Germany (TechCrunch) Google has already started to see a stream of new requests to be digitally "forgotten," following a ruling by the European Court of Justice on a complaint by a Spanish man seeking to have results related to his name and a property closure removed from the search engine were successful. It's not a good sign for Mountain View; these requests could quickly become a big new headache for the search provider to deal with, especially if these initial requests are representative of what's to follow

Arrests in international voice-phishing case (Help Net Security) Belgian and Dutch judicial and law enforcement authorities, supported by the European Cybercrime Centre (EC3) at Europol and Eurojust, have concluded an operation resulting in the arrest of 12 members of an organized crime group and the seizure of EUR 15,000 in cash and important digital evidence in a voice-phishing case

Hacker Sabu's Sentencing Delayed for Seventh Time (eSecurity Planet) Hector Xaxier Monsegur is now due to be sentenced on May 27, 2014

Police didn't publicise scale of hacking to protect victims, says NoW reporter (Guardian) Clive Goodman tells court names including Kate Middleton have only emerged now because they were not disclosed in 2006-7

Former Subway sandwich franchisee cops to $40,000 gift-card hack scheme (Ars Technica) Man used LogMeIn to access point-of-sale terminals of other shops, feds say

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Eurocrypt 2014 (, January 1, 1970) Eurocrypt 2014 is the 33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques. It is devoted to all aspects of cryptology.

SANS Security West (, January 1, 1970) SANS Security West will arm information security professionals with the necessary insight to prepare their organization for today and the future. Attendees will have the opportunity to advance their information...

INFILTRATE (, January 1, 1970) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Groundbreaking researchers focused on the latest technical issues will demonstrate techniques that you cannot...

Security BSides Denver 2014 (Denver, Colorado, USA, May 16, 2014) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...

Security Start-up Speed Lunch NYC (New York, New York, USA, May 19, 2014) Our goal for this inaugural event is to connect the most promising security startups in the world with decision-makers at aerospace, asset-management, banking, communications, defense, energy, healthcare,...

CEIC 2014 (Las Vegas, Nevada, USA, May 19 - 22, 2014) It's no exaggeration to say that CEIC is the biggest digital-investigations conference of its kind and the only one to offer hands-on lab sessions and training for practical skills development. From sessions...

The Device Developers' Conference: Bristol (Bristol, England, UK, May 20, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...

Mobile Network Security in Europe (London, England, UK, May 21, 2014) Following on from two successful events in the United States, this first Light Reading conference on Mobile Network Security in Europe will again focus on the key role of the network in safeguarding the...

Positive Hack Days (, January 1, 1970) Positive Hack Days is the international venue for the unification of progressive forces of the IT industry. It is about innovators interested in information security problems; it is fresh blood and bright...

Georgetown Law: Cybersecurity Law Institute (, January 1, 1970) A day does not go by where cybersecurity is not in the news. In fact, according to a recent national survey conducted by FTI Consulting, cybersecurity is the number one issue on the minds of general counsels...

NSA Mobile Technology Forum (MTF) 2014 (, January 1, 1970) The Mobile Technologies Forum is an annual event that attracts SIGINT, Information Assurance, HUMINT, Federal Law Enforcement, Counterintelligence and Government personnel from the United States, Australia,...

CyberMontgomery Forum: Center of Gravity (Rockville, Maryland, USA, May 22, 2014) Cybersecurity will be a major growth engine in the region for many years to come. With solid federal government, industry and academic assets already in place in the region, there is still a need to bring...

Cyber Risk Summit (Washington, DC, USA, May 22, 2014) This one-day leadership conference will provide a discussion forum for business executives, insurance companies and policymakers on more effective private and public responses to cyber risk management.

The Device Developers' Conference: Cambridge (Cambridge, England, UK, May 22, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...

Fort Meade Technology Expo (, January 1, 1970) The Ft. Meade Technology Expo is a one-day event held at the Officers' Club (Club Meade) on base. Industry vendors will have the unique opportunity to showcase their products and services to personnel...

3 Day Startup (San Antonio, Texas, USA, May 23 - 25, 2014) The nation faces tremendous challenges to our online security. Turn innovative ideas into startups that protect our information and our livelihood. 3 Day Startup is an entrepreneurship program designed...

CANSEC (, January 1, 1970) CANSEC is Canada's foremost defence tradeshow. A two-day event, CANSEC will feature 120,000 square feet of indoor exhibits by Canada's leading edge defence companies, as well as an outdoor static display.

Hack in The Box Security Conference (HITBSecConf) Amsterdam (, January 1, 1970) HITBSecConf Amsterdam is a gathering of network security professionals and enthusiasts who come from all corners of the globe to discuss the next generation of attacks and defense techniques. This is not...

Area41 (, January 1, 1970) Area41 is an international security technology and research conference offering both trainings/workshops and traditional presentation tracks.

The Device Developers' Conference: Manchester (Manchester, England, UK, June 3, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...

NSA SIGINT Development Conference 2014 (, January 1, 1970) This classified conference will focus on the preeminent intelligence issues facing those who are tasked with SIGINT as part of their mission. Over 1500 participants from the US intelligence community and...

The Device Developers' Conference: Scotland (Uphall, Scotland, UK, June 5, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...

The 2014 Cyber Security Summit (DC Metro) (Tysons Corner, Virginia, USA, June 5, 2014) The Cyber Security Summit, an exclusive conference series sponsored by The Wall Street Journal, has announced their inaugural DC Metro event. The event will connect C-Level & Senior Executives responsible...

MIT Technology Review Digital Summit (, January 1, 1970) The MIT Technology Review Digital Summit examines tomorrow's digital technologies and explains their global impact on both business and society. You'll get insider access to the innovative people and companies...

Cyber 5.0 Conference (Laurel, Maryland, USA, June 10, 2014) The mission of the Cyber Conference is to provide a forum for small and mid-sized businesses in Howard County and the region to access industry and government leaders with current information on cybersecurity...

Global Summit on Computer and Information Technology (, January 1, 1970) The summit is hosting multiple conferences in different areas of Computer & Information Technology. CIT is a major platform for researchers and industry practitioners from different fields of computer...

NRC Cyber Security Seminar/ISSO Security Workshop (Bethesda, Maryland, USA, June 16, 2014) NRC will be hosting its second NRC Semi-Annual All-Hands ISSO Workshop. This workshop will consist of computer security policy, standards, cybersecurity, guidance, FISMA compliance, and training updates.

2014 Spring National SBIR Conference (Washington, DC, USA, June 16 - 18, 2013) SBIR/STTR programs are the nation's largest source of early stage / high risk R&D funding for small business. At this conference you'll learn how to participate and compete for funding in these two programs...

18th Annual Colloquium for Information Systems Security Education (, January 1, 1970) The Colloquium recognizes that the protection of information and infrastructures that are used to create, store, process, and communicate information is vital to business continuity and security. The Colloquium's...

MeriTalk's Cyber Security Brainstorm (Washington, DC, USA, June 18, 2014) This second annual event will take place on Wednesday, June 18 2014 at the Newseum in Washington D.C. The event will bring together Federal cyber security experts to share best practices, collaborate on...

Suits and Spooks New York (, January 1, 1970) Not another hacker conference. Suits and Spooks is a unique gathering of experts, executives, operators, and policymakers who discuss hard challenges in a private setting over two days. Suits and Spooks...

SANSFIRE (Baltimore, Maryland, USA, June 21 - 30, 2014) For more than 10 years, the Internet Storm Center has been providing free analysis and warning to our community. SANSFIRE 2014 is not just another training event. It is our annual "ISC Powered" event.

26th Annual FIRST Conference (Boston, Massachusetts, USA, June 22 - 27, 2014) The Forum of Incident Response and Security Teams (FIRST) is a global non-profit organization dedicated to bringing together computer security incident response teams (CSIRTs) and includes response teams...

Gartner Security & Risk Management Summit 2014 (National Harbor, Maryland, US, June 23 - 26, 2014) The Gartner Security & Risk Management Summit is the only time when the entire Gartner analyst and security and risk management community come together in one location to bring the latest research, insights...

United Nations Interregional Crime and Justice Research Institute Cyber Threats Workshop (Turin, Italy, June 27 - 29, 2014) The United Nations Interregional Crime and Justice Research Institute (UNICRI) is organizing a series of workshops and short courses within the framework of the UNICRI Journalism and Public Information...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.