skip navigation

More signal. Less noise.

Daily briefing.

Thailand's imposition of martial law gives its military powers of censorship. Expect Internet restrictions, as well as information operations and retaliatory hacktivism.

Colombia's hacking scandal retains its legs in current electoral news.

Two major criminal indictments have significant policy, diplomatic, and cyber implications. China has, as expected, reacted strongly to US indictment of five PLA officers on charges they hacked US corporate networks. Chinese denials of wrongdoing are accompanied with harsh and direct tu quoque accusations of US economic cyber espionage. No one seriously expects PLA defendants to appear in the US District Court for the Western District of Pennsylvania, but the indictment is an unambiguous public rebuke to the Chinese government, to be considered as much a diplomatic as a legal action. Observers see the accusation as an attempt to shift discussion of cyber crime and cyber conflict away from surveillance and traditional espionage toward industrial spying and the economic damage it does. Chinese retaliation is seen as effectively inevitable: the banishment of Windows 8 from Chinese government computers is widely regarded as the first shot.

The second legal action is the roundup of BlackShades RAT distributors and customers. The BlackShades creepware kit enables many forms of remote access (most famously remote control of webcams). The arrests are notable because they attack the demand side of a criminal cyber market, and also because of the degree of international coordination involved, stretching from North America to Europe.

Other risks, of course, remain out there: ransomware, Heartbleed, and others. Stay safe.

Notes.

Today's issue includes events affecting Belgium, China, Colombia, European Union, Germany, Moldova, Netherlands, New Zealand, South Africa, Sweden, Thailand, United Kingdom, United States..

watch for the CyberWire's special coverage of Georgetown's Cybersecurity Law Institute, beginning tomorrow.

Cyber Attacks, Threats, and Vulnerabilities

What "martial law" in Thailand really means—censorship, selfies, and uncertainty (Quartz) The political discord that has shaken Thailand for months entered an uncertain new phase at dawn today, as the country's military declared martial law, granting itself broad powers to "suppress unrest" and take control of the country's public security

New 'hacker' scandal rattles Colombian presidential race (Miami Herald) A video that emerged over the weekend seems to show front-running presidential candidate Oscar Iván Zuluaga relying on classified information purportedly extracted from military intelligence and the U.S. Southern Command

Is one of the world's oldest viruses haunting the Bitcoin Blockchain? (Graham Cluley) If you're an IT greybeard you might recall the Stoned virus. It first appeared in 1987 at the University of Wellington, New Zealand, infecting floppy disks and the partition sector of hard disks

Embedded Devices Leak Authentication Data Via SNMP Community String (Threatpost) Researchers have discovered previously unreported problems in SNMP on embedded devices where devices such as secondary market home routers and a popular enterprise-grade load balancer are leaking authentication details in plain text

Heartbleed flaw lingers due to shaky response (TechTarget) More than a month after the world learned of the epic, headline-grabbing Heartbleed flaw, the severe OpenSSL vulnerability can still be found on hundreds of thousands of servers — and some other not-so-obvious spots — thanks to an inconsistent industry-wide response

More fake antivirus programs found in Google Play, Windows Phone Store (CSO) Mobile app stores lack the necessary mechanisms to prevent such scams, researchers from Kaspersky Lab said

Buggy iTunes 11.2 update opened serious security hole on Apple Macs (Graham Cluley) When Apple rolled out an updated version of Mac OS X this week I grumbled about the lack of information regarding what (if anything) was being fixed security-wise

Researchers discover critical flaws in the Chip and PIN system (Help Net Security) A group of researchers from Cambridge University have discovered two critical flaws in the "Chip and PIN" (EMV) smart card payment system that can be misused to "clone" cards so effectively that normal bank procedures won't spot the fake

Could your mobile voicemail system help hackers unlock your online accounts? (VASCO Blog) In 1993, Peter Steiner submitted a pen-and-ink cartoon to The New Yorker magazine, featuring two dogs at a desk. One of them is sitting in front of a computer screen and says to the other: "On the Internet, nobody knows you're a dog"

Malvertising Redirecting to Microsoft Silverlight Exploits (Threatpost) The fact that Netflix accounts for one-third of Internet traffic during peak evening hours, and that it runs on the Microsoft Silverlight platform, is just too tempting a combination for hackers to pass up

LifeLock pulls its Wallet apps and deletes user data after security scare (Graham Cluley) LifeLock, a firm which is supposed to help you protect yourself from identity thieves, has taken the drastic action of announcing that it is yanking its iPhone and Android apps

Rash of Recent Zero-days Linked Back to a Central Author (Infosecurity Magazine) Recent zero-day exploits can all be traced back to one exploit kit, dubbed Elderwood

Fitness apps are a "privacy nightmare", shedding personal data to the highest bidder (Naked Security) Lately, Zumba has been killing me. My right knee aches, and I swear I'll need a new hip within a few years

Kovter Adult Website Ransomware Doubles (Infosecurity Magazine) Damballa researchers warn malware redirects users to porn sites if none can be found in browsing history

When Networks Turn Hostile (TrendLabs Security Intelligence Blog) We've previously discussed how difficult it is to safely connect to networks when on the go. This is particularly true on vacations and holidays, where the availability of Internet access is one of the most important factors when looking for a place to stay. In fact, many holiday lodges and hotels today have made Wi-Fi access an integral part of their offered amenities. With all the fun and relaxation set before you, it is easy to take secure Internet access for granted

Beware of "Blackshades" (CNN via Fox2 Now) It is nicknamed "creepware," and more than half a million people around the world have been prey to its silent computer snooping

Home routers: Broken windows to the world (ComputerWorld) But it is a broken window, according to some top security experts, who say there is little that average consumers can do to protect themselves from skilled cyber attackers, even if they use rigorous passwords and encryption, because the software running the devices is obsolete and riddled with known vulnerabilities

Mid-2014 Tech Security Rundown: 5 Current Exploits Worth Knowing About (Hackers News) Since the days of the Morris worm, no computer that's connected to a public or even a private network has been safe from virus infections. Regardless of the precautions that you take, there will always be new security exploits to thwart. Being aware of the latest and greatest security exploits is the first step in combating them. Here are just a few of the security threats that have risen to prominence in recent months

Student data inadvertently posted online, accessible via Google search (SC Magazine) An undisclosed number of Pennsylvania-based Lake Erie College of Osteopathic Medicine (LECOM) students are being notified that their personal information — including Social Security numbers — was in spreadsheets that were inadvertently posted online by Hubbard-Bert, a benefits administrator for LECOM

Insider Breach Exposes 2,546 Blue Cross Blue Shield Members' Data (eSecurity Planet) Members' names, addresses, and credit card or bank account information may have been stolen by a former employee

Security Patches, Mitigations, and Software Updates

Google adds new security features to Google Apps (Help Net Security) Here is some welcome news for Google Apps Business, Government and Education customers: the company has implemented three new security features to protect them from phishing, hacking, and state-sponsored intrusions

Facebook Takes Tougher Stand Against BREACH Attack (Threatpost) The BREACH attack was the talk of Black Hat last summer. It was disclosed less than two months after the first Snowden leaks and helped renew focus on the security of online communication and the protocols guarding ecommerce and messaging

XMPP Mandating Encryption on Messaging Service Operators (Threatpost) Beginning today, the operators of instant massaging services that rely on the extensible messaging and presence protocol (XMPP) are expected to deploy encryption into the platforms they maintain

Cyber Trends

The Role of Intelligence in Network Defence (Context Information Security) The purpose of this white paper is to educate the reader on how threat intelligence can add substantial value to the security of a computer network as part of a wider cyber security strategy. The paper deals with understanding intelligence requirements, risks to an organisation's data, differentiating between threat intelligence vendors and implementing the intelligence feed to detect and investigate nefarious activity

Report on Cyber Security in the Banking Sector (New York State Department of Financial Services) Cyber attacks against financial services institutions are becoming more frequent, more sophisticated, and more widespread. Although large-scale denial-of-services attacks against major financial institutions generate the most headlines, community and regional banks, credit unions, money transmitters, and third-party service providers (such as credit card and payment processors) have experienced attempted breaches in recent years

Former NSA Director: Big Data is the Future (Nextgov) The National Security Agency has been in the business of collecting information for a long time, but technological advancements over the past decade are the primary driver of the intelligence community's ability to collect data on the grandest scale

The Surveillance State Doesn't Have to Be an Orwellian Nightmare (Motherboard) George Orwell, the sci-fi crowd, even elf-hugging J. R. R. Tolkien, warned of total surveillance powers concentrated in the hands of totalitarian spooks. Then Edward Snowden's revelations seemed to vindicate these dystopian predictions and aroused widespread recognition that our lives are becoming less and less private

Brits Most Worried About ID Theft and Bank Card Fraud (Infosecurity Magazine) Unisys research shows national security concerns pale in comparison to personal data exposure

Hiding under false sense of security (ITWeb) Many South African enterprises are labouring under the illusion that they are not at risk of being targeted by cyber criminals, and that traditional approaches such as anti-virus, perimeter and unified threat management solutions are still adequate, says StarLink SA sales manager, Wayne Donnelly

Education data mining puts kids' privacy at risk (Naked Security) Education technology, image courtesy of ShutterstockOur kids are being watched, and the gushing data streams they're emitting are getting analysed in granularity so minute, it puts data-mining companies like Facebook and Google to shame

Marketplace

Target cut former CEO's pay package by 37%, confirms his 'involuntary termination' (MarketWatch) After seeing its per-share profit fall for the first time in at least five years, Target Corp. cut its former Chief Executive Gregg Steinhafel's total compensation by about two-fifths and gave no bonuses to most of its top executives, a new filing shows

Are We Ready to Take These Breaches More Seriously Now? (SecurityWeek) For years, the security community and regulators have been warning that things are starting to get serious and that "plausible deniability" for executives no longer exists when it comes to lapses in network security. Some heeded the warnings, most did not, and as a result we are starting to see the ramifications of a tougher emphasis on security

Marc Andreessen: Tech companies are still fuming over the NSA (Washington Post) Almost a year after he released a flurry of documents showing the National Security Agency was collecting data on everyone from foreign leaders to U.S. citizens, Edward Snowden is still the predominant Washington story in the minds of tech executives who believe the controversy has caused damage to their businesses

Is FireEye About To Get Burned – Real Time Insight (Zacks via Nasdaq) Later this week, FireEye ( FEYE ) is going to see about 92 million shares that were locked up become available for sale. The stock is currently a Zacks Rank #4 (Sell), but let's take a look at what happened with Twitter ( TWTR ) and its lock up and take a look at the similarities

GE's $1 Billion Software Bet (MIT Technology Review) To protect lucrative business servicing machines, GE turns to the industrial Internet

The Cyber Corridor (Bossier Press) U.S. Senator Mary Landrieu (D-La) (center) and Department of Homeland Security Secretary Jeh Johnson (left) were in north Louisiana Friday to discuss just how this area is helping build Louisiana's cyber security work force and its plans to create high-paying tech jobs along the I-20 corridor. Landrieu and Johnson both praised Bossier Parish for its role along the 'cyber corridor' as a valued part of the nation's cyber defense movement

MacAulay-Brown, Inc. Welcomes Former Commander of Army Cyber Command Lieutenant General Rhett Hernandez to its Board of Advisors (Globe Newswire) MacAulay-Brown, Inc. (MacB), a leading National Security company delivering advanced engineering services and product solutions to Defense, Intelligence, Special Operations Forces, Homeland Security and Federal agencies, announced today that former Commander of Army Cyber Command (ARCYBER), Lieutenant General (Ret.) Rhett Hernandez has joined the company's Board of Advisors

Cellebrite Appoints Paul Battaglia SVP Mobile Forensic Sales for North America (Digital Journal) Public sector industry veteran tapped to expand company's market leadership position

Products, Services, and Solutions

Free encrypted mobile messaging app for iOS (Help Net Security) SRD Wireless launched PQChat, a free app for iOS designed to make communications between people and businesses as safe, secure and private as possible. NTS protects data using the McEliece cryptosystem, the strongest currently known

EnCase and ThreatGRID Integration Provides Deep Insight and Context Into Today's Cyber Threats (MarketWatch) ThreatGRID malware analysis and intelligence for EnCase reduces time for investigation and response

Invincea Launches Free Malware Discovery and Analysis Suite (Campus Technology) Invincea has released Invincea Research Edition, a malware discovery and analysis solution for the data forensics and incident response community. It's being offered for free to DF/IR professionals

TransVoyant and Praescient Analytics Announce Partnership to Deliver Joint Analysis Solutions (Digital Journal) Technology integration firm Praescient Analytics and TransVoyant™ LLC today announced the signing of a partnership agreement. The agreement enables Praescient to offer TransVoyant's cutting edge, cloud-based data streaming and decision analytics family of solutions

Check Point builds seven-armed threat-intelligence sharing alliance (NetworkWorld) Check Point gateways to tap into iSIGHT Partners, CrowdStrike, NetClean, PhishLabs, SenseCy, IID and ThreadGRID

Technologies, Techniques, and Standards

Cyber Security Regime Undergoing Changes (Insurancenewsnet) The rules governing the security of the information technology systems of contractors and the private sector are in a continual state of flux as the federal government struggles to get its arms around an ever-changing landscape. In February, the White House issued a voluntary cyber security framework to serve as a how-to guide

The sandbox trap: taking the fight to malware (TechRadar) Catching threats before they hit the network

Industrial wireless blackout looms (Help Net Security) With the intention of preserving bandwidth, the telecommunications industry has written a harmonized standard that does not allow industrial wireless control systems to function

Essential steps for implementing Data Loss Prevention (Help Net Security) In this podcast, recorded at Infosecurity Europe 2014, Raul Condea from CoSoSys talks about essential steps to take when implementing Data Loss Prevention (DLP)

Using ITOA to secure endpoints (Help Net Security) Businesses today invest heavily in security technology in an effort to protect the most vulnerable aspects of their IT infrastructure — the endpoints and end-user devices — in order to ensure compliance enforcement of corporate security policies and standards

Big data security analytics meets identity and access management (ComputerWorld) While most enterprise organizations have SIEM installed, they now realize that these venerable security systems cannot address today's dangerous threat landscape alone. As a result, many are adding network forensics and big data analytics systems for capturing, processing, and analyzing a whole bunch of additional security data

Research and Development

DARPA's cyberwarfare program critical to future of kinetic warfare, says Prabhakar (FierceGovernmentIT ) The Defense Advanced Research Projects Agency's cyberwarfare program, called Plan X, is one of the agency's highest priorities, said DARPA Director Arati Prabhakar

DARPA to Showcase Latest Cyber, Big Data Ideas (American Forces Press Service) The Defense Advanced Research Projects Agency will display more than 100 projects and 29 programs in the Pentagon's courtyard May 21 to demonstrate cybersecurity technologies and spark feedback from warfighters, a DARPA scientist said during a May 16 interview with the Pentagon Channel here

Legislation, Policy, and Regulation

China confronts U.S. envoy over cyber-spying accusations (Reuters via Yahoo! News) China summoned the U.S. ambassador the United States accused five Chinese military officers of hacking into American companies to steal trade secrets, warning Washington it could take further action, the foreign ministry said on Tuesday

Why is the latest China spy case so significant? (AP via CNY Central) The Obama administration has brought unprecedented criminal charges against five officials in the Chinese military for hacking into private U.S. companies' systems and stealing trade secrets. It was the first time the U.S. has revealed any evidence the Chinese government was going after American companies' private information for economic gain

The Attack of the Lawyers (Belmont Club) And Caesar's spirit, raging for revenge, With Ate by his side come hot from hell, Shall in these confines with a monarch's voice, Cry "Havoc!" and let slip the lawyers of war. Ok, that's not exactly what Shakespeare said in Act 3 of Julius Caesar, but that's what Obama said to Holder. The president has unleashed the Justice Department on Beijing's cyber-attackers

The US indictment of five Chinese army officers is really about redefining "cyberspying" (Quartz) The US government has indicted five Chinese military officials for hacking Western companies and stealing their trade secrets—"the fruits of our labor," in the words of assistant US attorney John Carlin. The lawsuit is unprecedented—the first ever brought against individual members of a government for economic espionage via hacking. And, legally speaking, it's pretty pointless

Caught Red-Handed (Foreign Policy) Washington is punishing China's cyber spies for the first time. Will Beijing come after U.S. spooks in response?

U.S. Indictment of Chinese Hackers Could Be Awkward for the NSA (Wired) It's no secret that the Chinese military represents a real threat to online security here in the U.S. Over the last several years, state-sponsored Chinese hackers have broken into hundreds of American targets—both inside the U.S. government and across the private sector. But when the Department of Justice announced criminal charges against five hackers working for China's military this morning, it came at an awkward time. After a year of revelations from ex-NSA contractor Edward Snowden, it's clearer than ever before that America's own government hackers have been running rampant through the world's networks

Cyber case puts more strain on US-China relations (AP via the Seattle Times) The indictment of five Chinese military officials on cyber espionage charges will intensify friction between Beijing and Washington that has been growing as China gets bolder in asserting its territorial claims in disputed seas in East Asia

China Bans Use of Microsoft's Windows 8 on Government Computers (Reuters via Re/Code) China has banned government use of Windows 8, Microsoft Corp's latest operating system (OS), in a blow to the U.S. technology company which has long been plagued by sales woes in the country

Adversaries Outpace US In Cyber War; Acquisition Still Too Slow (Breaking Defense) The United States invented the Internet, but we may not rule it any more. "We are certainly behind right now. We are chasing our adversary, for sure," one of the Air Force's top cyber warriors, Col. Dean Hullings, told an audience of about 350 here at the National Space Symposium's one-day cyber event

Should U.S. Hackers Fix Cybersecurity Holes or Exploit Them? (The Atlantic) Maybe someday we'll patch vulnerabilities faster than the enemy can use them in an attack, but we're not there yet

This NSA history has a familiar ring to it (Washington Post) The Senate report is called "National Security Agency Surveillance Affecting Americans," and describes the results of its investigation into "NSA's electronic surveillance practices and capabilities, especially involving American citizens, groups, and organizations"

NSA data-gathering may run into California roadblock (Reuters) The federal government would need a warrant from a judge if it wants the cooperation of California officials in searching residents' cellphone and computer records, under a bill making its way through the state legislature

FCC net neutrality proposals tackle internet fast lane — why no one is happy (Naked Security) Last week, the US Federal Communications Commission (FCC) came out with new proposals that could leave the door open for internet service providers to give preferential treatment to some traffic, in what has been called a "fast lane" for the internet

Litigation, Investigation, and Law Enforcement

INDICTMENT (US Department of Justice) Count One (Conspiracy to Commit Computer Fraud and Abuse) The Grand Jury charges: 1. From at least in or about 2006 up to and including at least in or about April 2014, members of the People's Liberation Army ("PLA"), the military of the People's Republic of China ("China"), conspired together and with each other to hack into the computers of commercial entities in the Western District of Pennsylvania and elsewhere in the United States

U.S. Charges 5 Chinese with Hacking (GovInfoSecurity) Five Chinese military officers have been indicted for hacking U.S. companies — incidents that had major consequences, including the shuttering of three American steel plants, U.S. Justice Department officials say

Chinese hackers targeted business partners as well as rivals, indictment alleges (Washington Post) In early February, Alcoa announced a "strategic partnership" with the Chinese state-owned aluminum company, Chinalco, in which the two would team up to buy $14 billion worth of shares in mining giant Rio Tinto

China Reacts Strongly to US Announcement of Indictment Against Chinese Personnel (Ministry of Foreign Affairs of the People's Republic of China) On May 19, Foreign Ministry Spokesperson Qin Gang made the following remarks regarding the US Justice Department's announcement of indictment against five Chinese military officers: On May 19, the US side announced indictment against five Chinese military officers on allegation of cyber theft. This US move, which is based on fabricated facts, grossly violates the basic norms governing international relations and jeopardizes China-US cooperation and mutual trust. China lodged protest with the US side right after the announcement, urging the US side to immediately correct its mistake and withdraw the "indictment"

China counters US claims with own charges of cyber-espionage (ComputerWorld) China said the U.S. accusations were based on "fabricated facts"

US And China Spy Row: Diplomatic Fallout 'Huge' (KLFM) America's decision to file charges against five Chinese individuals and to publish 'wanted' posters for them is as serious as it is historic

What to Expect From Charges Against Chinese Hackers: Nothing (Re/Code) The U.S. Department of Justice has secured criminal indictments against five active-duty members of the cyber warfare unit of China's People's Liberation Army. Here's what you should expect to happen as a result: Nothing meaningful

Here's What Chinese Military Cyber Hackers Allegedly Stole From US Companies (Business Insider) A U.S. grand jury in Pennsylvania indicted five Chinese military officials on 31 counts involving cyber espionage, Attorney General Eric Holder said Monday

How 5 Chinese hackers stole American companies' most closely-guarded secrets (ITProPortal) 208 Datong Road is a nondescript concrete high rise on one of Shanghai's busiest roads. Amid the lingering smog rising like mist off the honking lines of traffic, and the trains screeching to a halt in the nearby main railway station, this building doesn't look like much. But this is exactly where five members of an elite People's Liberation Army group codenamed Unit 61398 were assigned to hack into some of the largest companies in the United States of America

Why is the U.S. Going After Chinese Hackers? Jobs (NBC News) The Obama administration is turning up the heat on Chinese government hackers over allegedly stealing trade secrets that cost U.S. companies billions of dollars each year and undercut American jobs

'The New Normal': US Charges Chinese Military Officers With Cyber Espionage (Dark Reading) The US Department of Justice and the FBI indict five members of the Chinese military for allegedly hacking and stealing trade secrets of major American steel, solar energy, and other manufacturing companies, including Alcoa, Westinghouse Electric, and US Steel

Malware tapped into webcams and spied on victims, prosecutors say (Los Angeles Times) Hackers who paid $40 for a sinister software program called Blackshades stole sexually explicit photographs from personal computers, trained victims' webcams on them using a remote access tool, and even sent threats to victims who tried to block the online intrusions, prosecutors said Monday as they announced charges against users of Blackshades

Malware Takedown Leads to 80 Arrests (BankInfoSecurity) More than 80 individuals have been arrested for their alleged involvement in the creation, distribution and use of the BlackShades malware. The two-day roundup operation, which took place in 16 countries, was led by Belgian and Dutch judicial and law enforcement authorities and also involved the U.S. Federal Bureau of Investigation

BlackShades cybercops demonstrate improving global cooperation (CSO) The 16-country operation that led to almost a 100 people suspected of trading in BlackShades malware show law enforcement is getting better at sharing information, coordinating international raids

'Blackshades' Trojan Users Had It Coming (Krebs on Security) The U.S. Justice Department today announced a series of actions against more than 100 people accused of purchasing and using "Blackshades," a password-stealing Trojan horse program designed to infect computers throughout the world to spy on victims through their web cameras, steal files and account information, and log victims' key strokes. While any effort that discourages the use of point-and-click tools for ill-gotten gains is a welcome development, the most remarkable aspect of this crackdown is that those who were targeted in this operation lacked any clue that it was forthcoming

Secrets, lies and Snowden's email: why I was forced to shut down Lavabit (The Guardian) For the first time, the founder of an encrypted email startup that was supposed to insure privacy for all reveals how the FBI and the US legal system made sure we don't have the right to much privacy in the first place

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

CEIC 2014 (Las Vegas, Nevada, USA, May 19 - 22, 2014) It's no exaggeration to say that CEIC is the biggest digital-investigations conference of its kind and the only one to offer hands-on lab sessions and training for practical skills development. From sessions...

The Device Developers' Conference: Bristol (Bristol, England, UK, May 20, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...

Mobile Network Security in Europe (London, England, UK, May 21, 2014) Following on from two successful events in the United States, this first Light Reading conference on Mobile Network Security in Europe will again focus on the key role of the network in safeguarding the...

CyberMontgomery (Rockville, Maryland, USA, May 22, 2014) Montgomery County, MD is home to over 18 federal agencies including NIST, FDA, NOAA, and the National Cybersecurity Center of Excellence (NCCoE). NCCoE is an exciting addition to Montgomery County's growing...

The Device Developers' Conference: Cambridge (Cambridge, England, UK, May 22, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...

CyberMontgomery Forum: Center of Gravity (Rockville, Maryland, USA, May 22, 2014) Cybersecurity will be a major growth engine in the region for many years to come. With solid federal government, industry and academic assets already in place in the region, there is still a need to bring...

Cyber Risk Summit (Washington, DC, USA, May 22, 2014) This one-day leadership conference will provide a discussion forum for business executives, insurance companies and policymakers on more effective private and public responses to cyber risk management.

3 Day Startup (San Antonio, Texas, USA, May 23 - 25, 2014) The nation faces tremendous challenges to our online security. Turn innovative ideas into startups that protect our information and our livelihood. 3 Day Startup is an entrepreneurship program designed...

How the SBIR/STTR Program Can Help Grow Your Business (Halethorp, Maryland, USA, May 27, 2014) The SBIR/STTR programs promote small business innovation and profitability while simultaneously meeting the government's research and development needs. Every year, small businesses receive millions of...

AFCEA DC Chapter 5th Annual Cybersecurity Symposium (Washington, DC, USA, May 28, 2014) 5th Annual Cybersecurity Symposium featuring Government Keynotes and "Latest and Greatest" Information on Cyber Trends, Initiatives, Threats & more. This event attracts upwards of 800 folks annually. Break-out...

Maryland Cybersecurity Roundtable (Hanover, Maryland, USA, May 29, 2014) U.S. Senator Barbara A. Mikulski and Governor Martin O'Malley will launch the Maryland Cybersecurity Roundtable on Thursday, May 29, at 1:30 p.m., at The Hotel at Arundel Preserve, Hanover, Md. They'll...

The Device Developers' Conference: Manchester (Manchester, England, UK, June 3, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...

17th Annual New York State Cyber Security Conference and 9th Annual Symposium on Information Assurance (Albany, New York, USA, June 3 - 4, 2014) The 17th Annual New York State Cyber Security Conference (NYSCSC '14) and 9th Annual Symposium on Information Assurance (ASIA '14) is a two day event co-hosted by the New York State Office of Information...

Cyber Security Summit (Huntsville, Alabama, USA, June 4 - 5, 2014) The North Alabama Chapter of the Information Systems Security Association and Cyber Huntsville Corporation are hosting the 6th annual Cyber Security Summit June 4-5 in the South Hall of the Von Braun Center.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.