skip navigation

More signal. Less noise.

Daily briefing.

As Russia sleeps the sleep of repletion before further feedings on the near abroad, FireEye notes an interesting trend: a spike in malware callbacks to command-and-control servers as tension between Russia and Ukraine increased—probably worth adding to any list of indicators and warnings.

Iranian security services made effective use of both social media and front news organizations in recent espionage campaigns, but over-reached in their construction of fake identities: they impersonated former UN ambassador John Bolton, spent months cultivating trust with a (well-selected) US Baha'i advocate, connected through LinkedIn, but were blown by Google who warned the victim that someone from Tehran had tried to break into her Gmail account.

Investigators and researchers continue to work on two mysteries: how is the "Oleg Pliss" ransomware getting on iPhones, and what is actually up with TrueCrypt?

South- and Southwest-Asian hacktivists resume exploitation of targets-of-opportunity.

BitSight rates sectors on cyber security. From best to worst, they're finance, retail, energy utilities, and then healthcare and pharma.

Former US Defense Secretary and ex-DCI Gates says France is as big a cyber industrial espionage threat as China. Where there are advanced technological capabilities in a dirigiste political economy, there's also the likelihood of industrial espionage.

China continues to kick back at US indictment of PLA officers, suggesting evidence was fabricated.

NSA releases an email exchange between Snowden and its General Counsel. Snowden's email is so muted it hardly counts as whistleblowing. Perhaps IGs and OGCs should work on their ability to discern and read subtext?

Notes.

Today's issue includes events affecting Australia, Belarus, China, European Union, France, India, Iran, Israel, Kazakhstan, Pakistan, Russia, Turkey, Ukraine, United Kingdom, United States..

Cyber Attacks, Threats, and Vulnerabilities

FireEye: Malware Traffic to Ukraine, Russia Spiked During Peak of Conflict (Dark Reading) A FireEye researcher posits that a significant spike in malware traffic to Russia and the Ukraine at the height of the conflict between the two countries could be part of a trend — and could improve threat intelligence

Russia, Kazakhstan, Belarus form Eurasian Economic Union (Washington Post) Russian President Vladimir Putin moved Thursday to further bolster his nation's ties to former Soviet republics, as Russia's relationships with the United States and Europe continue to fray over the conflict in Ukraine

Iran Is Using a Neocon to Hack Its Foes (Daily Beast) John Bolton, the former U.N. ambassador under George W. Bush, is playing an unexpectedly prominent role in an Iranian cyberspying campaign

Newscaster Threat Uses Social Media for Intelligence Gathering (eWeek) A new report alleges that Iran is using social media to hack Western organizations

How to avoid cyberspies on Facebook, LinkedIn (CSO) Educating employees on how to identify spies can derail cyberespionage campaigns

Israel, Iran wage cyber warfare in the battlefield of the future (Jerusalem Post) What may begin as an enemy intelligence-gathering mission could later turn into a virus that disrupts military operations

Apple iOS ransomware mystery deepens — "Oleg Pliss" pops up in LA (Naked Security) We still can't tell you how the "Oleg Pliss" hack works. That's the curious message that popped up on Apple iOS devices in Australia earlier this week

The mechanics of the iCloud "hack" and how iOS devices are being held to ransom (Troy Hunt) If you're an Aussie with an iPhone, there's a chance you've been woken up in the middle of the night by this

'Oleg Pliss' hack makes for a perfect teachable IT moment (Computerworld via CSO Salted Hash) Earlier this week, a number of iOS device owners woke up to discover that someone had locked them out of the iPhones, iPads, and iPod touches. The attack, primarily aimed at users in Australia and New Zealand (though there are now reports of users in North America and other countries being hit), demanded a ransom be paid to unlock each device. Ironically, the PayPal account referenced in the demand did not seem to even exist

TrueCrypt quits? Inexplicable (ZDNet) Nobody has a good explanation yet for what happened to the generally respected TrueCrypt project, which yesterday announced itself insecure and sent its users to Microsoft

Bombshell TrueCrypt advisory: Backdoor? Hack? Hoax? None of the above? (Ars Technica) A sampling of theories behind Wednesday's notice that TrueCrypt is unsafe to use

With Heartbleed as a wake up, what is a Man-in-the-Middle (MITM) attack? (The Next Web) You grab your coffee, connect to the coffee shop's Wi-Fi and begin working. You've done this a hundred times before. Nothing seems out of the ordinary, but someone is watching you. They're monitoring your Web activity, logging your bank credentials, home address, personal email and contacts — and you won't know it until it's too late

Misconfiguration to blame for most mobile security breaches (Help Net Security) Nearly 2.2 billion smartphones and tablets will be sold to end users in 2014 according to Gartner, Inc. While security incidents originating from mobile devices are rare, Gartner said that by 2017, 75 percent of mobile security breaches will be the result of mobile application misconfiguration

Monsanto Suffers Data Breach at Precision Planting Unit (Threatpost) Monsanto, the massive international agricultural conglomerate, has disclosed a data breach that involved the personal information of customers and employees of its Precision Planting subsidiary. The breach included names, addresses, possibly Social Security numbers and some financial account information

Avast and Simple Machines Spat Ends in Collaboration (CBR) Dispute over cyber attack prompted questions over third-party software. Simple Machines is now working with Avast to analyse the recent cyber attack that compromised the details of 400,000 forum users, following a public dispute between the two companies over the nature of the breach

Fake Australian Electric Bill Leads to Cryptolocker (Internet Storm Center) Our reader Mark sent us a link he recovered from a Phishing e-mail. We don't have the e-mail right now, but the web site delivering the malware is kind of interesting in itself. The e-mail claims to come from "Energy Australia", an actual Australian utility company

Office falls victim to cyber attack after eBay breach (ITV) Nationwide shoe shop Office has become the latest company to fall victim to a cyber attack, forcing the retailer to warn its customers to change their account passwords

San Diego State University Acknowledges Data Breach (eSecurity Planet) 1,050 students' names, Social Security numbers, birthdates and addresses were exposed

ProMedica Bay Park Hospital Admits Insider Breach (eSecurity Planet) 594 patients' names, birthdates, diagnoses, physicians' names and medications were accessed

ARY News Channel website hacked for Showing Blasphemous and Indian Content (HackRead) The official website of Pakistan's famous ARY News Channel website has been hacked and defaced by Pakistani hacker 'hasnain haxor' just few hours ago

Pakistani hacker hacks Taj Mahal Mausoleum and Agra Fort India Websites for Kashmir (HackRead) A Pakistani hacker going with the handle of "hasnain haxor" has hacked and defaced the official website of Taj Mahal mausoleum, the 7th wonder of the world and Agra Fort, a UNESCO World Heritage site located in Agra, Uttar Pradesh, India

Cyber Trends

Inside the malware war zone (Help Net Security) Adam Kujawa is the Head of Malware Intelligence for Malwarebytes. In this interview he talks about the evolution of malware in the past decade, illustrates the differences in global malware based on the point of origin, highlights the events that changed the threat landscape, offers insight about future threats, and more

Panda: Trojans account for three-quarters of all malware (Computing) Trojan Horse malware now accounts for almost three-quarters of all malware detected globally, according to anti-virus software maker Panda Security, and four-fifths of all infections

The concept of privacy is not unrealistic: McAfee (CSO) In today's digital age it may seem like the concept of privacy is unrealistic, but McAfee, part of Intel Security, remains upbeat about the prospects

Hackers don't just prey on the big boys, warns expert (Oxford Mail) A hi-tech security expert has warned Oxfordshire entrepreneurs after the cyber attack on online auction house eBay

5 Big Cyber Threats for Small Businesses (Property Casualty 360) Why small and midsize businesses are targets for cybercriminals

Hacking for the greater good (Help Net Security) As long as people write code, they will write code with flaws, says Katie Moussouris, former Senior Security Strategist Lead at Microsoft Security Response Center and, as of today, Chief Policy Officer of HackerOne, the company that partially hosts the Internet Bug Bounty

'Half of American adults hacked' in the past year — really? (Naked Security) A new study publicized this week claims that almost half of all American adults — about 110 million people — have had their personal data hacked in the past year

The Cyberspace Landscape Of India Is Changing (Ground Report) The recent cyber security updates by Perry4Law and PTLB have indicated that there has been an extraordinary surge in the cyber attacks at a global level. Malware like Stuxnet, Duqu, Flame, Uroburos/Snake, Blackshades, FinFisher, etc have been messing up with computer systems located in different parts of the world

Healthcare industry lags in security effectiveness (Help Net Security) BitSight analyzed Security Ratings for S&P 500 companies in four industries — finance, utilities, retail and healthcare and pharmaceuticals. The objective was to uncover quantifiable differences in security performance across industries from April 2013 through March 2014

Large Electric Utilities Earn High Security Scores (Dark Reading) Critical infrastructure is a big target for attack, but new data shows some operators in that industry suffer fewer security incidents than other industries

Marketplace

Strategic security acquisitions: What makes sense? (Help Net Security) Thanks to a steady stream of high-profile data breaches, a rapidly shifting threat environment, and the recent indictment of 5 members of Chinese People's Liberation Army "Unit 61398" for state-sponsored espionage, security is top-of-mind, even in the boardroom

Proofpoint: Fundamentals Suggest Still More Downside (Seeking Alpha) Proofpoint Inc. (PFPT) a hot cloud-based network security play, is trading at a gravity-defying valuation on the back of strong adoption of the company's TAP (Targeted Attack Protection) solution, gaining share from legacy solutions and upselling in its existing customer base. Recently, the stock has corrected with the broader equity markets, but fundamentals suggest more downside from here

Cyber security fears drive Palo Alto (Financial Times) Shares of Palo Alto Networks, the cyber security software maker, surged after the company said fiscal third-quarter sales topped Wall Street expectations and it had settled an outstanding lawsuit with Juniper Networks

Business Buzz: Raytheon Benefits From the Government's Cyber Threats (InTheCapital) As lawmakers on Capitol Hill continue to struggle with an answer to the growing threats against America's cyber security, one of the largest government contractors is cashing in. Raytheon, the gigantic defense electronics and missile systems company, is expecting a surge in stock pricing

Products, Services, and Solutions

Lookout Mobile Security's 'Theftie' App Designed To Combat Smartphone Theft (Industry Leaders) With smartphone thefts becoming rampant, legislators and the telecommunications industry continue to wait for the implementation of a cell phone kill switch, as a possible solution. But a San Francisco-based mobile security firm Lookout is providing other ways to address the problem

Do Lookout's 'Theftie' Photo Alerts Violate Privacy? (Wall Street Journal) Mobile security firm Lookout on Wednesday unveiled a new tool for tracking down potential phone thieves: the "theftie," a covert snapshot of someone using your phone in a suspicious manner

WatchGuard Technologies First To Deliver True Integration of Wired and Wireless Network Security (MarketWatch) Fireware® 11.9 allows users to deploy, configure and manage wireless access points from a WatchGuard UTM or NGFW threat management appliance without requiring additional hardware

CYREN Launches New Service to Combat Phishing Attacks (IT Business Net) CYREN (NASDAQ: CYRN), a leading provider of cloud-based security solutions, today launched its CYREN URL Phishing Feed, a powerful new service that allows its web and email security partners to block phishing sites before they reach unsuspecting end users

HOSTING Partners With DOSarrest Internet Security to Offer DDoS Protection Services (MarketWatch) DOSarrest Internet Security, an industry leading DDoS protection provider, has announced a partnership agreement to offer its full suite of DDoS products to HOSTING, the leading cloud service provider in the market today

Incapsula Launches New Infrastructure DDoS Protection Services (Wall Street Journal) Incapsula, the cloud-based security service, today announced two new services, built to protect against large scale DDoS attacks. The new services complement Incapsula's award-winning Web DDoS and Security offering

FireEye Announces General Availability of Network Threat Prevention Platform With IPS (MarketWatch) FireEye, Inc. FEYE -0.38%, the leader in stopping today's advanced cyber attacks, today announced that it will offer the FireEye Network Threat Prevention Platform with IPS to customers worldwide starting June 2, 2014. Available as an add-on license to the FireEye Network Threat Prevention Platform (NX series), the new offering is designed to give customers a holistic view of multi-vector attacks that go well beyond conventional intrusion prevention system (IPS) tools

Webfwlog Firewall Log Analyzer v1.0 Released (ToolsWatch) Webfwlog is a flexible web-based firewall log analyzer and reporting tool. It supports standard system logs for linux, FreeBSD, OpenBSD, NetBSD, Solaris, Irix, OS X, etc. as well as Windows XP®. Supported log file formats are netfilter, ipfilter, ipfw, ipchains and Windows XP®. Webfwlog also supports logs saved in a database using the ULOG or NFLOG targets of the linux netfilter project, or any other database logs mapped with a view to the ulogd schema. Versions 1 and 2 of ulogd database schemas are supported. Webfwlog is licensed under the GNU GPL

Biometric tool prevents fraud (Help Net Security) BioCatch launched its eCommerce fraud prevention solution. The new tool uses behavioral biometric analysis to detect suspicious behavior and authenticate repeat customers, while reducing customer friction associated with additional security verifications and checks

How Yik Yak Keeps Its Anonymity App From Ruining People's Lives (Wired) The dean of students said it was coming, and it arrived almost immediately

Technologies, Techniques, and Standards

Banks: How to Improve Threat Detection (BankInfoSecurity) Banking institutions need to develop "day-to-day situational awareness" of the latest threats, says Vikram Bhat, a threat researcher at Deloitte and Touche, which just released a report about cybersecurity issues and awareness

How we patch: by the numbers (Talk Tech to Me) We all know how important it is to keep current with security updates, a.k.a. patches — but how many organizations are really following best practices? As attackers get more sophisticated and researchers become more diligent, vulnerabilities in popular software — from operating system to end-user applications and even including security software — are discovered every day. To their credit, software vendors are working overtime to stay on top of the problem and issue patches to fix these flaws as quickly as possible

Crypto won't save you (CSO) Peter Gutmann is a researcher in the Department of Computer Science at the University of Auckland working on design and analysis of cryptographic security architectures and security usability. Having been part of the team that wrote the popular PGP encryption package, you'd expect that he'd put a lot of trust crypto

WordPress Security Checklist (Help Net Security) WordPress is not only easy to use, it also comes with many plugins and themes for you to choose from, making it extremely customizable. However, like all other popular platforms, it is also more prone to hacking

Operating in zero trust environments (ProSecurityZone) Dr Wieland Alge, Vice President and General Manager EMEA Barracuda Networks discusses zero trust environment infrastructures and the role of the CIO

How to Demand Your Right to Be Forgotten from Google (Softpedia) A couple of weeks ago, the European Court of Justice completely changed things for those who wanted to hide some piece of their past from Google searches

Google's "right to be forgotten" response is "disappointingly clever" (Ars Technica) You'll need a copy of your photo ID and a list of every URL you want taken down

Academia

Defense Against the Dark Arts (of Cyberspace) (IEEE Spectrum) Universities are offering graduate degrees in cybersecurity

NSA Keeping Watch On FAU (Boca News Now) The NSA is watching FAU and the agency likes what it sees. According to the school, Florida Atlantic University has been designated as a National Center of Academic Excellence in Information Assurance/Cyber Defense Research (CAE-R) for academic years 2014-19 by the National Security Agency (NSA) and the Department of Homeland Security (DHS)

Legislation, Policy, and Regulation

Why NSA Critics Are Wrong About Internet Vulnerabilities Like 'Heartbleed' (Business Insider) In a recent article "Obama Policy on Zero Days Craps Out", Stanford's director of civil liberties Jennifer Granick made the case that the White House should be more forthcoming with its disclosures of "zero day" threats and other web/software vulnerabilities

Will NIST-NSA Cooperation Continue? (BankInfoSecurity) House bill would no longer require NIST to work with NSA

U.S. Cyber Command wants DISA to take greater role in DoD cyber defense (Federal News Radio) U.S. Cyber Command is in talks with the Defense Information Systems Agency to give DISA more day-to-day responsibilities for defending DoD networks from cyber threats

Did Maine Guard chief try to remake second unit without telling governor? (Portland Press Herald) Two people say he went to Washington last year to pitch a plan to convert a South Portland squadron into a cyber security team, but a LePage spokeswoman disputes their accounts

California businesses get new guides from state Attorney General on privacy, cyber-security (Inside Counsel) The new guides benefit both consumers and businesses, as information is presented transparently

Litigation, Investigation, and Law Enforcement

Gates highlights cybercrime threat not from Iran or Russia, but…France? (FierceGovernmentIT) While China-based cybercriminals pose the biggest threat to U.S. industry in terms of economic espionage, one of the nation's closest allies isn't far behind, according to Robert Gates, former secretary of the Defense Department

DOJ's recent charges against Chinese years in the making, says Carlin (FierceGovernmentIT) The Justice Department's recent charges against members of China's People's Liberation Army for economic espionage and stealing trade secrets from American companies were part of a years-long effort, says a senior DOJ official

China suggests US may have made up evidence for cyberattacks (Fox News) China suggested Thursday the U.S. fabricated evidence to back up accusations of cyberattacks of U.S. companies by Chinese military officers

China warns of reaction to U.S. cyber indictment (Xinhua via the Global Post) China said on Thursday that it would take further reaction to the U.S. allegation of cyber theft by Chinese military officers, according to circumstances

China Hacking Is Deep and Diverse, Experts Say (Wall Street Journal) China's Internet espionage capabilities are deeper and more widely dispersed than the U.S. indictment of five army officers last week suggests, former top government officials say, extending to a sprawling hacking-industrial complex that shields the Chinese government but also sometimes backfires on Beijing. Some of the most sophisticated intruders observed by U.S. officials and private-sector security firms work as hackers for hire and at makeshift defense contractors, not the government, and aren't among those named in

Indicting Chinese Military Officers Is A Huge Mistake (Dark Reading) Blaming soldiers following lawful orders only deflects from the government's responsibility to impose trade sanctions and take more useful measures

Snowden complained about mass surveillance tactics to his NSA masters (Ars Technica) "NSA has now explained that they have found one email inquiry by Edward Snowden"

Edward J. Snowden email inquiry to the NSA Office of General Counsel (IC on the Record) NSA has now explained that they have found one email inquiry by Edward Snowden to the Office of General Counsel asking for an explanation of some material that was in a training course he had just completed. The e-mail did not raise allegations or concerns about wrongdoing or abuse, but posed a legal question that the Office of General Counsel addressed

UPDATE 1-Snowden: "no relationship" with Russian government (Reuters) Former U.S. National Security Agency contractor Edward Snowden told a U.S. television interviewer on Wednesday he was not under the control of Russia's government and had given Moscow no intelligence documents after nearly a year of asylum there

The next chapter in the Snowden leaks may unfold in a New York museum (Quartz) Over the past year, the secret US government documents that Edward Snowden disclosed have been cascading through the pages of newspapers and magazines around the world. But could the next chapter of the story play out in the halls of a museum?

Thieves Planted Malware to Hack ATMs (Krebs on Security) A recent ATM skimming attack in which thieves used a specialized device to physically insert malicious software into a cash machine may be a harbinger of more sophisticated scams to come

Homeland Security Sec. Johnson Admits Alleged Breach of Classified Docs 'Problematic' (Breitbart Big Governmet) Department of Homeland Security Sec. Jeh Johnson departed from his predecessor's dismissive stance about a potential breach of classified information to a man with ties to the Muslim Brotherhood, saying it's "problematic"

The legal tools for dealing with a cyber-attack (Lexology) Late last year, a group of information security experts gathered with government officials to hack into the deep intestinal computers of London's financial district. The purpose of the exercise, dubbed "Waking Shark II", was to test whether the UK's banks and stock exchanges — that is to say, the UK financial system — could withstand a major cyber-security attack

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

17th Annual New York State Cyber Security Conference and 9th Annual Symposium on Information Assurance (Albany, New York, USA, June 3 - 4, 2014) The 17th Annual New York State Cyber Security Conference (NYSCSC '14) and 9th Annual Symposium on Information Assurance (ASIA '14) is a two day event co-hosted by the New York State Office of Information...

What to Consider when Preparing to Purchase Cyber Insurance Webinar (Webinar, June 11, 2014) With the many cyber/data breach insurance policies that are available today, there are important considerations that organizations need to know before purchasing cyber/data breach insurance coverage. Join...

Security Startup Speed Lunch DC (Washington, DC, USA, July 22, 2014) Our goal is to connect the most promising security startups in the world with decision-makers at aerospace, asset-management, banking, communications, defense, energy, healthcare, government, technology...

Cyber Security Summit 2014 (, January 1, 1970) Cyber security breaches have a profound impact on all areas of society. Join the discussion at Cyber Security Summit 2014. For two days, leaders from the public and private sectors meet to identify cyber...

Hack in The Box Security Conference (HITBSecConf) Amsterdam (, January 1, 1970) HITBSecConf Amsterdam is a gathering of network security professionals and enthusiasts who come from all corners of the globe to discuss the next generation of attacks and defense techniques. This is not...

Area41 (, January 1, 1970) Area41 is an international security technology and research conference offering both trainings/workshops and traditional presentation tracks.

The Device Developers' Conference: Manchester (Manchester, England, UK, June 3, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...

NSA SIGINT Development Conference 2014 (, January 1, 1970) This classified conference will focus on the preeminent intelligence issues facing those who are tasked with SIGINT as part of their mission. Over 1500 participants from the US intelligence community and...

Cyber Security Summit (Huntsville, Alabama, USA, June 4 - 5, 2014) The North Alabama Chapter of the Information Systems Security Association and Cyber Huntsville Corporation are hosting the 6th annual Cyber Security Summit June 4-5 in the South Hall of the Von Braun Center.

AFCEA Presents: Insider Threat to Small Business (Fairfax, Virginia, USA, June 5, 2014) One of the biggest myths is that "I'm too small for cyber attackers to care about me." This common misperception leads to tremendous vulnerabilities as companies do not understand implications for their...

The Device Developers' Conference: Scotland (Uphall, Scotland, UK, June 5, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...

The 2014 Cyber Security Summit (DC Metro) (Tysons Corner, Virginia, USA, June 5, 2014) The Cyber Security Summit, an exclusive conference series sponsored by The Wall Street Journal, has announced their inaugural DC Metro event. The event will connect C-Level & Senior Executives responsible...

MIT Technology Review Digital Summit (, January 1, 1970) The MIT Technology Review Digital Summit examines tomorrow's digital technologies and explains their global impact on both business and society. You'll get insider access to the innovative people and companies...

Cyber 5.0 Conference (Laurel, Maryland, USA, June 10, 2014) The mission of the Cyber Conference is to provide a forum for small and mid-sized businesses in Howard County and the region to access industry and government leaders with current information on cybersecurity...

Global Summit on Computer and Information Technology (, January 1, 1970) The summit is hosting multiple conferences in different areas of Computer & Information Technology. CIT is a major platform for researchers and industry practitioners from different fields of computer...

NRC Cyber Security Seminar/ISSO Security Workshop (Bethesda, Maryland, USA, June 16, 2014) NRC will be hosting its second NRC Semi-Annual All-Hands ISSO Workshop. This workshop will consist of computer security policy, standards, cybersecurity, guidance, FISMA compliance, and training updates.

2014 Spring National SBIR Conference (Washington, DC, USA, June 16 - 18, 2013) SBIR/STTR programs are the nation's largest source of early stage / high risk R&D funding for small business. At this conference you'll learn how to participate and compete for funding in these two programs...

18th Annual Colloquium for Information Systems Security Education (, January 1, 1970) The Colloquium recognizes that the protection of information and infrastructures that are used to create, store, process, and communicate information is vital to business continuity and security. The Colloquium's...

MeriTalk's Cyber Security Brainstorm (Washington, DC, USA, June 18, 2014) This second annual event will take place on Wednesday, June 18 2014 at the Newseum in Washington D.C. The event will bring together Federal cyber security experts to share best practices, collaborate on...

Suits and Spooks New York (, January 1, 1970) Not another hacker conference. Suits and Spooks is a unique gathering of experts, executives, operators, and policymakers who discuss hard challenges in a private setting over two days. Suits and Spooks...

SANSFIRE (Baltimore, Maryland, USA, June 21 - 30, 2014) For more than 10 years, the Internet Storm Center has been providing free analysis and warning to our community. SANSFIRE 2014 is not just another training event. It is our annual "ISC Powered" event.

26th Annual FIRST Conference (Boston, Massachusetts, USA, June 22 - 27, 2014) The Forum of Incident Response and Security Teams (FIRST) is a global non-profit organization dedicated to bringing together computer security incident response teams (CSIRTs) and includes response teams...

Gartner Security & Risk Management Summit 2014 (National Harbor, Maryland, US, June 23 - 26, 2014) The Gartner Security & Risk Management Summit is the only time when the entire Gartner analyst and security and risk management community come together in one location to bring the latest research, insights...

AFCEA International Cyber Symposium (Baltimore, Maryland, USA, June 24 - 25, 2014) National security is continuously being redefined as awareness of the cyberspace domain evolves. Cyber threats and challenges grow every day. Successfully defending our networks requires a team approach.

United Nations Interregional Crime and Justice Research Institute Cyber Threats Workshop (Turin, Italy, June 27 - 29, 2014) The United Nations Interregional Crime and Justice Research Institute (UNICRI) is organizing a series of workshops and short courses within the framework of the UNICRI Journalism and Public Information...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.