skip navigation

More signal. Less noise.

Daily briefing.

ISIS works to co-opt the few journalists remaining in the territory it controls, bringing them into its information operations campaign. That campaign has gained an imitator, if not actually a collaborator, in Nigeria's murderous Boko Haram, which has also declared a caliphate and upped its social media game.

ISIS-sympathizing trolls (probably of the useful-idiot, agent-of-influence variety) surface to harass US military personnel and their families online. (Canadian researchers coincidentally release a psychological profile of trolls, whose findings Forbes glosses as "Internet trolls really are psychos," with "psycho" intended in an extra-scientific, moral acceptation. The researchers claim trolls represent an incorrigible psychological type.

China's not easing up on Hong Kong. One emblematic arrest: a poet's hauled in for tweeting a picture of himself holding an umbrella in front of a Taiwanese flag while making a demotic gesture, presumably in the direction of Beijing, with his middle finger. Taiwan's premier warns of an accelerating Chinese cyber-attack optempo.

Cyber-rioting, mostly from Pakistan, flares again in the Indian subcontinent.

A new botnet, "Qbot," attributed to Russian cyber gangs, sniffs online transactions at five large US banks. Qbot is believed to have compromised 500,000 PCs, apparently by exploiting unpatched Windows XP and Windows 7 vulnerabilities.

A misconfigured server at MBIA, the largest US bond insurer, has (according to KrebsOnSecurity) exposed sensitive customer information, much already indexed by search engines.

DNS problems with Belkin routers lock many out of the Internet.

Symantec may break itself into storage and security companies. Splintering HP promises growth through acquisition.

Notes.

Today's issue includes events affecting Australia, Brazil, China, Colombia, Cuba, India, Iraq, Israel, Nigeria, Pakistan, Russia, Singapore, Syria, Taiwan, United Kingdom, United States, and Venezuela.

Cyber Attacks, Threats, and Vulnerabilities

ISIS Issues 11 Rules for Journalists in Deir Ezzor (Syria Deeply) Many local journalists fled Deir Ezzor when ISIS arrived — and the ones who stayed behind are forced to abide by the extremist group's draconian rules

Source: Air Force father, son targeted online by ISIS followers (Fox News) The Facebook pages of an Air Force servicemember and his son were "swarmed" by offensive messages after Islamic State sympathizers urged followers to target them online, a source tells Fox News — a virtual attack that coincided with an Army bulletin warning ISIS may try to track down military families on social media

Nigeria: Five Reasons Why Boko Haram's Video Matters (Council on Foreign Relations) On October 3 Boko Haram released a new video asserting that Abubakar Shekau is still alive. The video goes beyond "Shekau's" usual rhetoric and Boko Haram violence. Here are five reasons to pay attention to this newest video

Taiwan Premier warns China cyber attack threat growing (ChannelNewsAsia) Premier Jiang Yi-huah's warning of increasing cyber attacks from China came after the FBI warned that China is waging an aggressive cyber war against the United States

This poet was arrested by Chinese authorities for supporting Hong Kong's protests (Quartz) Holding out an umbrella and sticking out your middle finger, while standing in front of the Taiwanese flag, is probably not what any Beijing resident should be doing right now, especially with ongoing "Umbrella Revolution" protests in Hong Kong. But that's exactly what 29-year-old Wang Zang did

Mohanlal's website gets cyber attacked (Deccan Chronicle) The hacker calling himself Devil Haxor hacked Mohanlal's account and posted an update on his Facebook account claiming responsibility. The hacker bragged that he hacked an Indian Army site and it is an Eid Gift. Devil Haxor later in the day changed his Facebook account name to Sameer Ali. Hacker and his Facebook friends were seen celebrating the hacking incident on Facebook

The Circum-Caribbean (or Bolivarian-Grenadine) War (Small Wars Journal) For fluidity, the text below refers to the governments of Cuba and Venezuela, their supporting institutions, allies, symbols, programs, and etcetera as Bolivarian. Bolivarian is the formal self-designation of the currently governing system in Venezuela, which also often uses the terms 'Bolivarian Socialism' or 'Bolivarian Socialism of the XXI Century'. The paper refers to those in direct opposition to the Bolivarian structure and enterprise as Grenadine

Qbot Botnet Sniffs 800,000 Banking Transactions from More than 500,000 Systems (Softpedia) Most victims are from US, Russians believed to operate it. A new network of infected machines, dubbed Qbot, comprises more than half a million computers and has been used predominantly for intercepting online banking sessions with five of the largest banks in the US

Windows XP flaws help Russian 'Qbot' gang build 500,000 PC botnet (Techworld via CSO) The Russian gang behind the obscure Qbot botnet have quietly built an impressive empire of 500,000 infected PCs by exploiting unpatched flaws in mainly US-based Windows XP and Windows 7 computers, researchers at security firm Proofpoint have discovered

An inside look at Russian cybercriminals (CSO) A new report takes a rare look at Russian hackers targeting online banking accounts

No Honor Among Thieves: Beware the Lampeduza Scam (TrendLabs Security Intelligence Blog) PoS malware has been in the news lately due to data breaches in various high-profile retailers. Card information stolen from these attacks have ended up on the well-known underground shop Rescator. We prefer to refer to the people behind this shop as the Lampeduza gang, as Rescator is not the only person running this business

Huge Data Leak at Largest U.S. Bond Insurer (KrebsOnSecurity) On Monday, KrebsOnSecurity notified MBIA Inc. — the nation's largest bond insurer — that a misconfiguration in a company Web server had exposed countless customer account numbers, balances and other sensitive data. Much of the information had been indexed by search engines, including a page listing administrative credentials that attackers could use to access data that wasn't already accessible via a simple Web search

Adobe accused of spying on e-book readers (Inquirer) Adobe has been accused of slurping data through its reader app

Yahoo Server Hack: Shellshocked Or Not? (Dark Reading) Yahoo goes on the record to state that an attack over the weekend was not related to Shellshock, but an independent researcher insists the Bash bug is rearing its head on Yahoo infrastructure

Watch Out! iOS 8 'Reset All Settings' Bug Could Wipe your iCloud Files (Intego Mac Security Blog) It may seem blasphemous for iPhone fanatics to question the safety of iOS, but increasingly cracks appear to be forming in the previously-considered, comparatively safe harbour of Apple

SSDP reflection attacks become a leading large volume DDoS attack method (FierceITSecurity) Simple service discovery protocol, or SSDP, reflection attacks have come out of nowhere to be a leading method for large volume DDoS attacks, according to data compiled by Arbor Networks

Borked Belkin routers leave many unable to get online (Ars Technica) Many ISPs, models appear affected — with a DNS problem apparently to blame

Facebook warns against buying fake likes, but the fans-for-sale industry is booming (Naked Security) Facebook warns against buying fake LikesFacebook is taking another swipe at fraudulent likes that artificially inflate a Facebook Page's number of fans

Security Patches, Mitigations, and Software Updates

Siemens Patches Five Vulnerabilities in SIMATIC WINCC PCS 7 (Threatpost) Siemens has patched five vulnerabilities in its SIMATIC PCS 7 system that could result in privilege escalation and give an attacker unauthenticated access to sensitive data

Google Releases Security Updates for Chrome and Chrome OS (US-CERT) Google has released security updates to address multiple vulnerabilities in Chrome and Chrome OS, some of which could potentially allow an attacker to take control of the affected system or cause a denial of service condition

Oracle Patches Bash Vulnerabilities (US-CERT) Oracle has released security updates to address bash vulnerabilities found across multiple products

Cyber Trends

Many airlines still don't have cyber security plan for EFBs (Runway Girl Network) As aviation stakeholders, including Boeing and IATA, have grown louder about cyber security threats to airlines, new preliminary data from an ongoing AirInsight study has found that 42% of airlines surveyed still do not have a cyber security plan in place for their pilots' electronic flight bags (EFBs)

FireEye: SMBs Caught In Crosshairs As Attackers Get More Sophisticated (CRN) Cybercriminal organizations behind many high-profile credit card breaches are becoming increasingly sophisticated and beginning to use advanced countermeasures to foil forensics investigators, according to Kevin Mandia, senior vice president and chief operating officer of FireEye and founder and CEO of Mandiant

Mobile Security Experts: Worst is Yet to Come (Infosecurity Magazine) A panel of security experts clashed today in a lively debate on the level of the mobile malware threat facing enterprises, but all predicted that risk will increase going forward as new generations of devices and services and new generations of employees enter the workforce

Latest Cyber Breaches Force Companies to Reevaluate How Critical Data is Protected — Biometrics Security Measures Escalate in Mobile Payment Services (CNN Money) Digital payments expected to increase by 60.8% in 2015 as the biometrics industry adapts by implementing tougher security measures designed for consumer protection for mCommerce & eCommerce purchases

Are Cyber Breaches the New Normal? (Bloomberg TV) CrowdStrike President Shawn Henry, Trend Micro's JD Sherry and Yale University's Stephen Roach discuss the rise in cyber crime with Trish Regan on "Street Smart"

Should We Put Robots in Charge of Cybersecurity? (Defense One) The theme of October's National Cybersecurity Awareness month, for half a decade has been "cybersecurity is a shared responsibility" — but should it be?

Marketplace

Bad News is Good for Cybersecurity stocks: NXT-ID Inc (NASDAQ:NXTD), Palo Alto Networks Inc (NYSE:PANW), Wave Systems Corp. (NASDAQ:WAVX), Fortinet Inc (NASDAQ:FTNT) (Emerging Markets) Cyber security and mobile security companies climbed higher after J. P Morgan Chase said Thursday that information such as names and addresses for 76 million household customers and seven million businesses was compromised in a data breach this summer as investors flocked to companies that could benefit from banks and other companies that would want to defend themselves from such security breaches

Symantec Said to Explore Split Into Security, Storage Cos (Bloomberg) Symantec Corp. (SYMC) is exploring a breakup, according to people with knowledge of the matter, joining other large technology companies that are trying to make their businesses more focused and nimble

H-P CEO Whitman: Deals Are on the Table (Wall Street Journal) H-P HPQ -4.43% Chief Executive Meg Whitman had a message Monday: Her new company will be lean, mean — and ready to make deals

USIS cuts more than 2,500 jobs after losing contracts in wake of cyberattack (Washington Post) The Northern Virginia contractor that suffered a cyberattack in August and subsequently lost its contracts with the Office of Personnel Management has laid off more than 2,500 employees

SingTel, FireEye in cyber security tie-up (ChannelNewsAsia) SingTel and FireEye will invest up to US$50 million (S$63.8 million) over the next five years in new advanced security operation centres in Singapore and Australia, as well as training and developing professionals in the area of cyber security

Optus and FireEye to open Advanced Security Operations Centre in Sydney (ARN) About 150 professionals will be trained to operate ASOCs in Singapore and Sydney

Exclusive: Facebook plots first steps into healthcare (Reuters) Facebook Inc (FB.O) already knows who your friends are and the kind of things that grab your attention. Soon, it could also know the state of your health

Products, Services, and Solutions

Government launches online cyber security training course for lawyers and accountants (ComputerWorld) Security should be "part of the day job" for professionals, says Ed Vaizey

BSkyB turns to Splunk to help detect hacks on Sky customer accounts (ComputerWorld) Software introduced as cyber attacks continue to rise

iboss Network Security Launches FireSphere at Gartner Symposium / ITxpo 2014 (Marketwired) iboss Network Security today announced from Gartner Symposium / ITxpo 2014 the general availability of FireSphere, the most advanced APT defense solution that continuously monitors for infections already on a network in order to decrease time from infection to detection

Microsoft addresses how they minimize security risks in the cloud (WinBeta) Microsoft has detailed how they are working to minimize security risks in the cloud. When critical infrastructure such as water, power, transportation, etc., see a massive number of attacks, they need to be confident in their IT solutions. Microsoft is using their large cloud presence to secure against all types of threats

Virgin Trains Deploys Darktrace for Next-Generation Cyber Intelligence (PRNewswire) Darktrace today announces that Virgin Trains has deployed Darktrace's mathematics-driven Enterprise Immune System technology to help deliver next-generation cyber intelligence and advanced threat detection

FlowTraq Partners With A10 Networks to Speed, Automate DDoS Attack Detection and Mitigation (MarketWatch) Leading network security software provider FlowTraq announced today it has partnered with application networking company A10 Networks, to automate detection and speed mitigation of distributed denial-of-service (DDoS) attacks, by providing a direct connection between FlowTraq and A10's Thunder TPS Threat Protection System

AlgoSec Promises Unified Hybrid Cloud Security Management (Forbes) A major change is happening in enterprise IT. Whereas in the past organizations tended towards one monolithic vendor (how many times have you heard the "We're a Microsoft shop" or "We stick with IBM" lines?), future organizations will use a plethora of different services. This is a direct result of enterprise IT realizing that its number one job is to empower employees to use the tools that best meet their needs — at an infrastructure level this could be public, private or a combination of the two and can span every vendor under the sun

Apple Pay Will Have Some Security Vulnerabilities (PaymentsSource) Apple Pay couldn't have arrived at a better time; security breaches in major retailers appear almost daily in the news, and consumers are looking for a more secure way to pay. And while Apple Pay may address that need for many, there are still potential security breaches

FireEye Delivers Targeted Attack Protection for the Apple Platform (MarketWatch) FireEye, Inc. FEYE, +1.03% the leader in stopping today's advanced cyber attacks, today announced targeted attack protection for products built on the Apple platform

FireEye Releases Comprehensive Investigation Analysis System, Accelerating Incident Response (Marketwired) Real-time forensics capability pairs in-depth analytics and visualization with ultrafast intelligent packet capture and retrieval

EZShield Receives Enterprise-Ready Rating from the Skyhigh CloudTrust™ Program (InsuranceNewsNet) EZShield announced today that it has been awarded the Skyhigh CloudTrust™ rating of enterprise-ready for its EZShield Total Protection Platform. Skyhigh Enterprise-Ready cloud services fully satisfy the most stringent requirements for data protection, identity verification, service security, business practices and legal protection

eScan Launches Online Tool to Identify Servers Affected by the Shellshock Bug (IT News Online) eScan, an anti-virus and content security solutions provider, has launched an online tool to identify servers affected by the latest vulnerability, the Shellshock Bug

AMX Lands First and Only JITC Tested Conference Room Solution on US Government’s Approved Products List (APL) (PRWeb) Enova DVX solution passes rigorous JITC security testing, awarded IO and IA certifications by Defense Information Systems Agency

Outlier Security Launches with Industry's First SaaS Agentless Endpoint Threat Detection and Response Product (Providence Journal) Today, Outlier Security, whose mission is to detect new and advanced threats missed by legacy cybersecurity systems, launched at the Gartner Symposium/IT Expo in Orlando. Outlier Security's product, Outlier, is the first, SaaS-based, agentless endpoint threat detection and response (ETDR) product

Technologies, Techniques, and Standards

Preparing for a cyber-attack (IT Online) Cyber-attacks are a threat to businesses of all types and of all sizes, from the giant enterprises to the smaller SMEs

Are You Putting Your Agency's Networks at Risk? (State Tech Magazine) Answer these 12 short questions to find out if you're opening your organization up to potential vulnerabilities

How can parents keep their children safe on the Internet? (Help Net Security) In today's society, children are unquestionably more tech-savvy than ever before, with far greater access to gadgets and a veritable wealth of information at their fingertips along with a heightened understanding of technology and how it works. However, children will not be as aware of the scams that cyber-criminals are crafting specifically to dupe them

Design and Innovation

Tokenization: 6 Reasons The Card Industry Should Be Wary (Dark Reading) VISA's new token service aims to provide consumers a simple, fraud-free digital payment experience. It's a worthy goal, but one that may prove to be more aspirational than functional

Apple's iPhone Encryption Is a Godsend, Even if Cops Hate It (Wired) It took the upheaval of the Edward Snowden revelations to make clear to everyone that we need protection from snooping, governmental and otherwise. Snowden illustrated the capabilities of determined spies, and said what security experts have preached for years: Strong encryption of our data is a basic necessity, not a luxury

Facebook's Josh Miller Confirms He's Built Something, But It's Not Just About Anonymity (TechCrunch) In response to the New York Times' report that he's leading a team working on an anonymous forum app for Facebook, product manager Josh Miller posted a tweetstorm saying apps need to serve a function, not just provide anonymity, "but can't wait to show you what we've built"

Research and Development

£2.5m funding boost for protecting rail networks, power stations from cyber attack (ZDNet) Researchers are looking at how to fix the security flaws in the industrial control systems that run power stations, rail networks and the electricity grid

Internet Trolls Really Are Psychos (Forbes) If you've ever managed an online community, a blog, or a brand's Facebook page, you have encountered the dreaded "troll"

Academia

Defense giant Lockheed to draw on Hebrew U innovations (Times of Israel) American contractor will work on advanced research projects via Yissum, the university's tech transfer body

Young Israeli cyberwarriors learn to duel in the dark (Washington Post) There are a lot of secrets kept in Israel's intelligence community, but this is not one of them: Israel aims to become a cybersecurity superpower, and to do that, the Israeli military is launching an ambitious program to groom the next generation of cyberwarriors while they are still in high school

NSA and Homeland Security Recognize JSU as National Center of Academic Excellence in Information Assurance (Jacksonville State University) The National Security Agency and the Department of Homeland Security (NSA-DHS) have designated Jacksonville State University as a National Center of Academic Excellence in Information Assurance (IA)/Cyber Security. The designation covers Fall 2014 through 2021

Legislation, Policy, and Regulation

How Australia just became a 'national security state' (Washington Post) Australian Prime Minister Tony Abbott had some "regrettable" news. It was late last month, Australia had just thwarted an Islamic State plot to behead random Australians, and the prime minister's tone was somber. "Regrettably, for some time to come, Australians will have to endure more security than we're used to, and more inconvenience than we would like," he told the country's parliament. "Regrettably for some time to come, the delicate balance between freedom and security may have to shift"

What The United States Can Learn From Israel About Cybersecurity (Forbes) Two weeks ago, Israeli Prime Minister Benjamin Netanyahu announced the creation of a new cyber defense authority to defend Israel's civilian networks. This is the latest in a series of steps taken by Israel's government to bridge the public-private cyber divide and bolster the country's position as a global leader in cybersecurity

Sen. Carper Highlights Cyber Security Awareness Month; Notes Pending Legislation (HS Today) This month the Department of Homeland Security (DHS), National Cyber Security Alliance (NCSA) and the Multi-State Information Sharing and Analysis Center kicked off October as Cyber Security Awareness Month to raise awareness about cybersecurity in an effort to educate Americans about how to protect themselves online

Litigation, Investigation, and Law Enforcement

NSA's Civil LIberties and Privacy Protections for Targeted SIGINT Activities Under Executive Order 12333 (NSA Civil Liberties and Privacy Office) This report, from the NSA Civil Liberties and Privacy Office, addresses the general civil liberties and privacy protections employed by the NSA and more specifically documents additional procedures for targeted Signals Intelligence activities under Executive Order (E.O.) 12333

NSA internal watchdog defends agency's privacy practices (PCWorld) The U.S. National Security Agency takes multiple steps to protect the privacy of the information it collects about U.S. residents under a secretive surveillance program, according to a report from the agency's privacy office

Twitter sues U.S. government over limits on ability to disclose surveillance orders (Washington Post) Twitter, the world's largest microblogging platform, on Tuesday sued the U.S. government, alleging that the Justice Department's restrictions on what the company can say publicly about the government's national security requests for user data violate the firm's First Amendment rights

Former NSA Director Reflects On Snowden Leaks (Dark Reading) Gen. Keith Alexander defends NSA's controversial spying programs as lawful

Supreme Court weighs employee pay for security checks (Reuters) The U.S. Supreme Court will hear arguments on Wednesday on whether companies have to pay workers for time spent undergoing security checks, in a case challenging how hourly employees are compensated for tasks outside their regular shifts

Revenge porn offenders could face 14 years in jail (Naked Security) The UK's Crown Prosecution Service (CPS) has issued updated guidance on the posting of revenge porn online. The Director of Public Prosecutions (DPP) admitted that current laws are unclear

Police Spied on 3,000 Brits by Accident (Bitdefender) Thousands of UK citizens had their phones and online conversations mistakenly monitored by police, according to The Times UK

Marriott ordered to pay $600K for blocking personal Wi-Fi hotspots (ComputerWorld) The hotel chain blocked outside hotspots while charging customers up to $1,000 per device to access its own Wi-Fi service

DEA agent steals woman's identity and photos to lure in suspects on Facebook (Naked Security) The US government is claiming that an agent had the right to set up a Facebook account and to impersonate a young woman using information it swiped from her seized mobile phone after she was arrested

Be Prepared for Increase in Number of Criminal Cases Involving Crypto-Currencies (Law.com) Yesterday I bought pot on the Internet using digital currency. Sorry, let me rephrase that. Yesterday, I bought a pot on the Internet using digital currency. It was a flower pot, for our office peace lily

High school tutor accused of planning keylogging ring finally arrested (Ars Technica) After disappearing for many months, Timothy Lance Lai arrested at LAX airport

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Cyber Threat Detection and Information Sharing Training Conference (Washington, DC, USA, October 6 - 8, 2014) Cyber Threat Detection and Information Sharing Training Conference is about education on cyber threat detection and information sharing solutions and product training and not about why this subject is...

MIRcon 2014 (Washington, DC, USA, October 7 - 8, 2014) MIRcon 2014 is the premier information security industry event of the year. The conference is designed to educate innovators and executives battling cyber attackers daily

Cyber Security, Meet Workforce Development (Silver Spring, Maryland, USA, October 8, 2014) Per Scholas convenes leaders in the Nation's Capital to develop a blueprint for building today's entry-level cyber security workforce

Technology & Cyber Security Day (Hill Air Force Base, Utah, October 8, 2014) The Armed Forces Communications & Electronics Association (AFCEA) Wasatch Chapter will once again host the 5th Annual Information Technology & Cyber Security Day at Hill AFB. This annual event is an excellent...

Cyber Security EXPO (, January 1, 1970) Securing information, mobility, cloud, and social interaction for the modern enterprise. Disruptive technologies such as cloud computing, mobile, bring your own device (BYOD) and social media are pushing...

InfoSec 2014 (Kuala Terengganu, Malaysia, October 8 - 10, 2014) You are invited to participate in The International Conference on Information Security and Cyber Forensics (InfoSec 2014) that will be held at Universiti Sultan Zainal Abidin (UniSZA), Kuala Terengganu,...

"Women in Government Contracting" Networking Reception (Columbia, Maryland, USA, October 9, 2014) A special invitation to executive women in technology sponsored by COPT-Corporate Office Properties Trust and the GovConnects Advisory Council. Guest speaker, Deborah Bonanni, former Chief of Staff NSA...

Hacktivity 2014 (Budapest, Hungary, October 10 - 11, 2014) Official and alternative representatives of the information security profession meet with all those interested in this field in framework which is at the same time informal and informative, and sometimes...

Ruxcon (Melbourne, Australia, October 26 - 27, 2013) Ruxcon is a computer security conference that aims to bring together the best and the brightest security talent within the Aus-Pacific region. The conference is a mixture of live presentations, activities...

Critical Infrastructure Cyber Community (C3) Voluntary Program Meeting (San Diego, California, USA, October 13, 2014) Join stakeholders from across the cyber community to discuss building a cyber risk management program, using DHS resources, and to learn how organizations of all sizes are using the Cybersecurity Framework...

Hack-in-the-Box Malaysia (Kuala Lumpur, Malaysia, October 13 - 16, 2014) HITBSecConf or the Hack In The Box Security Conference is an annual must attend event in the calendars of security researchers and professionals around the world. Held annually in Kuala Lumpur, Malaysia...

FS-ISAC Fall Summit 2014 (Washington, DC, USA, October 13 - 16, 2014) The Financial Services Information Sharing and Analysis Center (FS-ISAC), is a non-profit association comprised of financial institution members, that is dedicated to protecting the global financial services...

CYBERSEC 2014 (, January 1, 1970) CYBERSEC is a 4-day event geared toward helping you achieve your cybersecurity goals. Whether your focus is on cybersecurity management, investigation, defense, or offense we are offering specialty cybersecurity...

Black Hat Europe 2014 (, January 1, 1970) The premier conference on information security returns to the beautiful city of Amsterdam, Netherlands in October, 2014. Professionals from all over the world gather for two days of intense Trainings and...

Social Security Administration Security Awareness Day (Baltimore, Maryland, USA, October 15, 2014) This event, hosted by the Office of Information Security is intended to raise general computer security awareness for the end-users at SSA

Denver SecureWorld (Denver, Colorado, USA, October 16, 2014) A day of cyber security education. Earn 6-8 CPE credits, network with industry peers, and take advantage of more than thirty educational events. Over the past decade SecureWorld has emerged as one of North...

TechCrunch Disrupt Europe Hackathon (London, England, UK, October 18 - 19, 2014) For the second year in a row, TechCrunch is jumping across the pond and bringing the iconic Disrupt and our Hackathon to Europe. We're heading your way, London

U.S. Army ITA Security Forum (Fort Belvoir, Virginia, USA, October 20, 2014) The U.S. Army Information Technology Agency Security Forum is taking place at the Ft. Belvoir site and will be a one day event focusing on cyber security education and training for the workforce. The...

CSEC 2014 Cyber Security Summit (Kingdom of Bahrain, October 20 - 22, 2014) At the Inaugural Cyber Security Summit 2014, you will have the opportunity to seek ways to reset your IT security and risk strategy for success; stay relevant as IT security and risk are redefined; implement...

2014 ICS Cyber Security Conference (, January 1, 1970) The 14th ICS Cyber Security Conference (sometimes known as "Weisscon") will be held October 20-23, 2014 at Georgia Tech in Atlanta, GA. Cyber Security is becoming a critical infrastructure issue with implications...

National Archives and Records Administration (NARA) IT Security Day (College Park, Maryland, USA, October 21, 2014) FBC and NARA are working together to coordinate the 6th Annual National Archives and Records Administration (NARA) Information Technology Day. Exhibitors will be on-site to share information and demonstrate...

Cyber Security Summit 2014 (, January 1, 1970) Cyber security breaches have a profound impact on all areas of society. Join the discussion at Cyber Security Summit 2014. For two days, leaders from the public and private sectors meet to identify cyber...

Collaborative Approaches for Medical Device and Healthcare Cybersecurity; Public Workshop (Arlington, Virginia, USA, October 21 - 22, 2014) The Food and Drug Administration (FDA) is announcing the following public workshop entitled "Collaborative Approaches for Medical Device and Healthcare Cybersecurity." FDA, in collaboration with other...

Secure 2014 (Warsaw, Poland, October 21 - 23, 2014) NASK and CERT-Polska offer this conference on telecommunications and IT security. Speakers from government, industry, and universities around the world will offer insights into research, policy, and security...

Hack.lu 2014 (Dommeldange, Luxembourg, October 21 - 24, 2014) Hack.lu is an open convention/conference where people can discuss about computer security, privacy, information technology and its cultural/technical implication on society

ISSA International Conference (Orlando, Florida, USA, October 22 - 23, 2014) Join us for solution oriented, proactive and innovative sessions focused on security as a vital part of the business.

ToorCon San Diego (San Diego, California, USA, October 22 - 26, 2014) For hackers like you, because what could possibly go wrong?

DOE Germantown Cybersecurity Awareness Day (Germantown, Maryland, USA, October 23, 2014) The Department of Energy Germantown Building will be hosting a Cyber Security Awareness Day featuring a technology expo. DoE will be looking for a wide range of cyber security industry experts to showcase...

Library of Congress Cybersecurity Awareness Expo (Washington, DC, USA, October 23, 2014) The Library of Congress (LOC)is hosting its annual cyber security awareness days during October and the exposition is an important part of their education and outreach effort to industry

NASA Glenn Research Center Cyber Security Expo (Cleveland, Ohio, USA, October 23, 2014) In recognition of National Cyber Security Awareness Month, an Awareness Day event will be held at Glenn Research Center in Cleveland, Ohio. This event will provide participants with information and resources...

FOCUS 14: Empowering the Connected World (Las Vegas, Nevada, USA, October 26 - 27, 2014) FOCUS will offer you a unique opportunity to learn directly from other McAfee users. Hear real-world scenarios from McAfee customers and learn how they maintain the highest standards of security while...

Cybergamut Tech Tuesday: Software-Defined Networking Security (Columbia, Maryland, USA, October 28, 2014) Security-Defined Routing combines cyber analytics and SDN to protect the network: SDR technology assists organizations in scaling the delivery of network traffic to analytic security applications. When...

USDA Cyber Security Symposium and Expo 2014 (Washington, DC, USA, October 28 - 29, 2014) The Summit will provide participants with information and resources on today's vulnerabilities, incidents, security lifecycle, risks and mitigations; it will also identify ways to work together and build...

Cyber Security and IT Day at Fort Carson (Colorado Springs, Colorado, USA, October 28, 2014) The Information Systems Security Association (ISSA) Colorado Springs Chapter ill once again host the 5th Annual Cyber Security & Information Technology Days set to take place at Fort Carson on Tuesday,...

Cyber Security and IT Days at Peterson AFB (Colorado Springs, Colorado, USA, October 29, 2014) The Information Systems Security Association (ISSA) Colorado Springs Chapter will once again host the 5th Annual Cyber Security & Information Technology Days. Government and Industry experts will be on...

Dallas SecureWorld (Dallas, Texas, USA, October 29 - 30, 2014) Offering two days of cyber security education. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has emerged...

Cyber Job Fair (Baltimore, Maryland, USA, October 29, 2014) ClearedJobs.Net is partnering with CyberMaryland to present the Cyber Job Fair at the CyberMaryland 2014 conference. The Cyber Job Fair is a hiring event for cleared and non-cleared cybersecurity professionals...

CyberMaryland 2014 (Baltimore, Maryland, USA, October 29 - 30, 2014) Entrepreneurs, investors, academia and government will convene in Maryland — the nation's epicenter for cybersecurity for the fourth annual CyberMaryland Conference.

ekoparty Security Conference 10th edition (Buenos Aires, Argentina, October 29 - 31, 2014) ekoparty — Electronic Knock Out Party — Security Conference, is a one of a kind event in South America; an annual security conference held in Buenos Aires, where security specialists from all over Latin...

Cyber Risk Summit (Washington, DC, USA, May 22, 2014) This one-day leadership conference will provide a discussion forum for business executives, insurance companies and policymakers on more effective private and public responses to cyber risk management.

Senior Executive Cyber Security Conference (Baltimore, Maryland, USA, October 30 - November 1, 2014) North Star Group, LLC and the Johns Hopkins University's Whiting School of Engineering and Information Security Institute sponsor this senior executive focused cyber security conference.This event is designed...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.