skip navigation

More signal. Less noise.

Daily briefing.

The Warsaw Stock Exchange suffered outages and an apparent breach at the end of last week. Hackers who claimed responsibility say they acted in sympathy with ISIS. ISIS itself, says F-Secure's Hyppönen, seeks to train its volunteers to conduct cyber attacks. The British Home Office has been stepping up cyber and information operations against ISIS, moved more by concerns over domestic radicalization than by the threat of direct cyber attack from the Islamic State.

Anonymous protests the IDF's fatal shooting of a teenager with attacks on Israeli government sites.

Elections in Ukraine have concluded in spite of the Putinist Cyber Berkut's disruptions of voting-related sites.

Cyber rioting continues in South Asia with widespread Pakistani ripostes against Indian sites.

Leviathan Security researchers find a rogue Tor exit node that's wrapping Windows executables in malware.

Enterprises continue to patch Shellshock. Criminals realize slow but steady success assembling botnets by attacking unpatched message transfer and mail delivery agents.

Retailers in North America and elsewhere shore up cyber defenses in anticipation of increased threats during the coming holiday season. There's bad news, however: Backoff infections rose 57% from August to September, and a new threat — this one to putative retail savior chip-and-PIN technology — called "Relay," has surfaced in Brazil and shows signs of spreading.

Abode begins encrypting user data from Digital Editions. Privacy advocates remain unhappy with Verizon's "permanent cookie" and worry that ApplePay's enabling technology itself poses irreducible privacy problems.

Samsung disputes an anonymous researcher's reports of vulnerabilities in its recently US-Government-approved Knox.

Notes.

Today's issue includes events affecting Australia, Belgium, Brazil, Canada, China, India, Iraq, Israel, NATO, Pakistan, Poland, Russia, Syria, United Kingdom, United States.

CyberMaryland arrives in Baltimore this week. Watch for CyberWire special issues and live tweets from the conference sessions, October 29 and 30.

Cyber Attacks, Threats, and Vulnerabilities

Hackers breach the Warsaw Stock Exchange (The Hill) Hackers breached the Warsaw Stock Exchange Thursday, exposing login credentials for dozens of brokers in apparent retaliation for the bombing campaign against the Islamic State in Iraq and Syria (ISIS)

ISIL sympathizer hits Warsaw Stock Exchange (Politico) The Warsaw Stock Exchange was apparently hacked by an attacker claiming to act in support of the Islamic State yesterday. The hacker posted logon credentials of brokers and other internal data apparently stolen from the computer network of the Warsaw Stock Exchange online, and the exchange's English language website also appeared to be inaccessible to users in the U.S

ISIS is training its fighters to conduct online attacks, data security experts view (Helsinki Times) The Islamic State of Iraq and Syria (ISIS) is training its volunteer fighters to carry out online attacks, believes the chief research officer at F-Secure, Mikko Hyppönen, who has studied the online behaviour of terrorists since 2012

British counter terrorism officials to wage cyber war on ISIS in bid to stop home grown jihad (news.com.au) A cyber war is set to be declared on terrorist group Islamic State amid fears the militant's use of the internet is successfully inspiring troubled youths into home grown jihad

Anonymous Shuts Down Top Israeli Govt Sites Against Killing Of 14-Yr-Old Kid (HackRead) The online hacktivist Anonymous is back with yet another cyber attack. This time the group has taken down 43 top Israeli government websites against shooting and killing of a 14-year-old U.S. citizen Orwah Hammad by Israeli Defence Forces

Hackers attack Ukraine election website (Press TV) Ukraine's election commission website has been attacked by hackers on the eve of the country's parliamentary polls

Websites of 66 municipal bodies in State hacked (The Hindu) In the ongoing Indo-Pak cyber war, hackers have targeted websites of municipal bodies in Karnataka and successfully defaced as many as 66 of them

Anonymous Supporter Hacks India's National Academy of Customs, Excise & Narcotics Website (HackRead) A hacker who calls himself an Anonymous Lover (the hacktivist group) and goes with the handle of 'H34r75 7h!3f' has hacked and defaced the official website of India's National Academy of Customs, Excise & Narcotics (NACEN)

Rogue Tor node wraps executables with malware (ZDNet) Researcher finds malicious Tor exit node which envelops Windows EXEs inside another Windows EXE which drops malware

Report: Criminals use Shellshock against mail servers to build botnet (CSO) However unlikely, their stab in the dark approach is working

Poll: Patching Is Primary Response to Shellshock (Dark Reading) As potential threats mount, Dark Reading community members hone in on patching infrastructure but not devices, according to our latest poll

'Replay' Attacks Spoof Chip Card Charges (KrebsOnSecurity) An odd new pattern of credit card fraud emanating from Brazil and targeting U.S. financial institutions could spell costly trouble for banks that are just beginning to issue customers more secure chip-based credit and debit cards

Two-thirds of online transaction services in Vietnam vulnerable to Poodle bug: Bkav (Tuoi Tre News) Two-thirds of websites that provide online transaction services in Vietnam are vulnerable to Poodle, a new security bug in widely-used web encryption technology recently discovered by Google, a local Internet security firm reported Tuesday

Samsung Knox Is Weak, Researcher Says (InformationWeek) Samsung's Knox security software for Android devices handles passwords in a way that undermines encryption, an anonymous researcher says

Samsung DENIES vulnerability claims, says mysterious blogger is wrong (Threat Brief) A damning security critique against Samsung's US government-approved Knox system has been dismissed by the South Korean tech giant

Apple Pay isn't magic, and it isn't 'private' (ZDNet) Apple's new iPhone-based payment system may offer advantages, as will any similar product from competitors. But adding in a smartphone doesn't add privacy, it removes it

Verizon's 'Perma-Cookie' Is a Privacy-Killing Machine (Wired) Verizon Wireless has been subtly altering the web traffic of its wireless customers for the past two years, inserting a string of about 50 letters, numbers, and characters into data flowing between these customers and the websites they visit

Verizon Wireless token tracker triggers tech transparency tempest (Register) Users say opt out a feature in name only

Staples Investigates Breach — Expert Comments (Information Security Buzz) Earlier this week, Staples announced that it is investigating a potential data breach at several of its northeastern-based stores. Here to comment on this potential breach are a number of experts in the information security field. Leading enterprises including STEALTHbits Technologies and Network Box USA are represented

57% increase in Backoff malware from August to September (Help Net Security) Damballa released a new report highlighting the extent to which malware infections, such as Backoff malware, are able to bypass network prevention controls. The report reveals the ongoing challenges faced by security teams in managing a mountain of security events and the positive impact of taking measures which can identify the true positives within these alerts

Continued use of obsolete systems led to recent ATM hacks (HITBSecNews) The spate of Automated Teller Machines (ATM) hacks last month were due to financial institutions' continued use of obsolete operating systems and lack of "penetration testing", opined an IT security consultant

'Spear-phishing' tactics becoming more sophisticated (Federal Times) The email looks legitimate: It's from your office's IT department, or your bank, or the airline you recently booked a flight with. It's specific to you and it comes with an attachment that is as plausible as the email itself

GCHQ cyber-attack cost €15m, says Belgacom security head Fabrice Clement (Computing) The alleged attack by Britain's security agency, GCHQ, on Belgium's national telecom operator, Belgacom, cost the company €15m, according to the company's head of security and information management, Fabrice Clement

Clueless Founder "Hacks" Jason Calacanis' Voicemail After Spoofing Phone Calls (TechCrunch) I don't like to bring up these little lapses of judgement (or, in this case, horrendous lapses of reason) but it's an interesting story and deserves at least a brief mention. An entrepreneur, who shall remain nameless, wanted Jason Calacanis and Tim Ferris to invest in his startup. Instead of emailing the two, the founder spoofed a phone call from Ferris to Calacanis, assuming that Calacanis would immediately pick up if his friend called

Security Patches, Mitigations, and Software Updates

After uproar, Adobe begins encrypting user data collected from Digital Editions app (PCWorld) Adobe Systems said Thursday it is now encrypting data it collects about certain ebooks after facing criticism earlier this month for not protecting the data

PHP Patches Vulnerabilities, Including Remote Code Execution Flaw (Threatpost) Developers at PHP recently pushed out a series of patches to fix a handful of vulnerabilities, including one that can lead to a heap-based buffer overflow and remote code execution

Cyber Trends

Is this Unix's Code Red Moment? (CSO) Back in July 2001 two security researchers, Marc Maiffret and Ryan Permeh from eEye Digital Security, discovered the Code Red worm — a piece of malware that targeted Microsoft's IIS software and propagated wildly until it was stopped. It was followed by more vulnerabilities and threats until Microsoft was forced to launch its Trustworthy Computing initiative in 2002

Dear IAF, every smartphone not just Xiaomi could be a security threat (BGR) Earlier this week, a report citing an Indian Air Force (IAF) circular about Xiaomi smartphones being a security threat and banning its use by staffers and their immediate family, created quite a flutter

Security Will Need Big Insight, Not Just Big Data (TechCrunch) In looking for new opportunities in security and many other sectors, we look for the echoes of the current IT mega-trends: cloud, mobile, big data. These trends, and especially the interactions between them, are dramatically changing security needs. Add to that the changing profile of would-be hackers — now a frightening mix of international organized crime and employees of enemy governments — and we see the potential for several new solutions that can each be the foundation of one or more successful companies

Marketplace

Retailers prepare for cybercrime offensive (The Star) Retailers are shoring up defenses against escalating hacking attacks but as threats multiply so do costs, with businesses increasingly factoring cybercrime into their prospects for growth

Proofpoint gets into social media security with $35M Nexgate buy (Silicon Valley Business Journal) Security-as-a-service company Proofpoint has agreed to buy social media security startup Nexgate for about $35 million in cash

Websense Bypasses Low-Value Partners To Focus On Elite Integrators (CRN) Most channel partners don't have the time or budget to invest in the necessary training and certifications to properly deploy the myriad of so-called advanced threat detection platforms on the market today, according to Websense CEO John McCormack

Gemalto Rides The Mobile Commerce Wave (Find Biometrics) The fortunes of the mobile payment and biometric security boom are beginning to trickle down to the rest of the digital security industry, if Gemalto is any indication

Internet Security Names Climb After Check Point, Fortinet Beat Expectations (The Street) Shares of a number of Internet security stocks are rising after two companies in the sector, Check Point (CHKP) and Fortinet (FTNT) , reported stronger than expected results

FTNT: Expand Your Portfolio With Fortinet?s Security (Investor Place) Fortinet could more than just protect your returns

Company Profile for Intel Security (MarketWatch) McAfee is now part of Intel Security INTC, +1.50% With its Security Connected strategy, innovative approach to hardware-enhanced security, and unique Global Threat Intelligence, Intel Security is intensely focused on developing proactive, proven security solutions and services that protect systems, networks, and mobile devices for business and personal use around the world

NIKSUN Awarded Company of the Year 2014 in Networking! (Herald Online) "NIKSUN is Leading the Way with Groundbreaking Innovations" — Silicon India Magazine

NATO security certification opens new markets for Australia's Senetas (CSO) Australian security company Senetas is eyeing new government and commercial contracts after announcing this week that its encryption technologies had been certified to NATO security standards

Zimperium Appoints Shridhar Mittal as New CEO and Zuk Avraham as Chairman (WebWire) Zimperium continues rapid growth in billion-dollar mobile security space with expansion of executive team

Chinese hackers show off skills at GeekPwn security contest (Want China Times) Chinese hackers have shown off their skills at GeekPwn, the first ever worldwide security geek contest for smart devices, reports Chinese internet services portal Tencent

For big raises in IT, look to mobile, security, big data (IDG via CSO) IT salaries will remain mostly stagnant in 2015, except for workers with highly coveted skill sets, according to a report tracking IT salaries and skills demand in the coming years

Products, Services, and Solutions

IBM Unveils New Security Offering For Travel & Transportation Industry (MarketWatch) Software and services suite will close vulnerabilities of systems that safeguard corporate assets as well as customer data for hotel chains, airlines, car rental agencies, commercial freight and others

Fasoo Launches Persistent Security Solution for Enterprise Content Management to Extend Control and Protection of Sensitive Files (PRWeb) Increased security drives demand for ECM & Fasoo Enterprise DRM applications

New Website Helps Small Business Leaders Take Cybersecurity Action (Business News Daily) Cybersecurity is important for companies of all sizes, but it can be difficult for smaller businesses to keep their companies protected

Haystax helps Florida Strengthen School Safety (BusinessWire) Secure tool will provide school officials and their public safety partners with a comprehensive picture of the K-12 campus security environment

Sources of cyber intelligence from governments and academia (CTO Vision) Cyber intelligence is a growing discipline in the cybersecurity community, providing important information for cyber defenders in enterprises large and small. This post reviews key sources of cyber intelligence provided free from governments and academia

Cashiers don't understand Apple Pay and it's totally adorable (ITWorld) Apple Pay is so easy to use, it's almost not worth writing about. It's laughably fast and stupidly simple. So simple it's confusing the heck out of clerks and cashiers nationwide

Retailers are disabling NFC readers to shut out Apple Pay (The Verge) Some merchants hope to launch their own mobile payments system next year

Technologies, Techniques, and Standards

FIPS 140-2 stamp a boon for customers, a "challenge" to cloud-security industry (CSO) It may have taken nearly two years to complete, but certification of CipherCloud's cryptographic tools to US government FIPS 140-2 requirements is finally set to help the cloud industry overcome many of the obstacles that have hindered its adoption in the past, the company's senior security director believes

Turning Data into Threat Intelligence: A Case Study (BrightTalk) Many security professionals find it challenging to keep up with vast amounts of data from multiple sources without hiring additional analysts to analyze it and find what's most important. We'll be discussing this topic in our next webcast, as we present a case study of how Open Source Intelligence (OSINT) can help you better protect your organization, and how you can turn data into threat intelligence faster

Your company is probably going to get hacked. Here's how to protect it (Fortune) Three Fortune 500 information security chiefs share their companies' secrets to staying safe

How Facebook prevents account hijacking when old email addresses are recycled (Help Net Security) Remember when last summer Yahoo announced they will recycle inactive accounts and offer them to other users? The scheme was more or less successful

How-to guide to protecting yourself from electronic spying (Help Net Security) The Electronic Frontier Foundation (EFF) launched its updated Surveillance Self-Defense report, a comprehensive how-to guide to protecting yourself from electronic spying for Internet users all over the world

Snapchat Photo Leak Shines a Light on Vulnerable Third-Party Apps (Cyveillance Blog) After a massive photo leak dubbed "The Snappening" exposed an estimated 200,000 images from Snapchat users, the company took to Twitter and their blog to make something clear: the attack was carried out against a third-party app, not Snapchat itself

Energy rebounds from cyber attack thanks to new IT asset tracking tool (Federal News Radio) The Energy Department is finding a silver lining from its cyber breach that exposed the data of more than 50,000 employees last year

From strong, to stronger, to the strongest password security possible (CA Highlight) How to make sure your business is in the headlines for the right reasons and not the wrong ones by making password use "unbreachable"

6 tips for effective security tabletop testing (CSO) Tabletop exercises help security teams prepare for the worst

Design and Innovation

Another Tor router crowdfunding project nixed by Kickstarter (Ars Technica) TorFi project, a hack of TP-Link routers, is suspended, developer's account deleted

Research and Development

Mysterious Statistical Law May Finally Have an Explanation (Wired) Imagine an archipelago where each island hosts a single tortoise species and all the islands are connected — say by rafts of flotsam. As the tortoises interact by dipping into one another's food supplies, their populations fluctuate

Scientific Community Blasts Microsoft for Closing of Silicon Valley Lab (IEEE Spectrum) "Dear Harry, Peter, and Jeannette," starts a letter dated 14 October. It sounds like a casual note to a few good friends — or at least familiar colleagues. And indeed, that's what the letter from more than 30 researchers from the U.S. computer science community to the leaders of Microsoft Research is

Legislation, Policy, and Regulation

Russia and China to sign cyber-security treaty in November (Computing) The governments of Russia and China are close to signing a cyber-security cooperation agreement that would enable the two countries to conduct "joint cyber-security operations", according to Russian media reports

Russian/Chinese cyber-security pact raises concerns (SC Magazine) News that Russia and China are set to sign a cyber-security treaty next month have left Western cyber experts unsure whether it is a threat or a promising development

Keep Calm and Carry On, Stephen Harper (Foreign Policy) Doubling down on counterterrorism at home and abroad won't make Canada a safer place

ASIC wants telco interception powers (ZDNet) The Australian financial regulatory agency that accidentally blocked 250,000 websites due to a lack of technical knowledge is now pushing to have the power to intercept telecommunications information to investigate financial crime

Domains, Budgets and Bureaucracies: Nukes, Space & Now — Cyber (Breaking Defense) Analysis of the Peloponnesian War is a standard of military and security studies curricula. Strategists had it relatively easy between the 5th century BC and the 19th century AD: land power versus sea power, but then things began to get complicated. In the 19th century "domains" — warfighting environments — began to expand

Hospital CIOs: ONC leadership exodus raises questions about federal HIT priorities (FierceHealthIT) Hospital CIOs expressed concern that the sudden announced departures of National Coordinator for Health IT Karen DeSalvo and Deputy National Coordinator Jacob Reider potentially leave federal health IT efforts in limbo

Litigation, Investigation, and Law Enforcement

Canada Privacy Law Hampered Intelligence Sharing (Wall Street Journal) U.S. wasn't told about man on Canadian watch list

Fighting Cybercrime Across Borders: Why Law Enforcement Collaboration Matters (TrendLabs Security Intelligence Blog) We've frequently talked about how important it is for law enforcement and security companies to work together to stop cybercrime. One particular reason to do so is because of the nature of cybercrime: simply put, it has no borders

Peekaboo, I See You: Government Authority Intended for Terrorism is Used for Other Purposes (EFF) The Patriot Act continues to wreak its havoc on civil liberties. Section 213 was included in the Patriot Act over the protests of privacy advocates and granted law enforcement the power to conduct a search while delaying notice to the suspect of the search. Known as a "sneak and peek" warrant, law enforcement was adamant Section 213 was needed to protect against terrorism. But the latest government report detailing the numbers of "sneak and peek" warrants reveals that out of a total of over 11,000 sneak and peek requests, only 51 were used for terrorism

US former NSA chief suspected of insider trading with Chinese, Russian stocks (Want China Times) Keith Alexander, former director of the US National Security Agency, is suspected of insider trading during his term in office, according to US-based bimonthly magazine Foreign Policy

Edward Snowden dreams of returning to US (TASS) Former National Security Agency contractor Edward Snowden addresed the Liberty Festival in Brussels

US Senate calls Whisper in for serious questioning on user tracking (Naked Security) The US Senate has a few privacy-related questions it would like to ask the people in charge at Whisper, the self-proclaimed "safest place on the internet"

US Operators Fined $10 Million After Data Security Shambles (Infosecurity Magazine) Two US mobile operators have been fined $10 million jointly by the FCC after they stored customer information in publically accessible folders on the internet with zero security in place

Court pulls plug on multimillion dollar fake Microsoft support operation (ZDNet) A US court has granted an injunction on an alleged tech support scam and frozen the company's assets ahead of a trial

FTC takes down fake support scammers, upbeat about "getting consumers' money back" (Naked Security) When I first heard about the CryptoLocker malware, I thought, "As cybercrime goes, that's about as low as you can get"… But, as low as CryptoLocker might have stooped, I soon decided that fake support call scammers actually crawl yet lower still

Temporary Restraining Order and Order to Show Cause Why a Preliminary Injunction Should not Issue (US Federal Trade Commission) Plaintiff, the Federal Trade Commission ("FTC" or the "Commission"), pursuant to Section 13(b) and 19 of the Federal Trade Commission Act ("FTC Act"), 15 U.S.C. §§ 53(b) and 57b, has filed a Complaint for Injunctive and Other Equitable Relief, and has moved ex parte for a temporary restraining order and for an order to show cause why a preliminary injunction should not be granted pursuant to Rule 65(b) of the Federal Rules of Civil Procedure

UK police arrest trio over £1.6 million cyber theft from cash machines (SC Magazine) London Police have arrested three suspected members of an Eastern European cyber-crime gang who installed malware on more than 50 bank ATM machines across the UK to steal £1.6 million

Hacker Sentenced To 30 Months In Prison For Stealing $15 million (HackRead) Lamar Taylor, 38, a hacker from state of Massachusetts has been sent to prison for 30 months for using stolen data in order to attempt hack attack on business accounts and steel $15 million. He will also pay a fine of $338,649

CHP officers reportedly stole cell phone photos from women in custody (Ars Technica) One CHP officer allegedly asked for a woman's iPhone password during her arrest

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Navy Now Forum (Washington, DC, USA, November 19, 2014) Leaders from the Navy will present new initiatives in-depth, providing the audience with a thorough knowledge of the Navy's future plans. During the luncheon, military personnel and industry leadership...

Cyber Threat Intelligence Summit (Washington, DC, USA, February 2 - 9, 2015) Join SANS for this innovative event as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities

Upcoming Events

FOCUS 14:Empowering the Connected World (Las Vegas, Nevada, USA, October 26 - 27, 2014) FOCUS will offer you a unique opportunity to learn directly from other McAfee users. Hear real-world scenarios from McAfee customers and learn how they maintain the highest standards of security while...

FOCUS 14: Empowering the Connected World (Las Vegas, Nevada, USA, October 26 - 27, 2014) FOCUS will offer you a unique opportunity to learn directly from other McAfee users. Hear real-world scenarios from McAfee customers and learn how they maintain the highest standards of security while...

Cybergamut Tech Tuesday: Software-Defined Networking Security (Columbia, Maryland, USA, October 28, 2014) Security-Defined Routing combines cyber analytics and SDN to protect the network: SDR technology assists organizations in scaling the delivery of network traffic to analytic security applications. When...

Cyber Security and IT Day at Fort Carson (Colorado Springs, Colorado, USA, October 28, 2014) The Information Systems Security Association (ISSA) Colorado Springs Chapter ill once again host the 5th Annual Cyber Security & Information Technology Days set to take place at Fort Carson on Tuesday,...

Securing the Social Space (Baltimore, Maryland, USA, October 28, 2014) New technologies enabling greater connectivity bring with them new frontiers for cyber security. This Tech Talk program will offer a new twist on the cyber security conversation. We'll begin by exploring...

USDA Cyber Security Symposium and Expo 2014 (Washington, DC, USA, October 28 - 29, 2014) The Summit will provide participants with information and resources on today's vulnerabilities, incidents, security lifecycle, risks and mitigations; it will also identify ways to work together and build...

Cyber Job Fair (Baltimore, Maryland, USA, October 29, 2014) ClearedJobs.Net is partnering with CyberMaryland to present the Cyber Job Fair at the CyberMaryland 2014 conference. The Cyber Job Fair is a hiring event for cleared and non-cleared cybersecurity professionals...

Cyber Security and IT Days at Peterson AFB (Colorado Springs, Colorado, USA, October 29, 2014) The Information Systems Security Association (ISSA) Colorado Springs Chapter will once again host the 5th Annual Cyber Security & Information Technology Days. Government and Industry experts will be on...

CyberMaryland 2014 (Baltimore, Maryland, USA, October 29 - 30, 2014) Entrepreneurs, investors, academia and government will convene in Maryland — the nation's epicenter for cybersecurity for the fourth annual CyberMaryland Conference.

Dallas SecureWorld (Dallas, Texas, USA, October 29 - 30, 2014) Offering two days of cyber security education. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has emerged...

ekoparty Security Conference 10th edition (Buenos Aires, Argentina, October 29 - 31, 2014) ekoparty — Electronic Knock Out Party — Security Conference, is a one of a kind event in South America; an annual security conference held in Buenos Aires, where security specialists from all over Latin...

Senior Executive Cyber Security Conference (Baltimore, Maryland, USA, October 30 - November 1, 2014) North Star Group, LLC and the Johns Hopkins University's Whiting School of Engineering and Information Security Institute sponsor this senior executive focused cyber security conference.This event is designed...

FS-ISAC EU Summit 2014 (London, England, UK, November 3 - 5, 2014) The Financial Services Information Sharing and Analysis Center (FS-ISAC), is a non-profit association comprised of financial institution members, that is dedicated to protecting the global financial services...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.