skip navigation

More signal. Less noise.

Daily briefing.

Assad's cyber operators remain remote-access Trojan specialists. ISIS demonstrates that bad guys also lose data when they lose laptops — a Dell captured from the caliphate in Syria reveals lurid plans-cum-fantasies of bioterror, mass death, etc. Iranian cyber operators lurk in the wings as US intelligence services keep a close watch on Tehran.

Pakistani dissidents cyber-riot against police repression.

Assessments of the JP Morgan hack range from an incipient cyber 9/11 to business as usual. JP Morgan and the FBI are keeping fairly mum during the investigation, but the bank has warned Louisiana regulators of a card breach (other warnings expected soon), and sources claim Russian criminal involvement (Evgeniy Bogachev, again). There does appear to have been some data corruption.

Hosting service Namecheap reports the CyberVor gang (believed to have obtained more than a billion records this summer) is now using stolen credentials to access accounts. This would be the first report of crime deriving from this large breach (but interestingly Hold Security, which first disclosed the theft, says it's not seeing the activity).

The leak at week's end of celebrity photos is interesting, not for the squalid voyeurism it facilitates, but for what it says about security in clouds. The photos had been stored in iCloud, and Apple has patched that service's vulnerability to password brute-forcing. Investigation is still in its early stages; TechCrunch has an overview of what's actually known so far.

This week's NATO summit is expected to extend Article 5 (collective defense) to cyberspace. Russia is displeased.

Notes.

Today's issue includes events affecting Canada, China, Estonia, European Union, Iran, Ireland, Mexico, NATO, Pakistan, Palestinian Territories, Russia, Syria, Ukraine, United Kingdom, United States, and Vietnam.

The CyberWire will be providing special coverage of the 2014 Cyber Security Summit, convening in New York on September 18. Watch for interviews and live coverage of Summit events.

Cyber Attacks, Threats, and Vulnerabilities

Syrian Malware Team found spewing 'Dark Edition' BlackWorm RAT (V3) A hacker group believed to have links to the notorious Syrian Electronic Army (SEA) is mounting a wave of cyber attacks using the BlackWorm remote access trojan (RAT)

Trailing the Trojan njRAT 0 (McAfee Blog Central) One Trojan that just won't go away is the remote access tool njRAT. Microsoft recently took down a leading domain associated with the malware, but that action did not come off as smoothly as the company hoped. We closely track this remote access tool (RAT) and see a rise in its popularity every year

Found: The Islamic State's Terror Laptop of Doom (Foreign Policy) Buried in a Dell computer captured in Syria are lessons for making bubonic plague bombs and missives on using weapons of mass destruction

Persian paranoia: America's fear of Iranian cyber power (Guardian) Months of research into Iranian networks uncovered at least 16,000 systems controlled by Iran outside of its borders

Anonymous to attack Pakistani Govt against police brutality, vows to expose Shareef's regime (HackRead) The online hacktivist Anonymous has announced to conduct massive cyber attack on Pakistani government servers against yesterday's police brutality on unarmed protesters demanding Prime Minister Nawaz Shareef's resignation in Islamabad, Pakistan

JPMorgan breach likely impacts UCard users — again (CSO) Bank issues warning to state agencies in Louisiana, others likely to follow

JPMorgan attackers altered bank records (Help Net Security) The number of US banks that have apparently been targeted and breached by hackers is slowly rising, as newer reports say that seven financial organizations have been hit

Experts warn banks of more cyber attacks (Financial Times) The latest wave of cyber attacks against US banks highlights the persistent threat facing the global financial sector, as the number of so-called financial Trojans targeting banks more than tripled last year

JPMorgan and other US banks get hacked. Why is Russia getting the blame? (Graham Cluley) The big security news is that a number of US Banks, including JPMorgan Chase, have been hit by hackers who launched a "coordinated attack" on their computers systems this month

A Cyber Attack in Wall Street: Is It Really the Russians Who Did It? (Food World News) Suspected Russian hackers launched a cyber attack on Wall Street firms such as JP Morgan Chase this month. The Federal Bureau of Investigation (FBI) is leading the investigation while other federal agencies like the National Security Agency (NSA) are reportedly helping in the case

Cyber attack 'could wreak as much havoc as 9/11 attacks' (Independent) Bankers and US officials have warned that cyber-terrorists will try to wreck the financial system's computer networks. Authorities in the US have launched an investigation following a so-called cyber attack on a number of institutions including against JP Morgan Chase, the banking giant

Namecheap says accounts compromised in hacking incident (IDG via CSO) Hosting provider Namecheap said Monday hackers compromised some of its users' accounts, likely using a recently disclosed list of 1.2 billion usernames and passwords compiled by Russian hackers

Here's What We Know So Far About The Celebrity Photo Hack (TechCrunch) As you will by now have probably read, around 100 women celebrities (including Jennifer Lawrence, Ariana Grande, Victoria Justice and Kate Upton) have had naked and explicit pictures seemingly hacked from their iCloud accounts and published online, first on 4Chan and now all over the place

What Jennifer Lawrence can teach you about cloud security (Ars Technica) Posting of celeb pics exposes the weakest links in cloud services, smartphones

Nude photo leak a chance for channel to talk cloud security (MicroScope) The revelations that a hack has led to a flood of naked celebrity pictures hitting the internet is a timely reminder that the channel must promote security to users considering placing sensitive and personal data in the cloud

Please Stop Saying 'Celebs Shouldn't Have Taken Nude Photos In The First Place' (Forbes) It has happened before and it will happen again: a bunch of female entertainers or their partners have their private photos hacked and the sexual ones leaked online

Apple Isn't Responsible for Your Nude Selfies (Bloomberg View) What do you do if you're a celebrity and nude pictures you happened to store in the cloud are suddenly all over the Internet? We've seen the full spectrum of possible reactions, only one of which makes sense

Website of Industrial Software Firm Abused for Reconnaissance Mission (SecurityWeek) Cybercriminals compromised the website of an industrial company to conduct a watering hole attack with the goal to collect information on the site's visitors

IPv6 insecurities on "IPv4-only" networks (SWITCH Security Blog) When people hear about IPv6-specific security issues, they frequently tend to rate this as an argument in favour of delaying or avoiding IPv6 deployment on their enterprise or campus network

Professor says Google search, not hacking, yielded medical info (SC Magazine) Sam Bowne wrote on Thursday that he performed a Google search and connected to an open FTP server full of medical information

BKAV says viruses cannot destroy a computer's hard drive (VietnamNet) Recently, many computer users received emails warning about the existence of a type of worm which can destroy computer's hard drives. However, BKAV has aid there is no such "powerful" virus

Backoff malware threat worse than thought and you may be affected (Tech Times) The hackers behind Backoff aren't standing down. With more than 1,000 organizations suffering intrusions from the malware family, the Secret Service is warning businesses to take proactive steps against the threat

Backoff Sinkhole Reveals Sorry Point-of-Sale Security (Threatpost) Kaspersky Lab researchers say that a recent analysis of two Backoff malware command and control servers paints "a very bleak picture of the state of point-of-sale security"

Why hackers may be stealing your credit card numbers for years (IDG via CSO) While conducting a penetration test of a major Canadian retailer, Rob VandenBrink bought something from the store. He later found his own credit card number buried in its systems, a major worry

11 Steps Attackers Took to Crack Target (CIO) Aorato, a specialist in Active Directory monitoring and protection, delivers a step-by-step report on how attackers used the stolen credentials of an HVAC vendor to steal the data of 70 million customers and 40 million credit cards and debit cards from the retailer

Using WPS on your Wi-Fi router may be even more dangerous than you think (Naked Security) A Swiss security researcher has found yet more problems with Wi-Fi Protected Setup (WPS), a system built into many wireless routers to make it easier for you help guests and visitors to get online

What are wi-fi connections revealing about you? (BBC) When walking through the centre of a busy city it is easy to feel anonymous

Grindr app has privacy issues — who's surprised? (Naked Security) Popular gay dating app Grindr has been criticized for revealing the locations of its users in more detail than they might be expecting, and for allowing the identity of message senders to be spoofed

1900/UDP (SSDP) Scanning and DDOS (Internet Storm Center) Over the last few weeks we have detected a significant increase in both scanning for 1900/UDP and a huge increase of 1900/UDP being used for amplified reflective DDOS attacks

A Google Site Meant to Protect You Is Helping Hackers Attack You (Wired) Before companies like Microsoft and Apple release new software, the code is reviewed and tested to ensure it works as planned and to find any bugs

Bulletin (SB14-244) Vulnerability Summary for the Week of August 25, 2014 (US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week

16-31 August 2014 Cyber Attacks Timeline (Hackmageddon) August is gone, and here we are with the list of the most noticeable cyber attacks occurred during the second half of the month

Security Patches, Mitigations, and Software Updates

Apple patches 'Find My iPhone' exploit (ZDNet) Apple has patched an exploit with its Find My iPhone online service that may have been used by hackers to gain access to personal photos stored on iCloud accounts belonging to some 100 celebrities

Cyber Trends

IT security is a matter of accountability (Help Net Security) For today's CEO, being the victim of criminal hackers is no longer just a source of embarrassment. Being hacked often carries legal ramifications and can even cost you your job. We live in the age of transparency, where "mega breaches' and data theft from an organization are increasingly hard to keep from the customer. It has never been more challenging for a CEO who must accept responsibility for IT security incidents, thoroughly assess the risks and remain vigilant to potential threats

Trends in Cyber Crime: A Look at the First Half of 2014 (IT Business Edge) While security pros need clear insight into their organizations vulnerabilities, internal analysis alone is not enough. Outward examination — such as who is attacking other members of your business sector with what kind of attack and how it is impacting them — is a critical component of an effective cybersecurity approach. Unfortunately, oftentimes, we spend too much time looking at only a small piece of the puzzle

7 Cyber Security Trends You Should Know (EAGB) Our takeaways from SANS Institute Director of Emerging Security Trends John Pescatore's talk on cyber security for the near future

Kaspersky Lab "accidentally" defends monitoring of innocent internet users in online article (Graham Cluley) Talk about a flip-flop. A bizarre article was published by Russian security company Kaspersky on Wednesday. But you won't be able to find it on their website now

Marketplace

Compensation and Interim Report 2014 Market Trends: Security (BarclaySimpson) This time last year, we reported that companies were coming to the recruitment market in increasing numbers and following through recruitment processes with realistic offers. Since then, an additional 800,000 people have been employed in the UK and the economy is forecast to grow by 3% in 2014. In this context, high profile cyber-attacks are provoking both corporate and public fear just as business investment is expanding at its fastest rate in six years. The security recruitment market is unlikely to ever have a more favourable backdrop than it currently enjoys

FireEye, Palo Alto Top Security Picks at Stifel; SYMC, CHKP, FTNT a Hold (Barron's) Shares of network security technology vendor FireEye (FEYE) are up 45 cents, or 1.5%, at $29.90, after Stifel Nicolaus's Gur Talpaz today initiates coverage of the group, giving FireEye and Palo Alto Networks (PANW) Buy ratings, and price targets of $45 and $100 respectively, and rating others in the group a Hold

CEO praises Juniper team and anticipates success in the cloud (Microscope) Juniper Networks CEO, Shaygan Kheradpir, has published his first blog since joining the company in January

Microsoft to close MSN service in China by October 31 (Economic Times) Microsoft plans to close its Windows Live Messenger (MSN) service in Chinese mainland by October 31, amid a crackdown by authorities against the world's largest software firm over anti-monopoly violations

Bitglass Secures $25 Million in Series B Financing (SiliconIndia) Bitglass, a provider of data protection solutions for the enterprise has secured $25 million in Series B funding. Bitglass offers the industry's most complete solution, securing corporate data in the cloud, at access and on mobile devices. Founded in 2012, even when it was emerging from stealth in January 2014, Bitglass has enjoyed strong demand for its Total Data Protection solution

Robert Hansen on Aviator, Search Revenue and the $250,000 Security Guarantee (Threatpost) Dennis Fisher talks with Robert Hansen of WhiteHat Security about the company's decision to change default search providers to Disconnect and the $250,000 guarantee for users of the Sentinel Elite product

4 Challenges to Address in Corporate Cyber War (Security Magazine) We are fighting a cyber war and need to take proactive steps to protect ourselves and our companies as the virtual bullets fly

BIM2050 Group sets out nine areas the industry needs to consider for the future (Construction News) A group of leading young construction workers has said contractors should prepare to benefit from staff migration from other sectors, as it set out a vision for the future of the industry

Cyber attack: Is your bank safe? (The Banker) From financially motivated cyber crime to politically influenced cyber warfare, the virtual threats to financial institutions are multiplying. Companies must respond by arming themselves against such attacks or else they risk losing their footing on the new digital battleground

Should you use cyber insurance to mitigate risk? (SC Magazine) While still a relatively immature industry, cyber insurance can reduce the costs of recovering from a breach, and, as Tony Morbin reports, it can also play a role in driving adoption of best practice, including de-facto standards in critical infrastructure

Insurance for When You Get Hacked (Bloomberg BusinessWeek) Question: In light of all the hacker attacks in the news, how often are smaller businesses targeted? Is there insurance that covers you in case of an attack?

Red Hat CTO Abruptly Resigns (CIO) Brian Stevens steps down from open source firm with little warning

Products, Services, and Solutions

Microsoft Adds The Ability to Search for Sensitive Data on SharePoint And OneDriv (International Business Times) Businesses can now use Microsoft Office 365 to share sensitive data within the organisation. Office Blogs reports Microsoft Office 365 has these necessary features for email with data loss prevention or DLP. The said features are already used in Exchange, Outlook and OWA together with a series of built-in sensitive data that can be used to search. Now, Microsoft is reportedly to expand these features to SharePoint and OneDrive

Will Apple Satisfy Regulators Over HealthKit Data Privacy? (Forbes) This week, Apple AAPL +0.28% has updated its privacy policy to try and ensure that developers don't market personal healthcare data to advertisers and brokers

HoneyDrive v3 Royal Jelly — Honeypot Linux Distro Released (Toolswatch) HoneyDrive is the premier honeypot Linux distro. It is a virtual appliance (OVA) with Xubuntu Desktop 12.04.4 LTS edition installed

Lynis 1.6.0 — Security auditing tool for Unix/Linux systems (Kitploit) Lynis is an open source security auditing tool. Primary goal is to help users with auditing and hardening of Unix and Linux based systems. The software is very flexible and runs on almost every Unix based system (including Mac). Even the installation of the software itself is optional

What Are the Best Network Forensics and Data Capture Tools? (Security Intelligence) Until fairly recently, the practice of network forensics investigations was more or less a black art practiced by highly skilled individuals

'Finding a unicorn' likelier than proper security in VMware AirWatch? (CRN) Microsoft exec posts blog laden with fear and uncertainty about AirWatch

ESET Cyber Security (for Mac) (PC Magazine) Despite what you may have heard, just because your computer is a Mac doesn't mean it's immune to malware or other digital attacks. That's why there are products like ESET Cyber Security ($39.95), which guards against online and network attacks in addition to viruses and other malware

McAfee Internet Security 2014 for Mac (PC Magazine) Stereotypical Mac users aren't concerned with security, but Mac malware is real and Web threats don't care what kind of computer you're using. That's why there are products like McAfee internet Security 2014 for Mac ($79.99). This OS X application brings antivirus protection, along with safe Web browsing and firewall tools

Review: Microsoft Security Essentials vs Malwarebytes: A tool used for Security (Streetwise Tech) With the month almost coming to a close, we are doing our usual monthly round up of software downloads and the hottest application of the month. If you haven't already attempted this application, we highly suggest giving it a go and seeing for yourself what the hype is about

Technologies, Techniques, and Standards

Suspect Phishing? Chase Bank says to click links (CSO) This is why we can't have nice things

Teamwork: The new threat intelligence strategy (TechTarget) This week, an analyst said sharing threat intelligence information is a new security strategy; data analytics as a service offers all enterprises a competitive edge

Patching: The least understood line of defense (Help Net Security) When it comes to security, only a total dope doesn't understand firewalls, anti-virus and at least the basics of passwords

Big Name Bank Hacks Highlight the Importance of Regular Testing and Effective Emergency Response (IT Business Net) When a prominent bank reveals a successful cyber attack, national headlines will quickly ensue, as happened on Wednesday, August 27th, when news began surfacing about the FBI probing into a successful attack on JPMorgan Chase & Co and at least one other bank

Out in the Open: Hackers Build a Skype That's Not Controlled by Microsoft (Wired) The web forum 4chan is known mostly as a place to share juvenile and, to put it mildly, politically incorrect images. But it's also the birthplace of one of the latest attempts to subvert the NSA's mass surveillance program

Dodging Browser Zero Days — Changing your Org's Default Browser Centrally (Internet Storm Center) In a recent story about "what's a sysadmin to do?", we suggested that since our browsers seem to take turns with zero days lately, that system administrator should have processes in place to prepare for when their corporate standard browser has a major vulnerability that doesn't yet have a patch

How To Create A Risk 'Pain Chart' (Dark Reading) Consultant John Pironti outlines how to execute a risk-based approach to defending corporate assets

Design and Innovation

Developers, Academia Team Up on Manual for Secure Software Design (eWeek) Google, Twitter and Harvard University are cooperating with other businesses and schools to create a manual to help developers design more secure software

Research and Development

'Factorisation factory' smashes number-cracking record (New Scientist) The first tests of a "factorisation factory" have beaten the record for breaking gigantic numbers down into their prime-number building blocks. It might one day force firms to strengthen their online encryption

Academia

Interviews — 2014: Arnim Eijkhoudt, Lecturer in Digital Forensics, University of Applied Sciences (Forensic Focus) Arnim, please tell us about your role as a lecturer in digital forensics, and how you first became interested in the field

Interviews — 2014: Emlyn Butterfield, Course Leader in Computer Forensics, Leeds Metropolitan University (Forensic Focus) Emlyn, you're currently Course Leader in Computer Forensics, Security & Ethical Hacking at Leeds Metropolitan University. Could you tell us more about the role and how you entered academia?

Legislation, Policy, and Regulation

NATO Set to Ratify Pledge on Joint Defense in Case of Major Cyberattack (New York Times) When President Obama meets with other NATO leaders later this week, they are expected to ratify what seems, at first glance, a far-reaching change in the organization's mission of collective defense: For the first time, a cyberattack on any of the 28 NATO nations could be declared an attack on all of them, much like a ground invasion or an airborne bombing

Estonia PM warns Europe must guard against Russia in long term (Financial Times) Russia's intervention in Ukraine has so utterly transformed Europe's security outlook that western governments must be on their guard against Moscow for the long term, Estonia's prime minister said on Tuesday

Jacob Appelbaum explains surveillance to the EuroParl (BoingBoing) Jacob Appelbaum of the Tor Project and Wikileaks addressed the European Parliament on the issue of surveillance and freedom. It was a remarkable speech, even by Appelbaum's high standards. An amateur transcript gives you a sense of what's going on, but the video is even better: "Is it used for coercion? Is data passed to autocratic regimes? Is it used to study groups? Is it used to disrupt? Yes, yes, and yes. Might they force or forge data? Absolutely"

Google's Smith Is Top Candidate for U.S. Chief Technology Officer (Bloomberg) Google Inc. (GOOG) executive Megan Smith is close to heading to the White House

The Most Profound Shift in UK Commercial Insurance Law Ever (Willis Wire) It has been eight long years since The Law Commission and the Scottish Law Commission were asked to review UK insurance contract law. Much has been written and said on the subject of insurance contract law reform since then (including by me). Now at last the government has introduced a new insurance bill for consideration under a special fast-track parliamentary procedure

Litigation, Investigation, and Law Enforcement

China gives Microsoft 20 days to respond to competition probe (ZDNet) Microsoft gets a three week deadline to come up with an explanation for "compatibility issues" in Windows and Office that could violate Chinese competition laws

US Cyber-Spy Killed Himself Following FBI Investigation (International Business Times) A 33-year-old US Air Force cyber-security analyst took his own life the day after the FBI showed up to question him about why he had gathered sensitive data about an individual — including the voicemails of that person's boyfriend

John Walker, the Navy spy who defined crypto-betrayal, dead at 77 (Ars Technica) If you want to call anyone a traitor, measure them against John Walker first

Hackers stole security check info on at least 25,000 DHS employees (Ars Technica) Homeland Security tallies damage from breach at USIS, and it's not pretty

Stop order against USIS could significantly slow down background checks (Washington Post) The recent stop-work order that has prevented a major U.S. contractor from conducting background investigations could significantly impact the security clearance process, especially if it lasts for an extended period, industry officials said

Class Action Suit Over CHS Breach is Call to Action (Norse Blog) A handful of patients who were impacted by the recent Community Health Systems (CHS) data breach filed a class action suit against the healthcare giant in Alabama, and the company could be in store for even more in the wake of a data loss event affecting as many as 4.5 million people nationwide

Drug Market 'Agora' Replaces the Silk Road as King of the Dark Net (Wired) For two and a half years, the Dread Pirate Roberts and his Silk Road black market ruled the Dark Web. But last year's FBI's takedown of that narcotics smorgasbord opened the underground trade to competitors. Now those sites have a new leader, one that's bigger than the Silk Road ever was and continues to grow explosively

Microsoft refuses to hand over overseas email (iol) A judge lifted a suspension on her order directing Microsoft to turn over a customer's emails stored overseas to US prosecutors, but the software company said it would not release any emails while it appeals the ruling

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

2014 Trusted Cyber Collaboration Workshop (Crystal City, Virginia, USA, September 24 - 26, 2014) The Trusted Cyber Collaboration Workshop, an opportunity for professional information sharing, and a vendor exhibition, is focused on secure collaboration among industry partners and their supply chain...

Upcoming Events

SEACRYPT 2013 (Vienna, Austria, September 2 - 4, 2014) The purpose of SECRYPT 2014, the International Conference on Security and Cryptography, is to bring together researchers, mathematicians, engineers and practitioners interested on security aspects related...

Build IT Break IT Fix IT: Break IT (Online, September 4, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...

Security B-Sides Cape Breton (Sydney, Nova Scotia, Canada, September 5, 2014) Security B-Sides Cape Breton is an open platform that gives security experts, enthusiasts, and industry professionals the opportunity to share ideas, insights, and develop longstanding relationships with...

BalCCon2k14 (Balkan Computer Congress) (Novi Sad, Serbia, September 5 - 7, 2014) The Balkan Computer Congress is an international hacker conference organized by LUGoNS — Linux Users Group of Novi Sad and Wau Holland Foundation from Hamburg and Berlin. It is the second conference taking...

BalCCon2k14: Balkan Computer Congress (Novi Sad, Serbia, September 5 - 7, 2014) The Balkan Computer Congress is an international hacker conference organized by LUGoNS — Linux Users Group of Novi Sad and Wau Holland Foundation from Hamburg and Berlin. It is the second conference...

Detroit SecureWorld (Detroit, Michigan, USA, September 9 - 10, 2014) Two days of cyber security education and networking. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has...

Ground Zero Summit, Sri Lanka (Colombo, Sri Lanka, September 9 - 10, 2014) Ground Zero Summit 2014, Colombo will be a unique gathering of Cyber Security Researchers, Hackers, CERTs, Corporates and Government officials to discuss latest hacks, exploits, research and cyber threats.

Cyber Attack Against Payment Processes Exercise 1 (Online, September 9 - 10, 2014) FS-ISAC, the Financial Services Information Sharing and Analysis Center will conduct its fifth annual simulated cyber security exercise related to payment processes used by banks, community institutions,...

AFCEA TechNet Augusta 2014: Achieving Force 2025 Through Signals and Cyber (Augusta, Georgia, USA, September 9 - 11, 2014) The overall theme of TechNet Augusta 2014 is "Achieving Force 2025 Through Signals and Cyber." The overall focus is on Army ground forces, including Joint component interface, other Department of Defense...

Suits and Spooks London (London, England, UK, September 12, 2014) On September 12th, in London's South bank neighborhood of Southwork, approximately 50 former intelligence officials, corporate executives, and security practitioners from the U.S. and the EU will gather...

Build IT Break IT Fix IT: Fix IT (Online, September 12, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...

NOPcon Security Conference (Istanbul, Turkey, September 16, 2014) NOPcon is a non-profit hacker conference. It is the only geek-friendly conference without sales pitches in Turkey. The conference aims to learn and exchange ideas and experiences between security researchers,...

5th Annual Billington Cybersecurity Summit (Washington, DC, USA, September 16, 2014) The 5th Annual Billington Cybersecurity Summit, a leading conference produced by Billington CyberSecurity, will feature an all-star cast of cybersecurity speakers including Admiral Michael Rogers, Commander,...

SINET Global Summit (London, England, UK, September 16 - 17, 2014) "Advancing Global Collaboration and Innovation." Global Summit focuses on building international public-private partnerships that will improve the protection of our respective homeland's critical infrastructures,...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.