skip navigation

More signal. Less noise.

Daily briefing.

A hitherto little-known pro-Assad cyber operations group, the Syrian Malware Team (remote-access-Trojan specialists, apparently), is identified.

Journalists have wondered how North Korea, so wanting in connectivity and reliable electrical power, manages such active cyber operations. A partial answer appears to lie in its use of overseas cells, mostly in China and South Korea.

Banks yesterday saw patterns of card fraud suggesting that Home Depot is the latest retailer to fall victim to a credit-card breach. The big-box home improvement chain is investigating. Observers are already comparing the incident to last year's Target breach.

Apple, investigating the leak of photos from iCloud, says that its security wasn't breached, but that the attacks were "highly targeted," and may have exploited re-used, easily guessed passwords, and security questions whose answers are publicly accessible. But the incident remains under investigation, by both Apple and the FBI. Some observers continue to blame Find My iPhone, iBrute, and the Elcomsoft Phone Password Breaker. (This last is sold internationally as a lawful intercept tool.)

Observers say the JPMorgan hack amounted to "two months of mayhem" until security scans detected the intrusion. RSA joins in calling the episode state-sponsored. NSA Director emeritus Alexander casts a game-theoretic eye on the incident and perceives a possible motive: sending a message that the US financial sector can be held at risk.

Namecheap continues to maintain it's under attack (nota bene, under attack, not breached) by CyberVor.

The Angler exploit kit adds fileless infection to its drive-by capabilities, and thus grows stealthier.

Notes.

Today's issue includes events affecting Australia, China, Colombia, Estonia, European Union, Germany, Iran, Democratic Peoples Republic of Korea, Republic of Korea, NATO, Nigeria, Russia, Sweden, Syria, Ukraine, United States .

The CyberWire will be providing special coverage of the 2014 Cyber Security Summit, convening in New York on September 18. Watch for interviews and live coverage of Summit events.

Cyber Attacks, Threats, and Vulnerabilities

Second Pro-Government Hacking Group 'Syrian Malware Team' Uncovered (Infosecurity Magazine) Security researchers have spotted what they believe to be a second pro-al Assad hacking group, dubbed the Syrian Malware Team, using a .NET RAT to attack targets

North Korea using foreign bases to launch cyberattacks, says HP (Tehcworld via CSO) There's a reason the DPRK's attacks come through China

Banks: Credit Card Breach at Home Depot (Krebs on Security) Multiple banks say they are seeing evidence that Home Depot stores may be the source of a massive new batch of stolen credit and debit cards that went on sale this morning in the cybercrime underground. Home Depot says that it is working with banks and law enforcement agencies to investigate reports of suspicious activity

Home Depot Investigating Potentially Massive Credit Card Breach (TechCrunch) Did you just get your credit card replaced after the Great Target Fiasco of 2013? Don't get too used to that new card. It's starting to look like it's that time again

Home Depot breach could potentially be as big as Target's (ITWorld) In what could turn out to be another huge data breach, Home Depot on Tuesday confirmed that it is investigating a potential compromise of credit card and debit card data belonging to an unspecified number of customers

Home Depot Breach: Time to Value of Black Market Cards Changes as Banks and Retailers Improve Detection (Easy Solutions Blog) With the latest retail breach at Home Depot, attention has again turned to credit card black markets, the clearinghouses that sell these stolen cards to the highest bidder. These are no fly-by-night operation. In fact, the largest of these markets have some sophisticated features that any e-commerce site would tout, including integrated Bitcoin funding, good customer support, good commerce features

Home Depot Shares Drop After Chain Investigates Data Breach (Bloomberg) Home Depot Inc. (HD), the largest home-improvement chain, fell as much as 3.4 percent in New York trading after saying it was working with banks and law enforcement to investigate a possible data breach

Apple Says It Is "Actively Investigating" Celeb Photo Hack (Re/code) Apple said Monday it was "actively investigating" the violation of several of its iCloud accounts in which revealing photos and videos of prominent Hollywood actresses were taken and posted all over the Web

Apple Not Hacked In Celebrity Nude Photo Breaches (Dark Reading) 'Very targeted attack' on celebrities' Apple usernames, passwords, security questions — iCloud, Find My iPhone not breached, Apple says

Apple denies iCloud/Find my iPhone breach, says 'very targeted attack' hit certain celebrities (9 to 5 Mac) Apple has responded to this week's hackings of celebrity iCloud accounts, which resulted in postings of private photographs

Mystery Surrounds "iCloud Hack" as Naked Celebrity Photos Leak (Intego) You would have had to have been sleeping under a rock for the last day or two not to have seen the headlines about female celebrities whose naked selfie photographs have somehow slipped out onto the internet

Did Jennifer Lawrence's Naked Photos Leak Out Because She Told the Truth? Lying Can Protect your iCloud Account (Intego) The private nude photos of 100 female celebrities, including Oscar-winning actress Jennifer Lawrence, have been distributed across the Internet – and now we're beginning to find out more about how it might have happened

This could be the iCloud flaw that led to celebrity photos being leaked (Update: Apple is investigating) (NextWeb) An alleged breach in Apple's iCloud service may be to blame for countless leaks of private celebrity photos this week

The Police Tool That Pervs Use to Steal Nude Pics From Apple's iCloud (Wired) As nude celebrity photos spilled onto the web over the weekend, blame for the scandal has rotated from the scumbag hackers who stole the images to a researcher who released a tool used to crack victims' iCloud passwords to Apple, whose security flaws may have made that cracking exploit possible in the first place

Apple's iCloud breach: It's not just about naked photos (FierceITSecurity) While practically all of the coverage about the possible breach of iCloud, has been about the disclosure of naked celebrity photos, the security issues with iCloud also pose a risk to data stored in in the cloud service

What does alleged iCloud hack mean for Federal agencies? (Nextgov) Most federal agency employees with iPhones probably don't have to worry about hackers ogling naked photos of them saved in Applets iCloud backup system

4chan, The Weekend of Nude Celebrity Selfies, and How to Protect Your Personal Info (Webroot Threat Blog) What do celebrities (mostly young and female), 4chan, hackers, Bitcoin, and iCloud have in common?

The Celebrity Photo Hacks Couldn't Have Come at a Worse Time for Apple (Wired) The media crush will soon descend on Cupertino, California, as Apple prepares to announce what will surely be its newest iPhone, quite probably its latest laptops, and possibly its first smartwatch. When the new devices arrive next week, they'll be tied together with an Apple operating system more dependent on the company's cloud services than ever before. And as the world saw over the weekend, those cloud services might be about as secure as leaving your front door key under the mat

Beware of scams following the celebrity nude photo news (Help Net Security) As the FBI confirmed that they are investigating the leaking of nude photographs (some real, some fake) of a hundred female celebrities, the hunt for the person(s?) behind it is also on online, as 4chan users are trying to ferret out the identity of the leaker

JPMorgan Hackers Came In the Front Door — in June. Two Months of Mayhem (Bloomberg) Hackers burrowed into the databanks of JPMorgan Chase & Co. and deftly dodged one of the world's largest arrays of sophisticated detection systems for months

Attacks Mostly Undetected Until Too Late (GERC Daily) At JPMorgan Chase it looks like the attackers took advantage of a vulnerability in one of the customer facing apps that the bank uses to provide service to its customers

Former NSA Chief Says JPMorgan Hack May Be a Warning (Bloomberg) Hackers who stole gigabytes of data from JPMorgan Chase & Co. may have been trying to send a message that U.S. financial institutions can be disrupted, the former director of the National Security Agency said

Namecheap accounts brute-forced by CyberVor gang? (Help Net Security) California-based domain registrar and web hosting firm Namecheap has been targeted by hackers, the company's VP of hosting Matt Russell warned on Monday, and said that the attackers are using username and password data gathered from third party sites to brute-force their way into their customers' accounts

IN DEPTH: The green hacking threat (Recharge) A collective of Eastern European hackers known as Dragonfly was last year found to have infiltrated the computer systems of hundreds of energy companies, including renewables firms, across the US and Western Europe in a programme of espionage that "bears the hallmarks of state-sponsored operation", according to digital security firm Symantec

New BlackPOS variant masquerades as AV service (Help Net Security) Before the Backoff point-of-sale malware received deserved attention, the main player in the PoS malware field was BlackPOS (or Kaptoxa), the memory-scraping malware that was used in the Target breach

Hackers make drive-by download attacks stealthier with fileless infections (IDG via CSO) New attacks with the Angler exploit kit inject code directly in browser processes without leaving files on disk, a researcher found

New botnet research from Prolexic Research Team (CSO) The IptabLes/IptabLex DDoS botnet

Slow on the Draw — Industrial Organizations Hit by Well Known Malware and Methods (Cyactive) The past week saw the publication of two attacks on industrial organizations. Though such attacks occur all the time, what makes these important to notice is that the organizations were hit by variants of very well known malware, using well known methods of infection

Who is putting up 'interceptor' cell towers? The mystery deepens (Venture Beat) Mysterious "interceptor" cell towers in the USA are grabbing phone calls — but they're not part of the phone networks. And, two experts told VentureBeat today, the towers don't appear to be projects of the National Security Agency (NSA)

Security Patches, Mitigations, and Software Updates

Mozilla Releases Security Updates for Firefox and Thunderbird (US-CERT) The Mozilla Foundation has released security updates to address multiple vulnerabilities in Firefox and Thunderbird. Exploitation of these vulnerabilities may allow an attacker to cause an exploitable crash or execute arbitrary code

Latest Firefox adds protection against rogue SSL certificates (ComputerWorld) Firefox 32 has implemented certificate key pinning

Cyber Trends

Cyber-crime awareness increasing beyond CTOs amid regulatory scrutiny (COOConnect) Awareness of cyber-crime at fund managers is moving beyond chief technology officers (CTOs) and IT personnel with a growing number of portfolio managers and other senior executives taking a growing interest

Don't Be Surprised by a Cyber Attack: Prepare, Respond, Recover (Wall Street and Tech) Cyber attacks have become inevitable, but companies that prepare for how to respond can "shrink the problem" and minimize the impact of any security breach

Over 90% Of Cloud Services Used In Healthcare Pose Medium To High Security Risk (Forbes) According to cloud security vendor Skyhigh Networks, more than 13% of cloud services used in healthcare are high-risk and 77% are medium-risk

Medical identity theft: How the health care industry is failing us (Fortune) Unlike the financial services industry, health care companies lack measures to adequately prevent identity theft, even as they continue to digitize medical records and other sensitive information

93% of Companies Breached Says FireEye & KPMG Study (VPN Creative) FireEye and KPMG have conducted a study analyzing cyber security threats impacting firms in Sweden, which found that 93 percent of the monitored organizations were breached

Marketplace

Cyberinsurance: A breach savior for healthcare providers, but read the fine print (FierceEMR) Cyberinsurance can be instrumental in weathering a security breach of a provider's electronic health record system, but purchasers should review policies carefully since they vary widely, according to attorney Scott Godes, with Barnes & Thornburg in the District of Columbia

AVG To Buy Family-Focused Mobile Security Company, Location Labs, In Deal Worth Up To $220M (TechCrunch) Mobile security company Location Labs is being acquired by online security firm AVG in a deal worth up to $220 million. AVG said today it will pay around $140 million initially to buy Location Labs, plus up to an additional $80 million in cash consideration over the next two years, based on certain performance metrics and milestones being met

LinkedIn Reviewing China Censorship Policy (Bloomberg) LinkedIn Corp. (LNKD) expanded into China this year, adopting policies in line with the country's censorship rules. Now the world's largest professional social-networking company is saying it may have gone too far

Top 25 US Bank Selects Easy Solutions for Fraud Prevention (Business Wire) Easy Solutions®, the Total Fraud Protection® company, today announced that one of the country's largest banks, a Fortune 200 firm with over $100 Billion in assets, has selected Easy Solutions to provide fraud prevention services across its customer base

Dave McClure headed to cyber firm Veris Group (FedScoop) Months after announcing his departure from the General Services Administration, Dave McClure is set to join Virginia-based cybersecurity provider Veris Group as chief strategist

Booz Allen Appoints Technology Executive Gretchen W. McClain to its Board of Directors (TWST) Booz Allen Hamilton Holding Corporation (NYSE:BAH), the parent company of consulting firm Booz Allen Hamilton Inc., has appointed Gretchen W. McClain to its Board of Directors, effective September 2, 2014

Products, Services, and Solutions

AT&T launches government-specific cloud storage offering (ZDNet) The communications company said the security-heavy storage offering helps ease the cloud migration process for federal agencies

SAIC debuts tiered cybersecurity solution (GCN) Because no single vendor can offer an end-to-end security solution, Science Applications International Corp. teamed with leading cybersecurity vendors to develop CyberSecurity Edge, an adaptive solution that the company said offers advanced data security and protects government customers from hackers, viruses and malware

Multi-port firewalls for industrial network applications (Pro Security Zone) Firewall update supports SHDSL connections providing more options for industrial control system network managers

New 'Sound Wallet' Stores Your Private Keys on Vinyl (CoinDesk) For digital currency users looking to secure their e-fortune, one project is offering a new way to store private keys: on vinyl

DomainTools® Forges Industry Partnerships to Bring Powerful Turnkey Solutions to Security Threat Investigators (PRWeb) Integrations with Mandiant, Cyber Squared Inc. and Malformity Labs provide security analysts with more powerful threat intelligence and cybercrime investigation solutions

A10 Networks and Webroot Partner to Extend Web Classification to A10 Thunder ADCs (Technuter) A10 Networks, a technology provider in application networking, and Webroot, the market leader in cloud-based, real-time Internet threat detection, announced that A10 will integrate the Webroot BrightCloud Web Classification Service into the A10 Thunder Application Delivery Controller (ADC) product line, improving performance, efficacy and compliance of SSL traffic decryption

Tox: Open-source, P2P Skype alternative (Help Net Security) If you like the convenience of Skype, but you are worried about government surveillance and don't trust Microsoft to keep you safe against it, Tox might be just the thing for you

The Open Source Tool That Lets You Send Encrypted Emails to Anyone (Wired) In the wake of the mass NSA surveillance scandal sparked by whistleblower Edward Snowden, all sorts of hackers, academics, startups, and major corporations are working to build tools that let us more easily secure our email messages and other online communications

Tests compare Mac OS X anti-malware products (ZDNet) The Mac malware situation is a much lower-pressure one than that on Windows, so many products perform very well. But it's still worth comparing them, so AV-TEST.org tests 18 products, both free and paid

Technologies, Techniques, and Standards

How PCI DSS 3.0 impacts business owners (Help Net Security) If your business processes, transmits, or stores credit card data, you are subject to the Payment Card Industry Data Security Standards (PCI DSS). PCI DSS 3.0 went into effect in 2014, and introduced new rules and a clarified direction for the guidelines. Among the most important things for a merchant to know about the PCI DSS is that it's constantly evolving, so staying current is an important responsibility

"Contactless" HCE Payments Promise Simplicity But Is It Secure? (Dark Reading) Host Card Emulation is a powerful and flexible technology, but like most software-dependent solutions, it can be hacked and exploited

Free Tool Fights Advanced Evasion Techniques (eSecurity Planet) AETs are designed to evade next generation firewalls. A free tool can help security admins identify potential weaknesses in firewalls

Pinpoint — Tool to Find Malicious Objects (SecTechno) Many online website host malwares or link to a malicious file without their knowledge. Normally this may takes some time to find out the compromised files. Pinpoint is a tool that you can use to scan and identify the infected files. The tool will list all external javascripts, javascript redirects or any iFrame on the targeted website

Federal Network Security: 4 Easy Steps to Get the Basics Right (Nextgov) In federal IT, it's easy to want to focus on protecting your organization from the next big security threat

Google Dorking: Feds Warn Against Malicious Cyber Actors (Search Engine Watch) The Department of Homeland Security, the FBI, and the National Counterterrorism Center have issued a warning against the perils of "Google dorking," or the practice of utilizing a detailed set of search parameters to locate sensitive information or other website vulnerabilities

Microsoft's explanation of cloud outage praised by customers (FierceCIO) Microsoft has gained some praises for its candid post-mortem evaluation of a recent outage of its Visual Studio Online service

What is 'private browsing' and does it offer full protection (Bitdefender) Private, anonymous or incognito browsing is a mode offered by most browsers that disables several standard features that track your browsing habits and store your browsing data. Enabling private browsing blocks websites from placing cookies on your computer

How to Keep Fraud Threats From Ruining Your Mobile Banking (TheStreet) With 28% of U.S. adults using their smartphones and tablets to conduct banking transactions and 60% calling access to mobile banking either "important" or "very important" in choosing banks, according to AlixPartners, there's a growing risk of consumer financial fraud

Research and Development

Wanted By DHS: Breakout Ideas On Domestic Cybersecurity (InformationWeek) Department of Homeland Security plans to fund cyber defense research efforts to develop pragmatic tools that can be deployed quickly, says Forrester

Academia

Carnegie Mellon Receives $5.6M NSF Grant for Cybersecurity Education (Insurance News Net) The National Science Foundation (NSF) has awarded Carnegie Mellon University a $5.6 million grant through the CyberCorps Scholarship for Service (SFS), a federal program that aims to strengthen the workforce charged with protecting the nation's critical information infrastructure

Skyscape Cloud Services Supports Cyber Security Challenge UK (Realwire) Leading provider of assured cloud services to the UK public sector is sponsoring and providing infrastructure services to bolster the national pool of cyber security skills

Pinecrest Students to Participate in Cyber Defense Competition (The Pilot) Pinecrest High School students will soon put their science skills to the test when they compete in the seventh season of the Air Force Association's CyberPatriot National Youth Cyber Defense Competition

Legislation, Policy, and Regulation

Exploit a flaw or go to war? NATO's cyber battle rules raise more questions than they answer (ZDNet) The world's largest military alliance is getting serious about digital attacks, but the reality is much more complicated than the policy suggests

NATO and an "e-SOS" for cyberattacks (Washington Post) Back in 2010, my colleague Duncan Hollis and I wrote a short op-ed for the National Law Journal sketching out the idea that international law should recognize a "duty to assist" — similar to the duty, under maritime law, to respond immediately upon receiving a "SOS" from another vessel — countries that have been the subject of a systematic and sustained "cyber-attack"

Locking Russia out of Swift "unlikely and complicated", says analyst (ComputerWeekly) Locking Russia out of the Society for Worldwide Interbank Financial Telecommunication (Swift) would be "incredibly complicated and unlikely", an analyst has warned

The heat is on in the West's proxy war with Moscow (Quartz) No one knows where the brinksmanship between Russia and the West is going or will end. Brutal combat in Ukraine is the latest trigger-point, with increasing military, financial and diplomatic threats on both sides

North Korea cyber warfare capabilities exposed (ZDNet) A new HP report suggests the reclusive country's cyber warfare capabilities are rapidly making North Korea a credible threat to Western systems

Iran Unfetters Cellphones, and the Pictures Start Flowing (New York Times) Some days ago, Mahdi Taghizadeh did something he never thought he would — at least, not in Iran.

Colombia sends officials to Estonia for cyber defense training (Colombia Reports) Colombian officials from different government forces will travel to Estonia to receive training in cyber security, the defense minister revealed Tuesday

Gerhard Schindler: Germany's Spymaster (OZY) He's something like Germany's Agent 001: Gerhard Schindler, 61 years old, parachutist, lieutenant colonel in the reserve, anti-terror specialist. Years as a top official in the German Ministry of the Interior, responsible for internal security. An edgy character, tanned, not particularly tall, bald, firm handshake, intense gaze

Brandis warns against future Snowdens and Mannings (ZDNet) Australian government agencies will be required to implement stringent new security policies, to monitor public servants in order to protect the government against the 'insidious enemy' of the 'trusted insiders' leaking sensitive information to the public

MasterCard-backed biometric ID system launched in Nigeria (Ars Technica) Country is trying to consolidate citizens' records and get them to the bank

Bipartisan study on grid security renews call for legislation, cites gaps in Obama order (Inside Cybersecurity) The findings of an ambitious study on securing the electricity grid led by former White House and homeland security officials include a call for action on cybersecurity legislation, while highlighting the shortcomings of the Obama administration's efforts to protect critical infrastructure from cyber attacks yet expressing general support for those initiatives

Smartphone 'Kill Switch' Law: Who Gets to Shut Off Devices? (Nextgov) California passed a law this week that, depending on who you believe, will bring about either a drastic drop in violent crime or an increased risk of terrorism

Breaching Bad: New Cyber Security Regs for Defense Contractors (JD Supra) Defense contractors with access to classified information will soon be required to quickly notify Defense Department (DOD) officials if the company's computer network or information system is successfully penetrated in a cyber-attack

Litigation, Investigation, and Law Enforcement

Expert international cybercrime taskforce tackles online crime (Help Net Security) Hosted at the European Cybercrime Centre (EC3) at Europol, the Joint Cybercrime Action Taskforce (J-CAT), which is being piloted for six months, will coordinate international investigations with partners working side-by-side to take action against key cybercrime threats and top targets, such as underground forums and malware, including banking Trojans

First US appeals court hears argument to shut down NSA database (Ars Technica) Second Circuit judges ask: What did Congress know, and when did they know it?

Did Brennan dodge a bullet? (The Hill) CIA Director John Brennan might have dodged a bullet over his agency's potentially unconstitutional snooping on the Senate, but critics insist his reprieve is only temporary

The John Walker Spy Ring and The U.S. Navy's Biggest Betrayal (USNI) Notorious spy John Walker died on Aug. 28, 2014. The following is a story outlining Walker's spy ring from the June 2010 issue of U.S. Naval Institute's Naval History Magazine with the original title: The Navy's Biggest Betrayal

Leaked nude celebrity photos: When a cybercrime becomes a sex crime (Washington Post) It's not the tech jargon of online privacy breaches. And it's not the hand-wringing associated with Wikileaks

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

SEACRYPT 2013 (Vienna, Austria, September 2 - 4, 2014) The purpose of SECRYPT 2014, the International Conference on Security and Cryptography, is to bring together researchers, mathematicians, engineers and practitioners interested on security aspects related...

Build IT Break IT Fix IT: Break IT (Online, September 4, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...

Security B-Sides Cape Breton (Sydney, Nova Scotia, Canada, September 5, 2014) Security B-Sides Cape Breton is an open platform that gives security experts, enthusiasts, and industry professionals the opportunity to share ideas, insights, and develop longstanding relationships with...

BalCCon2k14 (Balkan Computer Congress) (Novi Sad, Serbia, September 5 - 7, 2014) The Balkan Computer Congress is an international hacker conference organized by LUGoNS — Linux Users Group of Novi Sad and Wau Holland Foundation from Hamburg and Berlin. It is the second conference taking...

BalCCon2k14: Balkan Computer Congress (Novi Sad, Serbia, September 5 - 7, 2014) The Balkan Computer Congress is an international hacker conference organized by LUGoNS — Linux Users Group of Novi Sad and Wau Holland Foundation from Hamburg and Berlin. It is the second conference...

Detroit SecureWorld (Detroit, Michigan, USA, September 9 - 10, 2014) Two days of cyber security education and networking. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has...

Ground Zero Summit, Sri Lanka (Colombo, Sri Lanka, September 9 - 10, 2014) Ground Zero Summit 2014, Colombo will be a unique gathering of Cyber Security Researchers, Hackers, CERTs, Corporates and Government officials to discuss latest hacks, exploits, research and cyber threats.

Cyber Attack Against Payment Processes Exercise 1 (Online, September 9 - 10, 2014) FS-ISAC, the Financial Services Information Sharing and Analysis Center will conduct its fifth annual simulated cyber security exercise related to payment processes used by banks, community institutions,...

AFCEA TechNet Augusta 2014: Achieving Force 2025 Through Signals and Cyber (Augusta, Georgia, USA, September 9 - 11, 2014) The overall theme of TechNet Augusta 2014 is "Achieving Force 2025 Through Signals and Cyber." The overall focus is on Army ground forces, including Joint component interface, other Department of Defense...

Suits and Spooks London (London, England, UK, September 12, 2014) On September 12th, in London's South bank neighborhood of Southwork, approximately 50 former intelligence officials, corporate executives, and security practitioners from the U.S. and the EU will gather...

Build IT Break IT Fix IT: Fix IT (Online, September 12, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...

NOPcon Security Conference (Istanbul, Turkey, September 16, 2014) NOPcon is a non-profit hacker conference. It is the only geek-friendly conference without sales pitches in Turkey. The conference aims to learn and exchange ideas and experiences between security researchers,...

5th Annual Billington Cybersecurity Summit (Washington, DC, USA, September 16, 2014) The 5th Annual Billington Cybersecurity Summit, a leading conference produced by Billington CyberSecurity, will feature an all-star cast of cybersecurity speakers including Admiral Michael Rogers, Commander,...

SINET Global Summit (London, England, UK, September 16 - 17, 2014) "Advancing Global Collaboration and Innovation." Global Summit focuses on building international public-private partnerships that will improve the protection of our respective homeland's critical infrastructures,...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.