skip navigation

More signal. Less noise.

Daily briefing.

Russian cyber intelligence crew Pawn Storm's targets are revealed, near-abroad, foreign, and domestic: Ukraine, the United States, and Pussy Riot.

The expanding IRS breach prompts Mashable to survey recent US Government compromises.

Trend Micro finds another vulnerability in Android's media processing service — the Audio Effect feature is the source of the problem.

ICS-CERT identifies SCADA zero-days. The affected systems include ones produced by Moxa, Prisma, KACO, Rockwell Automation, Schneider Electric, and Siemens.

Damballa looks into the identity and operations of Detoxransome, the "hacker" (quotation marks of contempt by Damballa) who claimed responsibility for the Bitdefender attack. They assess him as a long-time, low-grade participant in the criminal market. His skills they reckon at script-kiddie levels.

"Impact Team," scourge of Avid Life Media, apparently makes good on its threat to post Ashley Madison credentials, but does so on the dark web. Early inspection of stolen files suggests they're genuine, and they've prompted much discussion in 8Chan and elsewhere. But caveat lector: Avid Life didn't verify email addresses during registration, so it's entirely possible that people who never visited Ashley Madison will turn up in the data dump.

Adobe patches LiveCycle data services. Analysts review yesterday's out-of-band Windows patch.

After selling its Veritas unit, Symantec buys Blackfin Security and Hacker Academy.

Law firms and government agencies find e-discovery services increasingly enmeshed with cyber security.

Wired takes a look at pending CISA legislation and finds it more mandatory than voluntary.

A Chinese cybercrime sweep strikes many as more censorship than law enforcement.

Notes.

Today's issue includes events affecting Belgium, China, Georgia, Hungary, India, Kazakhstan, Romania, Russia, Sweden, Ukraine, United Kingdom, United States.

Cyber Attacks, Threats, and Vulnerabilities

Pawn Storm's Domestic Spying Campaign Revealed; Ukraine and US Top Global Targets (TrendLabs Security Intelligence Blog) Why would Pawn Storm, the long-running cyber-espionage campaign, set its sights on a Russian punk rock group? Sure, Pussy Riot is controversial. Members of the feminist band had previously been thrown in jail for their subversive statements against the Orthodox Church and Russian patriarchal system. But why would attackers have any interest in them? What is their connection to other targets?

Russian cyberspies targeted punk rock band Pussy Riot (PCWorld) Pawn Storm, known for international spying, also targets Russians, Trend Micro said

All the cyberattacks on the U.S. government (that we know of) (Mashable) Hackers accessed tax returns belonging to more than 300,000 people — more than twice officials' initial estimate — when they breached an Internal Revenue Service program in May, stealing taxpayers' personal information and generating nearly $50 million in fraudulent refunds, the agency said this week

Another serious vulnerability found in Android's media processing service (ITWorld) Rogue applications could exploit the flaw to gain sensitive permissions

Trend publishes analysis of yet another Android media handling bug (Register) 1, 2, 3, 4 … how many more bugs must we endure?

ICS-CERT warns for 0-Day vulnerabilities in SCADA systems (Security Affairs) The ICS-CERT has recently published six security advisories to warn organizations about a number of 0-day flaws in SCADA systems

ICSA Labs warns about privacy, data security issues with Windows 10 (FierceITSecurity) While Windows 10 has many useful features, it collects data from both online and offline activity to share with partners, often for unknown reasons, warned Greg Wasson, program manager for ICSA Labs, a vendor-neutral security certification body

Mumsnet DDoSed, SWATted, hacked — oh, and change your password, too! (Naked Security) Popular and successful UK website Mumsnet is in the news again

Who is Detoxransome — the "Hacker" Behind the Blackmail Attempt on Bitdefender? (Damballa) Following our post about the Bitdefender hack, we have been gathering information about the actor behind the handle 'Detoxransome.' We found several references of his web activity on Twitter, different forums and Pastebin where he advertises his hacks. Let's take a closer look at Detoxransome

Data from hack of Ashley Madison cheater site purportedly dumped online [Updated] (Ars Technica) Download includes e-mail, member profiles, and credit card transactions

Hackers Dump Ashley Madison User Database… Where Most People Won't Find It (Dark Reading) Attackers make good on doxing threat, but post database to dark web

Was the Ashley Madison Database Leaked? (KrebsOnSecurity) Many news sites and blogs are reporting that the data stolen last month from 37 million users of AshleyMadison.com — a site that facilitates cheating and extramarital affairs — has finally been posted online for the world to see

Ashley Madison's leaked database available for download — read this first (Graham Cluley) What's happened? As I'm sure you'll remember, popular adultery website Ashley Madison got hacked in July. The hackers - who went by the name of the Impact Team — demanded that its owners, Avid Life Media, shut the site down and sister sites including Cougar Life and Established Men

Security Flaw in Bank Passbooks? (InfoRiskToday) Bug hunter discovers data-leak vulnerability in barcodes

Are cyber threats the Achilles' heel of the smart home? (SecurityInfoWatch) The advent of smart home technology has forever changed the face of the residential alarm industry for the better

Does your mobile carrier track you online? (Help Net Security) At least nine mobile carriers around the world are using "supercookies" to track users' web browsing, a study by human rights organization Access has shown

Security Patches, Mitigations, and Software Updates

Microsoft issues emergency patch for all versions of Windows (ZDNet) This is the second "critical" out-of-band patch issued in as many months

Microsoft Security Bulletin MS15-093 — Critical OOB — Internet Explorer RCE (Internet Storm Center) Recommendation: Test and patch ASAP. Mitigation option: EMET 5.2 configured to protect Internet Explorer (defautlt) is able to block the known exploit

Security Hotfix Available for LiveCycle Data Services (Adobe Security Bulletin) Adobe has released a security hotfix for LiveCycle Data Services. This hotfix addresses an important vulnerability that could result in information disclosure

Frightened Of The Stagefright Vulnerability? Companies Are Rolling Out Patches (Droid Report) Remember the Stagefright exploit that was brought to Android users' consciousness just recently? Verizon, as well as some OEM's, are now pushing updates for some of the units in their portfolio

Google's Android "Admin" security hole — time to patch! (Naked Security) Google just put out a surprisingly important patch for the Google Admin app

Apple fixes a staggering 71 security holes in its latest iOS update (FierceITSecurity) Apple mobile devices are popular with enterprises because of their reputation for rock-solid security. Yet, Apple had to plug a staggering 71 security holes in its latest update to its mobile operating system

Cyber Trends

Is the Internet of Things Too Big to Protect? Not if IoT Applications Are Protected! (IBM Security Intelligence) The evolution of connected devices as nodes on the Internet of Things (IoT) brings limitless possibilities

Report: Endpoints, Not Cloud, Are Biggest Security Risk (The VAR Guy) There's much concern in the industry about the cloud being a major security risk, but a recent survey at the Black Hat 2015 Conference found that it's really endpoints that experts think are most susceptible to intrusion or attack

Channel must protect businesses against cyber threats (MicroScope) Data breaches remain in the news when high profile cases affect large amounts of people or extremely sensitive data. However figures and trends show that criminals choose to target all sizes and types of business, which creates ample opportunity for the channel

Marketplace

Cybersecurity IPOs: two biggies to report… for now (CSO) Rapid7 and Sophos go IPO while many cybersecurity firms pursue M&A and investments

Symantec buys training firm to boost VR answer to skills shortage (CSO) Symantec has acquired two training firms to accelerate its virtual-reality platform that lets employees see the world through a hacker's lens

Symantec: 3 Things To Keep In Mind After Q1 (Seeking Alpha) Fiscal Q1 2016 figures were disappointing. However, there are 3 aspects concerning the stock that make it attractive. On top of this, its valuation remains extremely low. All of this makes the stock a value investment opportunity

Symantec: Lots Of Cash But Uncertain Future (Seeking Alpha) Symantec just closed the $8bn sale of information management unit, Veritas. This leaves the company with a lot of cash, as the core business comes under even more pressure. While the very large cash balances make an investment appealing, investors have to deal with a lot of uncertainties impacting the potential outcome. These uncertainties and pressure on the core makes me cautious to invest in Symantec despite the very large cash balances

FireEye Called Top-Tier Security Vendor In New Upgrade (TheStreet) Shares of FireEye (FEYE) are getting a boost after Imperial Capital highlighted the company's "significant progress" when upgrading its rating on the name. California-based FireEye is a provider of cybersecurity solutions

Row rumbles on over figures in Oracle CSO's anti-security rant (Register) Now Redwood City giant's security researcher bridge building can begin … not!

FBI tries to recruit hackers as cyber special agents (Federal Times) The annual Black Hat conference in Las Vegas was a place for hackers and cybersecurity professionals to compare ideas and tactics of the trade but it was also an opportunity for the government to tap a pool of talented cyber skills

One thousand more jobs predicted for Fort Gordon Cyber Command (WRDW 12) Cyber command could have a bigger impact than leaders initially thought

Akamai Appoints Ashutosh Kulkarni as Senior Vice President and General Manager, Web Experience Division (MarketWatch) Former SVP & GM at Informatica, Kulkarni brings 20 years of products experience to Akamai

Coalfire Appoints Larry Jones as Chief Executive Officer (BusinessWire) Board chairman to continue former CEO and recently departed Rick Dakin's vision

GuardiCore Expands Executive Leadership Team (Dark Reading) Industry veterans from Check Point, Imperva, IXIA and CTERA Join GuardiCore to accelerate expansion of data center active attack security

Products, Services, and Solutions

Whither Wuala? Encrypted file storage service bites the dust (Graham Cluley) Yesterday, an abrupt shutdown notice arrived in my mail from a favorite encrypted cloud storage service, Wuala

Lavaboom's warrant canary has expired (Graham Cluley) Bad news for anyone trusting Lavaboom for their secure, encrypted communications

Mozilla is experimenting with improved Private Browsing (Help Net Security) Mozilla Foundation is again aiming to boost the privacy of Firefox users, and is beginning to test a new, improved kind of Private Browsing

Fortinet Unveils Mid-Range Security Solution Uniquely Designed for Next Generation Edge and Internal Segmentation Firewall Applications (MarketWatch) New FortiGate-600D offers industry's most secure, cost effective 10 gigabit interface and 36Gbps throughput appliance to better protect enterprises from cyber threats

The situation is well — Tenable (IT Wire) Chief information and security officers need to know about Tenable. It provides the peace of mind — the aspirin -— that lets you sleep at night knowing your network is secure and when its not!

Triumfant Announces AtomicEye Version 6.0 Adding New Integrations of Advanced Threat Intelligence to Enhance its Detection and Remediation Capabilities on the Endpoint (Yahoo! Finance) Major release includes Threat Intelligence, Instant Query, Intelligent WhiteListing, Linux Agent, support for industry standards and user-friendly Executive Dashboard

(ISC)² Foundation Adds Senior Safety to Cyber-Education Mix (Infosecurity Magazine) The (ISC)² Foundation charitable trust has announced an addition to its Safe and Secure Online program to educate senior citizens on how to safely navigate cyber-space

Bitcoin forks into two separate currencies (MicroScope) Bitcoin could be on verge of its own financial meltdown, as developers battle over the future direction of the digital currency

Technologies, Techniques, and Standards

What CIOs can learn about security threats from 4 recent hacks (CIO) The media and the public are finally waking up to the fact that almost all organizations are at risk of getting hacked. Analyzing a few recent high-profile breaches might just help you prevent the same thing from happening at your company

How to sabotage DDoS-for-hire services? (Help Net Security) We all know the damage that DDoS-for-hire services can inflict on websites and organizations behind them

Solving the third-party risk management puzzle for PCI (Help Net Security) One of the main PCI compliance challenges for businesses is how to accurately document and monitor the payment data and personal information they hold and share with third parties

Cybersecurity Infiltrates E-Discovery Managed Services (Legaltech News) Security is a top agenda when law firms select EMS vendors

Fed CIOs Confront Rising eDiscovery Demand (Wall Street Journal) By leaning on maturing technology tools, federal CIOs are working to stay within tight agency budgets while handling more eDiscovery requests and tightening information security controls

Threat intelligence collection choice: In-house or outsource? (ITWorld Canada) Over the past 12 months or so cyber intelligence has become one of the new catch phrases of the infosec community

Crowdsourcing your security (CSO) The formal security programs at most companies include a finite number of managers and staffers. But the fact is, everyone within an organization should be responsible on some level for contributing to efforts to protect information, physical assets and other property

How to Mitigate Third-Party Data Breach Risks (EnterpriseTech) University of Pittsburgh Medical Center (UPMC) is one of the latest healthcare organizations to have sensitive records exposed

Protect Your Trademarks From Cybersquatting (InformationSecurityBuzz) Domain squatting is growing as companies scramble to protect their trademarks

Mitigating Mobile Security Risks (InfoRiskToday) PwC's Desai on how to improve mobile payment devices

MSPs: Are You Prepared to Handle the Insider Threat? (MSPMentor) As cloud computing continues to transform how business is being conducted, a lot of attention has been paid by managed service providers (MSPs) to external and technical security threats

Combining analytics and security to treat vulnerabilities like ants (ZDNet) Bill Franks, chief analytics officer at Teradata said a business cannot afford to wait until it has experienced a breach to act, likening system vulnerabilities to ants in your house; once their origin has been isolated, sealing the cracks keeps the ants away

Hugh Thompson on Simplifying Security (InfoRiskToday) Blue Coat CTO: shift focus to constants, not variables

Design and Innovation

Core Infrastructure Initiative Launches Open Source Security Badge Program (Threatpost) The Core Infrastructure Initiative (CII), a consortium of technology companies guided by The Linux Foundation, has thrown good money at solving the security woes of open source software

Research and Development

SRI International Wins DARPA Data Privacy Research Contract (Executive Biz) SRI International has won an $8,520,257 contract to assist the Defense Advanced Research Projects Agency in research for data privacy and privacy science studies

Academia

Lockheed Martin and Temple University's Institute for Business and Information Technology Create National Cyber Analyst Challenge (Lockheed Martin) The search for cyber talent is reaching new heights. According to SimplyHired.com, in April 2015 there were 26,980 open cybersecurity related positions. Employers are citing an increased demand for cyber analysts

NICE news about the cybersecurity skills shortage (and a call for papers) (We Live Security) The information security news is not all bad, despite the annual August double-tap of Black Hat and DEF CON

Legislation, Policy, and Regulation

The Evolution of Cyberlaw (BankInfoSecurity) Duggal on global advances and the need for regional reform

Advanced Threats: Improving Response (InfoRiskToday) With a broad spectrum of Digital India initiatives announced in July, the Indian government is receiving a lot of attention from security circles. It is also recognizing that it has a big target painted on its back. With threats such as advanced persistent threats and targeted attacks, how equipped are Indian government entities to detect and mitigate the risks?

Busting the Biggest Myth of CISA — That the Program Is Voluntary (Wired) WHEN THE U.S. Senate returns in September, one of its priorities will be to pass so-called "cybersecurity" legislation, namely the Cybersecurity Information Sharing Act

Federal Motor Carrier Safety Administration's Final Electronic Logging Device Mandate (Supply Chain 24/7) The trucking industry is waiting on the Federal Motor Carrier Safety Administration (FMCSA) to publish its final electronic logging device rule, or ELD mandate — What is it exactly? And, what does it mean for commercial motor carriers and truck drivers?

Partnership between NSA and telecoms pose both security and privacy risk, experts say (SC Magazine) Recently revealed documents from former government contractor Edward Snowden, and investigated by The New York Times and ProPublica, indicate that the National Security Agency (NSA) held intimate ties with major telecommunications companies until at least 2013

The Intel Community Needs A Better Media Strategy (Defense One) As press watchdogs stiffen their spines, intel agencies must decide what secrets truly need protecting and why

Marine enlisted leaders pushed to embrace social media (Marine Corps Times) For the roomful of grizzled sergeants major in suits, the slides of Facebook metrics and Twitter case studies were a stark indicator that the Marine Corps has changed since they first stood on the yellow footprints

Air Force warns deployed airmen: 'Loose tweets destroy fleets' (Air Force Times) Officials at Al Udeid Air Base in Qatar are admonishing airmen against careless posting on Twitter and other social media sites

States take aim at HR and social media of employees (TechTarget) Laws are meant to shield employees' Facebook and Twitter accounts; CareerBuilder unveils new analytics for recruiters and hiring managers

Litigation, Investigation, and Law Enforcement

Chinese arrest 15,000 in cybercrime sweep (Al Jazeera America) Crackdown comes after launch of a nationwide Web crackdown, called Cleaning the Internet

Target reaches agreement with Visa over data breach (Reuters via Business Insurance) Target Corp. said it has reached an agreement with Visa Inc. card issuers to reimburse up to $67 million in costs related to a data breach at the retailer in 2013, according to a source familiar with the matter

Company pays FCC $750,000 for blocking Wi-Fi hotspots at conventions (Ars Technica) Wanted to force convention-goers to purchase $80/day Wi-Fi access

Solihull teenager carried out cyber attack on Home Office and FBI web sites, court hears (Birmingham Mail) Charlton Floate caused government web sites in the UK and one used by the FBI to crash with cyber attacks

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

cyberSecure (New York, New York, USA, December 15 - 16, 2015) Today's business leaders recognize that a multi-disciplinary approach is critical to protecting the bottom line. What's too often missed is a vision that incorporates best practices that allow you add...

Upcoming Events

5th Annual Cyber Security Training & Technology Forum (CSTTF) (Colorado Springs, Colorado, USA, August 19 - 20, 2015) The Information Systems Security Association (ISSA) Colorado Springs Chapter and FBC, Inc. will once again co-host the 5th Annual Cyber Security Training & Technology Forum (CSTTF). CSTTF 2015 will bring...

Decepticon 2015 (Cambridge, England, UK, August 24 - 26, 2015) Decepticon brings together researchers and practitioners in the detection and prevention of deception. Previously, deception research has been fragmented across conferences in many different disciplines,...

AFCEA OKC Technology & Cyber Security Day (Oklahoma City, Oklahoma, USA, August 27, 2015) FBC and the Armed Forces Communications & Electronics Association (AFCEA) Oklahoma City Chapter will be partnering once again to host the annual Technology Day & "Scholarship" Golf Tournament at Tinker...

Power Grid Cyber Security Exchange 2015 (San Diego, California, USA, August 30 - September 1, 2015) The Power Grid Cyber Security Exchange will take a deep dive into the cyber security strategies, innovative approaches and strategic planning necessary to balance the competing priorities of today's technology...

2015 HTCIA International Conference & Training Expo (Orlando, Florida, USA, August 30 - September 2, 2015) Bringing together experts from all over the world to share their latest research and techniques related to cybersecurity, incident response and computer forensics

ICFP 2015 (Vancouver, British Columbia, Canada, August 31 - September 2, 2015) ICFP 2015 provides a forum for researchers and developers to hear about the latest work on the design, implementations, principles, and uses of functional programming. The conference covers the entire...

Mid-Atlantic Security Conference (Gaithersburg, Maryland, USA, September 1, 2015) The conference is brought to you by Information Systems Security Association's Baltimore, NOVA, and National Capital Chapters. Join us for a full day of training on cybersecurity topics by industry leaders,...

SCADA Nexus 2015 (Houston, Texas, USA, September 2 - 4, 2015) SCADA Nexus is an international annual event for ICS and SCADA security professionals and executives to focus on world-wide security concerns. The event is located in Houston, Texas each year at the Hilton...

SIN 2015 (Sochi, Russia, September 8 - 10, 2015) The 8th International Conference on Security of Information and Networks (SIN 2015) provides an international forum for presentation of research and applications of security in information and networks.

NSPW (New Security Paradigms Workshop) (Twente, Netherlands, September 8 - 11, 2015) Although NSPW is more of a workshop than a conference, it has earned its right to be included in this list. Since 1992, NSPW has been offering a unique forum for cyber security specialists involved in...

Global Cyberspace Cooperation Summit VI (New York, New York, USA, September 9 - 10, 2015) An invitation-only event, this meeting of international actors aims to coordinate and consolidate progress, showcase results and promote collective action. The annual cyber summits provide a crucial forum...

Intelligence and National Security Summit (Washington, DC, USA, September 9 - 10, 2015) AFCEA International (AFCEA) and the Intelligence and National Security Alliance (INSA) are pleased to host the second Intelligence and National Security Summit to provide the platform for this essential...

Cybersecurity Innovation Forum (Washington, DC, USA, September 9 - 11, 2015) The 2015 Cybersecurity Innovation Forum is a three-day event hosted by the National Institute of Standards and Technology, and planned with the National Security Agency, and the Department of Homeland...

2nd Annual Senior Executive Cyber Security Conference (Baltimore, Maryland, USA, September 10, 2015) The one-day symposium will examine the potential advantages and pitfalls of an information-sharing strategy from the technological, business and regulatory perspectives

Cyber 6.0 (Laurel, Maryland, USA, June 17, 2015) The mission of the Cyber Conference is to provide a forum for small and mid-sized businesses in Howard County and the region to access industry and government leaders with current information on cybersecurity...

BSides Augusta 2015 (Augusta, Georgia, USA, September 12, 2015) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...

SANS Institute: Information Security Training (Las Vegas, Nevada, USA, September 12 - 21, 2015) Information security training in Las Vegas from SANS Institute, the global leader in information security training. At SANS Network Security 2015, SANS offers more than 40 hands-on, immersion-style security...

Gulf Cooperation Council Cyber Security Summit (Abu Dhabi, United Arab Emirates, September 13 - 15, 2015) The GCC Cyber Security Summit will bring together regional and international thought leaders and decision-makers to examine one of the most vital threats to the region's future well-being: cyber-attack.

Hacker Halted 2015 (Atlanta, Georgia, USA, September 13 - 18, 2015) EC-Council Foundation's flagship information security conference, Hacker Halted, will unite some of the greatest minds in information security, as industry experts address the latest threats and vulnerabilities...

EnergySec 11th Annual Security & Compliance Summit (Washington, DC, USA, September 14 - 16, 2015) For more than 10 years the EnergySec Security Summit has been the premier gathering for stakeholders in the energy sector focused on physical and cyber security. Our summits give each attendee a rare opportunity...

Fraud Summit San Francisco (San Francisco, California, USA, September 15, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Among the areas to be discussed are...

Borderless Cyber 2015 (Washington, DC, USA, September 15 - 16, 2015) OASIS, in collaboration with The World Bank, will bring together public and private sector security professionals from around the world to evaluate, debate, and collaborate on cyber security best practices...

Detroit Secure World (Detroit, Michigan, USA, September 16 - 17, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...

National Insider Threat Special Interest Group Meeting (Laurel, Maryland, USA, July 16, 2015) Topics to be discussed at the meeting; Insider Threat Program Development & Implementation, Behavioral Indicators Of Concern, Legal Considerations When Developing & Managing An Insider Threat Program.

6th Annual Billington Cybersecurity Summit (Washington, DC, USA, September 17, 2015) Join key leaders and decision makers from government, military and the private sector at this one-day intensive networking event as participants focus on the next generation of solutions to ensure this...

Cyber Security Summit: New York (New York, New York, USA, September 18, 2015) The Cyber Security Summit provides an exclusive business environment to meet with Senior Executives who are seeking innovative solutions to protect their business & critical infrastructure. Delegates...

Data Breach Investigation Summit (Dallas, Texas, USA, September 21 - 26, 2015) Data Breaches are occurring at an alarming rate and increasing in their scope, frequency and impact and they don't discriminate by industry, geography or organization size. When a breach occurs, organizations,...

St. Louis SecureWorld 2015 (St. Louis, Missouri, USA, September 22 - 23, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...

OWASP APPSECUSA (San Francisco, California, USA, September 22 - 25, 2015) The premier gathering of developers, security experts and technologists to discuss cutting edge approaches to secure web applications

SAT 2015: 18th International Conference on Theory and Applications of Satisfiability Testing (Austin, Texas, USA, September 24 - 27, 2015) The International Conference on Theory and Applications of Satisfiability Testing (SAT) is the premier annual meeting for researchers focusing on the theory and applications of the propositional satisfiability...

CSS (International Conference on Cryptography and Security Systems) (Warsaw, Poland, September 25 - 27, 2015) After three years' break, CSS is returning in 2017 with another great look at the evolution of cryptography and its role for the cyber security industry. This event is focused on presenting original and...

Business Insurance Cyber Risk Summit 2015 (San Francisco, California, USA, September 27 - 28, 2015) The Business Insurance Cyber Risk Summit provides risk management professionals and chief information security officers with the practical information and tools needed to combat the latest cyber risks...

ASIS International (Anaheim, California, USA, September 28 - October 1, 2015) The ASIS Annual Seminar and Exhibits boasts of being one of the world's most influential events for security professionals. Its mission is to provide industry-leading education, countless business connections,...

CYBERSEC European Cybersecurity Forum (Kraków, Poland, September 28 - 29, 2015) The CYBERSEC forum is the first of its kind in Poland and one of just a few regular public policy conferences in Europe devoted to the strategic issues of cyberspace and cybersecurity. The goal of CYBERSEC...

(ISC)² Security Congress (Anaheim, California, USA, September 28 - October 1, 2015) Proudly colocated for the fifth year in a row, (ISC)² Security Congress 2015 and ASIS International 61st Annual Seminar and Exhibits (ASIS 2015) expect more than 19,000 professionals worldwide from...

Fraud Summit Toronto (Toronto, Ontario, Canada, September 17, 2014) From account takeover to payment card fraud and the emerging mobile threatscape, the ISMG Fraud Summit series is where thought-leaders meet to exchange insights on today's top schemes and the technology...

Threat Intelligence Summit 2015 (ChampionsGate, Florida, USA, September 29 - 30, 2015) The threat landscape is getting bigger and more complex, the tools more plentiful, the amount of digital information increasingly massive, and the skills needed to navigate this terrain seem to multiply...

hardwear.io: Hardware Security Conference and Training (The Hague, Netherlands, September 29 - October 2, 2015) Do you trust your hardware? Learn from experts about backdoors, exploits, trust, assurance and attacks on hardware equipment, firmware and related protocols

VB2015 (Prague, Czech Republic, September 30 - October 2, 2015) The VB2015 programme includes 38 papers on a wide range of security topics. As in previous years, the presentations will run in two parallel streams and the programme includes both technical and less technical...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.