skip navigation

More signal. Less noise.

Daily briefing.

Jihadist hacktivists apparently based in Tunisia hit public websites in Thailand, their nominal objective being support of Rohingya Muslims.

The gunman passengers overpowered Friday before he could massacre riders aboard a French train is said to have visited jihadist sites within hours of his attempt.

Reports suggest the Mexican government is employing Twitterbots against dissident Twitter channels.

Fidelis reports the AlienSpy RAT is resurgent, now operating at JSocket.

Github has parried a denial-of-service attack it suffered this morning.

The Ashley Madison affair continues its sordid unraveling. Extortion attempts are up, and Avid Life contributes to a hefty reward for the apprehension of the Impact Team hackers. Avid Life also faces allegations (based on compromised emails) that it improperly accessed other "adult" sites to exfiltrate competitors' subscriber information. The episode is sad as well as sordid: Canadian police attribute at least two suicides to the data dumps.

The US Energy Secretary tells Congress the natural gas sector is at high risk of cyber attack.

The cyber insurance sector continues to grow, but observers advise policyholders to shop with caution: they risk distorting their overall security posture by misunderstanding exactly what they're buying. Ongoing risk analysis seems both a good security practice and the probable centerpiece of emerging standards of care.

Research sheds light on what induces developers to scan (or fail to scan) their code for security holes.

The UN's privacy chief advocates a "privacy Geneva Convention."

A US Court finds the Federal Trade Commission has authority to regulate cyber security.

Notes.

Today's issue includes events affecting Australia, Canada, China, France, India, Indonesia, Israel, Malaysia, Mexico, Morocco, Russia, Singapore, Thailand, Tunisia, United Arab Emirates, United Kingdom, United Nations, United States.

Cyber Attacks, Threats, and Vulnerabilities

North African Group Targets Thai Websites in Islamist Cyber Attack (Benar News) A Tunisian group on Sunday and Monday posted jihadist messages and images of persecuted Rohingya Muslims as it launched a cyber attack on six public websites in Thailand, including those of four provincial governments, according to news reports

Pro-Government Twitter Bots Try to Hush Mexican Activists (Wired) On September 26, 2014, a group of students departed the Ayotzinapa Rural Teachers' College for a protest in Iguala, Mexico, about 80 miles away. They never arrived

AlienSpy RAT Resurfaces as JSocket (Threatpost) Even before a stunning revelation at Black Hat 20 days ago that spyware had been found on the phone of a dead Argentine prosecutor, the handlers of the AlienSpy remote access Trojan closed up shop, revamped and renamed the spyware, and moved operations to new domains, researchers at Fidelis said

Signed Dridex Campaign (Zscaler ThreatLab) Malware authors use various means to make their malware look similar to legitimate software. One such approach involves signing a malware sample with a digital certificate. Recently we saw Dridex malware authors using this technique while reviewing the samples in our Cloud Sandbox

Critical vulnerability in SAP Afaria MDM can put millions of mobile users at risk of losing access to corporate data (ERPScan) Advisory describing a critical buffer overflow vulnerability in SAP Afaria MDM server that can disable access to corporate systems for millions of mobile users was published today at the ERPScan's website

MMD-0039-2015 — ChinaZ made new malware: ELF Linux/BillGates.Lite (Malware Must Die!) There are tweets I posted which are related to this topic. Our team spotted the sample a week ago. And this post is the promised details, I am sorry for the delay for limited resource that we have since for a week I focused to help good people in raising awareness for cleaning up PE malware Dyre/Upatre on router proxies

Dell SonicWall NetExtender 7.5.215 Privilege Escalation (Packet Storm) Dell SonicWall NetExtender version 7.5.215 suffers from a privilege escalation vulnerability

LG phones most exposed to new Certifi-gate vulnerability (CSO) More than 70 percent of Android phones from LG have a plugin installed that exposes them to the Certifi-gate remote support app vulnerability, where a rogue application — or even a text message — can completely take over a device

Github Mitigates DDOS Attack (Threatpost) Code repository Github mitigated a distributed denial-of-service attack, restoring services this morning around 9 a.m. Eastern time

British Travel Company Breached, Hundreds of Customers' Information Exposed (Tripwire: the State of Security) A data protection breach at Thomson, a British travel firm, has led to the accidental exposure of more than 450 customers' personal information

Some free [Hong Kong] govt WiFi spots expose users to risk of data theft (ejinsight) A handful of the government's more than 500 free WiFi service spots across Hong Kong are insecure, Apple Daily reported Tuesday, citing test results from Israeli mobile network security firm Skycure

Leaked AshleyMadison Emails Suggest Execs Hacked Competitors (KrebsOnSecurity) Hacked online cheating service AshleyMadison.com is portraying itself as a victim of malicious cybercriminals, but leaked emails from the company's CEO suggests that AshleyMadison's top leadership hacked into a competing dating service in 2012

Ashley Madison hack sends shivers through hook-up, porn sites (Reuters) Larry Flynt, a defender of free speech and sexual freedom if there ever was one, has this advice for anyone worried by the hack of infidelity site Ashley Madison: Muzzle yourself

'Yes. I was a member of the Ashley Madison website. But I wasn't there to cheat on anyone' (Graham Cluley) Just because someone's email is on the leaked Ashley Madison list, doesn't mean they're cheaters

Why Phone Fraud Starts With A Silent Call (NPR) Here's an experience some of us have had. The phone rings. You pick it up and say "Hello. Hello. Helloooo." But nobody answers

Cyber Trends

Survey Says: Incident Response Is Fighting Back (Dark Reading) Companies appear to be recognizing the need for increased incident-response spending

Vint Cerf: 'Sometimes I'm terrified' by the IoT (ITWorld) Strong but finely tuned authentication will be essential, he said

INSIGHT: Security in the Internet of Things age — Makers vs. Operators (ComputerWorld) Internet of Things (IoT) security is a hot topic among security and risk professionals

Moniz says cyber attacks threaten natural gas industry (Washington Examiner) The administration is seeing a "big and growing threat" from possible cyber attack against the nation's natural gas infrastructure, as well as new cars and the sprawling traffic management system

Fraud rate doubles as cybercriminals create new accounts in users' name (CSO) To get more value out of stolen personal information, cyber criminals doubled their rate of account creation fraud this summer, according to a report report from Vancouver-based NuData Security

ThreatMetrix sees Q2 2015 increase in mobile transactions and online lending fraud (ITWire) ThreatMetrix's quarterly report looks at cybercrime attacks detected by its 'Digital Identity Network', analysing over a billion transactions monthly to do so

Risky mobile behaviors are prevalent in the government (Help Net Security) Mobile devices are extremely prevalent in federal agencies, even within those that purport to have policies prohibiting the use of them. Lookout analyzed 20 federal agencies and found 14,622 Lookout-enabled devices associated with those agencies' networks. Those devices encountered 1,781 app-based threats

Combating DDoS defence buck passing: Nexusguard (ZDNet) When it comes to cyber security in Australia, DDoS attacks are not at the forefront of concern and Australian businesses need to step up, according to Nexusguard

Malaysia takes the lead as the most cyber-savvy Asian nation while Indonesia is on the bottom rung (SecurityAsia) While 93% of online users in Asia worry about cyber security, 3 out of 5 consumers are unable to answer basic cyber security questions correctly, according to the ESET Asia Cyber Savviness Report 2015

Marketplace

Gaps remain in perception of cyber threats (Pensions and Investments) Execs confident providers' practices are sound; professionals say otherwise

Top 5 problems with data breach insurance (HP Security Products Blog) The costs associated with data breaches continue to rise while security only grows in complexity. For those reasons and more, data breach insurance has gained an incredible amount of traction in a relatively short amount of time. In fact, almost 50 insurance companies now offer some type of data breach coverage. However, there are some specific issues with data breach insurance that need to be considered before making that investment. Here are the top five

Cyber Insurers Dictating How Your Business Is Secured? (Peerlyst) A run down of the key challenges with choosing and using cyber insurance called out in the last few months

Allianz's subsidiary and Kudelski partner for cybersecurity incident response services (Insurance Business Review) Cybersecurity division Kudelski Security is set to provide cybersecurity incident response services to Allianz Global Corporate & Specialty (AGCS), Allianz Group's carrier for corporate and specialty insurance business

Hacking Your Health: For Healthcare Providers, Risk Analysis Must Be Ongoing (JDSupra) Healthcare providers would be wise to keep in mind that if a patient is harmed by a hacked medical device, Exhibit A in the negligence suit against them may be that provider's risk analysis, or lack thereof

Better Security Stock: CyberArk Software Ltd. or Palo Alto Networks Inc.? (Motley Fool) Which hot cybersecurity stock is a better long-term investment?

JMP: Palo Alto checks strong, selloff a buying opportunity (Seeking ALpha) Stating checks came back strong (particularly for North America), JMP's Erik Suppiger is reiterating an Outperform on Palo Alto Networks (PANW -0.8%) ahead of its Sep. 9 FQ4 report

Splunk Could Easily Beat Street; Still May Falter (Investor's Business Daily) The question for Splunk (NASDAQ:SPLK) as it nears its Thursday earnings release is not whether the security database software maker can make its numbers — it's whether a positive report will actually help

Tripwire Business Momentum Continues to Build in First Half of 2015 (BusinessWire) Tripwire, Inc., a leading global provider of advanced threat, security and compliance solutions, today announced double-digit growth in both its large, strategic and entry-level deals during the first six months of 2015

Two Decades in, DC-Based Thycotic Goes on a Tear (DCInno) The cybersecurity firm has been largely operating under-the-radar until now

Startup takes heat over online tool that checks Ashley Madison data (IDG via CSO) Trustify was accused of spamming email addresses that showed up in the leak

Security Watch: Bell returns to McGrathNicol as Forensic and Cyber Director (CSO) McGrathNicol has announced that Shane Bell will re-join the firm as a Forensic and Cyber Director

Northrop Grumman Appoints Skip Magness Vice President, Operations, Cyber Division (MarketWatch) Northrop Grumman Corporation NOC, +1.16% announced it has appointed Skip Magness, vice president, operations, for its cyber division within the company's Information Systems sector, effective immediately

Security researcher who hacked moving Jeep leaves Twitter (Reuters via the Fiscal Times) he security researcher who hacked into a moving Jeep earlier this year has resigned as an engineer at Twitter Inc after three years on the job, a person familiar with the matter said

Products, Services, and Solutions

Fortinet's advanced threat protection: Breaking the kill chain (Security Watch) Cyber criminals are getting smarter. No longer satisfied with simply stealing credit card details or defacing web sites, today's malware mavens want to destroy reputations, disrupt commerce and bring the internet to its knees

Kaspersky, iovation Team to Take Down Fraud (Channel Partners) iovation, the digital reputation authority, and Kaspersky Lab, the world's largest privately held vendor of cybersecurity solutions, today announced a partnership to provide both businesses and consumers with a comprehensive solution to help combat fraud

Wynyard Group readies new cyber-crime platform, ASX listing (ZDNet) New Zealand-based crime analytics software company announces an increased $17.6 million first half loss

Pirate sites ban Windows 10 over privacy worries (Naked Security) There's been a good amount of privacy freak-out over Windows 10

Technologies, Techniques, and Standards

Cyber Threat Intelligence — No Longer Just a Nice To Have (Infosecurity Magazine) Information leakage is possibly one of the most common, and misunderstood security risks faced today, and potentially one which impacts organizations every single day. When linked to electronic distance information gathering, it can, and does pose significant security risks to any business, or government agencies alike

The Most Common Mistakes These 27 Cyber Security Experts Wish You’d Stop Doing (Heimdal) In spite of all the media attention that cyber attacks have been getting lately, cyber security is still not as important of an issue for Internet users as it should be

Combatting human error in cybersecurity (Help Net Security) Mistakes are part of life, but unfortunately in cybersecurity operations, mistakes have the potential to be financially devastating to the business

Network security easier than most businesses think, says Kaspersky Lab (ComputerWeekly) The best cyber security protection for any business requires a mixture of enforcement and education, according to a guide by Kaspersky Lab

Protecting and Managing Data (Information Security Buzz) Properly managing data should be a top priority for businesses of any size. Information is the cornerstone of most businesses

Are You Protecting your Backdoor? (Internet Storm Center) Hardly anybody has physical access to critical public facing servers. Usually, they are located in a data center, hours away from the system administrators charged with managing them

Tips for protecting your business against cyber extortion (CSO) Tips for protecting your organization from extortion

Virtualization doubles the cost of security breach (CSO) When a security incident involves virtual machines, the recovery costs double compared to that of a traditional environment

Design and Innovation

How developing and disguising software bugs can help cybersecurity (Christian Science Monitor Passcode) The decade-old Underhanded C competition rewards contestants who can camouflage the most malicious software vulnerability. And it's meant to make all software more secure

Research and Development

What Drives A Developer To Use Security Tools — Or Not (Dark Reading) National Science Foundation (NSF)-funded research by Microsoft Research, NC State, and UNC-Charlotte sheds light on what really makes a software developer scan his or her code for security bugs

Academia

$2.5 Million Grant To Train Cybersecurity Professionals Given To Pace University (Homeland Security Today) A $2.5 million grant from the National Science Foundation (NSF) to Pace University's Seidenberg School of Computer Science and Information Systems to help train the next generation of cybersecurity professionals

Students learn cyber skills at GCHQ summer school (Scarborough News) A summer school to teach young people cyber skills has been running at GCHQ in Scarborough

Legislation, Policy, and Regulation

UK surveillance "worse than 1984," says new UN privacy chief (Ars Technica) World needs a "Geneva convention" for the Internet to safeguard personal data

Developing a Proportionate Response to a Cyber Incident (Council on Foreign Relations) As offensive cyber activity becomes more prevalent, policymakers will be challenged to develop proportionate responses to disruptive or destructive attacks

VoIP including Skype is banned in UAE: TRA (Emirates 24/7) Foreign firms interested in offering VoIP in UAE may approach Etisalat and Du

Opinion: Why the information sharing bill is anti-cybersecurity (Christian Science Monitor Passcode) Supporters of the Cybersecurity Information Sharing Act says it's an essential tool for Washington and industry to exchange threat intelligence. But in reality, it would give the government carte blanche to collect and store more data on Americans, putting everyone's information at greater risk

Why Defense Can't Buy Cyber Stuff Fast Enough (Government Executive) Cyber warfare has arrived: the Defense Department is under attack, and national security is at stake. Yet in a field defined by rapid growth, DOD arms itself at the same pace with which it buys major weapons, an acquisition cycle of seven to 10 years

Litigation, Investigation, and Law Enforcement

Gunman 'visited jihadist site' before train attack (The Local (France)) A Moroccan gunman who has been arrested after a foiled train attack in northern France looked at a jihadist website just hours before he boarded the train, investigation sources claim

FTC has authority to police cyber security, court says (Reuters via Business Insurance) A U.S. appeals court on Monday said the Federal Trade Commission has the authority to regulate cyber security and may pursue a lawsuit accusing hotel operator Wyndham Worldwide Corp. of failing to safeguard consumers' personal information

Widespread, unapproved use of Yammer possibly exposed sensitive data, VA probe finds (FierceGovernmentIT) Thousands of Veterans Affairs Department employees appear to have been using the web-based collaboration tool Yammer since 2008, even though it wasn't approved by the department, potentially exposing some personal and sensitive information, an internal investigation recently revealed

DHS has no record of State Dept. giving info for Clinton server audit, despite rules (FoxNews) The State Department does not appear to have submitted legally required information regarding Hillary Clinton's secret computer server to the Department of Homeland Security during her term as secretary

Is a Hacked Vehicle Also Defective? (Wall Street Journal) Car makers face significant consequences in safety debate over cybersecurity

Russia Says It's Banning Wikipedia (BuzzFeedNews) The site faces a total block after Wikipedia editors failed to comply with a court decision in a remote village

Project Unicorn offers $500,000 reward for Ashley Madison hackers (CSO) Mythical creatures seek mythical hackers for long-term relationship

'Bring me the head of the AC/DC-loving Ashley Madison hacker' (Graham Cluley) At a Toronto Police news conference, law enforcement officers updated the media on the investigation into the Ashley Madison hack

Police: Ashley Madison Hack Might Have Led to Suicides (AP via ABC News) The hack of the cheating website Ashley Madison has triggered extortion crimes and led to two unconfirmed reports of suicides, Canadian police said Monday

Canadian Class Action Seeks $578 Million in Ashley Madison Hack (Legaltech News) Suit seeks damages on behalf of "all Canadian citizens," as many as 250,000 of which had accounts with the dating site

Stingrays used to track petty crime (Naked Security) According to court records, on 11 May 2009, Baltimore detectives were in the 1000 block of Webb Court when they saw a man standing in a doorway using a mobile phone that they knew was stolen

Israeli arrested for alleged cyber attack on Utah-based Overstock.com (Salt Lake Tribune) The FBI has arrested an Israeli man for allegedly trying to take down the computers of Salt Lake City-based online retailer Overstock.com, according to a court case unsealed Monday in federal court

Poetic justice after burglar who taunted police on Facebook is captured (Hot for Security) It's not unusual these days for the police to make use of social media to help them in the fight against crime

Facebook threats against Pokémon World Championships lead to arrests in Boston (Naked Security) Two men are being held without bail after allegedly making online threats of violence against attendees of the Pokémon World Championships, held in Boston this past weekend

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Cloud Security Alliance Congress at P.S.R. (Las Vegas, Nevada, USA, September 28 - October 1, 2015) The industry's premier gathering for IT security professionals and executives who must further educate themselves on the rapidly evolving subject of cloud security. Offering best practices and practical...

Cloud Security Alliance Summit NYC 2015 (New York, New York, USA, October 28, 2015) The full-day Cloud Security Alliance NYC Summit is a standalone event in Manhattan. Co-hosted by the CSA NY Metro and CSA Delaware Valley chapters, some 200 well-qualified attendees are expected. The theme...

Cloud Security Alliance Summit Los Angeles 2015 (Los Angeles, California, USA, December 3, 2015) The full day Cloud Security Alliance LA Summit is a standalone event in the greater Los Angeles area. Hosted by the CSA LA/SoCal chapter, some 200 well-qualified attendees are expected. The theme is "Enterprise...

Upcoming Events

Decepticon 2015 (Cambridge, England, UK, August 24 - 26, 2015) Decepticon brings together researchers and practitioners in the detection and prevention of deception. Previously, deception research has been fragmented across conferences in many different disciplines,...

AFCEA OKC Technology & Cyber Security Day (Oklahoma City, Oklahoma, USA, August 27, 2015) FBC and the Armed Forces Communications & Electronics Association (AFCEA) Oklahoma City Chapter will be partnering once again to host the annual Technology Day & "Scholarship" Golf Tournament at Tinker...

Power Grid Cyber Security Exchange 2015 (San Diego, California, USA, August 30 - September 1, 2015) The Power Grid Cyber Security Exchange will take a deep dive into the cyber security strategies, innovative approaches and strategic planning necessary to balance the competing priorities of today's technology...

2015 HTCIA International Conference & Training Expo (Orlando, Florida, USA, August 30 - September 2, 2015) Bringing together experts from all over the world to share their latest research and techniques related to cybersecurity, incident response and computer forensics

ICFP 2015 (Vancouver, British Columbia, Canada, August 31 - September 2, 2015) ICFP 2015 provides a forum for researchers and developers to hear about the latest work on the design, implementations, principles, and uses of functional programming. The conference covers the entire...

Mid-Atlantic Security Conference (Gaithersburg, Maryland, USA, September 1, 2015) The conference is brought to you by Information Systems Security Association's Baltimore, NOVA, and National Capital Chapters. Join us for a full day of training on cybersecurity topics by industry leaders,...

SCADA Nexus 2015 (Houston, Texas, USA, September 2 - 4, 2015) SCADA Nexus is an international annual event for ICS and SCADA security professionals and executives to focus on world-wide security concerns. The event is located in Houston, Texas each year at the Hilton...

SIN 2015 (Sochi, Russia, September 8 - 10, 2015) The 8th International Conference on Security of Information and Networks (SIN 2015) provides an international forum for presentation of research and applications of security in information and networks.

NSPW (New Security Paradigms Workshop) (Twente, Netherlands, September 8 - 11, 2015) Although NSPW is more of a workshop than a conference, it has earned its right to be included in this list. Since 1992, NSPW has been offering a unique forum for cyber security specialists involved in...

Global Cyberspace Cooperation Summit VI (New York, New York, USA, September 9 - 10, 2015) An invitation-only event, this meeting of international actors aims to coordinate and consolidate progress, showcase results and promote collective action. The annual cyber summits provide a crucial forum...

Intelligence and National Security Summit (Washington, DC, USA, September 9 - 10, 2015) AFCEA International (AFCEA) and the Intelligence and National Security Alliance (INSA) are pleased to host the second Intelligence and National Security Summit to provide the platform for this essential...

Cybersecurity Innovation Forum (Washington, DC, USA, September 9 - 11, 2015) The 2015 Cybersecurity Innovation Forum is a three-day event hosted by the National Institute of Standards and Technology, and planned with the National Security Agency, and the Department of Homeland...

2nd Annual Senior Executive Cyber Security Conference (Baltimore, Maryland, USA, September 10, 2015) The one-day symposium will examine the potential advantages and pitfalls of an information-sharing strategy from the technological, business and regulatory perspectives

Cyber 6.0 (Laurel, Maryland, USA, June 17, 2015) The mission of the Cyber Conference is to provide a forum for small and mid-sized businesses in Howard County and the region to access industry and government leaders with current information on cybersecurity...

BSides Augusta 2015 (Augusta, Georgia, USA, September 12, 2015) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...

SANS Institute: Information Security Training (Las Vegas, Nevada, USA, September 12 - 21, 2015) Information security training in Las Vegas from SANS Institute, the global leader in information security training. At SANS Network Security 2015, SANS offers more than 40 hands-on, immersion-style security...

Gulf Cooperation Council Cyber Security Summit (Abu Dhabi, United Arab Emirates, September 13 - 15, 2015) The GCC Cyber Security Summit will bring together regional and international thought leaders and decision-makers to examine one of the most vital threats to the region's future well-being: cyber-attack.

Hacker Halted 2015 (Atlanta, Georgia, USA, September 13 - 18, 2015) EC-Council Foundation's flagship information security conference, Hacker Halted, will unite some of the greatest minds in information security, as industry experts address the latest threats and vulnerabilities...

EnergySec 11th Annual Security & Compliance Summit (Washington, DC, USA, September 14 - 16, 2015) For more than 10 years the EnergySec Security Summit has been the premier gathering for stakeholders in the energy sector focused on physical and cyber security. Our summits give each attendee a rare opportunity...

Fraud Summit San Francisco (San Francisco, California, USA, September 15, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Among the areas to be discussed are...

Borderless Cyber 2015 (Washington, DC, USA, September 15 - 16, 2015) OASIS, in collaboration with The World Bank, will bring together public and private sector security professionals from around the world to evaluate, debate, and collaborate on cyber security best practices...

Detroit Secure World (Detroit, Michigan, USA, September 16 - 17, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...

National Insider Threat Special Interest Group Meeting (Laurel, Maryland, USA, July 16, 2015) Topics to be discussed at the meeting; Insider Threat Program Development & Implementation, Behavioral Indicators Of Concern, Legal Considerations When Developing & Managing An Insider Threat Program.

6th Annual Billington Cybersecurity Summit (Washington, DC, USA, September 17, 2015) Join key leaders and decision makers from government, military and the private sector at this one-day intensive networking event as participants focus on the next generation of solutions to ensure this...

Cyber Security Summit: New York (New York, New York, USA, September 18, 2015) The Cyber Security Summit provides an exclusive business environment to meet with Senior Executives who are seeking innovative solutions to protect their business & critical infrastructure. Delegates...

Data Breach Investigation Summit (Dallas, Texas, USA, September 21 - 26, 2015) Data Breaches are occurring at an alarming rate and increasing in their scope, frequency and impact and they don't discriminate by industry, geography or organization size. When a breach occurs, organizations,...

St. Louis SecureWorld 2015 (St. Louis, Missouri, USA, September 22 - 23, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...

OWASP APPSECUSA (San Francisco, California, USA, September 22 - 25, 2015) The premier gathering of developers, security experts and technologists to discuss cutting edge approaches to secure web applications

SAT 2015: 18th International Conference on Theory and Applications of Satisfiability Testing (Austin, Texas, USA, September 24 - 27, 2015) The International Conference on Theory and Applications of Satisfiability Testing (SAT) is the premier annual meeting for researchers focusing on the theory and applications of the propositional satisfiability...

CSS (International Conference on Cryptography and Security Systems) (Warsaw, Poland, September 25 - 27, 2015) After three years' break, CSS is returning in 2017 with another great look at the evolution of cryptography and its role for the cyber security industry. This event is focused on presenting original and...

Business Insurance Cyber Risk Summit 2015 (San Francisco, California, USA, September 27 - 28, 2015) The Business Insurance Cyber Risk Summit provides risk management professionals and chief information security officers with the practical information and tools needed to combat the latest cyber risks...

ASIS International (Anaheim, California, USA, September 28 - October 1, 2015) The ASIS Annual Seminar and Exhibits boasts of being one of the world's most influential events for security professionals. Its mission is to provide industry-leading education, countless business connections,...

CYBERSEC European Cybersecurity Forum (Kraków, Poland, September 28 - 29, 2015) The CYBERSEC forum is the first of its kind in Poland and one of just a few regular public policy conferences in Europe devoted to the strategic issues of cyberspace and cybersecurity. The goal of CYBERSEC...

(ISC)² Security Congress (Anaheim, California, USA, September 28 - October 1, 2015) Proudly colocated for the fifth year in a row, (ISC)² Security Congress 2015 and ASIS International 61st Annual Seminar and Exhibits (ASIS 2015) expect more than 19,000 professionals worldwide from...

Fraud Summit Toronto (Toronto, Ontario, Canada, September 17, 2014) From account takeover to payment card fraud and the emerging mobile threatscape, the ISMG Fraud Summit series is where thought-leaders meet to exchange insights on today's top schemes and the technology...

Threat Intelligence Summit 2015 (ChampionsGate, Florida, USA, September 29 - 30, 2015) The threat landscape is getting bigger and more complex, the tools more plentiful, the amount of digital information increasingly massive, and the skills needed to navigate this terrain seem to multiply...

hardwear.io: Hardware Security Conference and Training (The Hague, Netherlands, September 29 - October 2, 2015) Do you trust your hardware? Learn from experts about backdoors, exploits, trust, assurance and attacks on hardware equipment, firmware and related protocols

VB2015 (Prague, Czech Republic, September 30 - October 2, 2015) The VB2015 programme includes 38 papers on a wide range of security topics. As in previous years, the presentations will run in two parallel streams and the programme includes both technical and less technical...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.