skip navigation

More signal. Less noise.

Daily briefing.

The cyber intrusion into Australia's Bureau of Meteorology looks more like an attempt to reach that country's defense networks. Most interested parties have now clammed up, but China remains the leading and obvious suspect.

China and the US have reached some agreement on cooperation in cyberspace, specifically more information sharing and establishment of a hotline over which cyber tensions might be discussed and eased. Chinese authorities issue fresh denials that the OPM hack was the work of their government, but they also say it was the work of Chinese criminals, some of whom they've arrested. No one's really buying the denials, at least yet — the data stolen from OPM seem not to have turned up for sale in any criminal market — but the two countries seem to share a mutual interest in rapprochement.

Iran, which observers flag as a growing cyber threat to Western targets, tenders the international community its good offices as an honest broker of IoT security.

ISIS continues its ghastly online propaganda-of-the-deed, with new execution videos and opportunistic praise of yesterday's mass shooting in San Bernardino, California.

The Armada Collective gives three Greek banks a taste of what they'll receive if they don't pay their ransom.

Trend Micro describes "Operation Black Atlas," a complex point-of-sale campaign that conducts extensive pre-attack reconnaissance, then selects the most effective tool to compromise its retail targets.

Conficker's resurgence shows that criminals need not innovate to succeed.

The US Department of Homeland Security has some new and interesting notes on cyber insurance.

Notes.

Today's issue includes events affecting Australia, Austria, Barbados, Belgium, Chile, China, Dominican Republic, European Union, Germany, Grenada, India, Iran, Iraq, Ireland, Jamaica, Russia, St. Kitts and Nevis, St. Vincent and the Grenadines, Syria, Taiwan, Trinidad and Tobago, United States.

Dateline IoT Security Foundation Conference

Securing the IoT: An Overview of Challenges, with an Approach to their Solution (The CyberWire) The IoT is many things, not one big thing. Recall Archilochus's epigram: "the fox knows many things; the hedgehog knows one big thing." IoT security is a family of problems that calls for foxy solutions

The Inaugural IoT Security Foundation Conference (IoT Security Foundation) The inaugural IoT Security Foundation Conference is a one-day event and follows on from the popular IoT Security Summit held earlier in the year at Bletchley Park. Whilst the Summit looked at the problems with IoT security, this conference will look closer at the need for security, applications and what organisations should be doing to ensure a security first, fit for purpose and resilient approach

Cyber Attacks, Threats, and Vulnerabilities

Australian Defence Department 'Hacked' in Cyber Attack on Bureau of Meteorology (Defense World) A massive cyberattack against Australia's Bureau of Meteorology may have allowed hackers to access the nation's defence department through a linked network

EXCLUSIVE: ISIS Adherents Praise San Bernardino Massacre, "America Burning" (Vocativ) The Islamic State created a horrifying hashtag praising the mass shooting but did not take credit for the killings

ISIL video purportedly shows killing of Russian spy (Al Jazeera America) Footage shows a man giving details of his apparent recruitment by Russian intelligence services before his execution

Why more people are calling ISIL "Daesh," and why the group apparently hates it (Quartz) While debating whether to bomb Syria in Parliament yesterday (Dec. 2), British prime minister David Cameron announced the government would start calling the militant group "Daesh" instead of ISIL (also known as the Islamic State or ISIS)

Panel casts doubt on U.S. propaganda efforts against ISIS (Washington Post) The State Department is considering scaling back its direct involvement in online campaigns to discredit the Islamic State after a review by outside experts cast new doubt on the U.S. government's ability to serve as a credible voice against the terrorist group's propaganda, current and former U.S. officials said

Iran is emerging as one of the most dangerous cyber threats to the US (Business Insider) A recent report by the Wall Street Journal claims Iran is aggressively hacking US officials. This raises new questions about the ultimate goals of the Iranian regime, particularly in cyberspace

Three Greek banks hit by cyber attack (Recorder Post) The hackers caused the online banking systems of three Greek lenders to briefly stop working on Thursday

Armada Collective demands ransom from Greek banks (SC Magazine) A hacking group dubbing itself the Armada Collective has claimed responsibility for striking three Greek banks with distributed denial of service (DDoS) attacks and has threatened to continue to do so unless paid a ransom

Hackers Behind ProtonMail Attacks Now Targeting Greek Banks for Bitcoins (Hack Read) A hacking group (Armada Collective) which was previously held responsible for launching DDoS attacks on ProtonMail is back and this time targeting Greek banks and using the old DDoS-for-Bitcoin extortion scheme

Operation Black Atlas Endangers In-Store Card Payments and SMBs Worldwide; Switches between BlackPOS and Other Tools (TrendLabs Security Intelligence Blog) With the coming holidays also come news of various credit card breaches that endanger the data of many industries and their customers

Chimera Crypto-Ransomware Wants You (As the New Recruit) (TrendLabs Security Intelligence Blog) Victim or potential business partner?

New variant of CryptoWall — Is it right to call it 4.0? (Internet Storm Center) Earlier this week, I saw the most recent variant of CryptoWall as a payload delivered by the Angler exploit kit (EK). Many people, including me, have been calling this new variant "CryptoWall 4.0." However, version 4.0 is not the most accurate term for this ransomware. So why are we calling it that?

Seven years on, the Conficker worm is not dead… but dominating (Graham Cluley) It's been over seven years since the Conficker worm spread around the world, cracking passwords, exploiting vulnerabilities, and hijacking Windows computers into a botnet to distribute spam and install scareware

[Conficker] Infection Tracking (Conficker Working Group) As security professionals we always are asked how large is the population of an infection. Conficker is no different from any other, and it seems that everyone wants to have some value to use for many different purposes. The press for impact, some vendors for FUD, and others to have a number to compare to other infections. The bottom line is that no one can give an exact number on any infection ever. If anyone ever states exact numbers, they either are controlling it, or are not being completely honest to themselves or others on the means of data collection

Flaws in medical data management system can be exploited to modify patient information (Help Net Security) Two vulnerabilities found in v3.3 of Epiphany's Cardio Server ECG Management System, a popular system that is used to centralize and manage patient data by healthcare organizations around the world (but mostly in the US), can be exploited by local attackers to access and modify patient information, warns CERT/CC

Vulnerability Note VU#630239: Epiphany Cardio Server version 3.3 is vulnerable to SQL and LDAP injection (CERT/CC) The Epiphany Cardio Server prior to version 4.0 is vulnerable to SQL injection and LDAP injection, allowing an unauthenticated attacker to gain administrator rights

Hospital hacking 'time bomb' (West Australian) Hospitals are potential targets for terrorists to hack into computer systems and take control of medical equipment to harm patients, a Perth conference had heard

Thirsty Cell Phones Pose Hacking, Privacy Risks at Medical Facilities (Healthline) People visiting medical facilities these days may face delays and run down their mobile phone batteries while they wait

Belkin's N150 router sports multiple flaws, including default access credentials for telnet server (Help Net Security) Belkin's SOHO routers are not exactly a paragon of a secure device, so it shouldn't come as a surprise that, once again, a security researcher has unearthed a number of flaws in one of them

App broke 'every rule in the book', leaving billboards open to the threat of real-life ad-blocking (Graham Cluley) OutdoorLink Inc. has patched several vulnerabilities in its SmartLink Systems app that could have allowed an attacker to assume control of outdoor electronic billboards and compromise users' login credentials

Scammers Threatening Users with Apple ID Suspension Phishing Scam (Hack Read) New day, new phishing attack! This time, it's the Apple id which has been used by the attackers to steal from the innocent users

Scammers Running Phishing Scam with Tennessee Government Email ID (Hack Read) It is easy to hack a domain and set up scams for visitors but using a government email address to run a phishing campaign is a bit odd

Anatomy of a Wi-Fi hole: Take care in your hotel this Christmas! (Naked Security) I'm on the road at the moment, staying in a business hotel with three pleasant surprises

Don't Panic! Your Instagram (Probably) Wasn't Just Hacked (TechCrunch) About two hours ago, I got a flurry of text messages from my family

IoT Botnets From China Will Be Major Problem By 2017: IID (ValueWalk) According to cybersecurity firm IID, Chinese and Eastern European hackers are likely to take control of millions of new devices connected to the Internet of Things, and create a botnet army out them for various nefarious purposes

12/2/2015 Study: Hackers Will Exploit Upcoming U.S. Election (National Defense) Hackers and cyber criminals will use the upcoming U.S. presidential election to attempt to trick unsuspecting citizens into giving away personal data as well as breach online accounts of candidates, election staffers and media outlets, a study released Dec. 2 said

Security Patches, Mitigations, and Software Updates

Cisco Patches WebEx App for Android, Warns of Unpatched Flaws (Threatpost) Cisco has been busy the last two days pushing out a patch and security advisories for a number of its products, including a fix for a remotely exploitable vulnerability in its WebEx Meetings mobile application for Android

Cyber Trends

2016 to Be 'Nightmare' Cybersecurity Year, Raytheon-Websense Predicts (SIGNAL) If you thought 2015 was a grueling cybersecurity year, hang on

Security Challenges in the Internet of Things (IoT) (Infosec Institute) The Global State of Information Security® Survey 2015 issued by PricewaterhouseCoopers comes to the conclusion that about 70% of connected IoT devices lack fundamental security safeguards

Encryption, Security Awareness Training Increasing at Law Firms: Survey (Legaltech News) The 2015 ILTA Tech Survey revealed that the 420 total law firms surveyed are beefing up their cybersecurity presence

Lack of visibility and security concerns hinder cloud adoption (Help Net Security) When it comes to migrating to the cloud, 65% of companies are concerned with security and 40% worry about their loss of physical control over data in the cloud

ONC: Two-factor authentication capabilities on the rise for hospitals (FierceHealthIT) Two-factor authentication is on the rise at hospitals and health systems, according to the Office of the National Coordinator for Health IT

Research reveals failure of PKIs to follow best practices (SecurityInfoWatchj) In a recent study entitled the 2015 PKI Global Trends Study conducted by Thales, a leader in critical information systems and cybersecurity, which was based on independent research by the Ponemon Institute and sponsored by Thales, spotlights an increased reliance on public key infrastructures (PKIs) in today's enterprise environment that is supporting a growing number of application

Small Islands, Big Problems: Cybersecurity in the Caribbean Realm (Small Wars Journal) According to the Organization of American States (OAS) in its latest report on "Latin American + Caribbean Cyber Security Trends" released in June 2014, Latin America and the Caribbean have the fastest growing Internet population in the world with 147 million users in 2013 and growing each year

Marketplace

Cyber insurance likely to drive better security, says Raytheon-Websense (ComputerWeekly) Security improvements driven by cyber insurance requirements is one of the top predictions in a Raytheon-Websense report on security trends in 2016

Cybersecurity Insurance (US Department of Homeland Security) Cybersecurity insurance is designed to mitigate losses from a variety of cyber incidents, including data breaches, business interruption, and network damage

Venture capitalists flock to cybersecurity information-sharing platforms (Washington Post) Arlington cybersecurity start-up ThreatConnect said Tuesday that it has raised $16 million from investors, led by the corporate venture capital arm of SAP's North American subsidiary in Rockville. The next morning just down the road in Sterling, Va., a similarly-named start-up called ThreatQuotient said it raised $10.2 million, led by prolific technology investor New Enterprise Associates. A few weeks ago Arlington-based Trustar announced a $2 million in seed funding

Palo Alto Networks, Inc. (PANW — $190.79*) Palo Alto Remains the Clear Winner in Cybersecurity Heading into 2016; Adding to FBR Top Picks (FBR Capital) With this note we are raising our price target on Palo Alto Networks from $210 to $235 and adding it to the FBR Top Picks list heading into 2016

Verint Systems, Inc. (VRNT — $46.46*) Delivers Soft October Results; Challenges Ahead — Maintain Outperform (FBR Capital) Last night, Verint delivered soft F3Q16 (October) results, as it missed consensus expectations on both the top and bottom lines while also giving initial FY17 guidance that was generally below the Street's expectations

Microsoft Remains the Standout; Other Tech Stalwarts Playing "Cloud Catch-Up" Heading into 2016 (FBR Flash) Looking back on 2015, it has been a choppy environment for tech players with a very bipolar IT spending backdrop

Ex-SourceFire Execs Join Fast-Growing Va. Cybersecurity Startup (DCInno) NEA leads $10.2M investment In ThreatQuotient

Products, Services, and Solutions

Z1 SecureMail 4.9: Latest release from the email encryption specialist Zertificon (Zertificon) The Berlin based encryption specialist Zertificon presents with Z1 SecureMail Gateway 4.9 the latest version of the leading email encryption solution for enterprises

Startup Offers Free Cyberattack Simulation Service (Dark Reading) Attack simulation emerging as a way to test network security on demand and without exploits

How Prepared Are You For A Cyber Threat? Burson-Marsteller Will Show You (Advertising Age) Teams with ex-Homeland Security Chief's firm to help corporate leaders prevent breaches

Snowden's Favorite Chat App Is Coming to Your Computer (Motherboard) In countless interviews giving advice on how to avoid surveillance, NSA leaker Edward Snowden has repeatedly namechecked one chat app: Signal

Blue Coat, Dimension Data collaborate on cloud web security (IT Wire) Blue Coat Systems has inked a worldwide agreement with Dimension Data to deliver its managed cloud web security service

RiskIQ Makes Facebook ThreatExchange Data Accessible (Infosecurity Magazine) With an ever-increasing number of cyberattacks, it's imperative that organizations have a way to facilitate sharing of attack data in order to defend themselves better

New helpme@freespeechmail.org Ransomware can be Decrypted for Free (Bleeping Computer) A new ransomware has started to become seen on various computer support forums that encrypts your data and then appends the helpme@freespeechmail.org string to the filename

Threat Intelligence Advancements Evolve To Deliver Cyberattack Early Warnings (CIO Today) BrightPoint Security™, a leading Threat Intelligence Platform provider for automation, curation and sharing of threat intelligence Relevant Products/Services to fight cyber attacks, today introduced a new release of its Sentinel™ platform that provides immediate evidence-based predictive insight with risk-prioritized threat scoring

Symantec: Our ATP 'changes the game' (CRN) Partners urged to get on board with its new Advanced Threat Protection offering at Symantec's Partner Engage event

Readers' top picks for application security tools (TechTarget) The top companies and application security products that organizations consider when they seek to reduce their application vulnerabilities

Technologies, Techniques, and Standards

Brocade admins: Check your privilege (Register) You did kill that diagnostic account, yes? If not, naughty folks know how to kick it hard

Into the Breach: Why 'Self Detection' Leads To Faster Recovery (Dark Reading) When an organization can identify network and system intrusions in their early phases it takes the advantage away from its adversaries. Here's how

Five key checks to ensure a business is ready for cyber attacks (ComputerWeekly) Top of any company's cyber security checklist should be ensuring that the cyber security strategy is taking all changes in the operating environment into account, says BAE Systems

4 Tips for CIOs to Deal Efficiently with Shadow IT (Information Security Buzz) Dealing with Shadow IT embodies the evolution of the role of the CIO, from being primarily a technologist and a problem solver to being an influencer and a risk manager

Fending off cyber extortion can be difficult (CSO) A basic computer setup connected to the internet grants a malicious hacker the power to steal sensitive information, affect a company's stock value, and hold corporations to a ransom with the click of a mouse

Securing the smart home environment (Help Net Security) Currently, smart home environments complement traditional home appliances with connected devices that collect, exchange and process data to create added-value services and enhance the quality of life of inhabitants

OPM Breach: Credit Monitoring vs. Freeze (KrebsOnSecurity) Many readers wrote in this past week to say they'd finally been officially notified that their fingerprints, background checks, Social Security numbers, and other sensitive information was jeopardized in the massive data breach discovered this year at the Office of Personnel Management (OPM)

How much money should you fork over to that internet cutie pie? (Naked Security) He went by the name of Christian Anderson on the online dating site, and what a sweet fairytale he spun

Advent tip #3: Set your Facebook posts to 'Friends only' (Naked Security) You wouldn't go up to a stranger in a street and tell them what you've been up to, so why would you let just anyone see what you've posted on Facebook?

Design and Innovation

NIST's Ron Ross on baking security into the government's software systems (FedScoop) Transparency in the development process is "the most important thing" when it comes to managing supply chain security risk, Ross said

Machine Learning is Cybersecurity's Latest Pipe Dream (New Business) A recurring claim at security conferences is that "security is a big data / machine learning (ML) / artificial intelligence (AI) problem"

BitGo's Key Recovery Service protocol offers familiarity and new security options (Brave New Coin) A typical concern raised by those new to bitcoin is that having no central administrator nor authority makes it too dangerous to keep substantial amounts of money in, simply because there is no one to ask for a replacement private key should they lose theirs

DHS to Silicon Valley: Tell us how to secure this "Internet of Things" (Ars Technica) Agency holds "Industry day" next week to recruit help with IoT security

Research and Development

Kaspersky: The 'cryptopocalypse' is nigh (FedScoop) According to projections by the security firm, quantum computing will shortly render current cryptographic standards near-obsolete

Academia

Sophos arrives in Ottawa, partners with Willis College to develop talent (Ottawa Business Journal) British cybersecurity firm Sophos opened its new Ottawa office Wednesday and is counting on a private local college to fill it with qualified staff

Legislation, Policy, and Regulation

Internet of Things: many uses but what about rules? (EU Observer) The European Union is expecting great benefits from the Internet of Things, but the online connection of physical devices via sensors is also a potential head-scratcher for policymakers

Iran — yup, Iran — to the rescue to tackle Internet of Things security woes (Register) Unfortunately also want controls over 5G and things like VoIP

Cyber warfare an integral part of modern politics (SC Magazine) Cyber-operations are being used for a wide range of information warfare and intelligence gathering purposes, including in the war between Russia and Ukraine, according to a new book published today by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCE)

US, China take first steps toward cybersecurity cooperation (ITWorld) The two countries have pledged to share information and establish a hotline

New Cybersecurity Resource Launches (OPM Director's Blog) I'm pleased to report that we have established a verification center to help individuals who have had their information stolen in the malicious cyber intrusion carried out against the Federal Government

U.S. must unify electronic warfare, retired general says (Air Force Times) If the Air Force wants to be effective in future conflicts, it must rethink the way it handles electronic warfare, a retired general said Tuesday

Air Force CIO: We're taking lead on cyber, enterprise IT (C4ISR & Networks) The Air Force is in the middle of implementing a host of technology-focused efforts that are moving the service forward in cybersecurity and joint information operations, according to CIO Lt Gen William Bender

Air Force Space Command not spending on cyber defense of weapons systems (FCW) Of the $3 billion the Air Force Space Command spent last fiscal year on cybersecurity, not a single penny went to defending software vulnerabilities in weapons systems that Pentagon officials have said are at great risk

New cyberspace operations activated at Scott Air Force Base (St. Louis Public Radio) Cyber security has become a major initiative of the Pentagon

DHS Kicks Off Search for 17 Data Privacy & Integrity Advisory Committee Members (ExecutiveGov) The Department of Homeland Security's privacy office has begun its search for new members of the data privacy and integrity advisory committee

For national security emergency, launch a Cyber National Guard (The Hill) Cybersecurity has dominated headlines in 2015

Litigation, Investigation, and Law Enforcement

Chinese government has arrested hackers it says breached OPM database (Washington Post) The Chinese government recently arrested a handful of hackers it says were connected to the breach of Office of Personnel Management's database this year, a mammoth break-in that exposed the records of more than 22 million current and former federal employees

China Says Hack of U.S. Government Was Not State Sponsored (Entrepreneur) China's official Xinhua news agency said on Wednesday that an investigation into a massive U.S. computer breach last year that affected more than 22 million federal workers found the hacking attack was criminal, not state-sponsored

China Calls Hacking of U.S. Workers' Data a Crime, Not a State Act (New York Times) China has acknowledged for the first time that the breach of the United States Office of Personnel Management's computer systems, which the Obama administration said exposed the personal information of more than 21.5 million people, was the work of Chinese hackers

Lawmakers Want National Security Damage Assessment on OPM Hack (Nextgov) Several House committees want an unclassified report from President Barack Obama on the damage to U.S. spy operations wrought by the historic breach of federal employee background investigations

Target in $39.4 million settlement with banks over data breach (Reuters) Target Corp (TGT.N) has agreed to pay $39.4 million to resolve claims by banks and credit unions that said they lost money because of the retailer's late 2013 data breach

After Safe Harbor ruling, legal moves to stop Facebook from sending data to US (Ars Technica) Similar legal action may be taken against Apple, Google, Microsoft, and Yahoo

Are Criminal Gangs Abandoning Traditional Crimes in Favour of Cyber Crime? (IFSEC Global) The expression "crime doesn't pay" isn't exactly entirely true

Canadian Cops Have a New Plan of Attack Against ‘Political’ Cybercrime and Anonymous (Vice News) After several high-profile investigations into Anonymous failed to net results, the Royal Canadian Mounted Police are looking to set up a cyber crime team in Ottawa that will tackle online threats to Canada's "political, economic, and social integrity"

NARA releases surprisingly candid federal agency self-assessment (FierceContentManagement) The National Archives and Records Administration released its annual Records Management Self-Assessment evaluating whether or not U.S. federal agencies are performing their RM duties and responsibilities adequately

37,000 websites selling counterfeit goods taken down in global effort (Naked Security) More than 37,000 websites, which were selling counterfeit goods, have been closed down in an effort by global law enforcement

Bitcoin scam charges made against companies in US (BBC) Two US Bitcoin mining firms have been charged with running a scheme that duped more than 10,000 investors

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

BSides San Francisco (San Francisco, California, USA, February 28 - 29, 2016) BSides San Francisco is an Information / Security conference that's different. We're a 100% volunteer organized event, put on by and for the community, and we truly strive to keep information free. There...

Upcoming Events

Program on Cyber Security Studies (PCSS) (Garmisch-Partenkirchen, Germany, December 2 - 17, 2015) The Marshall Center has developed a comprehensive program to explore the increasing domestic, international and transnational challenges in cyber security. Our goal is to provide a comprehensive, policy-focused,...

Cyber Security Breakdown: Washington DC (Washington, DC, USA, December 3, 2015) This half day session will provide you with the critical information you need to start formulating an effective response in the eventuality of a cyber security event. Rather than try and handle the breach...

Cloud Security Alliance Summit Los Angeles 2015 (Los Angeles, California, USA, December 3, 2015) The full day Cloud Security Alliance LA Summit is a standalone event in the greater Los Angeles area. Hosted by the CSA LA/SoCal chapter, some 200 well-qualified attendees are expected. The theme is "Enterprise...

2015 Cyber Security Exchange (Orlando, Florida, USA, December 6 - 8, 2015) This dynamic, three-day event will provide Cyber Security executives with valuable insights to reach their full potential by exploring security leadership strategies, heightened data privacy concerns,...

Disrupt London 2015 (London, England, UK, December 7 - 8, 2015) TechCrunch Disrupt is one of the most anticipated technology conferences of the year. Join us at this iconic startup and thought leadership event in London on December 7 and 8. What happens at Disrupt?...

Passwords 2015 (University of Cambridge, England, UK, December 7 - 9, 2015) More than half a billion user passwords have been compromised over the last five years, including breaches at internet companies such as Target, Adobe, Heartland, Forbes, LinkedIn, Yahoo, and LivingSocial.

ACSAC (Annual Computer Security Applications Conference) (Los Angeles, California, USA, December 7 - 11, 2015) ACSAC is one of the most important cyber security conferences in the world, and the oldest information security conference held annually. Researchers, government representatives, academia and security...

Cyber Risk Wednesday: 2016 Threat Landscape (Washington, DC, USA, December 9, 2015) To discuss how 2016 will likely challenge today's security thinking and what we can learn from the past year's developments and these trends, please join the Atlantic Council's Cyber Statecraft Initiative...

NSA RCTCON (Fort Meade, Maryland, USA, December 9, 2015) The NSA RCTCON industry exposition will be attended by 250-300 IC (Intelligence Community) cyber personnel working on solutions to the current cyber threats that face the U.S

SANS Institute: Information Security Training (Las Vegas, Nevada, USA, September 12 - 21, 2015) Information security training in Las Vegas from SANS Institute, the global leader in information security training. At SANS Network Security 2015, SANS offers more than 40 hands-on, immersion-style security...

cyberSecure (New York, New York, USA, December 15 - 16, 2015) Today's business leaders recognize that a multi-disciplinary approach is critical to protecting the bottom line. What's too often missed is a vision that incorporates best practices that allow you add...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.