skip navigation

More signal. Less noise.

Daily briefing.

Physical space casts its shadow (as it always does) into cyberspace: France sees a spike in cyber attacks post-Charlie-Hebdo. About 19,000 Website have sustained attacks since January 7.

Symantec reports that the Carberp Trojan has morphed into an improved version with a preference for Australian targets.

CryptoWall 3.0 improves victim service, and not in a good way. KnowBe4 says the ransomware now makes it easier for its marks to pay up.

Malvertising is a growing threat. Everyone acknowledges its danger, but there's no clear consensus over who's responsible for dealing with it.

Ponemon releases a new study on estimating the cost cyber attacks exact from their targets.

As corporate boards take a more active role in cyber security, university boards of trustees (like Penn State's) do likewise.

The market for cyber insurance is expected to expand rapidly this year, and observers believe it will drive better standards and practices (often citing fire insurance as historical precedent).

Cyber threat information sharing is everyone's darling today. Security companies seek to share with their peers and competitors. US President Obama's proposed cyber legislation may be increasingly controversial (analysts see dangerous vagueness in its criminal sanctions, with security research possibly an unintended casualty) but there's general agreement that its goal of fostering threat information sharing is sound.

UK PM Cameron's war on encryption still finds little love, but the US-UK summit has agreed on joint cyber drills.

The Silk Road trial has its Perry Mason moment: defense counsel suggests Mount Gox set Ulbricht up.

A note to our readers: the CyberWire will observe Martin Luther King Day and not publish Monday. We'll resume regular publication on Tuesday, January 20.


Today's issue includes events affecting Australia, China, France, Indonesia, Democratic Peoples Republic of Korea, Russia, United Kingdom, United States.

Cyber Attacks, Threats, and Vulnerabilities

In Wake Of Violence, France Reports Spike In Cyberattacks (Dark Reading) 19,000 French websites have been attacked since Jan. 7

New Carberp variant heads down under (Symantec Connect) Trojan.Carberp.C uses stealth tactics and seems to have a preference for Australia

KnowBe4 Says New CryptoWall 3.0 Ransomware Makes Paying Ransom "Easier" (Virtual Strategy Magazine) CryptoWall 3.0 Ransomware now comes with improved customer service

WhatsApp sees increasing complexity of spam campaigns (Help Net Security) Over the past few months, AdaptiveMobile has tracked an increase of spam complexity on messaging apps, such as WhatsApp, in the United States, Europe and India, and expects these attacks to continue through 2015

Affordable Care Act Phishing Campaign (US-CERT) US-CERT is aware of a phishing campaign purporting to come from a U.S. Federal Government Agency. The phishing emails reference the Affordable Care Act in the subject and claim to direct users to health coverage information, but instead direct them to sites which attempt to elicit private information or install malicious code

Facebook users warned not to click on 'Hottest Leaked Snapchats' links (Guardian) Security firm BitDefender says posts promising saucy 'leaked' photos and videos could lead to identity fraud

The Truth About Malvertising (Dark Reading) Malvertising accounts for huge amounts of cyberfraud and identity theft. Yet there is still no consensus on who is responsible for addressing these threats

Security Patches, Mitigations, and Software Updates

Google publishes third Windows 0-day vulnerability in a month (IDG via CSO) Google ignored Microsoft's calls for flexible vulnerability disclosure deadlines and released details of another unpatched Windows flaw, leaving users exposed for at least the next 25 days

Security experts weigh in on Microsoft-Google vulnerability disclosure debate (TechRepublic) Google adhered to its 90-day policy and disclosed vulnerability details about a bug in Windows the day before Microsoft was scheduled to publish the patch. Which company is right?

Cyber Trends

Ponemon Institute Survey: The Cost of Malware Containment (Damballa) The recent breaches of Target, Home Depot, JP Morgan Chase and Sony Pictures are examples of how destructive malware can be to an organization's reputation and financial stability

3 Ways Cyber Insurance Will Improve Security Performance (BitSight Security Ratings Blog) In 2014, Cyber Insurance saw record growth. In fact, in a recent white paper from Advisen, their buyer penetration index showed a five-fold increase in insurance purchases from 2006 to 2013, demonstrating that many organizations have recognized the value in outsourcing corporate cyber risk. Naysayers, however, warn that this move does not make companies more secure and allows organizations to ignore the behaviors and issues that are creating security risks in the first place

Good security is about making a cyber-attack more expensive than a break-in: Kaspersky Lab CEO (Economic Times) When hackers breached the firewalls of Sony Pictures Entertainment, they also fired a missive at corporates worldwide. Hacking is now a clear and present danger. In a chat with Corporate Dossier, Eugene Kaspersky, CEO, Kaspersky Lab, who calls cyber weapons the most dangerous innovation of this century, discusses the dark side of internet

The Top-12 Security Breach Facts Every C-Level Executive and Board Member Must Know (US Cybersecurity Magazine) Innovation, trade secrets and customer data are the lifeblood of U.S. companies and the U.S. economy. They comprise up to 80% of the current and future value of today's organizations. These critical economic engines of competitive advantage must be protected at all cost. What we learned as an industry over the past months and years must be leveraged into your next level of information protection

CIOs beef up security tools in wake of 2014 data breaches (TechTarget) What's different about security strategies in the aftermath of the 2014 data breaches? More money, more monitoring, more employee training, and that's just for starters

DDoS volumes plateau as hackers try new attack vectors: Akamai (CSO Australia) Findings by content distribution network (CDN) provider Akamai that Australia is sliding down the world's broadband rankings got widespread coverage, but Akamai's review of global security exposure has also highlighted more pressing information-security concerns in Australia and elsewhere

Verizon: Most PCI Firms Fall Out of Compliance Within One Year (Infosecurity Magazine) The majority of merchants which sign up to payment security standard PCI DSS fall out of compliance less than a year after being validated, greatly increasing their chance of falling victim to a damaging data breach, according to Verizon Enterprise Solutions

Maintaining PCI Compliance a Showstopper for Many Retailers (Verizon News Center) Initial findings from Verizon's 2015 PCI Report suggest businesses still struggle, lack of compliance linked to data breaches


Sony hack was good news for INSURERS and INVESTORS (Register) Spilling Hollywood's secrets woke money-land to the need for intrusive oversight

P/C Insurers See Surge in Cyber Insurance, M&A Activity in 2015 (Insurance Journal) Property/casualty insurance executives overwhelmingly predict growth in both cyber insurance and merger and acquisitions (M&A) activity in 2015, according to a new Insurance Information Institute annual survey

Security firms forge alliance to fight growing cyber threat (CNBC) As companies and organizations from Sony to Centcom face growing threats from hackers, four cybersecurity firms are have joined forces to share intelligence

Will Cybersecurity Build or Buy Its Way Out of Fragmentation? (Computer Business Review) The good guys must mend the cracks in our infrastructure

The hottest executive jobs of 2015 (Fortune) What's most in demand? Cybersecurity experts and data-savvy marketers

Concerned Procera Stockholders Announces Intent to Run Dissident Slate for 2015 Annual Meeting (Herald Online) Dilip Singh, the spokesperson for a group known as "Concerned Procera Stockholders," announces the following

Sophos frames strategy to expand in Indian IT security market (InfoTech Lead) IT security company Sophos announced its multi-pronged strategy to strengthen its presence in Indian mid market

A Samsung-BlackBerry Alliance Is Highly Desirable (Seeking Alpha) Samsung will benefit a lot from owning BlackBerry. Samsung can use BlacKBerry's QNX and Elliptic Curve Cryptography assets to build the most secure Machine-to-Machine communication solutions. Samsung can outrun Google in the connected car segment if Samsung owns QNX. QNX is the leading OS in connected cars

ObserveIT Launches New Global Partner Program (Herald Online) User activity monitoring leader increases marketing support, financial incentives, and training for partners around the globe

ObserveIT Announces Addition of Worldwide Vice President of Corporate Strategy & Business Development and Regional Vice President of Sales, EMEA North (Herald Online) Company makes personnel investment in Global Partner Program

NTT Named a Challenger in 2014 Gartner Magic Quadrant for Managed Security Services, Worldwide (MarketWatch) Solutionary, an NTT Group security company NTT, +0.45% and the next-generation managed security services provider (MSSP), today announced that Gartner, Inc., a leading IT research and advisory firm, has positioned NTT in the "Challengers" Quadrant of the 2014 Magic Quadrant for Managed Security Services

Kaspersky Lab Improved Its Position as a Leader in the Gartner Magic Quadrant for Endpoint Protection Platforms (Herald Online) Kaspersky Lab has been named a "Leader" in the Gartner Magic Quadrant for Endpoint Protection Platforms. The company was placed in the leader's quadrant for the fourth year in a row based on both the "completeness of vision" and "ability to execute" categories specified by Gartner experts

Bromium Appoints Robert Maus SVP of Business Development (Marketwired) Experienced technology executive drives strategic alliances and technical partnerships

Websense Names New Channel Chief, Steps Up Services, Support (CRN) Websense has established a professional services arm to deal with support issues, and named an executive from the private equity firm that acquired it in 2013 to oversee its global channel operations

Duo Security Appoints New Vice President of Worldwide Sales (Virtual Strategy Magazine) Adds West Coast sales & marketing professionals to accommodate rapid growth

Products, Services, and Solutions

How much trust can you put in Telegram messenger? (IDG via CSO) Messaging programs are a closely watched application category, with experts scrutinizing how communications are protected from government surveillance dragnets and hackers. The primary defense invariably involves encryption, but just saying an application uses encryption by no means ensures it's secure

The EFF's secure messaging scorecard. Which app will you use? (Lumension Blog) Revelations by NSA whistleblower Edward Snowden woke many of us to up the risks posed by covert surveillance, and in just the last few days — following the ghastly events in Paris — UK Prime Minister David Cameron has called for secure communication apps to be made unlawful, or at least forced to contain a backdoor which the police and intelligence agencies could exploit

Endpoint security fundamentals: Comparing antimalware protection products (TechTarget) Expert Ed Tittel examines the top endpoint antimalware products for small, mid-sized, and larger enterprises

Cloud Security Vendor Centrify Adds MSP Program (CRN) Cloud security vendor Centrify has unveiled a new tier aimed at MSPs and executives say the SaaS-based identity management company is increasingly turning to system integrators and skilled security consultancies to establish a broader customer base

Privacy considerations in a cloudy world (Microsoft Cyber Trust Blog) In today's high tech world, individuals from around the globe can comment in real time on others social media posts and current events instantaneously. With just a few keystrokes, data, thoughts and ideas can reach around the globe. In this fast paced environment, consideration of what you choose to share and to whom is more important than ever. Likewise, as organizations take advantage of the scale and economies offered by cloud computing, understanding how data is managed by cloud service provider is a high priority

Northern Ireland NHS hospital trust deploys ForeScout security (ChannelBiz) Northern Trust wanted to protect 15,000 endpoints across 150 sites and get ready for the Internet of Things

FirePassword — Firefox Username & Password Recovery Tool (Kitploit) FirePassword is first ever tool (back in early 2007) released to recover the stored website login passwords from Firefox Browser

FortyCloud Joins Forces with Numergy to Address Growing Demand for Cloud Localization (The Hosting News) FortyCloud, a pioneer in network Security-as-a-Service for the cloud, today announced a partnership with Numergy, a leading public cloud services provider based in Paris. As part of the new partnership, Numergy customers can now take advantage of FortyCloud's first-of-a-kind offering that bundles all core security components (encryption, firewall, VPN, access control, identity management, etc.) into a single, integrated product delivered as Software-as-a-Service

Technologies, Techniques, and Standards

Hold data on EU citizens? Check if you'll be compliant with the new Data Protection Regulation (Naked Security) It seems like we hear about new data breaches every week. Last year we saw shops, banks, restaurants and other companies lose data on customers, not to mention an epidemic of medical data breaches

Criminals Are After Your LinkedIn Account — Here is How to Protect it (Tripwire: the State of Security) Regularly in the news we hear about organisations having their Twitter or Facebook accounts compromised by cybercriminals — but they're not the only social media outlets which hackers and fraudsters have an interest in hijacking

How a strategic approach to data will advance fraud prevention in healthcare (FierceHealthPayer) Healthcare organizations can learn from existing data, identify irregular behaviors

4 Ways to Mount a Cyber Defense in Light of the U.S. Military's Social-Media Hack (Entrepreneur) This week's hijacking of several social-media accounts run by U.S. Military Central Command underscores a powerful message: Just because it wasn't data or computer networks that were attacked doesn't mean it's not detrimental to your business

Social Engineering: How Dangerous is Your Lunch Break? (Infosec Island) Ever heard the phrase 'Loose lips sink ships?'

Design and Innovation

The Ghostly Side of Bug-Hunting (The Analogies Project) I have few vices in life but there is a TV programme called "Ghost Adventures" that has really caught me and yes, I'd go as far as saying I'm a little addicted. It's a fun programme led by 'Zak', who "wants to capture on film what he once saw" — a ghost. So he and his team go to haunted locations all over the world, but mainly in America to suit the audience, in some hope of capturing evidence of ghosts. It's all scientific despite the "for entertainment only" caption at the start of the showreel


Penn State Targeted by Constant Barrage of Cyber Security Threats ( Recent headlines about the Sony hack and other cyber security issues have not escaped Penn State's attention

WPI Awarded $4.4 Million to Help Bolster the Nation's Cybersecurity Workforce (Worcester Polytechnic Institute) The university will train the next generation of domestic cybersecurity professionals to help fill a growing national demand for experts and address increasing threats to the nation's critical infrastructure

Cybersecurity training needed to raise number of skilled workers (TechTarget) A survey by ESG finds that IT has an ongoing problematic shortage of enterprise cybersecurity skills, and the problem is getting worse

Legislation, Policy, and Regulation

French Rein In Speech Backing Acts of Terror (New York Times) The French authorities are moving aggressively to rein in speech supporting terrorism, employing a new law to mete out tough prison sentences in a crackdown that is stoking a free-speech debate after last week's attacks in Paris

Common Challenges for Indonesia in the Cyber Realm (Jakarta Globe) Redundant or Robust?: President's formation of the National Cyber Agency risks provoking turf war with Defense Ministry

U.K. Knots Closer Cyber Security Ties In Washington (TechCrunch) The U.K. Prime Minister David Cameron is in Washington DC this week, lobbying the U.S. President on the need for circumventing the strong encryption of Internet services

Cameron and Obama plan war games to test cyber resilience (ComputerWeekly) The UK and US have agreed to a series of simulated cyber attacks to test each other's resilience

Why North Korea Hacks (Dark Reading) The motivation behind Democratic People's Republic of Korea hacking is rooted in a mix of retribution, paranoia, and the immature behavior of an erratic leader

Russia blocks bitcoin websites over "shadow economy" fears (Gigaom) The Russian telecommunications regulator Roskomnadzor has blocked access to five bitcoin-related websites because the cryptocurrency "contributes to the growth of the shadow economy"

3 Reasons Why David Cameron's Encryption Ban Won't Work (Computer Business Review) Cybersecurity experts lash out at the prime minister's plans against privacy

With crypto in UK crosshairs, secret US report says it’s vital (Ars Technica) Newly reported Edward Snowden document aired as UK prime minister presses US

Essential freedom is too high a price to pay for safety (Telegraph) We must not let the murder of police and civilians in France turn our heads too far towards a state in which private communication is effectively impossible

Barack Obama proposes shielding companies that share cyber threat data (Naked Security) President Obama on Tuesday proposed new cybersecurity legislation that would put cybercrime on par with racketeering and would protect companies from getting sued if they share computer threat data with the government

Sharing is caring (Economist) Barack Obama wants Congress to bolster cyber-security

Experts speak out about proposed changes to hacking law (CSO) The proposed changes to the CFAA are mixed bag of potential problems

Proposed CFAA Amendments Could Chill Security Research (Threatpost) Legitimate security researchers, from bug hunters to pen-testers, are buckled in for a bumpy ride as vague language in President Obama's proposed amendments to the Computer Fraud and Abuse Act (CFAA) is expected to be debated and sorted out as it makes its way through the legislature

Industry sources: Obama's cyber info-sharing plan falls short on liability protection (Inside Cybersecurity) Industry representatives combing through President Obama's new cybersecurity information-sharing proposal say the plan steps back from the bipartisan Senate bill produced last year and is too restrictive on liability protections for businesses

Why I Hope Congress Never Watches Blackhat (Wired) What a strange time. Last week I was literally walking the red carpet at the Hollywood premiere of Michael Mann's Blackhat, a crime thriller that I had the good fortune to work on as a "hacker adviser" (my actual screen credit). Today, all I'm thinking is, please, God, don't let anybody in Congress see the film

Why A Global Cybersecurity Playbook Is Critical Post-Sony (Forbes) On Tuesday, President Obama announced a series of new cybersecurity measures to improve information sharing between the private sector and government, modernize law enforcement's approach to tackle cybercrime, and require national data breach reporting

Cyberspace regulation needed to avert war following recent cyber-attacks (State Press) ISIS sympathizers successfully hacked into the U.S. Central Command Twitter account on Monday — but ISIS is not the only organization that is hacking. Its actions come in the wake of similar attacks against the U.S. institutions, such as the infamous attack on Sony by North Korea and friends late last year

Does Air-Sea Battle Have a Fatal, Cyber Flaw? (National Interest) This commentary offers clarification to the National Interest's December 8, 2014 article, "Will Air-Sea Battle Be "Sunk" by Cyberwarriors?" (Erica D. Borghard & Shawn W. Lonergan). The article presents a misunderstanding of the multiservice Air-Sea Battle Concept on two levels

US Coast Guard Addresses Maritime Cybersecurity Issues (In Homeland Security) The United States Coast Guard fielded questions from maritime security experts and officials Thursday during a Maritime Cybersecurity Standards Public Meeting held at the U.S. Department of Transportation Headquarters in Washington, D.C

Obama turns to 'name and shame' (Reuters via IT Web) The unusually destructive cyber attack on Sony Pictures Entertainment is providing an early test of a new Obama administration policy to reveal more of what it knows or suspects about hacking campaigns

Is it Possible to Ban Autonomous Weapons in Cyberwar? (Just Security) Political and technological developments have often spurred responses from international humanitarian law (IHL). We already have a good sense of the major questions on the agenda in upcoming years. Two are especially noteworthy: First, how to apply IHL to cyberwarfare? Second, how to regulate autonomous weapons systems (AWS) — including whether to create new laws regarding both domains? These two issues, more than commonly appreciated, have a direct relationship with one another, which lawyers and policymakers should acknowledge

Matthew Green on the NSA and Compromising Crypto Standards (Threatpost) Dennis Fisher talks with Matthew Green of Johns Hopkins University about the NSA's "regret" for continuing to support Dual EC after it had been shown to be compromised, the effects of the agency's influence on crypto standards and the hope for more secure standards in the future

Panel: No alternative to bulk data collection by NSA (Army Times) A committee of scientific experts has concluded that there is no viable technological alternative to bulk collection of data by the National Security Agency that allows analysts access to communications whose significance only becomes clear years later

National Academy of Sciences Releases PPD-28 Report — Bulk Collection of Signals Intelligence: Technical Options (IC on the Record) On January 17, 2014, the President, through Presidential Policy Directive 28, directed my office to assess "the feasibility of creating software that would allow the Intelligence Community more easily to conduct targeted information acquisition rather than bulk collection"

Analysis: Intel Seat Gives Turner Even More Influence (DefenseNews) House Armed Services Committee member Mike Turner has secured a seat on the Intelligence Committee, giving the Ohio Republican added influence on national security issues

Litigation, Investigation, and Law Enforcement

Arresting Dieudonné for "defending terrorism" is exactly what he wants (Quartz) "Je me sens Charlie Coulibaly." Translation: "I feel like Charlie Coulibaly." Infamous French comedian Dieudonné M'bala M'bala wrote these words in a puzzling Facebook post published (and since deleted) in the wake of massacres at the offices of satirical newspaper Charlie Hebdo and a kosher supermarket in the Parisian suburbs

Defense bombshell in Silk Road trial: Mt. Gox owner "set up" Ulbricht (Ars Technica) Mark Karpeles had "intimate involvement with the site," Ross Ulbricht's lawyer claims

DHS Believed Mt. Gox CEO Might Have Been Silk Road's Secret Mastermind (Wired) Long before the Department of Homeland Security set its sights on Ross Ulbricht, the agency had another surprising suspect in mind as the possible creator and administrator of the Silk Road's massive online drug market: Mark Karpeles, the chief executive of what was then the world's biggest bitcoin exchange, Mt. Gox

China's spy chief Ma Jian in corruption probe (BBC News) China has confirmed it is investigating a powerful intelligence chief, Ma Jian, for corruption

Marriott's stopped blocking your Wi-Fi hotspots (Naked Security) Marriott says it's throwing in the towel on its unsuccessful legal and PR battle to get the Federal Communications Commission (FCC) to let it block personal hotspots in its conference and convention areas

JPMorgan Asked by States for Detail on 2014 Data Breach (Bloomberg) JPMorgan Chase & Co. (JPM) was pressed for more evidence by a group of states probing a data breach that jeopardized millions of customer accounts last year, including whether any of the compromised information has been connected with fraud

UK Teen Arrested For Sony, Xbox DDoS Attacks (SecurityWeek) An 18-year-old was arrested this morning in the United Kingdom on suspicion of being involved in the distributed denial-of-service (DDoS) attacks launched against Sony's Playstation Network and Microsoft's Xbox Live over Christmas

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

ShmooCon (Washington, DC, USA, January 16 - 18, 2015) ShmooCon is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and...

California Cybersecurity Task Force Quarterly Meeting (Walnut Creek, California, USA, January 20, 2015) The California Cyber Security Task Force serves as an advisory body to California's senior government administration in matters pertaining to Cyber Security. Quarterly Cybersecurity Task Force meetings...

FIC 2015 (Lille, France, January 20 - 21, 2015) The International Cybersecurity Forum (FIC) forms part of a thinking and exchange process that aims at promoting a pan-European vision of cybersecurity and strengthening the fight against cybercrime, a...

IARPA Proposers' Day for the Cyber-attack Automated Unconventional Sensor Environment (CAUSE) Program (Washington, DC, metropolitan area, January 21, 2015) The Intelligence Advanced Research Projects Activity (IARPA) will host a Proposers' Day Conference for the Cyber-attack Automated Unconventional Sensor Environment (CAUSE) Program on January 21, 2015,...

4th Annual Human Cyber Forensics Conference: Exploring the Human Element for Cloud Forensics (Washington, DC, USA, January 21 - 22, 2015) The Human Cyber Forensics Conference addresses the human element of cyber. Presentations will look at the tradecraft and efforts required to identify, understand, navigate, and possibly influence human...

AppSec California (Santa Monica, California, USA, January 26 - 28, 2015) OWASP's AppSec California goes beyond "security for security?s sake" bringing application security professionals and business experts together with the objective of sharing new information that helps get...

Cyber Security for Critical Assets: Chemical, Energy, Oil, and Gas Industries (Houston, Texas, USA, January 27 - 28, 2015) Cyber Security for Critical Assets Summit will connect Corporate Security professionals with Process Control professionals and serve to provide a unique networking platform bringing together top executives...

Data Privacy Day San Diego — The Future of IoT and Privacy (San Diego, California, USA, January 28, 2015) Join the Lares Institute, Morrison & Foerster, and the National Cyber Security Alliance for Data Privacy Day in San Diego. DPD San Diego will bring together privacy luminaries to discuss fundamental issues...

Cyber Threat Intelligence Summit (Washington, DC, USA, February 2 - 9, 2015) Join SANS for this innovative event as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities

Suits and Spooks (Washington, DC, USA, February 4 - 5, 2015) Suits and Spooks DC (Feb 4-5, 2015) is moving to the Ritz Carlton hotel in Pentagon City! We're expanding our attendee capacity to 200 and for the first time will be including space for exhibitors. We...

Nullcon 2015 (Goa, India, February 4 - 7, 2015) Nullcon discusses and showcase the future of information security, next-generation of offensive and defensive security technology as well as unknown threats

ICISSP 2015 (Angers, Loire Valley, France, February 9 - 11, 2015) The International Conference on Information Systems Security and Privacy aims at creating a meeting point of researchers and practitioners that address security and privacy challenges that concern information...

2015 Cyber Risk Insights Conference — London (London, England, UK, February 10, 2015) The cyber threat landscape is undergoing rapid change. Lloyd's and the London market are at the forefront of developing insurance products to address the evolving exposures of organizations throughout...

AFCEA West 2015 (San Diego, California, USA, February 10 - 12, 2015) Showcasing emerging systems, platforms, technologies and networks that will impact all areas of current and future Sea Service operations.

Cybersecurity: You Don't Know What You Don't Know (Birmingham, Alabama, USA, February 24 - 25, 2015) What: Connected World Conference in partnership with University of Alabama at Birmingham's Center for Information Assurance and Joint Forensics Research (The Center) have teamed up to bring professionals...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.