skip navigation

More signal. Less noise.

Daily briefing.

The US Attorney General says the (a priori) possibility of an ISIS cyber attack capability (or a cyber attack by other foreign enemy) "keeps me up…at night." ISIS attracts some hostile hacktivism of its own, if a slightly breathless Newsweek report on GhostSec is to be credited.

Anonymous claims coup against Canada's CSE, calling an attack retaliation for an RCMP shooting last week.

Another Anonymous-linked incident, last week's breach of a Federal Audit Clearinghouse database, did not, according to the US Census Bureau, include any census data on American households.

The fallout from the OPM breach continues to deliver unpleasant consequences. The latest include rumors of a crippling effect on US human intelligence operations, already felt well in advance of the widely feared and much discussed agent-recruiting windfall OPM data handed Chinese services.

It appears that AshleyMadison's adultery impresarios (now hastily upping their security game) took few precautions against bogus registrations, which leads security observers to caution against taking leaked customer lists at face value.

The automotive hack reported last week prompts warnings of vulnerabilities in everything from military vehicles to Formula One cars. More consequentially, it prompts Fiat Chrysler to recall 1.4 million cars.

The Steam PC gaming platform sustains an attack; many user accounts are exposed.

Researchers warn of vulnerabilities in Smart Home Hubs and smartwatches.

In industry news, Hacking Team works to recover from its breach. Bulls continue to run through the cyber security market.

Wassenaar implementation doesn't improve on acquaintance. Neither do crypto golden keys.

Notes.

Today's issue includes events affecting Canada, China, Iraq, Israel, Jordan, Russia, Singapore, Syria, United Kingdom, United States.

Cyber Attacks, Threats, and Vulnerabilities

Beauty Queen and Vigilante Hackers Declare Online War on ISIS (Newsweek) An online vigilante hacker group, which boasts a former Jordanian beauty queen among its ranks, has vowed to eliminate Isis's online presence by disrupting the group's capacity to organise terror attacks

Lynch: Thought of ISIS cyber-attack on US 'keeps me … up at night' (Fox News) Attorney General Loretta Lynch said Sunday that a cyber-attack by the Islamic State is perhaps the terror group's biggest, emerging threat

Anonymous says it hacked Canada's security secrets in retaliation for police shooting of B.C. activist (DDoSInfo) Hackers with Anonymous say they breached supposedly secure Canadian government computers and accessed high-level, classified national security documents as retaliation for last week's fatal shooting by the RCMP of a protester in British Columbia

US Census Bureau says breach didn't expose household data (IDG via CSO) The U.S. Census Bureau said a data breach early last week did not expose survey data it collects on households and businesses

U.S. Fears Data Stolen by Chinese Hacker Could Identify Spies (New York Times) American officials are concerned that the Chinese government could use the stolen records of millions of federal workers and contractors to piece together the identities of intelligence officers secretly posted in China over the years

Intelligence Experts: US May Be Wary About Sending Spies Abroad After Chinese Hack (International Business Times) Intelligence and security experts say a recent breach of U.S. federal employee data by Chinese hackers could abruptly bring the country's strategy of basing secret U.S. intelligence units abroad to a halt. Government records containing the Social Security numbers of 21.5 million federal employees and their spouses or partners were stolen from the computer systems of the Office of Personnel Management (OPM) in a massive hack that was first made public in June

Don't judge Ashley Madison users too quickly, their accounts may be fake (Graham Cluley) So Ashley Madison got hacked. A service claiming 37 million members, owned and operated by Avid Dating life Inc, who also run the "Cougar Life" and "Established Men" websites

Demo Jeep hack could have military implications (C4ISR & Networks) As military vehicles become increasingly dependent on electronics and computers, much as are commercial cars and trucks, program managers must take cybersecurity needs into account. A recent experience documented in Wired makes the potential risks chillingly clear

Formula One Cars Are Vulnerable To Cyberattacks, Warns Kaspersky (Tech Times) A Russian specialist in information security has issued a warning that online activists could possible hack into the vehicles used for Formula One races

Steam Hit by Major Security Breach, Many Accounts Hacked! (Master Herald) Valve's Steam is the biggest platform in the PC gaming market, with Valve themselves being one of the most prominent companies in the gaming industry as a whole. Steam has millions of accounts all over the world, and in some cases people have invested literally thousands of dollars into their own accounts. Which is why a security breach like the one that just occurred a few days ago is something to take very seriously

HP: 100% of smartwatches have security flaws (CSO) In a recent security assessment of ten smartwatches, every single watch had at least one significant security flaw

Security flaws discovered in popular Smart Home Hubs (Help Net Security) Smart Home Hubs are used to control lighting, heating, locks and cameras in people's homes. Unsurprisingly, many security experts worry about the privacy and safety risks associated with these devices since the technology is in relative infancy

Angler's best friends (Internet Storm Center) Nope, not the kind of angler whose best friends are rubber boots, strings tied into "flies", or a tape measure that starts with "5inches" where others have a zero. This is about the "Angler Exploit Kit", which currently makes rampant use of the recent Adobe Flash "zero-days" to exploit the computers of unsuspecting users, and to push Cryptowall 3.0 on to them. Fellow ISC Handler Brad has covered before how this works

LinkedIn and the story how crooks can use it for spear phishing (Security Affairs) Kaspersky's researchers warned LinkedIn about a security flaw that could put at risk their 360 million users and exposing them to spear phishing attacks

Cyber attack impacts patients at more than a dozen Kansas hospitals (KWCH12) Patients at more than a dozen Kansas hospitals may have had their personal and medical information compromised in a cyber attack. It's a case that is impacting medical facilities across the nation

Indiana hospital target of cyber attack (Fox 19 via WAVE3 News) An Indiana hospital stated its patient's information was the target of a sophisticated cyber attack

GAO: Defense installation utilities at risk of cyber attack (Navy Times) The utility systems that provide water, electricity and other essential services to military installations worldwide have limited defenses against cyber-attacks, putting many bases at risk for a "serious mission-disabling event," a new Government Accountability Office report says

Bulletin (SB15-208) Vulnerability Summary for the Week of July 20, 2015 (US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week

Security Patches, Mitigations, and Software Updates

Fiat Chrysler recalls 1.4 million cars over remote hack vulnerability (Ars Technica) Uconnect bug can shut down engine and brakes, take over steering

Fiat Chrysler Recalls 1.4 Million Cars After Software Bug is Revealed (Threatpost) A few days after issuing a patch and reassuring owners that the attack that shut down the transmission and other systems remotely on a Jeep was not a huge risk, Fiat Chrysler has decided to recall nearly 1.5 million vehicles as a result of the bug exposed in the research

Cyber Trends

The Internet of Things is unavoidable, securing it should be a priority (Help Net Security) The Internet of Things (IoT) started like any other buzzword: poorly defined, used too often, and generally misunderstood. However, it stood the test of time and is now increasingly becoming part of everyday language, even with those outside the IT world

10 Sectors Most Vulnerable to Cyberattacks (Investment U) Target (NYSE: TGT). Home Depot (NYSE: HD). Apple (Nasdaq: AAPL). EBay (Nasdaq: EBAY). Bank of America (NYSE: BAC). These are just a few names on the growing list of companies that have experienced major data breaches in recent years. Both the public and private sectors are seeking better ways to confront cyberthreats as they become more common

Ashley Madison Hack Prompts Speculation About Massive Cyber Attack By 2020 (Inquistr) Ashley Madison, a site reserved for people who want to have an affair, once boasted discretion and high-level security. Since they were hacked last week, however, the company's 37 million users have been on edge following threats that their info would be leaked or sold, and speculation has run wild about what similar hackers have in store for the future

Cyber Attacks Continue to Rise, Much Larger Hack May Be Imminent (BizTech Mojo) Hacking and data breaches have been increasing at an alarming rate within the past few years. More revelations are also being unveiled regarding how unsafe the Internet really is, especially for the average Internet user. Security experts are now claiming that there might be much worse attacks than the most recent Ashley Madison attack and the Sony breach last year

Marketplace

Execs face the chop after being hit by data breach (—) We see more and more breaches being reported in the media — not only here at Naked Security, but also in the mainstream press

Govt launches startup voucher scheme for cyber security (Brookson) A scheme that provides small to medium-sized enterprises (SMEs) with up to £5,000 in vouchers to improve their cyber security has been launched by digital economy minister Ed Vaizey

Hacking Team Promises New Security Measures Following 400 GB Data Breach (Hacked) Internet security service Hacking Team claims to be making progress in determining how hackers managed to steal 400 GB worth of data on July 6 and release it on BitTorrent, according to Business Insider. The damage, which included the hijacking of Hacking Team's Twitter account to tweet screenshots of stolen emails, has created a public relations challenge for the Italy-based security service, which provides surveillance tools to governments worldwide

Hacking Team Leak Shows How Secretive Zero-Day Exploit Sales Work (Wired) The underground market for zero-day exploit sales has long been a hidden dark alley to anyone but the hackers and sellers who call it home. But the recent hack of the Italian spyware maker Hacking Team, and the subsequent dump of 400 gigabytes of its internal emails, has shone a bright light on the nature of exploit sales, how they're negotiated, and how they've been kept in check by security protections

Hacking Team: a Zero-Day Market Case Study (Vlad Tsyrklevich's blog) This article documents Hacking Team's third-party acquisition of zero-day (0day) vulnerabilities and exploits. The recent compromise of Hacking Team's email archive offers one of the first public case studies of the market for 0days

4 Cybersecurity Software Stocks to Buy That Are Crushing Earnings (24/7 Wall St.) In what may have been one of the easiest technology trades this year, the cybersecurity stocks that have taken a beating this summer have been reporting big numbers this week, and investors are re-entering the stocks at a furious pace

Check Points Earnings Beat Signals Cybersecurity Rally Not Over (Bloomberg via International Business News) Check Point Software Technologies Ltd. is convincing investors their fear of a bubble in cybersecurity stocks is unfounded

High-fives all round as Juniper beats Wall Street's expectations (MicroScope) Shares soared by more than 11% as Juniper Networks reported a much better than expected second quarter

Microsoft Corporation (MSFT — $45.94*) Company Update: Windows 10 Release Front and Center — Maintain Outperform (FBR Blue Matrix) With the much-anticipated launch of Windows 10 expected this Wednesday (July 29), investors are eagerly waiting to evaluate customer adoption trends as Nadella & Co. looks to make the transformational cloud transition with Windows in the hopes of reinvigorating growth and achieving similar success to the Office franchise

For Duo Security, data security is job security (Crain's Detroit Business) Every time there are headlines about a prominent company suffering an embarrassing, and costly, data breach, sales surge at Ann Arbor-based Duo Security Inc., CEO Dug Song says

Zimperium Takes Aim at Mobile Security [VIDEO] (eSecurity Planet) Smartphone security isn't quite the same as desktop security. Zimperium researchers discuss the pitfalls of mobile and what Zimperium is doing to limit risks

British cyber company Darktrace ramps up D.C. presence, investors take notice (Washington Post) Washington has always been a government town. But in recent years, the economic pinch of sequestration and other federal cutbacks has many local business leaders wondering where the next source of revenue will come from

Products, Services, and Solutions

HORNET, the High-Speed Tor-Like encrypted anonymous network (Security Affairs) A group of six academics has developed Hornet, a new high-speed anonymity network that promises to be a valid alternative to the popular Tor network

Could a Free Tool Have Stopped the OPM Hack? (And How to Get One for Yourself) (Nextgov) The recent breach at the Office of Personnel Management that resulted in the theft of over 21 million personal records belonging to current and former government employees and their families is an unforgivable mess with reverberations that will be felt for years or even decades to come. Evidence already suggests the stolen data is possibly being used as an attack platform for new forays, and if that personal info ever gets into the wild, government employees will likely begin to experience a marked increase in targeted scams and identity theft dangers

Startup ProtectWise Deploys 'Time Machine' Security Approach (eWeek) ProtectWise can go back in time, check to see the events leading up to a data breach or other business issue, and issue a real-time report

This chip will stop high-end car hacking (Wired) After Wired journalist Andy Greenberg's jeep was stunt-hacked and driven into a ditch by remote car hackers Charlie Miller and Chris Valasek last week, Chrysler recalled 1.4 million vehicles for a software fix. But they aren't the only ones with extreme vulnerabilities

US Department of Defense approves security technology on BlackBerry smartphones (FierceMobileIT) Enterprises in highly regulated industries, such as financial services and healthcare, need to have the strongest data protection possible for employees' mobile devices. What could be stronger than security approved by the U.S. Department of Defense?

The best anti-virus protection for Windows 8.1 home users and business? (Graham Cluley) Windows 8.1When respected anti-virus testing body AV-Test.org released the results of tests it had conducted against business security products running on Windows 7 earlier this month, it caused quite a kerfuffle in the comments section

Technologies, Techniques, and Standards

US govt guide aims to bolster security of mobile devices used in health care (IDG via CSO) The guide looked at what security risks pose the greatest danger to keeping patient data private

Now available: NIST Cybersecurity Practice Guide, Special Publication 1800-1: "Securing Electronic Health Records on Mobile Devices" (NIST | NCCoE) The NCCoE has released a draft of its first cybersecurity practice guide, "Securing Electronic Health Records on Mobile Devices," and invites you to download the draft and provide feedback

The SEC's Investment Management Division Has Some Things to Tell You about Cybersecurity (JDSupra) Lots of agencies and organizations want to boss you around about cybersecurity. In April, the SEC and the Justice Department published more directions on the issue. We'll cover the very brief guidance issued by the SEC's Division of Investment Management first, and then turn to DOJ in a later post

Best Practices for Securing the Federal Cloud (FedTech) Encryption keys and other tools can help protect data at all times

Obsession With "Actionable" Undermines Effective Threat Awareness (SecurityWeek) Actionable threat intelligence. Actionable information sharing. Actionable threat detection and incident response. Actioned-oriented, actionable actioning around actionable actions. Over the last several years, if it ain't actionable, it ain't, uh, well, it ain't anything

How Can You Tell if a Website is Secure? (BreachAlarm) With the ever-increasing amount of fraud online, the pages you visit might not always be as they seem. More than ever, identifying whether or not you're connected securely to a website has become an essential skill

What Businesses Can Learn From the OPM Security Breach (Tripwire: the State of Security) The security breach that hit the U.S. Office of Personnel Management (OPM) has many people demanding answers as to how something so egregious could happen at such an important office. Some reports indicate that as many as 35 million federal employees' records were exposed in the cyber attack, with some of the data coming from as far back as 35 years ago. Early indications show there were plenty of reasons for the attack happening, from a general lack of professionalism from those involved to limited knowledge about cyber security. Investigations have uncovered that even basic security features were sorely lacking. While many improvements have to be adopted at the OPM, businesses will easily find a number of important lessons to learn from all the mistakes that were made

Endpoints: The Beginning of Your Defense (IBM Security Intelligence) The term endpoint conveys a terminus — the end of the journey. However, for IT endpoints, be they computers, mobile devices, servers, point-of-sale terminals or a myriad of other devices belonging to the Internet of Things (IoT), nothing could be further from the truth. Endpoints are where data is created, processed and stored. It is exactly where the attackers want to gain access so they can begin to steal your data

Why cloud business continuity is critical for your organization (Help Net Security) Business continuity, the ability of a company to continue or quickly restart operations following a systems outage, tends to be a topic overlooked by business leaders. Many see it as a responsibility of their IT teams, and think no more of it. However, this is a dangerous abrogation of responsibility, as any CEO who has suffered through a prolonged systems outage can vouch for

REMnux V6 for Malware Analysis (Part 1) (Malwology) As you may have heard, Lenny Zeltser recently released version 6 of his popular REMnux malware analysis Linux distribution. I'm a big fan of REMnux because it reduces some of the overhead associated with malware analysis. Rather than spending hours downloading software, installing tools, and navigating through dependency hell, this distribution gives you access and exposure to numerous tools quickly. Once you see the value of a tool for yourself, you can then dive into the code and configuration files to develop a deeper understanding of its inner workings and customize it to your need

Using Mozilla Investigator (MIG) to detect unknown hosts (Quelques digressions sous GPL…) MIG is a distributed forensics framework we built at Mozilla to keep an eye on our infrastructure. MIG can run investigations on thousands of servers very quickly, and focuses on providing low-level access to remote systems, without giving the investigator access to raw data

Cracking the Roku V2 WPA2-PSK (Obscure Channel) So my weekend ended up being a Roku vulnerability assessment project

Design and Innovation

Websites, Please Stop Blocking Password Managers. It's 2015 (Wired) Rather than fancy zero-day exploits, or cutting-edge malware, what you mostly need to worry about when it comes to security is using strong, unique passwords on all the sites and services you visit

Twitter Security Pro: Encryption Isn't Enough (InformationWeek) Companies need to focus on developing secure coding practices and security education

Web Design: the First 100 Years (Idle Words) Designers! I am a San Francisco computer programmer, but I come in peace! I would like to start with a parable about airplanes

Academia

NSA grant funds cybersecurity scholarships (SIU News) A National Security Agency grant will provide funds for students from Southern Illinois University Carbondale and seven regional community colleges to prepare for careers in cybersecurity

JMU to host cybersecurity boot camp for Virginia teachers (Augusta Free Press) Twenty teachers from around Virginia will get hands-on instruction on cutting-edge cybersecurity education tools and methods July 27-31 at James Madison University

Temasek Poly sets up IT security and forensics hub (ChannelNewsAsia) The hub aims to provide students with hands-on training in areas such as IT networking, digital forensics and security operations, in order to increase the pool of trained cyber security specialists

Legislation, Policy, and Regulation

Stakeholders Argue Against Restrictive Wassenaar Proposal (Threatpost) The commenting period regarding the Wassenaar Arrangement expired on Monday but the echo chamber around the largely maligned proposal continues to reverberate. Several stakeholders implicated in the proposal added their voices to that chamber on Friday morning, urging the government to revise particulars of the proposal that they believe will ultimately constrain security research and severely hamper day-to-day operations at multiple security firm

Russia and Israel cooperate to fight cyber-terrorism (SC Magazine) The agreement involves a range of measures, several of which are focused particularly on the fight against the growing threat of Daesh (ISIS)

A Canadian Snowden? CSE warns of "insider threats" (Hamilton Spectator) Canada's electronic spy agency is worried about a Canadian Edward Snowden

Technology Is Magic, Just Ask The Washington Post (TechCrunch) Most people don't understand how technology works. When they flip a light switch, or tap their phone, what happens next is essentially magic to them. Oh, they may be able to handwave a bit about electrons and volts and microprocessors and radio waves and packet-switched networks, but they're just mouthing the words. They don't actually understand any of those things. They've never done the math

Week ahead: Senate tees up cyber bills (The Hill) The Senate could be nearing action on a long-stalled cybersecurity bill

Social media companies push back on terrorism bill (Denver Post) Twitter, Facebook, Google worry Senate legislation is too broad

Businesses to Congress: An industry-led approach to cybersecurity can succeed (Washington Examiner) The Senate is nearing its first major cybersecurity debate since 2012, opening the floodgates for amendments on issues ranging from consumer data-breach notification requirements to the security of federal computer networks

DISA issues new cloud, cyber security guidance (C4ISR & Networks) The Defense Information Systems Agency on July 24 issued three new documents targeting cloud security, including two new requirements guides and a new concept of operations

Litigation, Investigation, and Law Enforcement

Hillary Clinton Emails Said to Contain Classified Data (New York Times) Government investigators said Friday that they had discovered classified information on the private email account that Hillary Rodham Clinton used while secretary of state, stating unequivocally that those secrets never should have been stored outside of secure government computer systems

Officials Reveal Clinton Sent Classified Info Through Her Private Server (Legaltech News) A recent memo from the Office of Inspector General for the State Department said there is confirmation from FOIA officials that several emails contained classified information

Email rules apply to everyone (Post and Courier) Secretary of Homeland Security Jeh Johnson says he only realized he was setting a bad example by using a private email account on his government computer when he read an article criticizing the practice

FBI Announces Increased Efforts to Fight Corporate Espionage (Legaltech News) FBI efforts will include both a public awareness campaign, as well as increased use of the Foreign Intelligence Surveillance Court

FBI Probes 'Hundreds' of China Spy Cases (Daily Beast) American companies are getting their secrets stolen like never before, the bureau says. And an ultra-aggressive China is to blame for almost all of it

Internet of Things: Anything You Track Could Be Used Against You (Dark Reading) Lawyers — not security advocates — have fired the first salvos over wearable tech privacy. The results may surprise you

Cybercrime — Tipping the Balance (Team Cymru) It's been said before (on this very blog) but it's worth saying again; if you work back far enough from any cybercrime, eventually you find a person. Someone, somewhere is writing the code and calling the shots

Thousands of Apps Secretly Run Ads That Users Can't See (BloombergBusiness) Advertisers lose $895 million per year to invisible fraud within mobile apps

So far, WordPress denied 43% of DMCA takedown requests in 2015 (Ars Technica) To the site's ire, many came from third-party services using automated bots

Dark web drug dealer pleads guilty, gets 2 years to ponder "anonymity" (Naked Security) A drug dealer from Wales has been sent to prison for two years

Police say sorry after Facebook tit-for-tat with "keyboard warrior" (Naked Security) Police apologise after being bratty in Facebook tit-for-tatWe know that cops are social media-savvy

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

8th Annual Space, Cyber, and Telecommunications Washington DC Conference (Washington, DC, USA, October 29 - 30, 2015) The Space, Cyber, and Telecommunications Law team hosts an impressive lineup of the world?s greatest minds annually at conferences in Washington DC and in Lincoln, Nebraska and at occasional events around...

Upcoming Events

Cyber Risk Wednesday: Rethinking Commercial Espionage (Atlantic Council: Brent Scowcroft Center on International Security, July 29, 2015) Join the Atlantic Council's Cyber Statecraft Initiative on July 29 from 4:00 p.m. to 5:30 p.m. for a discussion on new ideas on commercial cyber espionage and intellectual property theft

CyberMontgomery 2015 (Rockville, Maryland, USA, July 30, 2015) Montgomery County, Maryland, is home to the National Institute of Standards and Technology (NIST), the National Cybersecurity Center of Excellence (NCCoE), the FDA, NIH, NOAA, NRC and more than a dozen...

Career Discovery in Cyber Security: A Women's Symposium (New York, New York, USA, July 30, 2015) Our annual conference brings together some of the best minds in the industry, with the goal of guiding women with a talent and interest in cyber security into top-flight careers

PragueCrunch IV: The Enpraguening (Prague, Czech Republic, July 31, 2015) Here it comes, Central Europe: PragueCrunch IV! This annual celebration of all things startup is coming to your town on Friday, July 31, 2015 from 7:00 PM to 11:00 PM (CEST). We'll be holding the event...

Black Hat USA (Las Vegas, Nevada, USA, August 1 - 6, 2015) Black Hat — built by and for the global InfoSec community — returns to Las Vegas for its 18th year. This six day event begins with four days of intense Trainings for security practitioners...

ISSA CISO Forum: Third Party Oversight (Las Vegas, Nevada, USA, August 2 - 3, 2015) The CISO Executive Forum is a peer-to-peer event. The unique strength of this event is that members can feel free to share concerns, successes, and feedback in a peer only environment. Membership is by...

BSides Las Vegas (Las Vegas, Nevada, USA, August 4 - 5, 2015) BSides Las Vegas is an Information/Security conference that's different. We're a 100% volunteer organized event, put on by and for the community, and we truly strive to keep information free. There is...

Defcon 23 (Las Vegas, Nevada, USA, August 4 - 7, 2015) DEF CON has been a part of the hacker community for over two decades. See the organization's website for more information

USENIX Security (Washington, D.C., USA, August 12 - 14, 2015) The USENIX Security Symposium reunites researchers, practitioners, system administrators, system programmers, and others specialists interested in the latest advances in the security and privacy of computer...

5th Annual Cyber Security Training & Technology Forum (CSTTF) (Colorado Springs, Colorado, USA, August 19 - 20, 2015) The Information Systems Security Association (ISSA) Colorado Springs Chapter and FBC, Inc. will once again co-host the 5th Annual Cyber Security Training & Technology Forum (CSTTF). CSTTF 2015 will bring...

Decepticon 2015 (Cambridge, England, UK, August 24 - 26, 2015) Decepticon brings together researchers and practitioners in the detection and prevention of deception. Previously, deception research has been fragmented across conferences in many different disciplines,...

AFCEA OKC Technology & Cyber Security Day (Oklahoma City, Oklahoma, USA, August 27, 2015) FBC and the Armed Forces Communications & Electronics Association (AFCEA) Oklahoma City Chapter will be partnering once again to host the annual Technology Day & "Scholarship" Golf Tournament at Tinker...

Power Grid Cyber Security Exchange 2015 (San Diego, California, USA, August 30 - September 1, 2015) The Power Grid Cyber Security Exchange will take a deep dive into the cyber security strategies, innovative approaches and strategic planning necessary to balance the competing priorities of today's technology...

2015 HTCIA International Conference & Training Expo (Orlando, Florida, USA, August 30 - September 2, 2015) Bringing together experts from all over the world to share their latest research and techniques related to cybersecurity, incident response and computer forensics

ICFP 2015 (Vancouver, British Columbia, Canada, August 31 - September 2, 2015) ICFP 2015 provides a forum for researchers and developers to hear about the latest work on the design, implementations, principles, and uses of functional programming. The conference covers the entire...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.