skip navigation

More signal. Less noise.

Daily briefing.

Last week's announcement that the US Office of Personnel Management (OPM) had suffered a data breach dominates the news. The Government says the Einstein system's detection of the breach is a success; skeptics think that's like calling a smoke alarm "successful" if it goes off after the house burns down.

Other observers note Einstein's uneven deployment across Federal networks. OPM's CIO tells Politico "encryption and data obfuscating techniques 'are new capabilities that we're building into our databases.'" (Politico says compromised data were unencrypted.)

The scope of the breach appears greater than initially thought: background investigations going back thirty years, for example, seem to have been compromised.

How the attackers got in remains unclear, although phishing tops speculation. ThreatConnect and Crowdstrike are quick to see the signature of Deep Panda. (Noting among other giveaways the use of Avengers' themed names "Steve Rogers" and "Tony Stark," which strikes some as thin, easily spoofed evidence — still, many agree the perpetrators look like the same ones who popped Anthem.)

High on the list of conjectured objectives for the OPM breach is raw material for HUMINT recruiting. The Chinese government is being widely blamed, and naturally points out the inherent ambiguity of the evidence (to do otherwise would not only be diplomatically provocative, but would also break kayfabe).

Some call for an international law to govern espionage (without offering the slightest clue of how that might work).

Other stories worth attention cover Russian info ops against Ukraine, ISIS info ops against pretty much everyone else.

Notes.

Today's issue includes events affecting Algeria, Belgium, China, Iraq, Kenya, Luxembourg, Russia, South Sudan, Syria, Uganda, Ukraine, United Kingdom, United States.

Cyber Attacks, Threats, and Vulnerabilities

With a series of major hacks, China builds a database on Americans (Washington Post) China is building massive databases of Americans' personal information by hacking government agencies and U.S. health-care companies, using a high-tech tactic to achieve an age-old goal of espionage: recruiting spies or gaining more information on an adversary, U.S. officials and analysts say

Data hacked from U.S. government dates back to 1985 — official (Reuters) Data stolen from U.S. government computers by suspected Chinese hackers included security clearance information and background checks dating back three decades, U.S. officials said on Friday, underlining the scope of one of the largest known cyber attacks on federal networks

Cyber thieves breach 'gold mine' of federal employee data (PBS Newshour) The FBI is investigating a massive cybersecurity breach at the Office of Personnel Management's files containing personal information on millions of government employees, including those with high-level security clearances. Jeffrey Brown talks to Dmitri Alperovitch, co-founder and CTO of Crowdstrike, about what may have been stolen, who's behind the hack and what could have been done to prevent it

OPM Hack May Have Exposed Security Clearance Data (Threatpost) Twenty-four hours after unnamed White House officials said the Office of Personnel Management (OPM) data breach was linked to China, one security company has connected the intrusion to the massive break-ins earlier this year at insurance companies Anthem and Premera Blue Cross, while a D.C. think tank this morning tweeted that the hackers made off with security clearance data going back to 1982

OPM Data Breach: What You Need to Know (FedSmith) The federal government announced to the world yesterday that Chinese hackers had penetrated its computer systems, potentially putting the personal information of at least 4 million current and former federal employees at risk

OPM Data Breach: China Hits Back at U.S. Over Federal Cyberattack (NBC) China accused the United States of making "groundless accusations" and being "irresponsible" Friday in blaming Chinese hackers for a vast data breach that could be the biggest cyberattack in U.S. history

OPM Breach Analysis (ThreatConnect Blog) Back in February, the ThreatConnect team conducted an in-depth independent analysis of the Anthem breach, finding connections to amorphous Chinese APT activity. Although our primary concern at the time was with the malicious Wellpoint/Anthem and VAE, Inc. (a Federal contractor) command and control domains, we couldn't help but notice a peculiar related OPM-themed domain, opm-learning[.]org

OPM Hackers Skirted Cutting-Edge Intrusion Detection Systems Official Says (Nextgov) When attackers compromised a federal personnel system holding records on up to 4 million current and former employees, the files were in an Interior Department data center equipped with the most up-to-date version of a governmentwide intrusion detection tool, a government official with knowledge of the center at the time said on Friday

Huge government data breach 'inexcusable,' security experts say (Fox News) The huge data breach that may have compromised the personal data of at least 4 million current and former federal employees could have been avoided with better use of data protection technologies such as encryption, security experts say

This latest cyberattack is 'an extremely urgent situation,' expert says (Business Insider) US official on China hacking government database: 'This is deep.' On Thursday afternoon the US federal agency the Office of Personnel Management admitted that its databases had been breached

Massive government breach fits pattern of hacks hunting for rich data (Christian Science Monitor Passcode) The federal government's Office of Personnel Management is just the latest victim in a string of sophisticated attacks less interested in quick profits than obtaining detailed data on individuals

Continued Hacking Highlights U.S-Chinese Cyberwar Worries (Time) Latest episode, linked to Beijing involves data on 4 million Americans

OPM hack: as China blames US for huge cyberattack, new era of cyberwarfare and internet terrorism arrives (Independent) A huge theft of US government data marks a new time for national and terrorist warfare, taking place on the internet rather than in the real world

Federal data breach part of massive hacking onslaught on America (AL.com) Some of the Americans least surprised by the massive data breach of federal government records announced this week were probably the 700 or so cyber security professionals meeting in Huntsville

US hack shows data is the new frontier in cyber security conflict (Conversation) More than four million personal records of US government workers are thought to have been hacked and stolen, it has been. With US investigators blaming the Chinese government (although the Chinese deny involvement), this incident shows how data could be the new frontier for those in cyberspace with a political agenda

American OPM cyber attack: Alarm bells should now ring for Britain, say security experts (Independent) Britain's "alarm bells should be ringing? after the US government was victim of a cyber-attack by alleged Chinese hackers, online security experts have warned

Scam Of The Week: "Your Data Was Hacked, How To Protect Yourself" (KnowBe4) It is all over the news, the 4-million Federal Employee OPM database was hacked and lots of employee information leaked to probably the Chinese

Islamic State has 'best cyber offence' of any terrorist group (ZDNet) "There's a new group of attackers coming. It's growing right now. And these guys are different," says F-Secure's Mikko Hypponen. Then there's criminals. And governments

Cyber jihad and cyber terrorism: A real threat to governments (Daily News Egypt) When it comes to cryptography, it is important to understand that it is the practice of writing and solving codes

Who Is Posting Islamic State (ISIS) Materials On The San Francisco-Based Internet Archive (Archive.org) — And What Can Be Done About It? (MEMRI) In the past year, the Islamic State (ISIS) has put out an astonishing number of daily releases, ranging from written statements to very professionally produced videos, inter alia to promote itself and to advance its agenda, among other things

ISIS Members Advertise Marital Status On Twitter (MEMRI) Both Western fighters and those interested in migrating to the Islamic State have turned to social media for both making travel arrangements and to finding spouses

ISIS Loses Key 'Butter Churn' Battle on Twitter (Daily Beast) Two Iraqis invented a fake town, named for a butter churn, then claimed ISIS was defeated there by Shia militias. Fans of both fell for the gag

Erie Church Hit By Cyber Attack (WICU/WSEE 12) Sacred Heart Parish in Erie is the latest victim of a cyber attack. On Sunday, the Catholic church's website was shut down by hackers.What you'll see when you visit is, "Free Hamza Bendelladj," "Free Palestine," and "We don't accept killing Muslims everywhere, stop killing US"

Russia Wields Aid and Ideology Against West to Fight Sanctions (New York Times) The war in Ukraine that has pitted Russia against the West is being waged not just with tanks, artillery and troops. Increasingly, Moscow has brought to bear different kinds of weapons, according to American and European officials: money, ideology and disinformation

Want to Get Really Mad About Ukraine? Watch Russian TV (Daily Beast) The daily diet of the Kremlin's 'weaponized propaganda' is not all lies — and it's heating up Russians' outrage over the war in Ukraine and the West's role

Hacker Can Send Fatal Dose to Hospital Drug Pumps (Wired) When security researcher Billy Rios reported earlier this year that he'd found vulnerabilities in a popular drug infusion pump that would allow a hacker to raise the dosage limit on medication delivered to patients, there was little cause for concern

Angler EK: More Obfuscation, Fake Extensions, and Other Nonsense (Cisco Blogs) Late last week Talos researchers noticed a drastic uptick in Angler Exploit Kit activity. We have covered Angler previously, such as the discussion of domain shadowing

WhatsApp can be hijacked in seconds (Naked Security) Facebook's WhatsApp messaging service is insanely popular

Potential Apple Pay security weakness revealed (ComputerWeekly) Fraudsters could gain access to personal details of Apple Pay users, research reveals

Trend Micro Discovers MalumPoS; Targets Hotels and other US Industries (TrendLabs Security Intelligence Blog) We first discovered MalumPoS, a new attack tool that threat actors can reconfigure to breach any PoS system they wish to target. Currently, it is designed to collect data from PoS systems running on Oracle® MICROS®, a platform popularly used in the hospitality, food and beverage, and retail industries

The race to outsmart corporate phishing attacks (Christian Science Monitor Passcode) Companies are constantly seeking new — and expensive — ways to protect against criminal hackers. But even the most advanced software can't keep unwitting employees from endangering corporate networks

India Tops List of Golroted Malware Attacks: How to Protect Yourself and Your Business? (International Business Times) If you are an avid internet user, you must be aware of the security risks involved with cyber attacks

Steel bin maker Brabantia breached, trashes passwords just to be safe (Naked Security) Brabantia is a Dutch company known for making steel bins, but its database must have been a bit easier to rip into than steel, given that crooks have plucked out customer data tidbits

Eataly New York Customers Affected by Card Breach (Softpedia) Compromise lasted for almost three months

Wake Tech computer system shut down by cyber attack (WRAL) Authorities believe a cyber attack shut down the Wake Technical Community College's computer system for several days earlier this year, according to search warrants made public Friday

The silent war between black markets in the deep web (Security Affairs) The silent war between black markets in the deep web, Mr Nice Guy hired a blackmailer to hit TheRealDeal and its competitors. TheRealDeal hacked back

Bulletin (SB15-159) Vulnerability Summary for the Week of June 1, 2015 (US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week

Cyber Trends

List of Cyber Threat "Wake-Up Calls" Growing: Policy makers have been hitting the snooze button since 1970 (CTOvision) The Cyber Threat BookThe list below is an update to our reference of "Cyber Security Wake-Up Calls." What does it take to be on the list? Generally each of the events below was so significant policy makers were loudly proclaiming to all who would listen that they were a wake-up call

Security in an Age of Catastrophic Risk (ThreatBrief) See the video by Bruce Schneier, CTO, Resilient Systems, on cyber security in current situation

Long Cons: The Next Age of Cyber Attacks (Dark Reading) When hackers know that a big payday is coming they don't mind waiting for months for the best moment to strike

Assessing Cyber Risk in Business is About More than Just Counting Vulnerabilities (InformationSecurityBuzz) Organisations generally operate in uncontrolled, vulnerable market environments, which involve risk. It stands to reason, then, that understanding and mitigating risk is an important objective of businesses, and yet it can be hard to determine

Next Up for Banks: Implementing New Regulations (Wall Street Journal) With more Dodd-Frank rules in place, banks face not only the large task of implementation and compliance, but also the task of developing a strong risk culture

Shadow IT a Concern for Federal IT CIOs (eWeek) The report found that the average government organization uses 120 distinct collaboration services, such as Microsoft Office 365, Gmail, and Cisco Webex

The Risk of Data Breach in Agencies Today (Insurance Journal) Data breaches pose a serious threat to agents even though incidents involving large companies such as Target and Sony produce all the headlines

Cyber Vulnerability Report 2015 (Cyber Security Intelligence) In only the last decade it has become far more apparent that we now frequently engage in a series of interconnected electronic worlds linking our work to emails and mobile apps, trading on the Web, which is also a place where currency in bitcoins is now being used and criminalized, actions which do not register on government crime statistics

Finance Moving to the Cloud (But Not for File Sharing) (MSPMentor) The adoption rates have been slower than that of other industries, but financial institutions are finally starting to leverage the cloud in greater numbers

Has Apple's CEO put a price tag on privacy? (Christian Science Monitor Passcode) Apple's Tim Cook attacked his competitors this week for their stances on data privacy. But has this become a battle between the Ads and Ad-Nots?

70% of breaches are detected by a third-party (Help Net Security) 46 percent of organizations that have suffered a data breach took more than four months to detect a problem, and more than three months to mitigate the risk

Marketplace

Infosec 15: How cybersecurity fought back as the industry fractured (Computer Business Review) Integration has been a defining story in the past year of cybersecurity

Who Wins in a Data Breach? Cybersecurity Firms — And Their Investors (Wall Street Journal) FireEye Inc.FEYE +6.42%, a Silicon Valley-based cybersecurity firm, held an analyst day on Wednesday, doing its best (as all companies do) to build its case for the Street denizens that will either recommend or warn against its stock to their clients

Cybersecurity stocks jump on federal hack (Seeking Alpha) The PureFunds ISE Cyber Security ETF (HACK +2.2%) has made fresh highs after government officials disclosed a hack of the federal Office of Personnel Management (OPM) that resulted in the personal records of as many as 4M current and former federal workers being stolen. The Chinese hackers who carried out for a recent attack on health insurance firms Anthem and Premera Blue Cross are believed to be responsible

Splunk, Infoblox, A10 up strongly following federal hack (Seeking Alpha) Though not security pure-plays, Splunk (SPLK +5%), Infoblox (BLOX +4.5%), and A10 Networks (ATEN +4.9%) have joined those companies that are (previous) in rallying after a major federal personnel records hack (believed to originate in China) was disclosed. The Nasdaq is up 0.2%

Company Shares of Symantec Corporation Drops by -2.54% (News Watch International) Symantec Corporation (NASDAQ:SYMC) has lost 2.54% during the past week and dropped 5.99% in the last 4 weeks

Why FireEye Has Become 'the Navy SEALs of Cybersecurity' (TheStreet) For FireEye (FEYE), bad news means good business

Palo Alto Networks: Well-Positioned For The Coming CyberSecurity Boon (Seeking Alpha) Palo Alto Networks reported great Q1 results, and is expected to continue growing at an incredible rate

Apple is having its Microsoft moment (CNN Money) So much for the argument "Apple computers are safer and bug-free"

H-P Is Back in Buying Mode as It Readies to Split in Two (Wall Street Journal) CEO Whitman hints at acquisitions for data storage and next-generation data-center equipment

The Sophos story — a long hard, very British trek to the promised IPO (TechWorld) Founded in 1985, Sophos is a tale of how British tech firms too often go the long way round

Menlo Security Emerges From Stealth With $25M And Plan To Defeat Malware (TechCrunch) Menlo Security, a company with a unique plan to battle malware, emerged from stealth today and also announced $25M in Series B funding

HackerOne is turning hacking into a paid job that won't get you arrested (Financial Review) In 2011, two Dutch hackers in their early 20s made a target list of 100 high-tech companies they would try to hack. Soon, they had found security vulnerabilities in Facebook, Google, Apple, Microsoft, Twitter and 95 other companies' systems

Check Point Founder Invests In Breach Detection Startup LightCyber (CRN) After a series of successful investments in the security space, Check Point Software founder Shlomo Kramer has placed his next big bet

RedSeal Selected as a Red Herring Top 100 North America Winner (MarketWatch) RedSeal (redseal.co), the cybersecurity analytics company, today announced that it has been selected as a Red Herring Top 100 North America Winner for 2015

FireMon's rapid growth spurs hiring of president, COO (Kansas CIty Business Journal) FireMon LLC's rapid growth has spurred it to create a new job: president and COO

Products, Services, and Solutions

Malware Information Sharing Platform MISP — A Threat Sharing Platform (CIRCL) Malware Information Sharing Platform (MISP) is developed as free software by a group of developers mainly from Belgian Defence and NATO / NCIRC (Computer Incident Response Capability)

Tenable Network Security Extends Capabilities of Nessus Agents to Assure Security across Complex IT Environments (BusinessWire) Additional coverage for Mac OS X and Linux helps Tenable customers further reduce the attack surface and strengthen system visibility on portable devices and other hard-to-scan assets

Senetas to develop bespoke data encryption hardware (Ferret) Melbourne-based Senetas has won its first contract to develop a customised data encryption hardware

Why Hacker Attacks on Hardware Are on the Rise (DCInno) And what one startup is doing about it

Hackers Are Next on Government-Spyware Company's List of Targets (BloombergBusiness) A company that helps governments monitor their citizens is now peddling its expertise to corporate America

Why It's So Hard To Find Intruders After A Network Penetration (PacketPushers) LightCyber's Magna Active Breach Detection platform is a behavior-based detection system that integrates network and endpoint context and is designed specifically to find active breaches after a threat actor has already penetrated a network

Preventing the Next Big Breach: It's Time To Think Different (Tech Guru Daily) This week we had yet another massive government breach and many are finally concluding that these breaches are the result of incompetence and thus are inexcusable

Digital Guardian Releases Digital Guardian App for Splunk (realwire) Digital Guardian, the only endpoint security platform purpose built to stop data theft, has released the Digital Guardian App for Splunk

FortiGuard now a subscription service (IT Online) Fortinet, the global leader in high-performance cyber security solutions, has announced a new FortiGuard Mobile Security subscription service to help enterprises protect mobile devices from cyber threats, particularly in business environments where a ?bring your own device? (BYOD) policy has been adopted

Technologies, Techniques, and Standards

Checking your vendors' cyber-security practices (Reuters) A weak link in many financial advisers' cybersecurity plans is the outside companies that help run their businesses, such as payroll companies and computer-repair firms

How I Learned to Stop Worrying and Embrace the Security Freeze (KrebsOnSecurity) If you've been paying attention in recent years, you might have noticed that just about everyone is losing your personal data

Mitigating Nation-State Threats (Data Breach Today) Lance James of Deloitte describes a comprehensive strategy

Situational Awareness: Elusive Key Ingredient of Worthwhile Cyber Threat Intelligence (SecurityWeek) Situational awareness. Military strategists live and die by it. Their soldiers do too. So do pilots. Even good stock brokers and traders depend on it for their very financial lives

New gTLDs: The Pros and Cons of Restricted gTLDs (Cyveillance Blog) We recently wrote about the launch of the new generic top-level domain (gTLD) .SUCKS, and the potential problems this extension may cause for branding and security professionals. While .SUCKS is an open gTLD, which many believe is the most concerning type of gTLD, you should also monitor restricted gTLDs

Design and Innovation

Opinion: What cybersecurity can learn from citizen science (Christian Science Monitor Passcode) In an era where citizen science projects such as StarDust@Home are becoming more common and more effective, cybersecurity researchers can leverage this movement to get better insight into the threat landscape

Academia

Cyber-psyched: Sentinel youngsters upend their elders in high-tech hacking game (Misoulian) Your team has won something called a cyber triathlon by a bunch. How do you kill time until the other teams finish? Studying, Ryan Sandau joked Thursday

Drone battles test student cyber-defenders' code-breaking skills (Engineering and Technology Magazine) Tech-savvy students will compete today in a Back to the Future meets Robot Wars cyber competition to find the ultimate young code-breakers

Air Force vet training young cadets for cyber competitions (San Antonio Business Journal) The second annual Cyber Defense Training Academy kicks off next week, June 8, at Joint Base San Antonio-Lackland with about 51 cadets from all over the country expected to take part

GRU Launches Their Cyber Institute (WJBF) Georgia Regents University is helping contribute to make Augusta a leader in the nation for Cyber Command

Legislation, Policy, and Regulation

We need an international law of cyberspace (Quartz) The Office of Personal Management announced on Thursday that its personnel database had been hacked, leading to the loss of data for up to four million federal employees. The subsequent ALL CAPS headlines relayed unofficial finger pointing at of the Chinese government

Lawmakers: Don't Take China-Linked U.S. Hack Lying Down (BloombergBusiness) The Obama administration should retaliate for a cyber-attack on federal employee records that was the worst breach the U.S. government has ever suffered, members of Congress said on Sunday

Lawmakers fault OPM over massive cyber breach (Federal Times) The Office of Personnel Management is being called to the carpet by lawmakers over a massive cyber breach that may have exposed the personal and financial information of millions of federal employees

Does cyber breach illuminate a $3B DHS failure? (C4ISR & Networks) The massive data breach at the Office of Personnel Management made public on June 4 exposed personal information of roughly 4 million current and former federal employees. But the attack also revealed that despite the extensive resources sunk into network defenses and confident talk of high-level officials, the government's data remains poorly defended

US government responds to latest hack: give us more power over data collection (Guardian) 'Zero day' attack on high-level security clearance agency reignites push by Congressional leaders to hand federal government greater cybersecurity powers

Alleged Chinese hacking, NSA revelations shed new light on cyberwarfare (Globe and Mail) As China stands accused of a new and massive hacking attack on U.S. government computers, leaked documents allege that the Obama administration secretly widened the National Security Agency?s powers to search Americans? Internet traffic for evidence of hacks from abroad

Experts: NSA efforts part of the battle in cyber proxy war (USA Today via CBS 10 News) The United States is engaged in a proxy war with its enemies, a war where cyberspace is the battlefield, cyber experts say

GOP hopefuls blame Obama's China policy for data breach (The Hill) GOP presidential hopefuls are bashing President Obama over his handling of China in the wake of a massive digital theft of federal workers' data that officials have tied to Beijing

OCC: Cyber-Risks to Payments Growing (BankInfoSecurity) Comptroller calls for tighter controls, more regulatory scrutiny

Der Zweite Jahrestag der Snowden-Enthüllungen (F-Secure Blog) Wer nicht die Politik in den Vereinigten Staaten verfolgt, wird wahrscheinlich nicht wissen, wer Mitch McConnell ist

The weapons pact threatening IT security research (Register) We speak to infosec experts worried by treaty changes

African states sign cyber-security deal (World Bulletin) 'Northern Corridor' countries want online security as millions are invested in oil and transport projects

EU Favoring Broad Scope for Cyber Attack Rules (CFO) Euro bloc's executive body wants search engines and social networks to be covered by new disclosure regulations

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

ShowMeCon (St. Louis, Missouri, USA, June 8 - 9, 2015) This highly technical forum showcases eye-opening presentations from world-renown ethical hackers and security experts that will leave you amazed and frightened at the same time. By giving you access into...

Cloud Identity Summit 2015 (La Jolla, California, USA, June 8 - 11, 2015) Enterprises large and small are looking to the cloud to replace legacy applications and virtualize their existing data center environments. In each case, security technology vendors need to manage the...

NSA Mobile Technologies Forum (MTF) 2015 (Fort Meade, Maryland, USA, June 8 - 12, 2015) The Mobile Technologies Forum is an annual event that attracts SIGINT, Information Assurance, HUMINT, Federal Law Enforcement, Counterintelligence and Government personnel from the United States, Australia,...

Cybergamut Tech Tuesday: Using EMET to Defend Against Targeted Attacks (Elkridge, Maryland, USA, June 9, 2015) 0-day vulnerabilities that are able to bypass platform level exploit mitigation technologies such as DEP and ASLR are becoming increasingly common. Knowledge workers are being increasingly targeted by...

Fraud Summit Boston (Boston, Massachusetts, USA, June 10, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Highlights of the Boston event include...

CyBit: the Computer Forensics Show (IT Security and Cyber Security) (New York, New York, USA, June 11 - 12, 2015) Cyber Security: The interdependent network of information technology infrastructures, including the internet, telecommunications networks (satellite communications), computer systems, embedded processors...

19th Colloquium for Information Security Education (CISSE) (Las Vegas, Nevada, USA, June 15 - 17, 2015) The Colloquium for Information System Security Education (CISSE) has represented the constant in the changing field of cybersecurity education. CISSE was established in 1996. Its mission was (and still...

Information Management Conference 2015 (Nashville, Tennessee, USA, June 15 - 18, 2015) This year's theme is "Mission Excellence through Innovation" and is aligned with the Information Resources Management Strategic Plan vision, which aims to collaborate as an enterprise and deliver innovative...

Cornerstones of Trust 2015 (San Mateo, California, USA, June 16, 2015) The World Ahead: Ending The Insanity In Information Security. Insanity is often defined as repeatedly doing the same while expecting different results. Year after year our cyber security success has been...

AFCEA Defensive Cyber Operations Symposium (Baltimore, Maryland, USA, May 5 - 7, 2015) The U.S. Defense Information Systems Agency's new operational role in the cyber domain as network defender creates a formal relationship between DISA, U.S. Cyber Command and the command's military service...

TRUSTe Internet of Things Privacy Summit 2015 (Menlo Park, California, USA, June 17, 2015) The Second IoT Privacy Summit will be held on June 17th 2015 and focus on practical solutions to the privacy challenges of the Internet of Things with multiple case studies, workshops and panel presentations...

Portland Secure World (Portland, Oregon, USA, June 17, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...

2015 Community College Cyber Summit (3CS) (North Las Vegas, Nevada, USA, June 17 - 19, 2015) The second annual Community College Cyber Summit (3CS), hosted by the College of Southern Nevada, is organized and produced by the five cybersecurity-related Advanced Technological Education (ATE) centers...

Suits and Spooks All Stars 2015 (New York, New York, USA, June 19 - 20, 2015) Unlike our typical "collision" event, our All Stars will have at least 60 minutes each for their talks. Seating will be limited because we're going to hold it in one of our most popular venues —...

REcon 2015 (Montréal, Québec, Canada, June 19 - 21, 2015) REcon is a computer security conference with a focus on reverse engineering and advanced exploitation techniques. It is held annually in Montreal, Canada. The conference offers a single track of presentations...

Nuit du Hack 2015 (Paris, France, June 20 - 21, 2015) The "Nuit Du Hack" conference was initiated in 2003 by the French hacking group: HackerZvoice. This event has been gathering people willing to learn and share their knowledge around lectures and challenges...

Cyber Security for Defense (Augusta, Georgia, USA, June 24 - 26, 2015) This conference serves as an opportunity for solution providers to break through the background noise and present their unique ideas and products in an environment specifically tailored to highlighting...

Innovation Summit: Connecting Wall Street, Silicon Valley & the Beltway (New York City, New York, USA, June 25, 2015) Innovation Summit connects America's three most powerful epicenters and evangelizes the importance of industry, government and academic collaboration on joint research initiatives. The opportunity to bring...

Cybersecurity Outlook 2016 (Tysons Corner, Virginia, USA, June 26, 2015) Cybersecurity Outlook 2016 is a breakfast event by Potomac Tech Wire and Billington CyberSecurity that brings together senior executives in the Mid-Atlantic to discuss technology issues in a conversational,...

NSA Information Assurance Symposium (IAS) 2015 (Washington, DC, USA, June 29 - July 1, 2015) The NSA Information Assurance Directorate (IAD)'s Information Assurance Symposium (IAS) is a biannual forum hosted by the National Security Agency (NSA). IAS events of the past have proven to be the preferred...

US News STEM Solutions: the National Leadership Conference (San Diego, California, USA, June 29 - July 1, 2015) San Diego offers the perfect backdrop for the 4th annual U.S. News STEM Solutions National Leadership Conference, June 29 — July 1, 2015 in San Diego, CA. Please make your plans now to join fellow...

Information Assurance Symposium (Washington, DC, USA, June 29 - July 1, 2015) The NSA Information Assurance Directorate (IAD)'s Information Assurance Symposium (IAS) is a biannual forum hosted by the National Security Agency (NSA). IAS events of the past have proven to be the preferred...

Cyber Security for Healthcare Summit (Philadelphia, Pennsylvania, USA, June 29 - July 1, 2015) Our IQPC Cyber Security for Healthcare Summit will help Hospitals and Medical Device manufacturers to prepare and manage risks by viewing cybersecurity not as a novel issue but rather by making it part...

Cybergamut Tech Tuesday: The Truth About Security Your System (Elkridge, Maryland, USA, June 30, 2015) What does it take to secure a system? What is the logical approach to successfully achieve this endeavor? First, an understanding of who wants access and why is a necessary baseline to form a strategic...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.