skip navigation

More signal. Less noise.

Daily briefing.

Security agencies worldwide brace for calendar driven terrorist attacks (US Independence Day, Ramadan, UK Armed Forces Day, etc.) with their estimates significantly informed by intelligence collected online. One trend noted: as Reuters puts is "There's no such thing as a lone wolf in cyberspace." Alienation, specious communities, and online disinhibition create virtual cells whose common purposes require no central direction.

Saudi Arabia and Iran sharpen regional cyber competition.

The US Office of Personal Management (OPM) takes down its e-QIP online questionnaire (used in security clearance background investigations) as a "proactive measure." Information collected on the SF-86 forms includes not only about individuals applying for clearances, but about their colleagues, relatives, and neighbors. Observers wonder when the Government will notify these other people that aspects of their identity is at risk, but this question seems largely rhetorical — the challenge of doing so is enormous. E-QIP is expected to be down for about six weeks.

Calls for OPM Director Archuleta's resignation grow louder, her fifteen-point security plan widely seen as too little, too late.

Leaked documents allege US surveillance of French corporate and Foreign Ministry targets.

A vulnerability last week's Adobe Flash patch closed is already being exploited in the wild, evidence of how short the re-engineering cycle has become when patches disclose the bugs they fix.

Damballa reports CryptoWall ransomware has been observed riding click-fraud campaigns.

Criminals are spreading Dyre malware through compromised wireless routers.

Many popular virtual private networks (VPNs) are reported to be exposing user data through IPv6 leakage.

Notes.

Today's issue includes events affecting Australia, Brazil, Chile, China, European Union, France, Germany, Iran, Iraq, Mexico, Nigeria, Russia, Saudi Arabia, Syria, Taiwan, United Kingdom, United States.

Cyber Attacks, Threats, and Vulnerabilities

There's no such thing as a lone wolf in cyberspace (Reuters) "Lone wolf" terrorism is often cited as the biggest terrorist threat today. The problem with this label is none of the assailants act alone. They all belong to virtual wolf packs

Iran and Saudi Arabia edge towards cyber war, study says (Fox News) The battle for influence between Iran and Saudi Arabia has become one of the biggest rivalries in the Middle East

Hacks Bring Down US Background Check System — But the Worst Is Yet to Come (Vice) Things seemed to be going swimmingly at the US Office of Personnel Management (OPM), the entity that serves as the federal government's HR department

Analysis: Why the OPM Breach Is So Bad (BankInfoSecurity) Personal secrets at risk after background forms exposed

NSA wiretapped two French finance ministers: Wikileaks (Reuters) The U.S. National Security Agency wiretapped the communications of two successive French finance ministers and collected information on French export contracts, trade and budget talks, according to a report by WikiLeaks

New WikiLeaks Documents Reveal NSA Spied On Top French Companies (TechCrunch) Following last week's eavesdropping reports, WikiLeaks shared new documents with Libération and Mediapart. This time, the new documents reveal that the NSA was spying on France's best performing companies for economic intelligence purposes

Cybercriminals adopt recently patched zero-day exploit in a flash (IDG via CSO) Just four days after Adobe Systems patched a vulnerability in Flash Player, the exploit was adopted by cybercriminals for use in large-scale attacks. This highlights the increasingly small time frame users have to deploy patches

Latest Flash hole already exploited to deliver ransomware — update now! (Naked Security) Are you still using Flash in your browser? If so, make certain you've got the latest update from Adobe, even though it only came out last week

Adobe Flash Software Zero-Day Exploit Used by Chinese Hackers Before Patch Fix (BizTech Mojo) Chinese cybercriminals have been using a zero-day exploit in the Adobe Flash software via a specifically designed video file

Clever CryptoWall Spreading Via New Attacks (Dark Reading) Top ransomware doesn't waste time jumping on the latest Flash zero-day, and hops rides on click fraud campaigns, too

Why a low-level threat can open the door for serious infections (Help Net Security) A device hi-jacked for the purpose of conducting 'click-fraud' can become a conduit for more serious malware such as ransomware

Crooks Use Hacked Routers to Aid Cyberheists (KrebsOnSecurity) Cybercriminals have long relied on compromised Web sites to host malicious software for use in drive-by download attacks, but at least one crime gang is taking it a step further: New research shows that crooks spreading the Dyre malware for use in cyberheists are leveraging hacked wireless routers to deliver their password-stealing crimeware

How Malware Campaigns Employ Google Redirects and Analytics (Internet Storm Center) The email message sent to the bank employee claimed that the sender received a wire transfer from the recipient's organization and that the sender wanted to confirm that the payment went through without issues. The victim was encouraged to click a link that many people would consider safe

Most VPNs leak user details, study shows (ComputerWeekly) Researchers have found nearly 80% of popular VPN providers leak information about the user because of a vulnerability known as IPv6 leakage

Researcher Says LG App Update Mechanism Doesn't Verify SSL Client (Threatpost) Many smartphones manufactured by LG contain a vulnerability that can allow an attacker to replace an APK file with a malicious file of his choice

Windows kerberos ticket theft and exploitation on other platforms (Mikkolehtisalo) In the past there has been a lot of talk about pass the hash, but surprisingly little about different methods for exploiting kerberos tickets. Besides the discussion focused on golden tickets the Kerberos has not really ever been a major target for abuse

Hackers are exploiting Magento flaw to steal payment card info (Help Net Security) Attackers are exploiting a vulnerability in eBay's Magento platform to steal users' billing information (including payment card info), warns Sucuri Security's Peter Gramantik

Pen testing tool or exploit? 6 samples of ways hackers get in (CSO via ITWorld) Attackers use the same tools in attacks that pen testers use to test. Six sample vulnerabilities and exploits

Hackers Behavior Before and During the 2015 Copa America (Cytegic) Cytegic DyTA intelligence platform gathers, processes and analyses hundreds of thousands of intelligence feeds on a month basis, to allow a quick and understandable cyber-trend analysis. DyTA enables cyber-intelligence analysts and CISOs to understand and analyze the threat level of each attacker and attack method relevant to their organization, according to their geopolitical region, industry sector and corporate assets. The following report represents the most interesting and active cyber-trends that DyTA analyzed before and during the Copa America 2015 in Chile. As a background we analyzed the main trends that occurred during the 2014 World Cup which took place in Brazil during June to July 2014

Searches for Pirated Content Lead to Pain and Little Gain (Threatpost) People love to try and get something for nothing, especially on the Internet where there's all kinds of things available for nothing. But a lot of those free things are illegal and attackers have become very adept at taking advantage of users' desire for free episodes of Gilmore Girls or bonus Dragon Ball Z content

MERS News Used in Targeted Attack against Japanese Media Company (TrendLabs Security Intelligence Blog) Attackers used news of the Middle East Respiratory Syndrome (MERS) outbreak as hook in a spear-phishing email sent to an employee of a popular Japanese mass media company. Using a free account from Yahoo! Mail to easily pass through anti-spam filters, the attackers copied publicly available information from the Internet to lure the recipient to open the message

Nigerian scam groups target SMEs in Taiwan (AsiaOne) Trend Micro Inc. has issued a warning to Taiwanese small- and medium-sized enterprises about the newest Nigerian hacking scheme that will not only steal information, but also cancel transactions initiated by enterprises and transfer the money to the hacker's bank accounts instead

Mercenary hackers: an elusive, challenging foe (Christian Science Monitor Passcode) For-hire criminal hackers are a plentiful resource for nation-states and militant groups to carry out digital attacks. They are also expert at covering up their tracks, making it difficult to pinpoint true culprits

Many Companies Face A Huge Security Problem In Just Two Weeks. Is Yours One Of Them? (Forbes) Many companies don't want to admit it, but they haven't yet transitioned entirely to the cloud. It's happening, of course, but it's taking time. One recent survey by BetterCloud reported that by 2020, 62% of the 1,500 its customers will be running 100% of their information technology in the cloud. But that still leaves a lot of companies in the United States using internal servers to run their businesses

Norfolk County Council sells filing cabinet with confidential information still inside (Eastern Daily Press) Personal details of some of the region's most vulnerable people has been lost, misused or mistakenly shared in a string of blunders — including one where a council sold a filing cabinet which still contained confidential files

Security Patches, Mitigations, and Software Updates

Adobe issues urgent Flash patch to prevent hacking attacks (Guardian) China-based advanced persistent threat spotted using the Flash flaw, which has now entered malware kit Magnitude

Major Xen update fixes over 20 vulns, including guest/host escape flaw (Help Net Security) The newest version (v4.5.1) of popular hypervisor Xen has been released last week, and includes a bucketload of improvements and bug-fixes, including nearly 20 security fixes

Amazon Patches Certificate Vulnerabilities in Fire Phones (Threatpost) Amazon last week patched three vulnerabilities in its Fire smartphones, including two in its Certinstaller package that put devices at risk

Microsoft quietly pushes 17 new trusted root certificates to all Windows systems (Infoworld Tech Watch) The aging foundation of Certificate Authorities shows yet another crack as security experts are caught unaware

Cyber Trends

6 reasons why there will be another OPM-style hack (ComputerWorld) Congress might fume about the security failures, but the truth is that it's part of the problem

Hacked Opinions: Vulnerability disclosure — Tomer Schwartz (CSO) Adallom's Tomer Schwartz talks about disclosure, bounty programs, and vulnerability marketing

Breaking the IoT Connection (re/code) In many ways, the current obsession with the Internet of Things is understandable. The tech press is constantly on the lookout for something cool and fresh to write about, and IoT is this year's hot topic. Plus, the idea of connecting essentially everything to everything is pretty compelling at a conceptual level

5 ways to stop the Internet of Things from becoming the Internet of Thieves (Help Net Security) The Internet of Things is here and is now on your wrist, in your pocket, in your car, and maybe even in your socks. From smart watches and self-driving cars to smart toothbrushes and digital socks that track your steps, we are living in a world where no device is an island

Australian organisations slipping on security: Dell (ITWire) Australian organisations are falling behind their US and European counterparts when it comes to IT security, according to Dell SecureWorks

Marketplace

How Investors are Profiting from Cyber Crime Fear (Investopedia) The FBI Internet Crimes Complaint Center (IC3) received its three millionth internet crime complaint in 2014, having received 269,422 complaints in 2014 alone — with losses estimated at over $800 million

Data Loss Prevention Might Give Symantec A Much Needed Boost (Seeking Alpha) Symantec launched a new version of data loss prevention product known as the Symantec Data Loss Prevention 14

Tenable Network Security Awarded $1.1 Million to Support Hundreds of New Cybersecurity Jobs in Maryland (Tenable) Market leader for continuous network monitoring software represents Maryland's new class of high-growth tech companies

Columbia-based Tenable Network Security to expand (Baltimore Sun) Columbia-based Tenable Network Security Inc. will expand its Maryland operations, CEO Ron Gula announced Monday

Cybersecurity hot region: San Diego at a glance (Network World) The weather is hot in San Diego, and so is the cybersecurity market

India facing dearth of cryptographers: Ex-DRDO chief (Business Standard) Former DRDO chief V.K. Saraswat on Monday expressed concern at the shortage of experts involved in making and cracking secret codes, as they have a major role to play in bolstering India's cyber defence

Security Luminaries Join Invincea Advisory Board (MarketWired) Renowned cyber and national security executives enlist to advise Invincea in its accelerating market growth

Products, Services, and Solutions

Intelligence community loves its new Amazon cloud (Fortune) The new Amazon Web Services-built CIA cloud is more secure and capable than legacy systems, according to intelligence IT officials speaking at an AWS event

SurfWatch Labs Launches Personalized Dark Web Cyber Risk Intelligence Service (StreetInsider) SurfWatch Labs, a provider of cyber risk intelligence solutions, today announced the general availability of a personalized cyber risk intelligence service that provides focused, in-depth research and analysis of the organization's high level threat and risk environment from the Dark Web

Gemalto launches multi-link network encryptor with up to 100 Gbps total encrypted bandwidth (Nasdaq) Gemalto's new CN8000 multi-link encryptor delivers ten 10Gbps aggregated encryption meeting the data security needs of enterprises and data center and cloud service providers, using large-scale data networks

INSIDE Secure Offers Industry First Solution to Meet Demands of Growing U.S. Federal Cybersecurity Market (Virtual Strategy Magazine) INSIDE Secure (Euronext Paris:INSD), a leader in embedded security solutions for mobile and connected devices, today announced availability of SafeZone FIPS cryptographic module version 1.1

Symtrex Inc. Partners with Hexis Cyber Solutions to Distribute HawkEye Product Family (PRWeb) Symtrex adds next generation cyber security products to assist organizations with their critical need for security, compliance and data retention

Will democratising data turn the tables in the war on cybercrime? (Information Age) The war on cybercrime is an unfair fight with hackers holding the upper hand — but will democratising the threat data level the playing field?

Technologies, Techniques, and Standards

PCI Council Publishes Update to Standard for Device Security (PCI Security Standards Council) Requirements for device manufacturers to improve security at the ATM and POS

NIST Revises Key Computer Security Publication on Random Number Generation (NIST Tech Beat) In response to public concerns about cryptographic security, the National Institute of Standards and Technology (NIST) has formally revised its recommended methods for generating random numbers, a crucial element in protecting private messages and other types of electronic data. The action implements changes to the methods that were proposed by NIST last year in a draft document issued for public comment

How to Protect Your Aging Network (Enterprise Tech) The Office of Personnel Management breach was the most recent and public example of the damage aging networks can help deliver to an organization: A lack of standard practices such as encryption, data masking, and redaction that prevents many attacks

Using Actionable Intelligence to Prevent Future Attacks (SecurityWeek) The more details you extract from security incidents, the better you can architect your defense to prevent similar attacks

Cyber Resilience And Spear Phishing (Dark Reading) Balanced security capability, defense in depth, integrated countermeasures, and a threat-intelligence strategy are critical to defending your business from spear-phishing attacks

Creating a Cybersecurity Governance Framework: The Necessity of Time (Security Intelligence) Today's organizations are going through a big change in the way they operate, the way they think and the way they function. This change is being pushed by major technological (cloud and mobile), intellectual (big data and analytics) and behavioral (social) transformations that are affecting the entire IT industry. Security also has been hit by this revolution. In fact, more than the change itself, the impact to security is due to the speed of the developments

Cyber Battleground Range helps keep up with training demands for the U.S. Army (Military Embedded Systems) To help validate soldier's cyber security skills, the U.S. Army Communications-Electronics Command (CECOM) is setting up Cyber Battleground Range. The training ground is expected to open up to all units in late summer of 2015 and will provide soldiers with a realistic environment that applies the skills learned in a classroom training curriculum

How to enable Click-to-Play in Adobe Flash ( Graham Cluley) One of the best ways to protect yourself against criminals exploiting vulnerabilities in Adobe Flash is to enable "Click to Play"

Design and Innovation

Can Data Infrastructure Vendors Stop Hackers? (eSecurity Planet) A group of prominent technology vendors are teaming to offer a highly secure data infrastructure built on Security-Enhanced Linux

NSA's Open Source Software Releases Expected to Surge (SIGNAL) The agency is establishing a GitHub presence for sharing technology

Research and Development

MIT tests 'software transplants' to fix buggy code (IDG via CSO) MIT researchers have shown a way to fix flaws using code copied from a working program

Quantum cryptography set for lift-off (Physics World) Exchanging messages with almost complete security by exploiting the strange laws of quantum mechanics should in future be possible on a global scale. That is the conclusion of physicists in Italy, who have found that the delicate states needed for quantum cryptography can be transmitted via laser beam from an orbiting satellite to a receiver on the surface of the Earth. The researchers say that the relatively simple technology needed for such encryption could be incorporated into conventional communications satellites

Academia

Temple University's Institute For Business And Information Technology And Lockheed Martin To Host National Cyber Analyst Challenge (PRNewswire) Temple University's Institute for Business and Information Technology (IBIT) and Lockheed Martin (NYSE: LMT) are joining forces to help solve the cyber talent crisis that faces the country. This fall they will host a National Cyber Analyst Challenge designed to encourage and support the best students currently pursuing cyber related degrees in the top cyber programs in the nation

Legislation, Policy, and Regulation

OPM shuts down background check system for 'security enhancements' (Washington Examiner) Potential government employees and contractors will not be able to fill out their background questionnaires online for up to six weeks, the Office of Personnel Management announced on Monday

After Historic Hack, OPM Chief's 15-Point Plan May Be Too Little, Too Late (Nextgov) In the wake of a major hack, agency director Katherine Archuleta outlined a series of steps to counter future breaches

Under Attack: Federal Cybersecurity and the OPM Data Breach (US Senate Committee on Homeland Security and Governmental Affairs) Full Committee Hearing

GOP Lawmakers to President Obama: Remove OPM Director Archuleta and CIO Donna Seymour (House Committee on Oversight and Government Reform) Today, House Oversight and Government Reform Committee Chairman Jason Chaffetz (R-UT), along with 17 Republican Members of Congress, sent a letter to President Obama requesting the removal of Katherine Archuleta as Director of the U.S. Office of Personnel Management (OPM) and Ms. Donna Seymour, OPM Chief Information Officer (CIO) after a massive data breach compromised the Personally Identifiable Information (PII) of millions of past, current, and prospective federal employees

Influencers: OPM chief should be held responsible for breach (Christian Science Monitor Passcode) The Office of Personnel Management chief should be held responsible for the lapse in security that led to the breach of millions of personal records, a whopping 84 percent of Passcode's pool of security and privacy experts said

The OPM Hack and Obama's Politicization of the Federal Bureacracy (National Review) By now, it's clear that hackers — believed to be tied to the Chinese government — stole files from the Office of Personnel Management that amount to a giant "how to blackmail anyone in the federal government" manual

Government Lacks Strategy For Cyber Attack Response, Say Techonomy Policy Panelists (Forbes) As the Internet spreads its tentacles into every nook of society, attacks are rapidly increasing against individuals, companies, governments, and the very Net infrastructure upon which they all rely. The attackers range from cyber criminals to non-state actors like ISIS and nation-states. But law enforcement, government regulation, and an established military response are not even close to keeping up, said a group of experts at the Techonomy Policy conference in Washington on June 9

What Washington really knows about the Internet of Things (Politico) President Barack Obama wears a FitBit monitor on his wrist to count his steps and calories, and has waxed poetic about the power of wearable technology to "give each of us information that allows us to stay healthier"

Agencies need to pay more attention to supply chain security (CSO) Government agencies seeking the lowest bidders typically overlook cybersecurity

Proposed Cyber Legislation And Their Impact On The Security Community (Hacker Samurai) As the number of breach incidents continues to climb, the importance of a highly skilled cybersecurity workforce on protecting our nation?s critical infrastructure sectors continues to grow. But how does proposed legislation impact the cyber communities ability to do their job?

FCC Chairman Hints at New Rules for Consumer Privacy, Internet Video (LegalTechNews) Chairman Wheeler's remarks at the Brookings Institution indicate that the FCC's reclassification of the Internet as a utility was only the beginning

Net Neutrality Debate Heats Up in Europe (LegaltechNews) EU proposals could lead to United States' "dominance" when it comes to online services

Closing the gaps in EU cyber security (ComputerWeekly) Inconsistent approaches to cyber security across Europe are undermining attempts to harmonise policy and preparedness in the EU

Litigation, Investigation, and Law Enforcement

OPM hit by class-action suit over breach of federal employee data (CSO) The employees charge the Office of Personnel Management and a contractor with negligence

Busted: App maker who'd hijack your phone to secretly mine Dogecoin (Ars Technica) Very malware. Much deception. Wow

FTC settles with developers of sneaky cryptocurrency mining app (IDG via CSO) The Prized app secretly mined virtual currencies on mobile phones

Police arrest 130 in global anti-cyber fraud operation (ComputerWeekly) Fraudulent online purchases of airline tickets using stolen credit card data is the fastest growing type of fraud, resulting in estimated losses of €1bn to the airline industry

We're in bed together, admit Intel Security, Trend Micro and NCA (Register) Infosec firms confirm they're dating — but not exclusively

BBC sets up list of news article links 'forgotten' by Google (Naked Security) For a year, Google's been forced to forget EU people

Cybersquatters giving some US presidential candidates a bad name (Naked Security) Chris Christie, the governor of New Jersey, is about to announce he's running to become the next president of the United States - something he alluded to this past weekend when he began tweeting out links to his website

Anti-virus firm wins case over potentially unwanted Angry Birds clone (Graham Cluley) Anti-virus companies have been walking a legal tightrope for years

YouTuber DarkSydePhil swatted during Arkham Knight livestream (Silicon Angle) YouTuber DarkSydePhil faced a police SWAT team during a Twitch livestream in what is a continuing trend of would-be pranksters making false police reports of violent crimes occurring at livestreamers' residences

Who paid private investigator to have Scientology critics hacked? (Graham Cluley) Hacking email accounts is not something that upstanding members of society and legitimate organisations should ever do

Suspected Pro-Kremlin 'Hell' Hacker Denies Allegations in German Court (Moscow Times) The hacker known as "Hell" shot to fame after leaking information from several e-mail and LiveJournal accounts belonging to public figures in Russia. Following years of hacking attacks on the online accounts of various Russian opposition figures, a man suspected of being the notorious hacker known as "Hell" — who is believed to have ties to Russian officialdom — is currently standing trial in Germany

Spearphishing gets personal as woman scammed out of ¬£50k house deposit (Naked Security) A London woman has been scammed out of almost £50,000, thinking she was sending it to her solicitor as a down-payment on a house purchase, after crooks apparently gained accessed to her email account and monitored her online conversations

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

(ISC)² Security Congress (Anaheim, California, USA, September 28 - October 1, 2015) Proudly colocated for the fifth year in a row, (ISC)² Security Congress 2015 and ASIS International 61st Annual Seminar and Exhibits (ASIS 2015) expect more than 19,000 professionals worldwide from...

IP Expo Europe (London, England, UK, October 7 - 8, 2015) With six top enterprise IT events under ONE roof, IP EXPO Europe assists the IT Industry in future proofing their IT and embracing a digital future. The event showcases brand new exclusive content and...

Upcoming Events

NSA Information Assurance Symposium (IAS) 2015 (Washington, DC, USA, June 29 - July 1, 2015) The NSA Information Assurance Directorate (IAD)'s Information Assurance Symposium (IAS) is a biannual forum hosted by the National Security Agency (NSA). IAS events of the past have proven to be the preferred...

US News STEM Solutions: the National Leadership Conference (San Diego, California, USA, June 29 - July 1, 2015) San Diego offers the perfect backdrop for the 4th annual U.S. News STEM Solutions National Leadership Conference, June 29 — July 1, 2015 in San Diego, CA. Please make your plans now to join fellow...

Information Assurance Symposium (Washington, DC, USA, June 29 - July 1, 2015) The NSA Information Assurance Directorate (IAD)'s Information Assurance Symposium (IAS) is a biannual forum hosted by the National Security Agency (NSA). IAS events of the past have proven to be the preferred...

Cyber Security for Healthcare Summit (Philadelphia, Pennsylvania, USA, June 29 - July 1, 2015) Our IQPC Cyber Security for Healthcare Summit will help Hospitals and Medical Device manufacturers to prepare and manage risks by viewing cybersecurity not as a novel issue but rather by making it part...

Cybergamut Tech Tuesday: The Truth About the Security of Your System (Elkridge, Maryland, USA, June 30, 2015) What does it take to secure a system? What is the logical approach to successfully achieve this endeavor? First, an understanding of who wants access and why is a necessary baseline to form a strategic...

National Insider Threat Special Interest Group Meeting (Laurel, Maryland, USA, July 16, 2015) Topics to be discussed at the meeting; Insider Threat Program Development & Implementation, Behavioral Indicators Of Concern, Legal Considerations When Developing & Managing An Insider Threat Program.

National Cybersecurity Center of Excellence (NCCoE) Speaker Series: Janet Levesque, Chief Information Security Officer at RSA (Rockville, Maryland, USA, July 16, 2015) Traditional security models are failing. While the idea of a shift from prevention to detection has gained traction, most current approaches to detection rely heavily on the same techniques that have rendered...

TakeDownCon Rocket City (Huntsville, Alabama, USA, July 20 - 21, 2015) TakeDownCon is a highly technical forum that focuses on the latest vulnerabilities, the most potent exploits, and the current security threats. The best and the brightest in the field come to share their...

CyberMontgomery 2015 (Rockville, Maryland, USA, July 30, 2015) Montgomery County, Maryland, is home to the National Institute of Standards and Technology (NIST), the National Cybersecurity Center of Excellence (NCCoE), the FDA, NIH, NOAA, NRC and more than a dozen...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.