skip navigation

More signal. Less noise.

Daily briefing.

ISIS (whose nominal sympathizers continue their practice of whacking at poorly protected sites in the American Midwest — this time at an Indianapolis artisan group) posts a sinister call asking supporters to attack US military personnel in their homes. The Caliphate helpfully publishes a doxed list of service members and their addresses, gleaned apparently from public sources. Such episodes illustrate the degree of nuisance (and menace) achievable with very modest technical skills.

The Rocket Kitten APT group (linked to Iran's government) resurfaces with attacks on European and Israeli targets.

China's government denies involvement with last week's hack of Register.com, suggesting accusations to the contrary are basically another American provocation. (Back in America, the FBI is investigating the hack.)

Cisco announces discovery of new paycard-scraping point-of-sale malware, PoSeidon, caught exfiltrating stolen data to servers in Russia.

A site-hijacking bug is found in another WordPress plug-in. Pakistan blocks WordPress for "national security" reasons, but that's because of terrorist group Tehreek Taliban Pakistan's heavy use of the blogging platform, not any technical vulnerabilities.

A recently patched Flash vulnerability appears in the Nuclear exploit kit. Patched bugs are being weaponized at a noticeably faster pace — speed of patching grows in importance.

Bank of America customers are targeted in a phishing campaign that shows a new tactical wrinkle: use of spoofed email addresses with a .gov top-level domain.

Apple and Google continue purging their respective app stores. Analysts warn that leaky apps have become a principal enterprise threat.

High-profile hacking spurs a wave of security IPOs.

Notes.

Today's issue includes events affecting Australia, Bangladesh, China, European Union, Finland, Germany, India, Iran, Iraq, Israel, New Zealand, Pakistan, Russia, Syria, United Arab Emirates, United Kingdom, United States.

The CyberWire will be in Atlanta at week's end, covering the Women in Cybersecurity conference on Friday and Saturday. We'll be live-tweeting from the event and will publish a wrap-up in our March 30 edition.

Cyber Attacks, Threats, and Vulnerabilities

IS releases troops' photos and addresses, urges attacks (Marine Corps Times) The Islamic State group has reportedly posted the names, photos and home addresses of 100 American troops, urging sympathizers inside the U.S. to carry out attacks against them

Islamic State doxes US soldiers, airmen, calls on supporters to kill them (Ars Technica) Despite hacking claims, data likely pulled from public sources

Indiana Artisan website hacked by group claiming ISIS ties (RTV 6 ABC News) A group claiming to have ties to the Islamic State appeared to have hacked the website of an Indiana arts organization Saturday

State-sponsored hackers target European, Israeli organizations (Help Net Security) Rocket Kitten, the APT group of attackers that have been delivering spear-phishing emails with the Ghole malware to Israeli and European institutions late last year, have lately been spotted mounting a new operation

Chinese military denies role in reported U.S. hacking (Reuters) China's Defense Ministry on Friday denied that it had anything to do with a cyber attack on Register.com, a unit of Web.com, following a report in the Financial Times that the FBI was looking into the Chinese military's involvement

New Zealand Spied on WTO Director Candidates (Intercept) New Zealand launched a covert surveillance operation targeting candidates vying to be director general of the World Trade Organization, a top-secret document reveals

Threat Spotlight: PoSeidon, A Deep Dive Into Point of Sale Malware (Cisco Blogs) Cisco's Security Solutions (CSS) consists of information security experts with a unique blend of law enforcement, enterprise security and technology security backgrounds. The team works directly with Cisco's Talos Security Intelligence & Research Group to identify known and unknown threats, quantify and prioritize risk, and minimize future risk

WordPress plugin used by millions sports critical site-hijacking flaw (Help Net Security) Another popular Yoast Wordpress plugin has been found sporting a critical vulnerability that can be exploited by attackers to take over control of the site

Cisco confirms IP phone eavesdropping flaw (IT News) Update: But successful exploit 'not likely'. Cisco's small business SPA300 and SPA500 internet protocol (IP) phones contain a vulnerability that if exploited, allows attackers to remotely listen in on audio from the devices

Latest Dridex Campaign Evades Detecgtion with Autoclose Function (Threatpost) Pushers of the Dridex banking malware have gone old-school for some time now, moving the malware through phishing messages executed by macros in Microsoft Office documents

NJRat Trojan Returns To Life, Warns PhishMe (TechWeekEurope) A remote access trojan, last seen a year ago, is making a reappearance warns security researcher

Fake job seeker's emails deliver ransomware and info-stealer (Help Net Security) The latest Cryptowall-delivery campaign comes with an additional menace: the Fareit Trojan, which is designed to steal logins and passwords from compromised computers, download additional malware, and can be used in DDoS attacks

Recently patched Adobe Flash bug added to Nuclear Exploit Kit (SC Magazine) Trend Micro, Malwarebytes and FireEye are among the security companies reporting that a recently patched Adobe Flash vulnerability has been added to the Nuclear Exploit Kit

New attacks suggest leeway for patching Flash Player is shrinking (IDG via CSO) Cybercriminals are exploiting newly patched vulnerabilities faster, a sign that users and companies need to improve their software updating habits

Bank of America phishing attack hits customers (Help Net Security) Phishers are once again targeting Bank of America customers, warns Malwarebytes' Chris Boyd

Phishing and the .gov TLD (TrendLabs Security Intelligence Blog) Brand owners frequently use SPF and DKIM to protect their brands from email forgery. For example, a brand owner could register the same domain name under multiple top-level domains (TLDs) (such as .com, .net, .org, etcetera) and announce SPF/DKIM records for all of these domains (even if they were not actively being used). While generally effective, there is one loophole: what about the .gov TLD?

Premera hack: What criminals can do with your healthcare data (Christian Science Monitor: Passcode) The Premera Blue Cross breach gave hackers valuable financial and medical data on millions of people. That information can be sold on the black market to criminals looking to commit identity theft, obtain prescription drugs illegally, or commit insurance fraud

Open Letter to Premera Blue Cross CEO Jeffrey Roe (Digital Dao) Dear Mr. Roe: My wife and I were Premera Blue Cross customers during my tenure with Microsoft. During that time, we both had surgeries done and she has a long history of medical treatments. In other words, Premera Blue Cross holds a lot of very sensitive information on both of us, separate and apart from our social security numbers, dates of birth, and other personally identifiable information. I'm sure that many of your customers could say the same. This open letter serves to notify you of my intention to see that Premera Blue Cross is made an example of for the insurance industry, much like Target was for the retail industry for the following reasons

2015 is already the year of the health-care hack — and it's only going to get worse. (Washington Post) Last year, the fallout from a string of breaches at major retailers like Target and Home Depot had consumers on edge. But 2015 is shaping up to be the year consumers should be taking a closer look at who is guarding their health information

Fake patient data could have been uploaded through SAP medical app (IDG via CSO) SAP has patched the issue, which affected Electronic Medical Records Unwired

Nuisance Adware Blights Google Play Again (Infosecurity Magazine) Mobile security firm Lookout claims to have found 13 new pieces of adware in the Google Play app store, potentially affecting up to half a million users

Apple removes 'misleading' anti-virus app from iOS in alleged crackdown (Trusted Reviews) Apple is reportedly shuttering 'anti-virus' apps on the iOS App Store, allegedly describing such software as 'misleading'

Leaking apps, not malware, pose greatest mobile threat to enterprises, says NowSecure CEO (FierceMobileIT) Leaky mobile apps, not mobile malware, pose the greatest mobile threat to the enterprise, according to Andrew Hoog, CEO of NowSecure, a maker of mobile app security testing products

Rush To Release Resulting In Vulnerable Mobile Apps (Dark Reading) IT organizations overlooking security in their haste to crank out mobile apps, Ponemon Institute report finds

Which Apps Expose Your Data to the NSA's Spying? (Tech Cheat Sheet) A recent Pew Research Center report found that some Internet users have changed their use of social networking services, apps, email, and even search engines as a result of former National Security Agency (NSA) contractor Edward Snowden's 2013 revelations about the government's pervasive online surveillance. So how does your smartphone — the device that many of us find indispensable in our day-to-day lives — have the potential to expose your personal data and your online activity to government snooping? How does your mobile device protect your anonymity, and how does it leave your communications vulnerable to interception by the NSA and other intelligence agencies?

Hilton Honors Flaw Exposed All Accounts (KrebsOnSecurity) Hospitality giant Hilton Hotels & Resorts recently started offering Hilton HHonors Awards members 1,000 free awards points to those who agreed to change their passwords for the online service prior to April 1, 2015, when the company said the change would become mandatory. Ironically, that same campaign led to the discovery of a simple yet powerful flaw in the site that let anyone hijack a Hilton Honors account just by knowing or guessing its valid 9-digit Hilton Honors account number

PokerStars Account Hacks Lead to Questions About Site's Security (Flushdraw) For the past few days, discontent has been brewing in the poker community about possible security issues at PokerStars, or at least about how the world's largest poker room handles security issues. It appears that a number of accounts have been hacked and, in turn, drained of funds, but to the dismay of players, the poker room has not been of much help

British Judo in deep shido after cyber attack (Register) Hack possibly bared members' credit card details

Stolen faculty laptop containing student information not yet found, no indication that data has been used (Maine Campus) The University of Maine has reached out to the people affected by the Feb. 10 data breach involving a theft of a faculty member's laptop and media card. The former students affected have been offered identity theft protection from Experian, a cyber protection company

Cyber Trends

2015 Global Megatrends in Cybersecurity (Infosec Island) The Ponemon Institute has published the "2015 Global Megatrends in Cybersecurity". Sponsored by Raytheon Company, the aim of this research is to understand the big trends or changes that will impact the security posture of organizations in both the public and private sector in the next three years

Speed of Tech Change a Threat to Cybersecurity (Wall Street Journal) Companies are having problems adapting to the speed of technological change, continue to use legacy technologies while trying to combat evolving cyberattacks, a report says

The Healthcare Internet of Things: Rewards and Risks (Atlantic Council) The Internet of Things (IoT) of digital, networked technology is quickly moving to the forefront of society, the global economy, and the human experience

IoT technologies emerge to manage connected-device deluge (TechTarget) Deployment of IoT, wearables and connected devices are coming at rates even experts never thought possible and IT must be ready

IT pros are taking action against the insider threat (Help Net Security) 2015 is set to see a huge rise in the number of IT professionals taking action to address insider threat in their organizations. Currently 56% of IT professionals in the US have an insider threat program already in place, and 78% of those remaining, or 34% of the total, are planning to put one in place this year. A further 6% are planning an insider threat program within five years

The High Cost of a Data Breach Data: Do You Have $5M to Lose? (CMS Wire) The average security breach costs between $3 million and $5 million. That's the alarming word from a new report on the importance of cybersecurity on enterprise IT from BDNA, a Mountain View, Calif.-based IT data intelligence provider

France 'particularly fertile ground. for cyber attacks, says security firm (France 24) "There is no such thing as perfect security." The take-home message from a report on the latest cyber threats by world leading internet security firm, FireEye, is hardly reassuring

Bangladesh vulnerable to cyber attacks Ernst & Young says in report (Star Business Report) With the growing use of mobile phones and internet, Bangladesh is ever more vulnerable to cyber attacks, said Burgess Cooper, a partner at Ernst & Young, a global professional services firm headquartered in London

Marketplace

The decade of the data breach — how to cope (Information Age) The worst nightmare that CEOs and their board face today is not an unchecked competitive threat or insufficient market capitalisation, but that of the data breach

Hack Attacks Mean More Cyber Firms Will Go Public (Fiscal Times) Rapid7, LogRhythm and Mimecast are joining a growing list of cybersecurity firms planning to go public in 2015 to capitalize on investor interest following a spate of hacker attacks, according to people familiar with the matter

Raytheon: Rising Cybersecurity Ambitions (Seeking Alpha) Raytheon's increasing emphasis on its cybersecurity segment is a positive sign for the company, as cybersecurity will be more important than ever moving forward

KPMG just added to its acquisition spree, buying out a cyber security company (Business Insider) KPMG has struck a deal to acquire cyber security company First Point Global as it expands its digital advisory business

FireEye Inc: FEYE Stock Could Ignite Soon (Investor Place) After a few weeks of consolidating, FEYE stock now looks ready to rally again

Government reveals plan to make London cyber capital (Post) The UK government today (23 March) unveiled plans to make the London market the cyber risk management capital of the world in a report released in conjunction with broker Marsh

UK Cyber Security: the Role of Insurance in Managing and Mitigating the Risk (HM Government) The cyber threat remains one of the most significant — and growing — risks facing UK business. 81% of large businesses and 60% of small businesses suffered a cyber security breach in the last year, and the average cost of breaches to business has nearly doubled since 20131. Working in partnership, the Government and industry have done much to improve understanding of cyber attacks and how to reduce their impact, yet more needs to be done. As part of this Government's long-term economic plan, we want to make the UK one of the safest places in the world to do business online

7 reasons why Israeli cyber-security will remain hot (Venture Beat) Is Israeli cyber-security worthy of its global reputation? Are the impressive price tags of recent M&As in the field justified? And will the field of cyber-security continue to be a driving force in the Israeli hi-tech ecosystem?

Nation's only IT apprenticeship program fails to attract corporate players (FierceCIO) IT leaders constantly complain about how difficult it is to find IT workers in the job market, so any potential source of new talent would seem to be welcome relief. That hasn't been the case with the nation's only active IT apprentice program, which several months after its launch has yet to attract a single corporate employer

Northrop Wins $74M Task Order for DISA Cyber Program (GovConWire) Northrop Grumman (NYSE: NOC) will continue its cyber defense support for the Defense Information Systems Agency's Acropolis and Sensor Operations program following the award of a four-year, $73. 6 million task order

HP Awards $240K for Firefox, IE, Chrome and Safari Exploits (eWeek) No browser was left unscathed. Security researchers poked holes in fully patched browsers at this year's Pwn2Own hacking challenge

Guidance Software Appoints Vice President, Product Marketing and Operations (MarketWatch) Guidance Software, GUID, -0.93% the World Leader in Digital Investigations™, today announced the appointment of Linda Souza in the newly created role of Vice President, Product Marketing and Operations. Ms. Souza leads Guidance Software's worldwide product marketing, program marketing, marketing operations, and content development teams

Products, Services, and Solutions

Huawei, Black Lotus open anti-DDoS centre in Europe (Telecompaper) Huawei announced at Cebit the opening of its European DDoS cloud scrubbing centre. Based in Amsterdam, the centre is run in cooperation with the security company Black Lotus. The two companies first announced their partnership last December

Samsung launches Trustonic security software for Knox (Mobile News) Trustonic software will come embedded in Samsung Galaxy S6 and S6 edge smartphones

Lastline Aims to Stay Ahead of Windows Kernel Malware (eWeek) Lastline announced a new capability to detect Windows kernel malware, complemented by a presentation at South by Southwest on the state of malware

Built-in intelligence for NGFW (IT Online) Firewalls are the first line of any organisation's defences. They are the "sentinels" of the network, standing guard and controlling traffic entering and leaving the network, blocking potentially dangerous or unknown traffic that may threaten the organisation

Etihad Rail UAE: Connected train is approaching — and it cannot be hacked (Emirates 24/7) Robust mobile communications technology will keep rail networks free of hackers: Huawei official

Technologies, Techniques, and Standards

Dark Reading Threat Intelligence Survey (InformationWeek) Threat intelligence is the best way to stay ahead of new and complex attacks, say survey respondents. How analytics influences their IT security strategies varies

Five criteria for purchasing threat intelligence services (TechTarget) Once an organization has determined it is a candidate for threat intelligence services, the next order of business is to select the service that provides the best fit for its needs. Because the threat intelligence services market is still relatively new, however, it's often a challenge to compare service details side by side to get an accurate picture of which offers what

To avoid NSA, Cisco gear gets delivered to strange addresses (IDG via Network World) One of the most successful U.S. National Security Agency spying programs involved intercepting IT equipment en route to customers and modifying it

A CIO's best allies in the fight against 'shadow IT' are the shadow IT vendors (VentureBeat) The term "Shadow IT" can conjure up visions of overwhelmed CIOs frantically trying to keep information repositories secure from online attacks, while their own employees compromise security by brazenly using personal devices and consumer cloud services without IT?s permission or even IT's knowledge

Why you shouldn't ignore change auditing (Help Net Security) What are the benefits of using change auditing? What security issues can an organization discover and prevent?

Trumping cybercriminals during tax season: Tips on how to stay safe (Help Net Security) Tax season is stressful for many reasons and April 15 equals a headache for many Americans. In addition to wading through taxes, tax season also opens up a new vector in which cybercriminals can attack. With consumers sending and receiving very personal information over email — one of the weakest links in the cyber security fence — cybercriminals are on high alert, looking for the most opportune moment to strike

Design and Innovation

PC security upgrades a welcome antidote to breaches (Seattle Times) With so much in the news about computer security these days, personal experience says innovations and new developments could be appealing antidotes to the fright that breaches and theft can provoke

Why an algorithm may be the answer to fight 'revenge porn' (Christian Science Monitor: Passcode) Facebook, Reddit, and Twitter have all taken a harder line against so-called revenge porn. But many experts are calling for a more robust technological solution to scrub it from the Web

New Chevy Malibu will come with built-in NSA-style Teen-Tracking Spyware (HackRead) Chevrolet will offer parents an uncanny level of oversight when they need to lend the family ride to their kids with its NSA inspired spying feature that will be installed in its upcoming Malibu

Research and Development

New approach uses 'twisted light' to increase efficiency of quantum cryptography systems (Science Daily) Researchers have developed a way to transfer 2.05 bits per photon by using 'twisted light.' This remarkable achievement is possible because the researchers used the orbital angular momentum of the photons to encode information, rather than the more commonly used polarization of light. The new approach doubles the 1 bit per photon that is possible with current systems that rely on light polarization and could help increase the efficiency of quantum cryptography systems

Stealing Data from Computers Using Heat (Wired) Air-gapped systems, WHICH are isolated from the Internet and are not connected to other systems that are connected to the Internet, are used in situations that demand high security because they make siphoning data from them difficult

Legislation, Policy, and Regulation

WordPress Banned in Pakistan Over National Security Issues (Hack Read) In a shocking decision the government of Pakistan has banned WordPress.com, the world renowned open-source blogging tool and a content management system

Wordpress Blocked In Pakistan (TechCrunch) According to multiple local outlets, WordPress blogs are currently not accessible in Pakistan and pointing the blockage at the Pakistan Telecommunication Authority (PTA). TechCrunch has not been able to confirm that yet. As it stands right now, WordPress.com and blogs hosted by WordPress cannot be reached. Self-hosted WordPress blogs still work

Defence ministry sounds red alert on web spying (Times of India) India's defence establishment has sounded a fresh red alert over the need to ensure physical as well as cyber security of classified information in light of ever-increasing espionage attempts by foreign intelligence agencies, especially from China and Pakistan

House panel releases bill on cyber threat data-sharing (The Hill) A discussion draft of a House Homeland Security Committee bill to give companies legal liability protections when sharing cyber threat data with the Department of Homeland Security (DHS) was released Friday

Here's What a Former NSA Official Thinks About CISA (DCInno) Fresh Off An $18M Raise, Darktrace SVP talks major cybersecurity bill

It's too late to debate metadata (Phys.org) The government can?t read your email, but it will be able to find out where you sent it to and from. Credit: Paul Downey/Flickr, CC BY What has been so frustrating throughout the metadata "debate" is that we have been kept in ignorance as to what it was that the law enforcement agencies actually wanted to retain

The NSA's plan: improve cybersecurity by hacking everyone else (Guardian) The National Security Agency want to be able to hack more people, vacuum up even more of your internet records and have the keys to tech companies' encryption — and, after 18 months of embarrassing inaction from Congress on surveillance reform, the NSA is now lobbying it for more powers, not less

Silicon Valley spars with Obama over 'backdoor' surveillance (The Hill) Silicon Valley and a bipartisan group of lawmakers are lining up against the Obama administration, criticizing what they see as a lack of support for total online privacy

Pentagon wraps up new acquisition rules to protect weapons from cyberattacks (Reuters) The U.S. Defense Department is taking aggressive action to bolster the security of U.S. weapons systems against cyberattacks, including issuing new rules for acquisitions that will be finalized in coming months, officials told Reuters

Litigation, Investigation, and Law Enforcement

UK Police Deem Snowden Leak Investigation a State Secret (Intercept) British police claim a criminal investigation they launched into journalists who have reported on leaked documents from Edward Snowden has to be kept a secret due to a "possibility of increased threat of terrorist activity"

US Threatened Germany Over Snowden, Vice Chancellor Says (Intercept) German Vice Chancellor Sigmar Gabriel said this week in Homburg that the U.S. government threatened to cease sharing intelligence with Germany if Berlin offered asylum to NSA whistleblower Edward Snowden or otherwise arranged for him to travel to that country. "They told us they would stop notifying us of plots and other intelligence matters," Gabriel said

Esma mulls helping in battle against cyber-attack (Financial News) Europe's top market watchdog has said that it may be able to play a critical role in battling cyber-crime, and that further work is needed on national defence programmes

Chicago Police fighting to keep cellphone trackers secret (Chicago Sun-Times) The Chicago Police Department is fighting to keep a lid on how, when and where officers have used covert cellphone tracking systems — with an outside law firm billing the city more than $120,000 to battle a lawsuit that seeks those secret details

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Proposer's Day Conference for the Scientific advances to Continuous Insider Threat Evaluation (SCITE) program (Washington, DC, area, April 16, 2015) The Intelligence Advanced Research Projects Activity (IARPA) will host a Proposers' Day conference for the Scientific advances to Continuous Insider Threat Evaluation (SCITE) program, in anticipation of...

DaytonDefense Ohio Cyber Dialogue with Industry Conference (Dayton, Ohio, USA, May 6 - 7, 2015) Our Cyber Security conference presents how Cyber Security affects you as an individual, your company, and your nation, along with business opportunities in this growing area. You will walk away with an...

3rd Annual Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 20 - 21, 2015) In 2015, it is more important than ever that in-house and outside counsel stay abreast of the most current developments and best practices in cybersecurity. Those lawyers who ignore cyber threats are risking...

BSides Las Vegas (Las Vegas, Nevada, USA, August 4 - 5, 2015) BSides Las Vegas is an Information/Security conference that's different. We're a 100% volunteer organized event, put on by and for the community, and we truly strive to keep information free. There is...

Hacker Halted 2015 (Atlanta, Georgia, USA, September 13 - 18, 2015) EC-Council Foundation's flagship information security conference, Hacker Halted, will unite some of the greatest minds in information security, as industry experts address the latest threats and vulnerabilities...

Upcoming Events

Cyber Security Conference 2015 (Bolton, UK, March 23 - 24, 2015) Cyber Security Conference 2015 is a coming together of the North of England's two most successful Cyber Security Conferences; BEC Information & Data Security Conference and Lancaster University's North...

Fraud Summit Altanta (Atlanta, Georgia, USA, March 24, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Highlights of the Atlanta event include...

CyberTech Israel 2015 (Tel Aviv, Israel, March 24 - 25, 2015) In the face of these enemies and threats, individuals, organizations and states are required to produce innovative, unique solutions that would improve the resistance and resilience of the sensitive systems...

2nd Annual ISSA COS Cyber Focus Day (Colorado Springs, Colorado, USA, March 25, 2015) Join us for the Information Systems Security Association (ISSA) — Colorado Springs Chapter — Cyber Focus Day set to take on Wednesday, March 25, 2015 at the University of Colorado Colorado...

28th Annual FISSEA Expo (Gaithersburg, Maryland, USA, March 25, 2015) This year's theme is "Changes, Challenges, and Collaborations: Effective Cybersecurity Training." Through numerous high quality sessions, over 100 attendees will learn new ways to improve their IT security...

Global APT Defense Summit (Atlanta, Georgia, USA, March 25, 2015) This event will lay out a defense framework, which describes the appropriate phases, from establishing a resilient security baseline, through gathering threat intelligence, zero-day malware detection,...

CYBERWEST: the Southwest Cybersecurity Summit (Phoenix, Arizona, USA, March 25 - 26, 2015) The purpose of CYBERWEST is to bring together Government and businesses to: Exchange information and learn in areas of policy and strategy; technology and R&D; workforce training and education; and economic,...

Conference on Cyber Defence in Europe (Berlin, Germany, March 25 - 26, 2015) The conference aims to address these and other issues of cyber defense in a broad audience of policy-makers, senior officials and experts from EU institutions and Member States, representatives of industry...

CYBERWEST (Phoenix, Arizona, USA, March 25 - 26, 2015) The purpose of CYBERWEST is to bring together Government and businesses to: Exchange information and learn in areas of policy and strategy; technology and R&D; workforce training and education; and economic,...

Fraud Summit Dubai (Dubai, United Arab Emirates, March 26, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Highlights of the Dubai event include...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.