skip navigation

More signal. Less noise.

Daily briefing.

US information operations against ISIS continue to draw lukewarm reviews. ISIS sympathizers themselves tweeted threats of cyber attack against US targets, but since H-hour was 2:00 PM EDT yesterday, either the attack time slipped, the attempt fizzled, or the whole threat was so much rodomontade. (Our money's on the last explanation.)

Iran's homegrown search engines appear to be part of the Islamic Republic's information-filtering apparatus.

The US Defense Department's regular report on China's military and security posture warns that what journalists call "network-killing cyber attack tools" are under development. Some hard evidence accompanies a great deal of prudent argument from a priori possibility. (The recently concluded Sino-Russian cyber-nonaggression pact hasn't drawn much comparison with the Molotov-Ribbentrop pact, but it may have analogous import: division of cyberspace into spheres of influence, agreement not to interfere with each others' offensive operations, etc. Not lasting non-aggression, but not particularly good news for the US and its allies.)

MacKeeper, famous for "noisy pop-ups" (as Threatpost calls them), is patched to close a remote-code execution vulnerability.

Researchers track the Angler exploit kit's evolution in malvertising, obfuscation, and ransomware distribution.

A criminal group is deploying the Fiesta exploit kit against Windows systems.

People notice that GitHub dorking may be as problematic as the better-known Google dorking.

The Tor Project shuts down Tor Cloud for lack of resources.

The Gulf Cooperation Council wants a cyber pact with the US (like the one Japan has).

NSA Director Rogers warns hackers to expect to face some kind of music.

Notes.

Today's issue includes events affecting Algeria, Bahrain, Bangladesh, China, Egypt, Germany, Iraq, Iran, Jordan, Democratic Peoples Republic of Korea, Kuwait, Libya, Morocco, Oman, Palestine, Qatar, Romania, Russia, Saudi Arabia, Somalia, Sudan, Syria, Tunisia, United Arab Emirates, United Kingdom, United States, Yemen.

Cyber Attacks, Threats, and Vulnerabilities

ISIS Hackers Announce Planned Attack on America Today (Headlines & Global News) This is not the first time that ISIS hackers have threatened to attack Americans

Experts: ISIS's social media terrorist messaging far ahead of US government efforts to counter it (FeirceHomelandSecurity) The U.S. government is a doing a feeble job of countering the Islamic State's social media propaganda designed to recruit foreign fighters and incite lone wolves into action, several experts said during a Senate hearing May 7

Selective Truths Revealed: The Case of Iranian Search Engines (Global Voices Advocacy) Over the past few years, Iranian officials have championed 'national' tech development projects (such as the National Information Network (SHOMA) and Iranian versions of Western services), while eschewing foreign platforms like Viber and WhatsApp

China developing network-killing cyber attack tools, warns US government (V3) China is developing dangerous cyber attack tools that could knock a nation's infrastructure offline using data stolen during high-profile hacks, according to the US Department of Defence (DoD)

Controversial MacKeeper security program opens critical hole on Mac computers (IDG via CSO) A critical vulnerability in MacKeeper, a controversial security program for Mac computers, could let attackers execute malicious commands on Macs when their owners visit specially crafted Web pages

Angler exploit kit using tricks to avoid referrer chain leading back to malvertisement provider (0x3a Blog) For some time I've been seeing the Angler exploit kit pop up and infect clients without through malvertising campaigns without having a referer when visitng the landing page. The reason why this is interesting is that it makes it a lot harder to track down the malicious creative IDs which can be disabled by the advertisement operator. This is key in trying to fight active malvertising campaigns. In this short article I'll go through the current setup the Angler exploit kit uses to avoid the referer chain by losing it in a 2 step system

Angler exploit kit pushes new variant of ransomware (Internet Storm Center) The Angler exploit kit (EK) is being used to push a new variant of TeslaCrypt/AlphaCrypt ransomware. I've been documenting cases of Angler EK pushing AlphaCrypt in recent weeks [1][2][3]. Last week on 2015-05-07, I started seeing a new variant [4]. This new variant has a popup window that uses CTB-Locker-style instructions

Actor using Fiesta exploit kit (Internet Storm Center) This diary entry documents a criminal group using the Fiesta exploit kit (EK) to infect Windows computers. I previously wrote a guest diary about this group on 2014-12-26 [1] and provided some updated information on my personal blog this past February [2]. I first noticed this group in 2013, and it's likely been active well before then

Home Automation Software Z-Way Vulnerable to Remote Attacks (Theatpost) A researcher is warning users of the extensible Z-Way controller project that a weakness built into the software could inherently expose it to attacks

Add GitHub dorking to list of security concerns (IT World) GitHub platform has become the world's source code repository. But with success come security and privacy concerns

Elasticsearch Honeypot Snares 8,000 Attacks Against RCE Vulnerability (Threatpost) Hackers have taken an interest in Elasticsearch, a popular enterprise search engine

Steganography and Malware: Concealing Code and C&C Traffic (TrendLabs Security Intelligence Blog) In our earlier post discussing steganography, I discussed how it is now being used to hide configuration data by malware attackers. Let?s go discuss this subject another facet of this topic in this post: how actual malware code is hidden in similar ways

What if a Cybersecurity Attack Shut Down Our Ports? (Slate) It's a real, and frightening, possibility

Beware the ticking Internet of Things security time bomb (Network World via CSO) Debate focuses on moving full-speed ahead with IoT vs. pausing to build in security first

Cyberattacks Target Mobile Banking (Credit Union Times) Reports of 2.2 billion malicious attacks on computers and mobile devices in 2015's first quarter and an evolving Dyre Wolf malware threat are reminders of the continuing need for financial institutions to remain vigilant

Firekeepers Casino Hotel Acknowledges Possible PoS Breach (eSecurity Planet) It's not yet clear how many customers may have been affected

Google temporarily shuts down Map Maker due to vandalism (Ars Technica) An Android peeing on an Apple logo forces Google to revamp approval process

Attack on Will County Treasurer's Website Nothing More Than Cyber 'Graffiti' — Official (New Lenox Patch) The spokesman for the Will County Treasurer said residents' personal information was not at risk

Security Patches, Mitigations, and Software Updates

MacKeeper Patches Remote Code Execution Zero Day (Threatpost) MacKeeper, well known to Mac OS X users for its noisy pop-under ads stressing the need for a system cleanup, has patched a critical remote code execution vulnerability

Windows 10 security — how will Windows Update for Business work? (TechWorld) No more versions, no more Patch Tuesday for most. The world after Windows 10 looks unfamiliar but hugely welcome

Cyber Trends

Executives fear domino effect of cyber attacks, study shows (ComputerWeekly) More than half of US top executives fear not only serious disruption of their own operations, but also the impact of cyber attacks on national infrastructure, a study has revealed

C-Level Executives and the Need for Increased Cybersecurity Literacy (Infosec Island) Now more than ever, it's evident cybersecurity risk oversight at the board level is essential to keep any business or organization afloat — and off the headlines

Do you know where your sensitive data lives? (Help Net Security) The majority of IT security professionals don't have full visibility into where all their organization's sensitive data resides, according to Perspecsys

Marketplace

Companies Under-Insure for Cyber Risk as Breach Costs Rise (Wall Street Journal) Companies insure property, plant and equipment more than their information assets, despite recognizing that their information is nearly as valuable as the PP&E and much more likely to suffer harm

Cyber Insurance Offers More Than Just Protection Against External Cyber Attacks (Entrepreneur) Massive data breaches have become so prevalent that they are no longer big news. The cyber attacks that do grab headlines typically involve banks or large retailers, in which tens or hundreds of millions of records may have been stolen

The end of Superfish? (ghacks.net) When you open the homepage of the advertising company Superfish right now you see a simple statement on it instead of information about the company or its products

More Lenovo woes: 3 security flaws, website clerical errors, maybe layoffs (Computerworld) Lenovo is again in the news thanks to the security snafus of three security holes in Lenovo System Update service. The company claims there is no defect in its new LaVie Z 360 devices, but blamed confusion about its capabilities on clerical errors on its product website. Also, unnamed Research Triangle Park workers reported that Lenovo is laying off former IBM employees starting today

A Major Defense Contractor Buys Its Way Back Into the Spying Business (The Nation) With upwards of 70 percent of the surveillance state's budget directed to private contractors, some of the most reliable sources for tracking intelligence trends are the companies themselves

DocuSign Raises $233M Series F At $3B Valuation (TechCrunch) DocuSign, a company best known for its work with secure identity and authentication, has raised a $233 million Series F round of capital, at what a source said was a roughly $3 billion valuation

Bricata Wins 2015 InvestMaryland Challenge for Cybersecurity (Bricata Latest News) Bricata LLC, the pioneer of high-throughput next generation intrusion prevention security systems (NGIPS), today announced it has been selected as the grand prize winner in the Defense & Security category for the 2015 InvestMaryland Challenge. Held by the Maryland Department of Business and Economic Development (DBED), the InvestMaryland Challenge is the state's international business competition which recognizes the ingenuity and drive of the best and brightest entrepreneurs and young companies

Women In Security Speak Out On Why There Are Still So Few Of Them (Dark Reading) They're now CISOs, security officials in DHS and the NSA, researchers, and key players in security — but women remain a mere 10% of the industry population

SAFECode Names EMC Security Executive Eric Baize as Chairman (MarketWatch) Representatives from Adobe and Siemens also elected as Board Officers

'Father Time' Still Negotiating The Future (InformationWeek) Harlan Stenn, chief maintainer of the Network Time Protocol, remains in limbo between full-time NTP work and a return to private consulting

Products, Services, and Solutions

Microsoft bids for security edge with new browser (ComputerWeekly) In a bid to end years of Internet Explorer security woes, Microsoft is betting that its still-to-be-released Edge browser will meet the challenges of increasingly sophisticated online hacker attacks

Microsoft Offers First Look at Cloud Security Technology from Aorato Buy (The VAR Guy) Microsoft (MSFT) is giving customers and solution providers a preview of new security technology that turns an eye to the cloud to prevent network attacks before they happen

Tor Cloud project reaches the end of the line (Help Net Security) The Tor Project has discontinued the Tor Cloud project due to a lack of dedicated software developers and maintainers

Startup Ionic Security takes the sweat out of securing documents (ChannelWorld) Well-funded startup Ionic Security has launched a data-protection service that guards encrypted documents no matter where they go until access is authorized by its policy engine based in the cloud, making it possible to protect data even if the files that contain it fall into the wrong hands

TapLink Rethinks Password Security with Blind Hashing (eSecurity Planet) Passwords are often a weak security link but they don't have to be, says security startup TapLink

Datapp Sniffs Out Enencrypted Mobile Data (Threatpost) Last fall, researchers at the University of New Haven's Cyber Forensics Research and Education Group dropped the hammer on a number of Android apps, including those from some popular social networking and dating sites, for their insistence on sending data in the clear

FastNetMon — Very Fast DDoS Analyzer with Sflow/Netflow/Mirror Support (Kitploit) A high performance DoS/DDoS load analyzer built on top of multiple packet capture engines (NetFlow, IPFIX, sFLOW, netmap, PF_RING, PCAP)

Technologies, Techniques, and Standards

The best way to protect passwords may be creating fake ones (IDG via CSO) Password managers are a great way to supply random, unique passwords to a high number of websites. But most still have an Achilles' heel: Usually, a single master password unlocks the entire vault

Defend your network from APTs that exploit DNS (Help Net Security) Advanced Persistent Threats (APTs) are designed to spread, morph and hide within IT infrastructure to perpetrate a long term attack, posing a significant threat to the security of corporate data

3 security questions to ask when vetting a vendor that needs company data (The Enterprisers Project) In my role as senior vice president of engineering, I frequently work closely with the CIOs of large, industrial companies implementing prescriptive sales solutions. As these solutions require the use of company data, ensuring the data remains secure through each and every touch point is critical. Each company that becomes a customer is unique, but data security needs are universal. Below are some of the imperative questions that a CIO should address before implementing any technology from a vendor that requires access to secure company data

Detecting Network Traffic from Metasploit's Meterpreter Reverse HTTP Module (Didier Stevens) I took a closer look at Metasploit's Meterpreter network traffic when reverse http mode is used

How well do you know your security shortcomings? (Intelligent Utility) The convergence of information technology (IT) and operations technology (OT)-one of the biggest trends in the industry today-has one positive, if unexpected, side effect, according to Brett Luedde, director of critical infrastructure security for ViaSat-namely that it gives utilities a leg up on security

Evaluating Threat Intelligence Solutions? (CIO) Three key capabilities to consider

Intelligence sharing: The crucial link for cybersecurity (Federal Times) It is estimated that 80 percent of cyberattacks against both private- and public-sector organizations are committed by organized crime rings. These rings regularly work to access protected data, reveal personally identifiable information, steal identities and wreak havoc

Legislation, Policy, and Regulation

Russia, China Grow Closer With New Cyber Agreement (The Atlantic via Defense One) Xi Jinping's appearance at Vladimir Putin's side at the Victory Parade in Moscow signifies a deepened relationship based on a common adversary: the US

What Does China-Russia 'No Hack' Pact Mean For US? (Dark Reading) It could be an Internet governance issue or a response to the U.S. DoD's new cyber strategy, but one thing is certain: it doesn't really mean China and Russia aren't spying on one another anymore

Gulf leaders want cyber assurances from Obama (The Hill) Gulf nation leaders plan to push President Obama for better cybersecurity cooperation during a Thursday summit at Camp David

Shaky Assad Sacks an Intel Chief (Daily Beast) Setbacks on the battlefield and palace intrigues by Iran are rattling the Syrian government to its core

Romania's national priority: cybersecurity and confidence in public services, says Information Society minister (Business Review) Cybersecurity and confidence in public services are a priority for the Government and Romania aims at taking security measures to enhance cyber infrastructure protection, whilst protecting the rights and freedoms of citizens, said minister Sorin Grindeanu

Tories Name Not-So-New MoD Team (Defense News) Defence Secretary Michael Fallon and Procurement Minister Philip Dunne will both continue in their pre-election posts under the new government being formed by the ruling Conservative Party following the May 7 general election

US Cyber Commander: Hackers Will 'Pay a Price' (Defense News) US deterrents to cyber attacks could include a range of responses, including conventional force and economic sanctions, the chief of US Cyber Command said Monday

Third Offset Tech: What the Experts Say (War on the Rocks) What types of capabilities and technologies are suitable for a third offset strategy? This was the hotly debated question at a recent off-the-record session hosted by the Center for a New American Security (CNAS)

Diplomacy is failing to protect the United States' trade secrets (Fortune) The U.S.'s best bet at reining in economic cyberspies remains ineffectual

NSA Chief Speaks Out on Surveillance (Voice of America) The United States must create a framework for mass data collection that can quickly yield insights while still protecting citizens' privacy, the nation's cyber chief said Monday

Does Congress really listen to what the intelligence community says threatens America? (Washington Post) Lawmakers and national security officials don't seem to be paying attention to each other anymore

Ron Wyden Threatens Filibuster Over NSA Bulk Data Collection (Huffington Post) Sen. Ron Wyden (D-Ore.), one of the most persistent critics of U.S. surveillance programs, on Sunday threatened to filibuster a reauthorization of the Patriot Act if it fails to include major reforms, including ending a controversial National Security Agency program that collects data on nearly every American's phone calls

Orin Kerr's radical idea for reforming anti-hacking laws (Christian Science Monitor Passcode) Law professor Orin Kerr argues that social norms are the best ways of determining what's 'authorized' and 'unauthorized' computer access, a critical component of the federal anti-hacking law that critics complain is too ambiguous

Agencies get more DATA Act guidelines (FierceGovernmentIT) On the first anniversary of the Digital Accountability and Transparency Act of 2014, the next phase of its implementation begins

Stephen Warren: VA Reconsiders Use of Public Cloud Amid Cyber Threats (ExecutiveGov) The Department of Veterans Affairs is developing a new cloud strategy as it reconsiders the use of commercial cloud services for some applications

Dr. Ed Felten Named US Deputy CTO (ExecutiveGov) Dr. Ed Felten, professor of computer science and public affairs at Princeton University, has been appointed as the White House's deputy chief technology officer

Cops must now get a warrant to use stingrays in Washington state (Ars Technica) New statute also forces police to more fully explain cell-site simulators to judges

Litigation, Investigation, and Law Enforcement

NSA 'asked' Germany's BND to snoop on Siemens (Engineering and Technology Magazine) The US National Security Agency (NSA) wanted to spy on Siemens with the help of German intelligence, a German newspaper reported, in what could be a shaming episode for Chancellor Angela Merkel

Business implications of court ruling NSA mass data collection illegal (FierceBigData) If you haven't seen my colleague David Weldon's report in FierceCIO on an appeals court ruling that the NSA's massive phone data collection is illegal, I suggest you give it a read. The upshot is that they found it illegal but bumped it back to a lower court rather than outright block the program. But this is far from the end of the story and businesses must pay attention because what happens next could curb data collection in the private sector too — as in you may have to dump a lot of customer data from your databases and stop collecting certain forms of data

Hawaii Congressmember Tulsi Gabbard rips National Security Agency (Maui Time) For such an infamous spy program cloaked in a massive shroud of lies and official ambiguity, it's potential undoing at the hands of our legal system is pretty clear. "A U.S. spying program that systematically collects millions of Americans' phone records is illegal, a federal appeals court ruled on Thursday, putting pressure on Congress to quickly decide whether to replace or end the controversial anti-terrorism surveillance," Reuters reported on May 7

Warrantless airport seizure of laptop "cannot be justified," judge rules (Ars Technica) Feds said a laptop is simply a "container" that can be searched without warrant

Small ISP stands up to Rightscorp's "piracy fishing expedition" and wins (Ars Technica) A Rightscorp DMCA subpoena, asking for 71 subscriber identities, is thrown out

Federal Employee Retirement Plan Struggles with Cyber Conflict of Interest (Nextgov) The board of a hacked federal employee retirement plan is struggling to comply with government cybersecurity rules, because of concerns the requirements infringe on the organization's independence, the Federal Retirement Thrift Investment Board says

Former CIA Officer Jeffrey Sterling Sentenced to 3 1/2 Years for Leak to Times Reporter (NBC News) A former CIA officer was sentenced Monday to 3 ½ years in prison for leaking details of a secret mission to thwart Iran's nuclear ambitions, a sentence that was received with a measure of relief from his legal team and paled in comparison to the decades-long term that had been on the table

There are now 160 million Internet users in the Arab world but the wrong tweet could still land you in jail (Quartz) Even after the promise of 2010-12's Arab Spring freedom uprising and the expansion of Internet usage in the region, an offending tweet or Facebook post could still have you arrested and charged in many Arab countries, says a new report

Bangladesh blogger Ananta Bijoy Das hacked to death (BBC) A secular blogger has been hacked to death in north-eastern Bangladesh in the country's third such deadly attack since the start of the year

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

12th CISO Summit & Roundtable Geneva 2015 (Geneva, Switzerland, May 11 - 13, 2015) The 12th CISO Summit will give you direct insights from Europe's most experienced CISOs, you will get the latest top hot buttons and focuses from other CISOs for the coming 5 years — shared predictions...

NG Security Summit (San Antoino, Texas, USA, May 11 - 13, 2015) The NG Security Summit bringx together more than sixty-five relevant CISOs from the private and public sector for a high level summit where they will workshop to benchmark, identify, and tackle key challenges.

Cybergamut Tech Tuesday: An Hour in the Life of a Cyber Analyst (Hanover, Maryland, USA, May 12, 2015) This hands-on workshop will demonstrate how easy it is for a breach to occur by analyzing a virtualized web server environment. Participants will use open source tools such as port scanners and protocol...

MCRCon (Ypsilanti, Michigan, USA, May 12, 2015) Please join the Michigan Cyber Range for the third annual MCRCon cybersecurity conference. MCRCon 2015 will focus on hacking prevention, incident handling, forensics and post-event public relations. MCRCon...

Houston Secure World (Houston, Texas, USA, May 13, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...

QuBit 2015 Cybersecurity Conference (Prague, Czech Republic, May 13 - 15, 2015) QuBit brings together top experts and leaders in the field, from the private sector, to academia, to government. The main topics this year are APTs, the Internet of Things, and Digital Forensics, which...

Michgan InfraGard 2015 Great Lakes Regional Conference: Securing Our Critical Infrastructures (Novi, Michigan, USA, May 14, 2015) Learn all about the risks to critical infrastructures and key resources and the efforts underway to protect them. Private and public sectors will be represented. The conference will include four breakout...

THOTCON 0x6 (Chicago, Illinois, USA, May 14 - 15, 2015) THOTCON (pronounced \ˈthȯt\ and taken from THree - One - Two) is a hacking conference based in Chicago IL, USA. This is a non profit non-commercial event looking to provide the best conference possible...

International Conference on Cyber Security (ICCS) 2015 (Redlands, California, USA, May 16 - 17, 2015) The ICCS 2015 serves as a platform for researchers and practitioners from academia, industry, and government to present, discuss, and exchange ideas that address real-world problems with CYBER SECURITY.

FS-ISAC & BITS Annual Summit (Miami Beach, Florida, USA, May 17 - 20, 2015) The Financial Services Information Sharing and Analysis Center (FS-ISAC), is a non-profit association comprised of financial institution members, that is dedicated to protecting the global financial services...

2015 Cyber Risk Insights Conference — Chicago (Chicago, Illinois, USA, May 18, 2015) Advisen again brings its acclaimed Cyber Risk Insights Conference series to Chicago with a full-day event addressing the critical privacy, network security and cyber insurance issues confronting risk professionals...

2015 Honeynet Project Workshop (Stavanger, Norway, May 18 - 20, 2015) Each year the Honeynet Project annual workshop brings together top information security experts from around the globe to present their latest research efforts and discuss insights and strategies to combat...

IEEE Symposium on Security and Privacy (San Francisco, California, USA, May 19 - 22, 2013) Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for the presentation of developments in computer security and electronic privacy, and for bringing together researchers...

Fraud Summit Chicago (Chicago, Illinois, USA, May 19, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Highlights of the Chicago event include...

NCCOE Speaker Series: The Cyber Danger: Problems of Strategic Adaptation (Rockville, Maryland, USA, May 20, 2015) Lucas Kello (Senior Lecturer in International Relations / Director of Cyber Studies Program, Oxford University, and Associate of the Science, Technology & Public Policy Program, Belfer Center for Science...

3rd Annual Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 20 - 21, 2015) In 2015, it is more important than ever that in-house and outside counsel stay abreast of the most current developments and best practices in cybersecurity. Those lawyers who ignore cyber threats are risking...

AFCEA Spring Intelligence Symposium 2015 (Springfield, Virginia, USA, May 20 - 21, 2015) The Symposium will be a one-of-a-kind event designed to set the tone and agenda for billions of dollars in IC investment. Leaders from all major IC agencies, from the ODNI, IARPA, and the National Intelligence...

SOURCE Conference (Boston, Massachusetts, USA, May 25 - 28, 2015) SOURCE is a computer security conference happening in Boston, Seattle, and Dublin that is focused on offering education in both the business and technical aspects of the security industry. The event's...

7th International Conference on Cyber Conflict (Tallinn, Estonia, May 26 - 29, 2015) CyCon is the annual NATO Cooperative Cyber Defence Centre of Excellence conference where topics vary from technical to legal, strategy and policy. The pre-conference workshop day, 26 May, features a variety...

Time for a Refresh: Technology & Policy in the Age of Innovation (East Palo Alto, California, USA, May 27, 2015) On May 27th, join technology leaders and innovators, along with industry and government experts, for a dynamic discussion around today's cyber challenges and key decisions to be made around the intersect...

HITBSecConf2015 Amsterdam (De Beurs van Berlage, Amsterdam, The Netherlands, May 26 - 29, 2015) This year's event will feature a new training courses. Keynote speakers include Marcia Hofmann and John Matherly. To encourage the spirit of inquisitiveness and innovation, Haxpo will showcase cutting...

1st Annual Billington Corporate Cybersecurity Summit (New York, New York, USA, May 27, 2015) Join Billington CyberSecurity's unparalleled network of cybersecurity professionals as they provide hard-earned insights and education to a high level and exclusive group of attendees from the corporate...

Atlanta Secure World (Atlanta, Georgia, USA, May 27 - 28, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...

Techno Security & Forensics Investigations Conference (Myrtle Beach, South Carolina, USA, May 31 - June 3, 2015) The Seventeenth Annual International Techno Security & Forensics Investigations Conference will be held May 31 ? June 3 in sunny Myrtle Beach at the Myrtle Beach Marriott Resort. This conference promises...

Mobile Forensics World (Myrtle Beach, South Carolina, USA, May 31 - June 3, 2015) The Eighth Annual Mobile Forensics World will also be held May 31 ? June 3 in sunny Myrtle Beach at the Myrtle Beach Marriott Resort. The Mobile Forensics World is specifically dedicated to Federal, State...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.