skip navigation

More signal. Less noise.

Daily briefing.

Oman's government is said to be using European-produced lawful intercept tools for surveillance of Shell Oil and other Western companies.

The network intrusion Germany's Bundestag recently suffered may prove more serious than initially believed.

Low-grade jihadist hackers vandalize a slightly bigger-than-normal target: Philadelphia's City Council.

Another major US health insurance provider, CareFirst BlueCross BlueShield, suffers a data breach. Some 1.1 million people's data may have been exposed. The FBI is investigating.

Other attacks disclosed include an intrusion into undersea cable provider Pacnet's corporate network and a DNS attack on domain shop eNom.

Two significant vulnerabilities are reported. SEC Consult researchers say they've found a kernel stack buffer overflow vulnerability in NetUSB, a bug that affects recent firmware versions in widely used networking devices.

The other vulnerability arrives with more éclat. "Logjam" is a flaw in "export-grade" crypto, originating in SSL and inherited by TSL, that exposes users of vulnerable sites to man-in-the-middle attacks. Observers compare the potential attacks to Freak, and inevitably speculate that the then-unnamed Logjam was used by NSA for intelligence collection.

That hack Mr. Roberts may have said he committed against airliners and the International Space Station? NASA dismisses any space station hack as a risible bunch of hooey.

Krebs suggests that a recent report of a dangerous Russian APT is really about a different, low-tech APT: an African Phishing Trip.

The US NSA releases a guide to malware-defense best practices.

Absent swift Congressional action, legal authority for bulk data collection in the US expires this weekend.

Notes.

Today's issue includes events affecting Australia, Canada, China, European Union, France, Germany, Iran, New Zealand, Nigeria, Oman, Russia, United Arab Emirates, United Kingdom, United States.

Dateline Georgetown Cybersecurity Law Institute

FBI director worries ISIS could use cyberattacks against United States (Fox 6 News) ISIS is "waking up" to the idea of using sophisticated malware to cyberattack critical infrastructure in the U.S., FBI Director James Comey said

Obama Admin: NSA Spying Will Begin Shutting Down This Week (National Journal) A Justice Department memo circulated on Wednesday says lawmakers only have until Friday — not June 1— to resolve their standoff over NSA surveillance without risking an interruption

NSA will begin winding down spying program this weekend (The Hill) Key parts of the Patriot Act are not set to expire until the end of the month, but the National Security Agency (NSA) will begin winding down a controversial program run under that law this week, according to the Justice Department

Cybersecurity and Acquisition Practices: New Initiatives to Protect Federal Information of Civilian Agencies (Bloomberg BNA) Government and private sector functions depend substantially upon information and communication technology. President Barack Obama's 2016 budget proposes spending $86.4 billion on federal information technology — the majority of which, $49.1 billion (57 percent), is for nondefense functions

Is that Covered? Data Breach (JD Supra) With all of the data breach issues in the news, we thought that this decision might be of interest to you. The Connecticut Supreme Court today affirmed a lower court ruling denying coverage to IBM for more than $6 million in losses stemming from data lost in a highway incident

The Security, Privacy and Legal Implications of the Internet of Things ("IoT") Part one — The Context and Use of IoT (Data Protection Report) Disrupted, yet again. The world is fast preparing for the invasion of objects connected to the Internet, otherwise known as the Internet of Things ("IoT")

The Current State of Law Firm Information Security (Duo Security) Retail and financial data breaches are reported in the news regularly, while healthcare data breaches are also splashed across health IT publications. Breach notification laws require companies to disclose to consumers and patients the potential leakage of their personal, financial and medical data. But what about breaches we don't hear about?

Cyber Attacks, Threats, and Vulnerabilities

Spy-tech firms Gamma and Trovicor target Shell Oil in Oman (Register) Not just activists this time, but Western commercial interests

Angriff auf Datennetz des Bundestags wohl heftiger als angenommen (heiseSecurity) Der Cyber-Angriff auf die IT des Bundestags war wohl doch deutlich ausgefeilter als bislang angenommen

Phila. City Council's website hacked (Philly.com) The morning after Tuesday's election, Philadelphia City Council's website was hacked and replaced by a sparse black Web page with white text reading: "I am Muslim & Islam is my way of Life"

Hack attack on CareFirst compromises info for 1.1 million consumers (FierceHealthIT) Insurer working with FBI to determine origin of attack

TLS Protocol Flawed, HTTPS Connections Susceptible to FREAK-like Attack (Softpedia) A new attack, dubbed Logjam by cryptography researchers, can be used to compromise a secure communication between a client and a server by downgrading the TLS connection to the vulnerable 512-bit, export-grade cryptography

New Critical Encryption Bug Affects Thousands of Sites (Wired) A new and critical vulnerability uncovered by security researchers would allow an attacker to intercept and decrypt secured communications exchanged between users and thousands of web sites and mail servers worldwide

Logjam vulnerability — what you need to know (Lumension Blog) I've heard people talking about a new internet security flaw called Logjam. What is it?

Average enterprise 'using 71 services vulnerable to LogJam' (Register) What do you mean our firewall has foundations made of cheese?

Logjam TLS vulnerability is academic, not catastrophic (TechRepublic) Logjam is a new weakness in TLS that allows an attacker to downgrade the cryptography on a connection; it is similar to another recent attack on TLS called FREAK. To help us understand why widespread panic is unnecessary, let's look at what a practical attack would get the attacker, and what that attack would require

Newly disclosed Logjam bug might be how the NSA broke VPNs (Help Net Security) Another vulnerability courtesy of 1990s-era US export restrictions on cryptography has been discovered, and researchers believe it might be how the NSA managed to regularly break their targets' encrypted connections

Bug in NetUSB code opens networking devices to remote code execution (Help Net Security) Researchers from SEC Consult have published details of a critical kernel stack buffer overflow vulnerability in NetUSB, a software component that provides "USB over IP" functionality and is included in most recent firmware versions of many TP-Link, Netgear, Trendnet, and Zyxel networking devices

Critical flaw in NetUSB driver leaves millions of routers vulnerable (Computerworld) Routers and other embedded devices from various manufacturers likely have the flaw

Hackers breached subsea cable operator Pacnet's corporate IT network (Help Net Security) Global telecommunications service provider and fibre optic subsea cable operator Pacnet has suffered a breach: unknown hackers have gained access to its corporate IT network last month

Data Breach Hits Telstra's Pacnet, Exposes Customer Data (Tripwire: the State of Security) Telstra's Pacnet has begun contacting its customers following the discovery of a data breach that compromised its corporate IT servers on which customer data is stored

eNom discloses DNS attack to customers (CSO) Domain retailer says it disclosed the incident as a matter of transparency

Hi! You've reached TeslaCrypt ransomware customer support. How may we fleece you? (Register) Infosec bods tear into the belly of the beast

NASA: Alleged plane hacker's boast about breaching space station 'laughable' (Christian Science Monitor Passcode) The FBI is reportedly investigating security researcher Chris Roberts for his claims he hacked into an airplane mid-flight. He denies those allegations. But what about his claims that he hacked the International Space Station?

Security Firm Redefines APT: African Phishing Threat (KrebsOnSecurity) A security firm made headlines earlier this month when it boasted it had thwarted plans by organized Russian cyber criminals to launch an attack against multiple US-based banks. But a closer look at the details behind that report suggests the actors in question were relatively unsophisticated Nigerian phishers who'd simply registered a bunch of new fake bank Web sites

Apple Watch lets nimble-fingered crooks use your Apple Pay (Naked Security) As the sleeve-tattooed among us already know, Apple Watch needs nice, clear access to skin

Hackers plant obscene image on electronic billboard in Atlanta (Graham Cluley) I've spoken before about hackers f**king around with road signs to display images claiming everything from zombie outbreaks to Dalek invasions

Security Patches, Mitigations, and Software Updates

Apple Releases Patches For a Watch (Threatpost) What happens when you build a watch that is essentially an absurdly powerful computer that also tells time? You have to patch that watch

Cyber Trends

CTOvision Interviews RADM Paul Becker, Director for Intelligence, Joint Chiefs of Staff, On The Cyber Threat (CTOVision.com) We recently had the opportunity to interview the Director for Intelligence (J2) for the Joint Chiefs of Staff, RADM Paul Becker, USN

Cyberterrorism is the Next 'Big Threat,' says Former CIA Chief (Breitbart) Many experts reckon the first cyberwar is already well under way

Attribution: The Hill Infosec is Choosing to Die On (Dark Matters) China did it. Russia did it. Iran most certainly did it. Not a week goes by that we don't see another big media story or ACME InfoSec Giant's press release about some malware family or operation that is attributed to some nefarious distant entity

Legally Blind and Deaf — How Computer Crime Laws Silence Helpful Hackers (Hacker One) A world wide war is being waged in which the most able-bodied soldiers are being discouraged from enlisting. It is an information security war, and hackers are the troops and the weapon designers that have the skills to shape our collective future, for good or for ill

The rise in false fraud alerts (Help Net Security) 68% of Americans who have received a fraudulent activity alert from their credit or debit card issuer have received at least one alert in error, according to CreditCards.com

2015 has gone denial-of-service attack crazy (Inquirer) Akamai is going on about the state of that internet again

Advertisers need to start monitoring ad security (CSO) Law enforcement activity and improved security has forced criminals to zero in on advertising networks

Ensuring pipeline physical and cyber security (Plant Engineering) Production of oil and natural gas in the U.S. and Canada is increasing. The vast majority of these hydrocarbons will be shipped across the continent via a dense network of pipelines. The integrity of this network, however, is threatened, not only by mechanical failures, but also by targeted cyber attacks

Nearly Half of Middle East Organisations Lack Incident Response Plans (Zawya) Survey conducted by Resilient Systems at GISEC reveals the need for Incident Response investment in the Middle East

UAE tops hit list of cyber criminals (Yahoo! News) 44% users in country report 'local threats' in first quarter spread through USB sticks, CDs and DVDs

One in ten UK employees admits having a porn habit at work (Computerworld) Porn watching only one of several risky behaviours

Marketplace

Elbit Systems Signs an Agreement to Acquire NICE Systems' Cyber and Intelligence Division for an Amount of Up to $157.9 Million (MarketWatch) Out of the total amount, $117.9 million will be paid in cash at the time of the closing and up to $40 million will be paid as earn-out, subject to the acquired division's future business performanceNICE's acquired business will be merged into CYBERBIT LTD., an Elbit Systems subsidiary, recently established, in order to consolidate Elbit Systems' cyber activities

FireEye has become go-to company for breaches (USA Today) FireEye, a California-based computer security company, has offices worldwide that track attacks and intrusions. USA Today's Elizabeth Weise recently visited its Singapore offices, where she learned that bank attacks are on the rise

Products, Services, and Solutions

Exploiting Threat Intelligence From the Web Using Recorded Future and Splunk (Recorded Future) Mitigate emerging cyber threats with our Splunk integration

NextNine and Schneider Electric to Present Advanced Cyber Security for Nuclear Facilities at Upcoming Vienna Conference (PRNewswire) Unique security concerns of nuclear facilities can be dealt with using advanced new solutions that will be presented by executives from NextNine and Schneider Electric (Euronext: SU) at the leading conference on nuclear facilities hosted by the International Atomic Energy Agency

Infoblox Introduces the Most Comprehensive Single-vendor Solution for Securing DNS Inside Enterprise Networks (MarketWatch) Infoblox Internal DNS Security transforms DNS from a vulnerability into a strength with protection against infrastructure attacks, malware, and data exfiltration

LightCyber adds new features to shut down intrusions faster (Silicon Angle) Instead of trying to keep the bad guys out of corporate networks, there's a wave of startups that are turning cybersecurity on its head with a brand new approach — let the bad guys in, identify them, and isolate them before they can do any damage

Technologies, Techniques, and Standards

Security lessons from the NSA malware defense report (TechTarget) The NSA's Information Assurance Directorate released a report on malware defense. Uncover which guidance and best practices would be fruitful to integrate into your enterprise security plan

Exfiltration Through Obscurity — Detecting Attackers Tactics For Stealing Your Data (Tripwire: the State of Security) Protecting enterprise networks is a constant game of cat and mouse between information security professionals and malicious actors targeting their assets

Security seeks parallel existence with safety (Offshore Engineer) Gregory Hale highlights the importance of both safety and following proper security protocols

The 11-Step Guide to BYOD Security. How to Avoid Getting Fired (Heimdal) In a general sense, BYOD is defined as a way to allow people take their own devices for work, no matter we talk about laptops, tablets or smartphones

Hello, Barack! Let's keep that @POTUS account secure! (Naked Security) Welcome to your new Twitter account, President Obama! Or may we call you @POTUS?

Design and Innovation

Target to roll out RFID price tags this year (FierceRetailIT) In one of the largest RFID projects undertaken in retail yet, Target (NYSE:TGT) will roll out radio frequency identification technology later this year for pricing and inventory control

Research and Development

How your next password could be your brain (Naked Security) It's time to put another body part through the biometrics wringer in the ongoing quest to replace passwords

Navy seeks to close back doors to weapons systems (C4ISR & Networks) Today's weapons systems are vulnerable to hackers, who could potentially commandeer them with the right tools and skills

Academia

Top Air Force scientist: More STEM-educated troops needed (Air Force Times) The military needs to address its challenge of having enough science, technology, engineering and math expertise to keep up with the technology advancements of potential adversaries, the Air Force's top scientist said Wednesday

Legislation, Policy, and Regulation

Britain's cyber envoy, in his own words (FCW) The recent parliamentary elections in the United Kingdom came with concerned headlines that Britain might retreat from its sizable role on the global stage. But that hardly looks likely when it comes to cybersecurity

Big Brother is watching EU (Politico) As the US moves towards privacy reform, Europe enacts sweeping new spying powers

US aims to limit zero-day sales to Five Eyes (IT News) Would treat unknown software vulnerabilities as weapons

Peter King: Paul Filibuster 'Putting Our National Security at Risk' (Newsmax) Rep. Peter King slammed Kentucky Sen. Rand Paul for speaking for hours Wednesday on the Senate floor against renewing the Patriot Act and the NSA's metadata programs the law authorizes, charging to Newsmax that he is "doing a disservice to the country and he's putting our national security at risk"

Opinion: What Congress gets wrong about NSA surveillance practices (Christian Science Monitor Passcode) As Congress battles over surveillance reform, it's important to remember that the Patriot Act's controversial Section 215, which justified National Security Agency collection of phone records, is also an essential investigative tool for the US intelligence community

Secretary of the Navy: Cyber is the Future of Warfare (National Defense) The Navy must improve cyber security protocols in everything from weapons to command-and-control systems to communications platforms as adversaries continue to invest in their network warfare capabilities, Secretary of the Navy Ray Mabus said May 20

Litigation, Investigation, and Law Enforcement

I Am A Soldier. Here's What Would Happen If I Used Email Like Hillary Clinton (IJR) Former Secretary of State Hillary Clinton's personal emails are in the news again, and members of the U.S. military and intelligence community sense that there's a dangerous double standard developing regarding the handling of classified information

Federal authorities on to healthcare cybercrime (TechTarget) The FBI and Department of Homeland Security are chasing state-sponsored hackers who are perpetrating healthcare cybercrime

After Sanctions, Cisco Altered Sales Records in Russia (BuzzFeed) The intent was to dodge sanctions and provide equipment to Vladimir Putin's military and security services, a source says. Cisco strongly denies it violated sanctions or attempted to do so

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

3rd Annual Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 20 - 21, 2015) In 2015, it is more important than ever that in-house and outside counsel stay abreast of the most current developments and best practices in cybersecurity. Those lawyers who ignore cyber threats are risking...

AFCEA Spring Intelligence Symposium 2015 (Springfield, Virginia, USA, May 20 - 21, 2015) The Symposium will be a one-of-a-kind event designed to set the tone and agenda for billions of dollars in IC investment. Leaders from all major IC agencies, from the ODNI, IARPA, and the National Intelligence...

SOURCE Conference (Boston, Massachusetts, USA, May 25 - 28, 2015) SOURCE is a computer security conference happening in Boston, Seattle, and Dublin that is focused on offering education in both the business and technical aspects of the security industry. The event's...

7th International Conference on Cyber Conflict (Tallinn, Estonia, May 26 - 29, 2015) CyCon is the annual NATO Cooperative Cyber Defence Centre of Excellence conference where topics vary from technical to legal, strategy and policy. The pre-conference workshop day, 26 May, features a variety...

Time for a Refresh: Technology & Policy in the Age of Innovation (East Palo Alto, California, USA, May 27, 2015) On May 27th, join technology leaders and innovators, along with industry and government experts, for a dynamic discussion around today's cyber challenges and key decisions to be made around the intersect...

1st Annual Billington Corporate Cybersecurity Summit (New York, New York, USA, May 27, 2015) Join Billington CyberSecurity's unparalleled network of cybersecurity professionals as they provide hard-earned insights and education to a high level and exclusive group of attendees from the corporate...

HITBSecConf2015 Amsterdam (De Beurs van Berlage, Amsterdam, The Netherlands, May 26 - 29, 2015) This year's event will feature a new training courses. Keynote speakers include Marcia Hofmann and John Matherly. To encourage the spirit of inquisitiveness and innovation, Haxpo will showcase cutting...

Atlanta Secure World (Atlanta, Georgia, USA, May 27 - 28, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...

International Techno Security & Forensics Investigations Conference (Myrtle Beach, South Carolina, USA, May 31 - June 3, 2015) The Seventeenth Annual International Techno Security & Forensics Investigations Conference will be held May 31 to June 3 in sunny Myrtle Beach at the Myrtle Beach Marriott Resort. This conference promises...

Mobile Forensics World (Myrtle Beach, South Carolina, USA, May 31 - June 3, 2015) The Eighth Annual Mobile Forensics World will also be held May 31 ? June 3 in sunny Myrtle Beach at the Myrtle Beach Marriott Resort. The Mobile Forensics World is specifically dedicated to Federal, State...

School on Computer-aided Cryptography (College Park, Maryland, USA, June 1 - 4, 2015) The goal of the school is to provide participants with an overview of computer-aided cryptography with a special focus on computer-aided cryptographic proofs using the EasyCrypt tool. Lectures discussing...

TakeDownCon: Capital Region 2015 (East Hyattsville, Maryland, USA, June 1 - 2, 2015) TakeDownCon is a highly technical forum that focuses on the latest vulnerabilities, the most potent exploits, and the current security threats. The best and the brightest in the field come to share their...

AusCERT2015: Smarten up (RACV Royal Pines Resort, Gold Coast, Queensland, June 1 - 5, 2015) This year's conference theme explores how we need to smarten up to manage information security risks better. We need to "smarten up" by focusing on information security essentials; by taking advantage...

ASIA (Annual Symposium on Information Assurance) (Albany, New York, USA, June 2 - 3, 2015) ASIA is an event held jointly with the 18th Annual New York State Cyber Security Conference (NYSCSC), aiming to attract researchers and practitioners alike for engaging talks about information security...

Infosecurity Europe 2015 (London, England, UK, June 2 - 4, 2015) Infosecurity Europe is the largest and most attended information security event in Europe. It is a free exhibition featuring not only over 325 exhibitors and the most diverse range of new products and...

NSA SIGINT Development Conference 2015 (Fort Meade, Maryland, USA, June 2 - 3, 2015) This classified conference will focus on the preeminent intelligence issues facing those who are tasked with SIGINT as part of their mission. Over 1500 participants from the US intelligence community and...

Cyber Security Summit: DC Metro Area (Tysons Corner, Virginia, USA, June 3, 2015) The Cyber Security Summit provides an exclusive business environment to meet with Senior Executives who are seeking innovative solutions to protect their business & critical infrastructure. Delegates at...

7th Annual Southeastern Cyber Security Summit (Huntsville, Alabama, USA, June 3 - 4, 2015) Cyber training, education, and workforce development for the evolving threat

Seventh Annual Information Security Summit (Los Angeles, California, USA, June 4 - 5, 2015) Information Security has become top of mind for companies and this conference is a must for IT staff, CISOs, Board members and CEOs. The Seventh Annual Information Security Summit offers comprehensive,...

ShowMeCon (St. Louis, Missouri, USA, June 8 - 9, 2015) This highly technical forum showcases eye-opening presentations from world-renown ethical hackers and security experts that will leave you amazed and frightened at the same time. By giving you access into...

Cloud Identity Summit 2015 (La Jolla, California, USA, June 8 - 11, 2015) Enterprises large and small are looking to the cloud to replace legacy applications and virtualize their existing data center environments. In each case, security technology vendors need to manage the...

NSA Mobile Technologies Forum (MTF) 2015 (Fort Meade, Maryland, USA, June 8 - 12, 2015) The Mobile Technologies Forum is an annual event that attracts SIGINT, Information Assurance, HUMINT, Federal Law Enforcement, Counterintelligence and Government personnel from the United States, Australia,...

Cybergamut Tech Tuesday: Using EMET to Defend Against Targeted Attacks (Elkridge, Maryland, USA, June 9, 2015) 0-day vulnerabilities that are able to bypass platform level exploit mitigation technologies such as DEP and ASLR are becoming increasingly common. Knowledge workers are being increasingly targeted by...

Fraud Summit Boston (Boston, Massachusetts, USA, June 10, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Highlights of the Boston event include...

CyBit: the Computer Forensics Show (IT Security and Cyber Security) (New York, New York, USA, June 11 - 12, 2015) Cyber Security: The interdependent network of information technology infrastructures, including the internet, telecommunications networks (satellite communications), computer systems, embedded processors...

Information Management Conference 2015 (Nashville, Tennessee, USA, June 15 - 18, 2015) This year's theme is "Mission Excellence through Innovation" and is aligned with the Information Resources Management Strategic Plan vision, which aims to collaborate as an enterprise and deliver innovative...

AFCEA Defensive Cyber Operations Symposium (Baltimore, Maryland, USA, May 5 - 7, 2015) The U.S. Defense Information Systems Agency's new operational role in the cyber domain as network defender creates a formal relationship between DISA, U.S. Cyber Command and the command's military service...

TRUSTe Internet of Things Privacy Summit 2015 (Menlo Park, California, USA, June 17, 2015) The Second IoT Privacy Summit will be held on June 17th 2015 and focus on practical solutions to the privacy challenges of the Internet of Things with multiple case studies, workshops and panel presentations...

Portland Secure World (Portland, Oregon, USA, June 17, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...

2015 Community College Cyber Summit (3CS) (North Las Vegas, Nevada, USA, June 17 - 19, 2015) The second annual Community College Cyber Summit (3CS), hosted by the College of Southern Nevada, is organized and produced by the five cybersecurity-related Advanced Technological Education (ATE) centers...

REcon 2015 (Montréal, Québec, Canada, June 19 - 21, 2015) REcon is a computer security conference with a focus on reverse engineering and advanced exploitation techniques. It is held annually in Montreal, Canada. The conference offers a single track of presentations...

Nuit du Hack 2015 (Paris, France, June 20 - 21, 2015) The "Nuit Du Hack" conference was initiated in 2003 by the French hacking group: HackerZvoice. This event has been gathering people willing to learn and share their knowledge around lectures and challenges...

Cyber Security for Defense (Augusta, Georgia, USA, June 24 - 26, 2015) This conference serves as an opportunity for solution providers to break through the background noise and present their unique ideas and products in an environment specifically tailored to highlighting...

Innovation Summit: Connecting Wall Street, Silicon Valley & the Beltway (New York City, New York, USA, June 25, 2015) Innovation Summit connects America's three most powerful epicenters and evangelizes the importance of industry, government and academic collaboration on joint research initiatives. The opportunity to bring...

NSA Information Assurance Symposium (IAS) 2015 (Washington, DC, USA, June 29 - July 1, 2015) The NSA Information Assurance Directorate (IAD)'s Information Assurance Symposium (IAS) is a biannual forum hosted by the National Security Agency (NSA). IAS events of the past have proven to be the preferred...

US News STEM Solutions: the National Leadership Conference (San Diego, California, USA, June 29 - July 1, 2015) San Diego offers the perfect backdrop for the 4th annual U.S. News STEM Solutions National Leadership Conference, June 29 — July 1, 2015 in San Diego, CA. Please make your plans now to join fellow...

Information Assurance Symposium (Washington, DC, USA, June 29 - July 1, 2015) The NSA Information Assurance Directorate (IAD)'s Information Assurance Symposium (IAS) is a biannual forum hosted by the National Security Agency (NSA). IAS events of the past have proven to be the preferred...

Cyber Security for Healthcare Summit (Philadelphia, Pennsylvania, USA, June 29 - July 1, 2015) Our IQPC Cyber Security for Healthcare Summit will help Hospitals and Medical Device manufacturers to prepare and manage risks by viewing cybersecurity not as a novel issue but rather by making it part...

Cybergamut Tech Tuesday: The Truth About Security Your System (Elkridge, Maryland, USA, June 30, 2015) What does it take to secure a system? What is the logical approach to successfully achieve this endeavor? First, an understanding of who wants access and why is a necessary baseline to form a strategic...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.