skip navigation

More signal. Less noise.

Daily briefing.

Various Caliphate-inspired information operations surface from Maryland to Germany (via Indiana). The Washington Post offers an account of how and why those operations have seen some success in recruiting Western women to jihad.

Exploitation of the US IRS's ill-starred "Get Transcript" feature is seen as an object lesson in how data theft enables other cyber crime.

In industrial control system security news, researchers at the Ural System Security Center claim that weak encryption renders Rockwell systems vulnerable to exploitation. CyberX analyzes the BlackEnergy campaign against ICS and concludes that its motive was data theft.

Like routers, USB modems seem vulnerable to drive-by hacking.

The Anti-Phishing Working Group reports an upsurge in phishers' domain registrations.

ESET and Avast find more problems (especially for gamers chasing cheats) in the Google Play Store.

Apple has blacklisted outdated versions of Flash in OS X and Safari.

The cyber insurance market continues to shape standards of care. Current litigation suggests insurers "won't cover stupid;" they invoke a "clueless clause" to avoid payment to the careless. (Part of getting a clue will probably involve designing good user interfaces, a Deloitte opinion piece in the Wall Street Journal argues.)

Palo Alto and FireEye remain story stocks. SonicWall buys one of KEYW subsidiary Hexis's business units.

US regulations on controlled unclassified information are evolving, and both Defense and the National Archives are shaping them.

The US Patriot Act remains on the path to expiration.

The Wassenaar Arrangement has a lot of security researchers spooked — just ask the EFF.

Notes.

Today's issue includes events affecting Azerbaijan, China, Czech Republic, European Union, Germany, India, Iraq, Ireland, Pakistan, Syria, Thailand, Turkey, United Kingdom, United States.

Cyber Attacks, Threats, and Vulnerabilities

Report: Western women are attracted to Islamic State for complex reasons (Washington Post) Western women in the Islamic State are playing a crucial role in disseminating propaganda and are not simply flocking to the region to become "jihadi brides," according to a new British research report

Read more: Indiana Grandma Now ISIS Supporter 'Jihad Kathie,' Living and Inciting Violence in Germany (PJ Media) German media highlighted the American jihadist transplant and her husband after they flew the ISIS flag outside their home. She has a valid passport and can return to the U.S. at any time

Startup Maryland hit by apparent cyberattack (Daily Record) A nonprofit aimed at supporting entrepreneurship across the Free State had its website hacked and replaced by messages related to Islam

IRS Attack Demonstrates How Breaches Beget More Breaches (Dark Reading) Weak authentication validation assumed only taxpayers would know their Social Security Numbers and other information that criminals have been stealing for years

The tip of the IRS data breach — and it IS an iceberg (BeyondTrust) The IRS has been warned for decades about their security best practices. And now, at least 100,000 Americans have had their records compromised. How? The IRS uses a service called "Get Transcript". It provides tax return details for users that provide information regarding their identity

Are You 'Over-Exposed' Online? Lessons From IRS Hack (Fox Business) According to the IRS, the cyber thieves who stole tax return information from 100,000 Americans via its "Get Transcript" application may have used social media to get in the door

Hacker Case Points to Deeper Plane Safety Issues (Claims Journal) Security researcher Chris Roberts made headlines last month when he was hauled off a plane in New York by the FBI and accused of hacking into flight controls via his underseat entertainment unit

Weak encryption opens Rockwell industrial control system to hack (FierceITSecurity) Companies like Siemens, GE, Schneider Electric and Rockwell make systems that control critical infrastructure, such as nuclear power plants, electric grids, and oil and gas platforms

Data Theft The Goal Of BlackEnergy Attacks On Industrial Control Systems, Researchers Say (Dark Reading) CyberX analysis of BlackEnergy module reveals most likely motive behind sophisticated multi-year attack campaign

Like routers, most USB modems also vulnerable to drive-by hacking (IDG via CSO) The majority of 3G and 4G USB modems offered by mobile operators to their customers have vulnerabilities in their Web-based management interfaces that could be exploited remotely when users visit compromised websites

Kaspersky Lab: New cyber-spy attacking SMBs under guise of Microsoft Word (Channelnomics) Threat shows SMBs are as vulnerable as large companies, Kaspersky says

Phishers register domain names, hammer traditional targets (Help Net Security) The number of domain names used for phishing reached an all-time high, according to a new report by the Anti-Phishing Working Group (APWG). Many of these were registered by Chinese phishers, who register the domains at registrars in the USA and China

Link Shorteners in Phishing Attacks, Part II: How Many People Click on Phishing Attack Links? (Cyveillance) As hard as cyber criminals try to hide their tactics, Cyveillance is able to learn a lot about these criminals' behavior in aggregate in the course of providing our anti-phishing services. Yesterday we shared insights from our examination of phishing attacks that use shortened links to trick victims

ESET uncovers another porn clicker on Google Play (WeLiveSecurity) Recently, Avast researchers discovered the Trojan porn clicker uploaded to Google Play Store and posing as "Dubsmash 2". This clicker pretended to be an official application, and was downloaded more than 100,000 times. While the click fraud activity did not cause direct harm to the victims such as stealing credentials, it does generate a lot of internet traffic and may cause high data charges for victims that have a restricted data plan, leaving them with high cellphone bills at the end of the month

Scareware: 33 schädliche Apps im Google Play Store entlarvt (WeLiveSecurity) ESET hat im Google Play Store 33 verfügbare Scareware-Anwendungen entdeckt. Die schädlichen Apps, die vorgeben, Cheats für das beliebte Spiel Minecraft zu sein, wurden von mehr als 600.000 Android-Nutzern installiert

Oracle PeopleSoft Applications are Under Attack, Says ERPScan Researcher (ERPScan) On May 28, Alexey Tyurin, Head of Oracle Security Department at ERPScan, presented his talk called Oracle PeopleSoft Applications are Under Attack! at the Hack In The Box security conference (HITB), an annual event for researchers and security professionals around the world

Gaana.com Gets Hacked By Pakistani Hacker, Leaves 12.5M User Accounts Untouched (Trak.in) Times Internet, which claims to be the largest Indian online group with a combined pageviews count of 6.5 billion every month, was humbled and exposed by a Pakistani hacker from Lahore. This hacker, who calls himself Mak Man, hacked into the database of Gaana.com, which is Times Internet's commercial music streaming service, available in 21 languages

Safe and Vault Store Suffers Cyber Security Breach (Softpedia) An online vendor of physical safes and vaults has been hit by cybercriminals who planted malicious code on its eCommerce website and captured details of orders placed by customers

Red Bull scam will give your bank account wings (CSO) A scam email making the rounds offers to pay you to drive a Red Bull-decal adorned car. Sounds too good to be true? That's because it is

11 software bugs that took way too long to meet their maker (ITworld via CSO) All software has bugs, but even the most well known applications can have errors and vulnerabilities that somehow go undetected for years - or decades

How your employees put your organization at risk (CIO) Security threats don't come only from the outside. The biggest threats are often sitting right in the office. Whether it's adult websites or social media, employees are accessing content that puts your business at risk

Security Patches, Mitigations, and Software Updates

Apple Blocks Outdated Flash Player Versions in OS X, Safari (Threatpost) On the heels of a major Adobe Flash Player update two weeks ago, Apple last night updated its blacklist to include older versions of the software

Facebook tests new "Security Check" tool to fend off account hijacking (Naked Security) Ever worried that someone else might access your Facebook account?

Cyber Trends

Corporate acquisitions carry a new cyber-threat (CIO (Australia)) The Pacnet disclosure by Telstra demonstrates that cyber security risk can be managed. But the incident raises serious new issues for corporate acquisitions, argues Craig Richardson

Mass hackings increasingly threaten the American healthcare system (Consumer Affairs) Medical ID theft is the most dangerous kind of all, both for individual victims and the country as a whole

Companies Buy Good Security, But Fail to Deploy It Properly (Infosecurity Magazine) Companies may be investing more in multilayered IT security solutions, as everyone says that they should, but once purchased those solutions are not being properly deployed

Companies caught in 'cat-and-mouse' game: Symantec (CNBC) Companies are failing to adequately invest in cyber security, despite industry innovation that could help curb attacks, the CEO of Symantec told CNBC Thursday

Cyber threats relatively unknown outside IT, says expert (Computer Weekly) Few business people outside IT departments have any knowledge of current information security threats, according to BH Consulting founder and chief executive Brian Honan

FUD Watch: The Marketing Of Security Vulnerabilities (Dark Reading) I'm all for raising awareness, but making designer vulnerabilities, catchy logos and content part of the disclosure process is a step in the wrong direction

Marketplace

Majority of boards believe firms are under-protected from cyberattacks (FierceCIO) As FierceCIO has previously noted, cybersecurity has become a top board-level concern. That means CIOs, CIOSs and even CEOs are constantly under the microscope on what they are doing to keep their organizations safe and out of cyber harm's way

5 things you should know about cyber insurance (Computerworld) The right coverage can help soften the blow of a data breach. But don't expect to be bailed out if your security plan is flawed

Seven things government security leaders expect vendors to address (CSO) Ignore these items at your peril

Cyber Command Says New Mega-Contract Will Be Out By Fall (Nextgov) After abandoning last week a $475 million job posting for cyberattack and network defense experts, the Pentagon now says a retooled solicitation that takes into account private sector questions will be out by Oct. 1

5 Stocks Protecting Your Privacy (Equities) Memorial Day is a very nostalgic, solemn day for me

M&A Analysis — Cybersecurity An Important Segment For Diversification (Telecoms Insight) SingTel's acquisition of Trustwave will help with its ambition to diversify its services beyond core offers such as voice and data services. We expect cybersecurity to become a key topic for enterprise and IT services going forward, as more threats and vulnerabilities emerge as the number of connected devices continues to expand

Palo Alto Continues To Benefit From Growing Enterprise Demand (Seeking Alpha) Like many competitors in the space, Palo Alto is cashing in on surging enterprise demand for security solutions. Beating on both the top and bottom line for its latest report, revenue once again grew by more than 50%, as adjusted earnings more than doubled. The company bolstered its position in the SaaS security space, potentially a very lucrative avenue for growth, with the recent CirrusLogic acquisition

FireEye: Opportunity In A Crowded Cyber Security Market (Seeking Alpha) The cyber security industry is growing rapidly, and FireEye has taken advantage of the market to be the fastest growing company in the industry. FireEye has a technological edge and unique synergies from its Mandiant acquisition which gives it financial and competitive advantages over its industry peers. Though the prices of many cyber security firms have increased, the effects of FireEye's 2014 selloff provides investors an attractive entry point and additional upside

SnoopWall Acquires NetBeat NAC Technology and Business Unit From Hexis Cyber Solutions (Digital Journal) SnoopWall, Inc., the world's first counterveillance security company, announced, on the heels of being named one of the hottest and most innovative cybersecurity companies to watch in 2015 by Cyber Security ventures, that it has acquired the NetBeat NAC business unit and technology of Hexis Cyber Solutions, a KEYW company

Products, Services, and Solutions

New Norse Threat Intelligence Appliance and 'Early-Warning-as-a-Service' Offerings to Be Showcased at InfoSecurity Europe (BusinessWire) Company to moderate panel on media's role in educating public on cyber threats

Fortinet Unveils New FortiGuard Mobile Security Subscription Service to Protect Mobile Devices Across the Enterprise (Marketwired via CNN Money) Reinforces company's commitment to helping enterprises of all sizes deploy, manage and secure networks in a mobile era

Avast Free Antivirus 2015 review: one of the best free security products you can install (PC Advisor) With dependable protection for your PC and Android devices, Avast is one of the best free antivirus programs you can get. Here's our Avast Free Antivirus 2015 review

Eset Smart Security and Eset Nod32 Antivirus 9 Beta released (Neowin) NOD32 for Windows is the best choice for protection of your personal computer. Almost 20 years of technological development enabled ESET to create state-of-the-art antivirus system able to protect you from all sorts of Internet threats. ESET Smart Security boasts a large array of security features, usability enhancements and scanning technology improvements in defense of your your online life

Coalfire helps clients navigate new computer forensic law (GSN) Coalfire Systems, one of the fastest growing cybersecurity firms in the nation, is helping legal clients navigate the new Private Investigators Licensure Act, which requires all Colorado private investigators to obtain a specific license by June 1, 2015 in order to be qualified to perform digital forensic investigations

Startup Spotlight: Red Canary's Endpoint Security (eSecurity Planet) Startup Red Canary's endpoint threat detection platform combines several best-of-breed technologies and a human analyst team

Technologies, Techniques, and Standards

Capturing RAM Dumps and Imaging eMMC Storage on Windows Tablets (Forensic Focus) While Windows desktops and laptops are relatively easy to acquire, the same cannot be said about portable Windows devices such as tablets and convertibles (devices with detachable keyboards)

Threat intelligence, WiFi hacking and NSA playset (ITWeb) Commercial-grade threat intelligence, which the average firm buys to use inside the organisation, is useless, said Pete Shoard, head of cloud service product development at UK-based SecureData

What enterprises should do when helpless employees lose hope in fighting cyber attacks (CSO Online) What is the victim mentality and how can enterprises avoid it?

5 tips for keeping your incident response team happy (CSO) A security manager might be turned off when a job candidate calls him "dude" several times during the course of an interview, but it was a minor infraction that Todd Borandi had to overlook. Like many security team leaders seeking highly sought-after technical skills for his incident response team, he had to let small transgressions slide

Five criteria for selecting an email security gateway product (TechTarget) Expert Karen Scarfone examines the most important criteria for evaluating email security gateway products for deployment within an enterprise

How VA Keeps Medical Devices 'Clean' (HealthcareInfoSecurity) CIO offers best practices for securing devices

Intelligence-led testing imperative for security (SecurityWatch) The evolving cyber threat landscape is leading to a real need of more robust defences, as well as realistic, or 'real-life' testing of those defences

Design and Innovation

Cybersecurity, User Interface and You (Wall Street Journal) Cybersecurity isn't what it used to be. Safeguarding the information of companies and customers used to be the sole concern for those in the IT security profession — but no longer. Now, the user experience must be considered, as well

Security researchers team up to prevent smart cities from getting hacked (Fortune) A consortium of cybersecurity experts launched a non-profit this week whose purpose is to help city officials plan safer connected cities

Research and Development

Critical Assessment of the Foundations of Power Transmission and Distribution Reliability Metrics and Standards (Risk Analysis) The U.S. federal government regulates the reliability of bulk power systems, while the reliability of power distribution systems is regulated at a state level. In this article, we review the history of regulating electric service reliability and study the existing reliability metrics, indices, and standards for power transmission and distribution networks

Academia

Students on cybersecurity task force weigh policy options (Princeton University) "Cybersecurity: Attacks and Consequences," a class offered in the format of a policy task force at Princeton University's Woodrow Wilson School of Public and International Affairs this spring, sought to evaluate the need to address the public harm caused by cyberattacks and to offer recommendations to policymakers

Legislation, Policy, and Regulation

Cyber-attacks against the media (European Parliament News) On 27 May 2015, MEPs discuss the EU's preparedness to counter cyber-attacks such as those against the French broadcaster TV5 Monde and several French-language Belgian newspapers in April

Internet of things and smart cities need UK-wide consensus (ComputerWeekly) Smart city technology's time has come, but for local authorities to buy in there needs to be a wider consensus to establish how the internet of things (IoT) can be best employed to transform urban life in the next 30 years

Czechs to heavily invest in cyber defense (Prague Post) Deputy defense minister: Czechs could become world leaders in the field

Germany Wants Indian IT Experts for Fight Against Cyber Terrorism (International Business Times) Indian IT experts who are experienced in fighting cyber crime can get a chance to go to Germany to help the government ward off cyber terrorism

What Is the U.S. Doing About Wassenaar, and Why Do We Need to Fight It? (Electronic Frontier Foundation) On May 20, 2015, the U.S. Department of Commerce's Bureau of Industry and Security (BIS) published its proposed implementation of the December 2013 changes to the Wassenaar Arrangement. What follows is a long post, as we're quite troubled by the BIS proposal. In short, we're going to be submitting formal comments in response, and you should too

Let Patriot Act Provisions Expire (New York Times) Barring a last-minute compromise, congressional authorization for the program the government uses to sweep up Americans' phone records in bulk will lapse on Sunday. That would be perfectly fine

Playing chicken with national security (Chicago Tribune) At midnight Sunday, several key provisions of the Patriot Act will expire

7012 Regs and Cyber insurance on collision course with small business (CTO Vision) In November 2013, the US Department of Defense issued final rules to its defense acquisition regulations. Defense Acquisition Regulation Supplement (DFARS) section 252.204-7012 now requires contractors to safeguard information that is deemed Unclassified, but controlled (called UCTI), within their IT systems in a manner compliant with standards issued earlier in 2013 by the National Institute of Standards and Technology (NIST)

NARA seeks comments on new guidance for electronic message management (FierceGovernmentIT) Electronic messages created or received in the course of conducting agency business are federal records and therefore subject to the same management laws as other formats, new guidance from the National Archives and Records Administration states

If we want strong encryption, we'll have to fight for it (Help Net Security) As digital rights lawyer and special counsel to the Electronic Frontier Foundation Marcia Hofmann correctly noted in her keynote at Hack in the Box Amsterdam 2015 on Thursday, this issue is like a pendulum: sometimes, like in the wake of the 1990s crypto wars, it swings towards strong encryption, but it could now swing in the other direction

Behavioral War Powers (NYU Law Review) A decade of war has meant a decade of writing on war powers

Litigation, Investigation, and Law Enforcement

Clueless Clause: Insurer Cites Lax Security in Challenge to Cottage Health Claim (Security Ledger) In-brief: In what may become a trend, an insurance company is denying a claim from a California healthcare provider following the leak of data on more than 32,000 patients. The insurer, Columbia Casualty, charges that Cottage Health System did an inadequate job of protecting patient data

Yahoo to face class action lawsuit over email spying claims (Naked Security) A US District judge has given the go ahead to a class action lawsuit which accuses Yahoo of illegally accessing and scanning emails — sent to and from its estimated 275 million Yahoo Mail subscribers — without consent

20 students charged in school sexting scandal (Naked Security) Twenty middle and high-school students in the US are facing charges of privacy invasion after investigators swooped in and collected 27 phones, finding numerous photos of nude and partially nude female students being swapped by male students via text message and social media

Mary Aiken, Cyberpsychologist, RSCI (Forensic Focus) Mary, you're currently Professor and Director at the RCSI's CyberPsychology Research Centre. Tell us a bit about your role and what a typical day looks like

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

19th Colloquium for Information Security Education (CISSE) (Las Vegas, Nevada, USA, June 15 - 17, 2015) The Colloquium for Information System Security Education (CISSE) has represented the constant in the changing field of cybersecurity education. CISSE was established in 1996. Its mission was (and still...

Upcoming Events

HITBSecConf2015 Amsterdam (De Beurs van Berlage, Amsterdam, The Netherlands, May 26 - 29, 2015) This year's event will feature a new training courses. Keynote speakers include Marcia Hofmann and John Matherly. To encourage the spirit of inquisitiveness and innovation, Haxpo will showcase cutting...

International Techno Security & Forensics Investigations Conference (Myrtle Beach, South Carolina, USA, May 31 - June 3, 2015) The Seventeenth Annual International Techno Security & Forensics Investigations Conference will be held May 31 to June 3 in sunny Myrtle Beach at the Myrtle Beach Marriott Resort. This conference promises...

Mobile Forensics World (Myrtle Beach, South Carolina, USA, May 31 - June 3, 2015) The Eighth Annual Mobile Forensics World will also be held May 31 ? June 3 in sunny Myrtle Beach at the Myrtle Beach Marriott Resort. The Mobile Forensics World is specifically dedicated to Federal, State...

School on Computer-aided Cryptography (College Park, Maryland, USA, June 1 - 4, 2015) The goal of the school is to provide participants with an overview of computer-aided cryptography with a special focus on computer-aided cryptographic proofs using the EasyCrypt tool. Lectures discussing...

TakeDownCon: Capital Region 2015 (East Hyattsville, Maryland, USA, June 1 - 2, 2015) TakeDownCon is a highly technical forum that focuses on the latest vulnerabilities, the most potent exploits, and the current security threats. The best and the brightest in the field come to share their...

AusCERT2015: Smarten up (RACV Royal Pines Resort, Gold Coast, Queensland, June 1 - 5, 2015) This year's conference theme explores how we need to smarten up to manage information security risks better. We need to "smarten up" by focusing on information security essentials; by taking advantage...

ASIA (Annual Symposium on Information Assurance) (Albany, New York, USA, June 2 - 3, 2015) ASIA is an event held jointly with the 18th Annual New York State Cyber Security Conference (NYSCSC), aiming to attract researchers and practitioners alike for engaging talks about information security...

Infosecurity Europe 2015 (London, England, UK, June 2 - 4, 2015) Infosecurity Europe is the largest and most attended information security event in Europe. It is a free exhibition featuring not only over 325 exhibitors and the most diverse range of new products and...

NSA SIGINT Development Conference 2015 (Fort Meade, Maryland, USA, June 2 - 3, 2015) This classified conference will focus on the preeminent intelligence issues facing those who are tasked with SIGINT as part of their mission. Over 1500 participants from the US intelligence community and...

Cyber Security Summit: DC Metro Area (Tysons Corner, Virginia, USA, June 3, 2015) The Cyber Security Summit provides an exclusive business environment to meet with Senior Executives who are seeking innovative solutions to protect their business & critical infrastructure. Delegates at...

7th Annual Southeastern Cyber Security Summit (Huntsville, Alabama, USA, June 3 - 4, 2015) Cyber training, education, and workforce development for the evolving threat

Seventh Annual Information Security Summit (Los Angeles, California, USA, June 4 - 5, 2015) Information Security has become top of mind for companies and this conference is a must for IT staff, CISOs, Board members and CEOs. The Seventh Annual Information Security Summit offers comprehensive,...

ShowMeCon (St. Louis, Missouri, USA, June 8 - 9, 2015) This highly technical forum showcases eye-opening presentations from world-renown ethical hackers and security experts that will leave you amazed and frightened at the same time. By giving you access into...

Cloud Identity Summit 2015 (La Jolla, California, USA, June 8 - 11, 2015) Enterprises large and small are looking to the cloud to replace legacy applications and virtualize their existing data center environments. In each case, security technology vendors need to manage the...

NSA Mobile Technologies Forum (MTF) 2015 (Fort Meade, Maryland, USA, June 8 - 12, 2015) The Mobile Technologies Forum is an annual event that attracts SIGINT, Information Assurance, HUMINT, Federal Law Enforcement, Counterintelligence and Government personnel from the United States, Australia,...

Cybergamut Tech Tuesday: Using EMET to Defend Against Targeted Attacks (Elkridge, Maryland, USA, June 9, 2015) 0-day vulnerabilities that are able to bypass platform level exploit mitigation technologies such as DEP and ASLR are becoming increasingly common. Knowledge workers are being increasingly targeted by...

Fraud Summit Boston (Boston, Massachusetts, USA, June 10, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Highlights of the Boston event include...

CyBit: the Computer Forensics Show (IT Security and Cyber Security) (New York, New York, USA, June 11 - 12, 2015) Cyber Security: The interdependent network of information technology infrastructures, including the internet, telecommunications networks (satellite communications), computer systems, embedded processors...

Information Management Conference 2015 (Nashville, Tennessee, USA, June 15 - 18, 2015) This year's theme is "Mission Excellence through Innovation" and is aligned with the Information Resources Management Strategic Plan vision, which aims to collaborate as an enterprise and deliver innovative...

AFCEA Defensive Cyber Operations Symposium (Baltimore, Maryland, USA, May 5 - 7, 2015) The U.S. Defense Information Systems Agency's new operational role in the cyber domain as network defender creates a formal relationship between DISA, U.S. Cyber Command and the command's military service...

TRUSTe Internet of Things Privacy Summit 2015 (Menlo Park, California, USA, June 17, 2015) The Second IoT Privacy Summit will be held on June 17th 2015 and focus on practical solutions to the privacy challenges of the Internet of Things with multiple case studies, workshops and panel presentations...

Portland Secure World (Portland, Oregon, USA, June 17, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...

2015 Community College Cyber Summit (3CS) (North Las Vegas, Nevada, USA, June 17 - 19, 2015) The second annual Community College Cyber Summit (3CS), hosted by the College of Southern Nevada, is organized and produced by the five cybersecurity-related Advanced Technological Education (ATE) centers...

Suits and Spooks All Stars 2015 (New York, New York, USA, June 19 - 20, 2015) Unlike our typical "collision" event, our All Stars will have at least 60 minutes each for their talks. Seating will be limited because we're going to hold it in one of our most popular venues —...

REcon 2015 (Montréal, Québec, Canada, June 19 - 21, 2015) REcon is a computer security conference with a focus on reverse engineering and advanced exploitation techniques. It is held annually in Montreal, Canada. The conference offers a single track of presentations...

Nuit du Hack 2015 (Paris, France, June 20 - 21, 2015) The "Nuit Du Hack" conference was initiated in 2003 by the French hacking group: HackerZvoice. This event has been gathering people willing to learn and share their knowledge around lectures and challenges...

Cyber Security for Defense (Augusta, Georgia, USA, June 24 - 26, 2015) This conference serves as an opportunity for solution providers to break through the background noise and present their unique ideas and products in an environment specifically tailored to highlighting...

Innovation Summit: Connecting Wall Street, Silicon Valley & the Beltway (New York City, New York, USA, June 25, 2015) Innovation Summit connects America's three most powerful epicenters and evangelizes the importance of industry, government and academic collaboration on joint research initiatives. The opportunity to bring...

NSA Information Assurance Symposium (IAS) 2015 (Washington, DC, USA, June 29 - July 1, 2015) The NSA Information Assurance Directorate (IAD)'s Information Assurance Symposium (IAS) is a biannual forum hosted by the National Security Agency (NSA). IAS events of the past have proven to be the preferred...

US News STEM Solutions: the National Leadership Conference (San Diego, California, USA, June 29 - July 1, 2015) San Diego offers the perfect backdrop for the 4th annual U.S. News STEM Solutions National Leadership Conference, June 29 — July 1, 2015 in San Diego, CA. Please make your plans now to join fellow...

Information Assurance Symposium (Washington, DC, USA, June 29 - July 1, 2015) The NSA Information Assurance Directorate (IAD)'s Information Assurance Symposium (IAS) is a biannual forum hosted by the National Security Agency (NSA). IAS events of the past have proven to be the preferred...

Cyber Security for Healthcare Summit (Philadelphia, Pennsylvania, USA, June 29 - July 1, 2015) Our IQPC Cyber Security for Healthcare Summit will help Hospitals and Medical Device manufacturers to prepare and manage risks by viewing cybersecurity not as a novel issue but rather by making it part...

Cybergamut Tech Tuesday: The Truth About Security Your System (Elkridge, Maryland, USA, June 30, 2015) What does it take to secure a system? What is the logical approach to successfully achieve this endeavor? First, an understanding of who wants access and why is a necessary baseline to form a strategic...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.