skip navigation

More signal. Less noise.

Daily briefing.

ISIS continues to post grim video online, and to reach its target demographic.

The US Navy mulls implications of potential Russian undersea cable tapping (or cutting).

Anonymous begins its promised "@OperationKKK."

The DCI–AOL–account–hacking Crackas with Attitude (still at large) release to Wikileaks some information related to US President Obama's national security transition team.

Vodaphone, which indicates that it stopped a potentially more serious breach before it got too far, discloses that 1827 customers may have had their personal data exposed. The telecom has blocked affected accounts.

Security experts take a look at TalkTalk's website and say they discern at least eleven vulnerabilities there. Some speculate such vulnerabilities may have attracted last month's hackers to the telecom. In the meantime British police arrest a third suspect in connection with the incident, this one a venerable twenty-year-old. TalkTalk's CEO Harding declines to resign.

There's much talk (as there often is) about the vastly expanded attack surface the burgeoning Internet-of-things is presenting. Some of that talk is fueled by newsman Ted Koppel's study of US power grid vulnerability to cyber attack (the Washington Post has a long précis by the author).

In industry news, HP has split, and the new Hewlett Packard Enterprise invites all to think of it as a startup. Investors discuss cyber story stocks FireEye and Imperva. Hacking Team returns to the lawful intercept market. Unicorn Avast plans no IPO earlier than 2017.

EU-US Safe Harbor seems set to return. UK's surveillance bill is debated, as is the US CISA.

Notes.

Today's issue includes events affecting Australia, Belgium, China, European Union, France, Iraq, Israel, Netherlands, Philippines, Russia, Sweden, Syria, Thailand, United Kingdom, United States.

We'll be headed to Washington tomorrow afternoon to cover the SINET Showcase 2015. Full reports will appear Wednesday and Thursday.

Cyber Attacks, Threats, and Vulnerabilities

In New Video ISIS Calls Prison Raid A Failure, Executes Prisoners (Vocativ) ISIS releases its own version of the raid in which an American commando lost his life

Navy grapples with Russian threats to undersea cables (Navy Times) U.S. leaders are increasingly worried that Russia's submarines could sever the communication arteries that drive global commerce

Operation KKK Is Beginning To Unmask Hate Group Members (TechCrunch) Operation KKK, an Anonymous-led effort to shut down the Ku Klux Klan, has begun in earnest

Hackers release info on Obama's national security transition team (C4ISR & Networks) The slow drip of information allegedly stolen from CIA Director John Brennan's personal email account continues to find its way onto WikiLeaks, with a list of personal information about 20 members of President Obama's transition team added to the leak in the most recent post on Oct. 26

Vodafone UK fights–off breach attempts, blocks 1,800 accounts in aftermath (CSO) The attackers were using information obtained externally, the telecom says

Vodafone warns some customer accounts were breached, potential for fraud and phishing attacks (Graham Cluely) UK telecoms operator Vodafone has revealed that the personal details of some 1,827 customers have had their personal information accessed by hackers, who broke into accounts between midnight on Wednesday 28 October and noon the following day

Experts say TalkTalk had 11 serious website vulnerabilities (Financial Times) TalkTalk had at least 11 separate serious vulnerabilities in its website and may have enticed criminals to target it after revealing security weaknesses in a public tweet two months ago, according to cyber security experts with detailed knowledge of the hack attack on the telecoms group

TalkTalk cyber-attack: third person arrested and released on bail (Guardian) 20-year-old man arrested in Staffordshire in connection with attack on telecoms firm, following arrest of two teenagers

TalkTalk cyber attack: chief Dido Harding rejects pressure to resign (Telegraph) Chairman and founder Sir Charles Dunstone backs chief executive as PwC is brought in to review causes of security breach

Android infostealer masquerading as MS Word document (Help Net Security) A clever Android information-stealing piece of malware is lurking on third-party app markets popular with Chinese users

New Reflection DDoS Attacks Spotted Using NetBIOS, RPC, and Sentinel Technology (Softpedia) Three new types of reflection DDoS attacks were observed by Akamai SIRT (Security Intelligence Response Team) being used in the wild from March to September 2015, utilizing three new amplification channels, namely NetBIOS name servers, Sentinel licensing servers, and RPC portmaps

FortiGuard Labs Discloses XSS Vulnerability in MantisBT (Fortinet Blog) MantisBT is an open source issue tracker with nearly 110,000 downloads so far this year from its SourceForge repository. It is known for its ease of use and rapid collaboration capabilities

Setting the Record Straight on Moplus SDK and the Wormhole Vulnerability (TrendLabs Security Intelligence Blog) A vulnerability known as Wormhole that reportedly affected the software development kit (SDK), Moplus by Baidu is making waves due to the severity of the impact once successfully exploited. The said vulnerability was discovered by WooYun.og, a vulnerability reporting platform in China

EFF Discovers More Leaky ALPR Cameras Accessible Via The Web (TechDirt) Not only are automatic license plate readers (ALPRs) in use all over the nation, but the companies behind them are less interested in securing their systems than selling their systems

Bulletin (SB15-306) Vulnerability Summary for the Week of October 26, 2015 (US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week

Security Patches, Mitigations, and Software Updates

Microsoft's Windows 10 to 'automatically download' from next year (Independent) Microsoft users will have Windows 10 automatically downloaded onto their computers without their knowledge, the software giant said this week

How to solve a problem like security update apathy? (SC Magazine) When a high percentage of users have unpatched systems and unpatched programs, as found in a recent Secunia report, can you protect them from themselves?

Cyber Trends

Critical gov't infrastructures become targets (Manila Bulletin) In developed economies, a recent study by Trend Micro showed that critical government infrastructures are increasingly compromised to cyber threats Read more at http://www.mb.com.ph/critical-govt-infrastructures-become-targets/#1ecyxv7BJ4MWUuBj.99

The coming smart-thing apocalypse (Engadget) Like some people I know familiar with the ins and outs of digital surveillance (and startle like housecats when an app makes a geolocation request) I don't own any "smart" home items

The Internet of Things: Groundbreaking tech with security risks (We Live Security) he Internet of Things (IoT) is the latest buzzword taking hold of the technology industry, but what does it mean exactly and how does it impact citizens and businesses?

Machine Learning Is Cybersecurity's Latest Pipe Dream (Dark Reading) Rather than waste money on the unproven promises of ML and AI, invest in your experts, and in tools that enhance their ability to search for and identify components of a new attack

Hacking of "Unregulated Data" Poses Big Risk to Firms (Wall Street Journal) When Sony Pictures Entertainment was hacked last year, some of the most damaging data released were emails revealing movie scripts, gossip and personal details on Hollywood stars, as well as discussions about internal investigations into potential corporate wrongdoing

5 common small business cyber-security myths (Grand Rapids Business Journal) It'd be difficult to find a business today that doesn't use at least one computer based or online system

Internet malwares threaten PH industries (Standard) All over the world, the threat of a digital infrastructure crashing is as valid as an earthquake decimating a 50-story building or a series of typhoons striking without any preamble, ruining everything on their path

Marketplace

CSOs demanding more from cybersecurity tech (CSO) CSOs and CISOs are becoming more powerful, and their wielding that power to demand more from their technology vendors, to throw out underperforming tech, and to take more risks on new and innovative approaches

Glitches to riches: The hackers who make a killing off software flaws (Christian Science Monitor Passcode) Selling information about software vulnerabilities was a quirky idea a decade ago. But today there's a global vulnerability marketplace where the world's top bug bounty hunters can reap handsome rewards

Army Wants Integrated Platform for Cyber, EW Operations (ExecutiveBiz) The U.S. Army seeks vendors that can offer situational awareness tools designed for cyberspace and electromagnetic spectrum environments as part of an effort to build a converged CEM SA platform

Cyber warriors newly eligible for special duty pay (Air Force Times) For the first time, the Air Force has added cyber warfare operations to its list of career fields eligible for special duty pay, effective Oct. 1

Hewlett Packard Enterprise: think of us as a startup (ComputerWeekly) As Hewlett Packard Enterprise and HP Inc finally part ways, UK managing director Andy Isherwood shares some insight on what the future holds for the newly minted enterprise business

'HPE will be about speed', says UK boss (CRN) Andy Isherwood admits separation has been so smooth, it has been "bizarre"

U.S. Tech Giants May Blur National Security Boundaries in China Deals (New York Times) One Chinese technology company receives crucial technical guidance from a former People's Liberation Army rear admiral. Another company developed the electronics on China's first atomic bomb. A third sells technology to China's air-to-air missile research academy

Pentagon Creates Cybersecurity Exchange Program With Industry (Bloomberg) The U.S. Defense Department is sending career personnel on tours with private cybersecurity companies and bringing in specialists from those companies to gain the skills necessary to defend military networks from hackers, the Pentagon's chief information officer said

Cyber security stocks get filip from Talk hack attack (Reuters) The hacking scandal at broadband provider TalkTalk has heightened interest in stocks and companies dealing in cyber security, with some fund managers betting on more growth in the sector

Raytheon Company To Purchase Intel Corporation Finnish Unit (Bidness Etc) Raytheon Company (NYSE:RTN) announced that its Websense Security Software unit will be purchasing Intel Corporation's (NASDAQ:INTC) Finnish Stonesoft firewall unit

Avast worth 'upwards of $2 billion'; no IPO before 2017 (Reuters) Antivirus software developer Avast Software is now worth "upwards of $2 billion", its chief executive said on Thursday, but it will be at least 2017 before the company goes public

Hacking Team Is Back with a Bold Pitch to Police (Motherboard) For more than a year, the FBI has been complaining that the rise of encryption technologies will make its investigators "go dark" and help criminals get away

Why Imperva Inc. Stock Soared on Friday (Motley Fool) Data security threats are boosting the security vendor's top and bottom lines

FireEye Inc (FEYE) Stock Is a Gamble…NOT a Bargain! (Investor Place) The company is still unprofitable and the space is increasingly crowded

Why cyber firms are prime targets for mergers and acquisitions (Baltimore Business Journal) Cybersecurity startups that want to attract an investor or buyer will have to show more than high growth potential

British cybersecurity startup goes from hiring former spies to students as it looks to grow to the size of Autonomy (Business Insider) Darktrace, a UK cybersecurity company backed by Autonomy founder and billionaire Mike Lynch, has revealed it is hiring fewer former spies and more graduates as it starts to scale towards being a billion dollar company

Strategic Focus and Superior Engineering Fueling Secure Data Technologies' Unprecedented Growth (PRNewswire) Earlier this month, Secure Data Technologies, Inc. (Secure Data) moved into a sprawling new headquarters in O'Fallon, Illinois, just 15 miles outside of downtown St. Louis, Missouri

Security Startup Illumio Inks Deal With Cloud Hardware Maker Nutanix (Re/code) Security startup Illumio says it has signed a deal to have its technology added to products from Nutanix, a company that makes cloud computing hardware

Rich A. Fennessy Appointed CEO of Kudelski Security (BusinessWire) The Kudelski Group (SIX:KUD.S), the world's leading independent provider of media content protection and value-added service technology, announced today the appointment of Rich A. Fennessy as Group Senior Vice President — and CEO of Kudelski Security

Fidelis Cybersecurity Appoints Richard Darer as Chief Financial Officer and Senior Vice President (BusinessWire) Respected industry leader brings finance and global business expertise to lead Fidelis Cybersecurity's growth

Products, Services, and Solutions

Verizon accelerates IoT push with ThingSpace platform (TotalTelecom) U.S. telco aims to reduce complexity, fragmentation, cost associated with deploying, scaling Internet of Things services

FireEye Summit unveils series of security products (Saudi Gazette) FireEye Cyber Defense Summit announced a series of products for improved endpoint, malware detection and threat intelligence during FireEye Summit 2015 held in Washington DC recently

Why The Time Has Come For Penetration Testing On IBM i (IT Jungle) Home Depot's point of sale (POS) system was breached in 2014, comprising information on 53 million accounts. A year before, Target's POS was breached, putting data from at least 40 million customers in jeopardy. In both cases, the retailers were deemed "compliant" with Payment Cardholder Initiative (PCI) data security standards. But obviously there's a big difference between complying with security regulations and actually having good security, and that's true whether your shop runs on IBM i or any other platform

Avast launches free mobile security for Android phones; track lost phones, wipe data clean (International Business Times) Even as mobile users in India are going online with their smartphones for various purposes such as banking, social networking, browsing sites and more, there are some risks that tag along

Technologies, Techniques, and Standards

Bank of England and US authorities to simulate cyber-attack (Telegraph) The British and American financial systems will be tested to see how well they stand up to attacks by hackers, in the wake of the TalkTalk scandal

Cross-Training Empowers Cyber Experts (SIGNAL) Security professionals are taught it takes an online thief to catch an online thief

U.S. retailers push banks to use PINs on credit cards as confusion reigns (Reuters) Some big U.S. retailers are stepping up efforts to use personal identification numbers, or PINs, with new credit cards embedded with computer chips in a bid to prevent counterfeit card fraud

How Lockheed Martin sold employees on an insider threat program (Federal News Radio) Since a contract employee shot and killed 12 colleagues at the Washington Navy Yard two years ago, the government has inched cautiously toward fulfilling a key recommendation: establish insider threat programs

Security tools' effectiveness hampered by false positives (CSO) Thanks to technologies such as intrusion detection systems, services such as threat intelligence and other emerging sources of information, security programs today are gathering unprecedented amounts of data about threats and attacks

Protecting Against Data Breaches Is as Easy as 1 – 2 (Entrepreneur) There are ways you can protect yourself or your company from a data breach

Three baseline IT security tips for small businesses (TechRepublic) Millions of small businesses are vulnerable to cybersecurity attacks that can cost an average of $20,000 per attack. Here is some basic wisdom to help SMBs protect themselves

How to win the cyber security arms-race (Manchester Evening News) As shares in TalkTalk are beginning to recover following a serious security breach, we speak to north west IT firms on how to win the war again cyber attacks

Three Questions about Online Security (Talkin' Cloud) When you give your personal information to a financial institution, government or insurance company, you have a certain level of trust that they will do everything in their power to keep it safe

7 Tips for Conducting Effective Cybersecurity Due Diligence in M&A Transactions (JDSupra) 1. Start Early. Buyers should begin conducting cybersecurity risk assessments early in the engagement process

As companies mature in their cyber risk management practices, what are the key governance practices and behaviors of a successful program? (Conference Board) Based on best practices from leading global companies and lessons from cyber-risk cases gone wrong, this report outlines a practical strategic and tactical roadmap with both architectural and substantive recommendations for effective cyber-risk governance by boards, the c-suite and functional leaders

Is short-term thinking jeopardizing the future prosperity of business? (Conference Board) How can public company CEOs and boards effectively balance short and long term performance in the face of pressures to increase stock price performance over the short term?

7 Elements Of Modern Endpoint Security (Dark Reading) What it takes to secure and tap into the 'source of the truth' in today's threatscape

Disaster Recovery Starts with a Plan (Internet Storm Center) One of the security questions being asked of security professionals, by business executives these days, from both internal and external entities, is "What is the status of our Disaster Recovery plan?"

Design and Innovation

Deloitte Partners With Blockchain Startup Colu (CoinDesk) Coloured coins startup Colu has revealed it is embarking on a partnership with multinational consulting firm Deloitte

The day is not far for four factor authentication: Gemalto (CIOL) Atul Singh, Regional Director, India sub-continent, Banking, Transport & Telecom Solutions, Gemalto, in a free-wheeling interview with CIOL, discusses newer demands from the BFSI segment on security vendors, and the importance of four factor authentication

Research and Development

Researchers use Wi-Fi to see gestures, identify individuals through walls (Naked Security) MIT has created a device that can discern where you are, who you are, and which hand you're moving, from the opposite side of a building, through a wall, even though you're invisible to the naked eye

Legislation, Policy, and Regulation

Safe Harbor: Grounds for Optimism Around a New Framework (Legaltech News) Good privacy practices will always put an organization in good standing in the eyes of a regulator (and vendors)

Businesses braced for bout of regulation on cyber security (Financial Times) Companies around the world are bracing themselves for an avalanche of cyber security regulation, as governments scramble to introduce rules forcing corporate groups to build stronger defences against catastrophic hacks

Thai military stresses need for cyber vigilance (Thai Visa News) The military yesterday stressed the need for cybersecurity readiness at the national level, as the country still only maintains preparedness at the military and ministry level

Can the US and China Cooperate on the First (and Last) Line of Cyber Defense? (Diplomat) Deeper China-U.S. CERT cooperation will be beneficial for both countries

New U.K. Comms Data Capture Bill Incoming This Week (TechCrunch) Reminder: The U.K. government is preparing to publish a draft bill aiming to strengthen and shore up the intelligence and security agencies' capabilities in the digital era

New plan to torpedo UK's grab for everyone's browsing history (Naked Security) UK police are after cyber snooping powers equivalent to what, in an analog world, would be knowing what magazines you read but not which articles or page numbers

Digital Minister demands "Kite Marks" for Websites (Check & Secure) Since the colossal data breach that has brought TalkTalk to its knees in recent weeks, the first voices of discontent can be heard ringing from the front benches of the House of Commons. Something must be done, say the government, to improve the nation's cyber security. Surely, the answer is regulation and standardisation of website security measures. Or is it?

Theresa May says 'contentious' parts of web surveillance plan dropped (BBC) Police will be able to see websites people have visited but not the specific pages they have viewed without a warrant, under new government plans

US readies new rules for nuclear reactors (The Hill) The government is moving forward with new cybersecurity requirements for nuclear power plants

Where is America’s cyberdefense plan? (Washington Post) To begin, a conclusion: The Internet, whatever its many virtues, is also a weapon of mass destruction

Federal cyber strategy plan released (Federal Times) Cybersecurity has become a central focus for the federal government and now agencies have new guidance on where their cybersecurity posture should be and how to get there

Modernizing Federal Cybersecurity (The White House) Today, the Administration directed a series of actions to continue strengthening Federal cybersecurity & modernizing the government's technology infrastructure

White House cyber plan sets tough deadlines (FedScoop) The Office of Management and Budget's five-point plan pushes federal agencies to move faster then ever before to prevent major breaches

The impact of the Senate's passage of the CISA (Security InfoWatch) On Tuesday, the U.S. Senate overwhelmingly passed the Cybersecurity Information Sharing Act (CISA), which, in short, is designed to fight the growing problem of corporate data breaches by allowing individual companies to share their cybersecurity threat data with the government, which would theoretically use it to defend the target company and others facing similar attacks

Smooth sailing for cyberbill? Not so fast (Washington Examiner) The Senate's overwhelming passage of cybersecurity legislation last week should set the stage for quick final action on an issue of vital importance to the nation's economy and security

CISA won't do much to turn threat intelligence into action (CSO) Sorting through a wealth of threat intelligence takes lots of resources — capital, services and personnel

CISA: The new security law doesn't help security (InfoWorld) The bill gives government access to a new trove of personal data but does nothing to improve its poor track record in safeguarding the data it already has

Stop CISA! (Network World) Fundamentally flawed cybersecurity legislation will have a marginal impact of risk mitigation while further eroding privacy protection and U.S. credibility abroad

Real-world roadblocks to implementing CISA (Help Net Security) The recent approval of CISA (the Cybersecurity Information Sharing Act) by the US Congress and Senate is paving the way for broader security collaboration

Sen. Carper says cybersecurity bill will thwart hackers (Delaware News Journal) After years working of on cybersecurity bills, Sen. Tom Carper said he changes his online passwords more often than he ever imagined he would

Crypto is For Everyone — and American History Proves It (EFF) Over the last year, law enforcement officials around the world have been pressing hard on the notion that without a magical "backdoor" to access the content of any and all encrypted communications by ordinary people, they'll be totally incapable of fulfilling their duties to investigate crime and protect the public

What new DMCA rules mean for medical device research (Christian Science Monitor Passcode) This week the Library of Congress issued exemptions to the Digital Millennium Copyright Act that pave the way for independent researchers to begin examining medical devices for software flaws

Gen. Breedlove: Intelligence Community Changing How it Handles Russia (Defense News) The US intelligence community has begun changing how it handles the government of Russian President Vladimir Putin, according to the top American general in Europe

Cyber Support to Corps and Below to join upcoming training rotation (FierceGovernmentIT) An Army pilot program called the Cyber Support to Corps and Below will take an important step forward in demonstrating cyber effects at corps and echelons below

Pop Quiz: Which Navy N00bs Have a Gift for Stopping Hacks? (Nextgov) The Navy is preparing to experiment with an exam aimed at predicting the types of sailors capable of grasping cybersecurity skills without ever having picked up a book or keyboard

US Military Should Hire Cyber Mercenaries, Cadet Says (DefenseTech) Scott Seidenberger, an undergraduate at Cornell University and an Air Force ROTC cadet, in a recent TEDx talk raised some provocative ideas for the U.S. military's cyberwarrior force

DNI Releases Budget Figure for the 2015 National Intelligence Program (IC on the Record) Consistent with 50 U.S.C. 3306(b), the Director of National Intelligence is disclosing to the public the aggregate amount of funds appropriated by Congress to the National Intelligence Program for Fiscal Year 2015 not later than 30 days after the end of the fiscal year

Hacked Opinions: The legalities of hacking — Chris Doggett (CSO) Kaspersky's Chris Doggett talks about hacking regulation and legislation

The European Parliament is Wrong on Edward Snowden and National Security (Daily Signal) On Oct. 29, the European Parliament approved a resolution (passed by 285 votes to 281) calling "on European Union Member States to drop any criminal charges against Edward Snowden, grant him protection and consequently prevent extradition or rendition by third parties, in recognition of his status as whistleblower and international human rights defender"

Litigation, Investigation, and Law Enforcement

Full 4th Circuit will hear cellphone tracking appeal (Daily Record) In a case involving convicted Baltimore bank robbers, the full 4th U.S. Circuit Court of Appeals said it will consider whether police need a search warrant to get the cellphone-tower records of suspected criminals in an effort to track down their whereabouts when the crime was committed

Feds explain (sort of) why they really want data on seized iPhone 5S (Ars Technica) DOJ: the search warrant remains active, so Apple should help us

Divorce lawyer who thought he could beat NSA in court, couldn't (Ars Technica) Just like many cases before him, Elliott Schuchardt could not prove standing

How FBI Cyber Division helps agencies investigate intrusions (Federal Times) The FBI takes the lead investigating cyberattacks against federal agencies and coordinating the National Cyber Investigative Joint Task Force

Socially Acceptable: The Perils of Social Media Discovery (Legaltech News) Social media discovery requests are increasing, but courts are still arguing profile authentication and where privacy expectations stop

Time Is Precious with Computer-Hacking Claims (JDSupra) A recent ruling shows that plaintiffs must act fast when using a federal criminal statute for a civil suit

Lessons learned from Target's data breach discovery win, five strategies for maintaining privilege in the aftermath of a data breach (Lexology) A thousand questions immediately flood any lawyer's mind when they first hear that their client may have been affected by a data breach

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Inside Data Science 2015 (Monterey, California, USA, November 3 - 4, 2015) At the Inside Data Science 2015 Conference (IDS2015) our focus is not on the storage or volume of data, but rather the importance of what you do with it. To synchronize the processing, exploitation and...

NICE 2015 Conference and Expo (San Diego, California, USA, November 3 - 4, 2015) Cybersecurity has emerged as one of the leading creators of jobs and opportunity for all economic sectors. The demand for cybersecurity positions in both the public and private sector is large and growing,...

SINET Showcase 2015: "Highlighting and Advancing Innovation" (Washington, DC, USA, November 3 - 4, 2015) SINET Showcase provides a platform to identify and highlight "best-of-class" security companies that are addressing industry and government's most pressing needs and requirements. The chosen SINET 16 Innovators...

4th International Internet-of-Things Expo (Santa Clara, California, USA, November 3 - 5, 2015) With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo in Santa Clara. Learn what is going on, contribute to the discussions, and...

RSA Conference 2015 Abu Dhabi (Abu Dhabi, United Arab Emirates, November 4 - 5, 2015) Join your fellow information security professionals at RSA Conference 2015 Abu Dhabi, where we'll be discussing security issues from a global perspective

ICMC (the International Cryptographic Module Conference) (Washington, D.C., USA, November 4 - 6, 2015) ICMC core focus includes cryptographic modules, FIPS 140-2, ISO/IEC 19790 and cryptographic algorithms. Specialists from all over the world gather in Washington to discuss about commercial cryptography...

2nd Annual Journal of Law and Cyber Warfare Conference (New York, New York, USA, November 5, 2015) The 2015 symposium speakers represent an unparalleled group of cyber security experts with a wide variety of industry expertise and knowledge. Attendees will hear from experts on cybersecurity and cyber...

Start with Security (Austin, Texas, USA, November 5, 2015) This one-day conference will continue the FTC's work to provide companies with practical tips and strategies for implementing effective data security. Aimed at start-ups and developers, this event will...

After the Shift: Securing Tomorrow's Payment Technology (Washington, DC, USA, November 5, 2015) From encryption to tokenization, what does the future hold for keeping consumer data safe? Policymakers, industry leaders, and technology experts will explore the cutting edge of cyber technology and discuss...

University of Phoenix® Technology Conference (Arlington, Virginia, USA, November 7, 2015) At the University of Phoenix® Technology Conference 2015, a free event hosted by the University of Phoenix College of Information Systems and Technology, you will be introduced to cyber security,...

Cyber³ Conference: Crafting Security in a less Secure World (Nago City, Okinawa, Japan, November 7 - 8, 2015) An international conference on cyber security hosted by the Government of Japan with the support of the World Economic Forum. At this conference, multi-stakeholders, including policymakers, business leaders,...

FedCyber 2015 (Tyson's Corner, Virginia, USA, November 10, 2015) This conference, orchestrated by cyber practitioners Matt Devost and Bob Gourley, is designed to advance the state of cyber defense. The FedCyber.com Threat Expo will bring together thought leaders who...

First International Conference on Anti-Cybercrime (ICACC-2015) (Riyadh, Saudi Arabia, November 10 - 12, 2015) Al Imam Mohammad Ibn Saud Islamic University is organizing this international conference to establish a forum where discussions on vital issues related to anti-cybercrime can occur. This conference will...

Black Hat Europe (Amsterdam, the Netherlands, November 10 - 13, 2015) Black Hat prides itself with being "the most technical and relevant global information security event series in the world." For the past 16 years, the Black Hat events have given their attendees the opportunity...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.