skip navigation

More signal. Less noise.

Daily briefing.

The US Government is said to be detecting a flurry of Iranian hacking, for the most part directed at email and social media accounts of Government officials. Press speculation connects the activity with the recent arrest of an Iranian-American businessman in Teheran on espionage charges.

ISIS operatives in social media appear to be slipping into what Gawker calls "Twitter drama" of a kind familiar to anyone who misspends too much time in such online interactions. Analysts offer thoughts on how ISIS opponents might seek to alienate ISIS members from their cause.

A Passcode opinion piece thinks the Russian threat to undersea cables "overblown," not because its difficult to cut cables (it isn't), but because the large number of such cables offers significant redundancy. Still, the US Congress is asking the Executive Branch for its assessment of that risk.

Hard-to-remove "auto-rooting" Android exploits circulate in the wild. Trojanized apps prove a threat. OmniRAT, which can afflict Windows, OS X, and Android devices, is selling for $25 a pop on the black market. New DDoS attacks are hitting email and MySQL servers.

Observers comment on the PageFair and TalkTalk incidents (PageFair gets good reviews for prompt and direct disclosure). The Parliamentary committee looking into the TalkTalk breach draws ironic comment — its own website apparently has significant vulnerabilities.

Other (fussy? unrealistic?) ironists take the UK's GCHQ to task for double-mindedness over encryption: GCHQ pushes encryption's use internally but would restrict outsiders from enjoying its benefits.

Some cyber-rattling in the US over offensive capability.

Notes.

Today's issue includes events affecting China, Iran, Iraq, Ireland, Japan, Russia, Syria, United Kingdom, United States.

Dateline SINET Showcase 2015

SINET Showcase 2015 (SINET) SINET Showcase provides a platform to identify and highlight "best-of-class" security companies that are addressing industry and government's most pressing needs and requirements

SINET Announces 2015 Top 16 Emerging Cybersecurity Companies (CTO Vision) Winners to Introduce Innovative Technologies at SINET Showcase in Washington, DC, November 3 & 4, 2015

SINET Day Two: Automation, Risk Management, and Communicating Cyber Security as a Business Issue (The CyberWire) The SINET Showcase concluded yesterday with discussion of partnership for security innovation and, of course, the presentation of the SINET 16. Here are the highlights

Cyber Attacks, Threats, and Vulnerabilities

U.S. Detects Flurry of Iranian Hacking (Wall Street Journal) American officials say they believe cyberattacks tied to arrest in Tehran of Iranian-American businessman

Even ISIS Guys Have Twitter Drama (Gawker) The scariest thing about ISIS (if, like most Americans, you are in no actual danger of coming into contact with ISIS) is that the more members (or fanboys) you follow on Twitter, the more they resemble you and your friends, in that we are all petty idiots. Today, one militant is taking a break from building the Caliphate to beef with some guy on social media

How America Can Exploit ISIL Fighters Who Hate ISIL (Overt Action) Let's say you're considering joining ISIL. First off, please don't

Why the Russian threat to undersea cables is overblown (Christian Science Monitor Passcode) Even if Russian submarines clipped underwater communications cables, the Internet would survive. The global Internet operates on enough undersea fiber-optic cables to withstand sabotage from militaries, vandals, and errant anchors

Murphy, other senators want enhanced security of undersea communications cables (New London Day) A small, bipartisan group of senators including Chris Murphy, D-Conn., have written to the secretaries of defense, state and homeland security, asking for information on "steps taken to enhance the security of our vital undersea network," after recent reports of Russian ships operating near undersea fiber optic cables

New type of auto-rooting Android adware is nearly impossible to remove (Ars Technica) 20,000 samples found impersonating apps from Twitter, Facebook, and others

Shuanet Adware Rooting Android Devices Via Trojanized Apps (Threatpost) A new strain of adware buried in repackaged popular Android applications is able to root devices and earn its keepers a tidy $2 per installation

OmniRAT — the $25 way to hack into Windows, OS X and Android devices (Tripwire: the State of Security) Just last week, police forces across Europe arrested individuals who they believed had been using the notorious DroidJack malware to spy on Android users

Zero-Day Attack Compromises a Half-Million Web Forum Accounts — Report (Infosecurity Magazine) Forum software-makers vBulletin and Foxit Software may have been breached by a hacker claiming to have made off with personal data belonging to some 479,895 users between the two

vBulletin enforces password reset after website attack (Naked Security) Forum owners and users beware!

Chinese Mobile Ad Library Backdoored to Spy on iOS Devices (Threatpost) Versions of a popular Chinese mobile ad library have been backdoored with capabilities that can be used to surreptitiously record audio and steal data stored on thousands of iOS devices

Chinese Government Website Compromised, Leads to Angler (Zscaler ThreatLab) Despite a recent takedown targeting the Angler Exploit Kit (EK), it's back to business as usual for kit operators

New Tinba Variant Seen Targeting Russian, Japanese Banks (Threatpost) Cybercriminals behind the Tinba banking Trojan have been homing in on some of the larger banks in Russia and Japan, experts claim

A Technical Look At Dyreza (Malwarebytes Unpacked) In a previous post we presented unpacking 2 payloads delivered in a spam campaign. A malicious duet — Upatre (malware downloader) and Dyreza (credential stealer). In this post we will take a look at the core of Dyreza — and techniques that it uses

Fujitsu UK Tracks Dridex, Using Recorded Future (Recorded Future) Companies contend with an ever-changing security landscape, which brings a range of strategic and operational demands including continuously evolving external and internal threats, the risk of data leaks and loss of intellectual property, and increasing compliance and regulatory requirements

A Tale of Shifu and its Attempt to Bypass FortiSandbox (Fortinet) Over the last few months, the Shifu banking Trojan has become more common in the wild prevalent and the malware family has been getting a fair amount of attention both from researchers and the mainstream media

Malicious spam with links to CryptoWall 3.0 — Subject: Domain [name] Suspension Notice (Internet Storm Center) Since Monday 2015-10-26, we've noticed a particular campaign sending malicious spam (malspam) with links to download CryptoWall 3.0 ransomware

Researchers map out hard-to-kill, multi-layered spam botnet (Help Net Security) A dropper component sent to the Akamai researchers led them to the discovery of a spamming botnet that consists of at least 83,000 compromised systems

ProtonMail hit by mystery DDoS attack, preventing customers from accessing their secure email (Hot for Security) End-to-end encrypted email service ProtonMail is suffering from an "extremely powerful" distributed denial-of-service attack, that has knocked it offline, and stopped users from accessing their inboxes

Malware Used to Launch DDoS Attacks (InfoRisk Today) Attackers have been using the Chikdos malware to compromise high-bandwidth MySQL servers around the world for the purpose of launching distributed denial-of-service attacks, according to security firm Symantec

PageFair analytics hacked and used to distribute malware on Halloween (Naked Security) First, the trick: on Halloween night, PageFair got hit by a Trojan masquerading as an Adobe Flash update

Cybersecurity and the risk to reputation (Alva Group) TalkTalk's announcement of a data breach on October 22 is the latest in a long line of similar incidents which have affected companies including Sony, Ashley Madison, Barclays and Carphone Warehouse amongst others

TalkTalk, Script Kids & The Quest for 'OG' (KrebsOnSecurity) So you've got two-step authentication set up to harden the security of your email account (you do, right?)''''

Inquiry into TalkTalk hack has its own web security issue (Graham Cluley) Oh dear. The UK Parliament's Culture, Media and Sport Committee has launched an inquiry "into cyber security following the recent cyber-attack of TalkTalk's website"

The Internet of Things — Security pro shows how easily you can hack it (IT World Canada) The Internet of Things looms large

Sprint faces backlash for adding MDM to devices without permission (CSO) Technician added MDM software to a customer's personal iPhone 6

IBM's SoftLayer Pegged as Number One Spammer (Infosecurity Magazine) IBM subsidiary SoftLayer Technologies has been accused of being the world's largest spammer with levels of unsolicited mail sent by the company rising seven times since a year ago

MobileIron blacklists Dropbox, OneDrive (IT Pro Portal) MobileIron has released a list of apps that pose the biggest security risk to enterprises and, among the blacklisted apps are Dropbox and OneDrive

Apple wages battle to keep App Store malware-free (IDG via CSO) Thousands of apps have been found in recent weeks with potentially malicious components

Hello World Meets Hello Barbie (Dragon News) Who can honestly say they didn't, at some point in their childhood, wish their toys would come alive? Or at the very least, care for a beloved item as if it already were?

U.S. Financial Regulators Warn about Cyberattacks Involving Extortion (Wall Street Journal) Regulators' notice one of series of warnings to banks about cyberattack trends

Security Patches, Mitigations, and Software Updates

Cisco Releases Security Updates for Web Security Appliances (US-CERT) Cisco has released security updates to address multiple vulnerabilities in Web Security Appliances. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of the affected network device

Mozilla Releases Security Updates for Firefox and Firefox ESR (US-CERT) The Mozilla Foundation has released security updates to address vulnerabilities in Firefox and Firefox ESR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system

Microsoft follows Mozilla in considering early ban on SHA-1 certificates (IDG via CSO) Microsoft is considering blocking the hashing algorithm on Windows by June next year

Cyber Trends

Opinion: The troubling Stuxnet effect (Christian Science Monitor Passcode) The computer virus used against the Iranian nuclear program did not help seal the nuclear deal with Tehran. It did, however, launch a global cyberarms race

Governing the Protection of Enterprise Information Increasingly Vital (Legaltech News) The worldwide information governance in social business market is projected to jump 11.6 percent

Vulnerability Remediation Much Slower Than Criminal Exploits (Infosecurity Magazine) The pace of vulnerability exploitation continues to snowball: Organizations are not able to secure the holes within their environment faster than cyber-criminals can wreak havoc

Ponemon: Threat Intel Could Prevent Majority of Breaches (Infosecurity Magazine) You know the old saying that knowledge is power — that can be especially true in the cybersecurity world, but only if that knowledge is actionable

Cybersecurity Is On Everyone's Mind (CWC 70) Learn what is being done to tackle some of the exceptional challenges we will face as the Internet Of things (IOT) rapidly grows all around us. Candid talks with Chuck Brooks, formerly of Department of Homeland Security, on what lies ahead for cyber security

Marketplace

Cyber insurance coverage, its value, limitations and exclusions (Property Casualty 360) Harnessing the numbers

9 of 10 directors support regulator action on cybersecurity (CSO) Board members say regulators should hold businesses liable for breaches

RSA: Cyber-security industry is "fundamentally broken", says Amit Yoran (SC Magazine) RSA president Amit Yoran, speaking at the RSA Middle East conference, set out his tips for shifting the cyber-security industry's mindset toward data protection

Proofpoint Acquires Socialware (Proofpoint) We at Proofpoint are happy to announce the acquisition of Socialware. Founded in 2009, Socialware is a leading player (along with Proofpoint's Social Media and Compliance group) in the social media security and compliance market

Oasis Systems Acquires MAR Incorporated (BayStreet) Oasis Systems, a leading provider of Information Technology, Systems Engineering and Enterprise Applications to the Department of Defense, announced today that it acquired Maryland-based MAR, Incorporated in an all-cash transaction

CSC Sets Nov. 27 as NA Public Sector Spinoff Date, SRA Deal to Close Nov. 30 (GovConWire) Computer Sciences Corp. (NYSE: CSC) — one of 30 companies listed in Executive Mosaic's GovCon Index — has scheduled Nov. 27 as the date it expects to complete the spinoff of the company's North American public sector business, CSC said Wednesday

FireEye −14.7% after revenue miss, billings guidance cut; Palo Alto -2.9% (Seeking Alpha) In addition to missing Q3 revenue estimates (while beating on EPS), FireEye (NASDAQ:FEYE) is guiding for Q4 revenue of $182M-$190M, below a $200.8M consensus. EPS guidance of -$0.36 to -$0.38 is above a -$0.40 consensus

Throwing in the White Towel — Looks Like Darker Days Ahead; Downgrading to Market Perform (FBRFlash) We are downgrading shares of FireEye from Outperform to Market Perform

Limited Upside Given Growth Headwinds and Lack of M&A; Downgrading to Market Perform (FBRFlash) We are downgrading shares of Oracle from Outperform to Market Perform

MorphoTrust's DoD ID Verification Contract Renewed (ExecutiveBiz) MorphoTrust has received a $3.5 million contract renewal to extend its biometrics-based identity verification services for the Defense Department as part of a third-year option

Products, Services, and Solutions

Comparing the best email security gateways (TechTarget) Expert contributor Karen Scarfone examines the best email security gateways to help readers determine which may be best for their organization

Open source tool checks for vulnerabilities on Android devices (Help Net Security) OEMs like Samsung and HTC run heavily customized versions of Android. Unfortunately, the OEM patch deployment infrastructure is disorganized and too often end users are left exposed for large periods of time

GRC Bullseye? RSA Updates Archer Platform (IT Trends & Analysis) EMC's RSA Security division has announced a new release (6.0) of its Archer Goverance, Risk and Compliance (GRC) Platform at this week's RSA Conference Abu Dhabi

Carahsoft to Distribute Samsung Mobile Security Platform in US Public Sector (ExecutiveBiz) Carahsoft Technology will offer Samsung Electronics America's KNOX mobile security tool to U.S. public sector agencies under a distribution agreement both companies have reached

Exostar Certificate Authority Deemed SHA-2 Compliant by SAFE-BioPharma Association for Life Science and Healthcare Identity Credentials (Business Wire) Exostar, a provider of secure cloud-based solutions that improve identity access management, is now certified by SAFE-BioPharma Association to issue SHA-2 compliant public key infrastructure (PKI) digital certificates for use in the life sciences and healthcare

Why the value of bitcoin is on an absolute tear (MarketWatch) Bitcoin's value has jumped about 72% in the past three months

Technologies, Techniques, and Standards

US, UK big banks to simulate mega-hacker cyber-attack (Register) Worried insurers and others don't bother with securo probes

How Verizon analyzes security-breach data with R (Computerworld) Senior Scientist Bob Rudis calls the Verizon Data Breach Report a "love letter to R"

How to push security earlier into the dev process (Network World) New tools automate security compliance in the cloud

Five moves for every new CISO's playbook (CSO) CISOs are pulling up roots and moving to new companies at a rapid pace as demand grows for leaders with cyber and information security expertise and salaries skyrocket. Many veteran infosec professionals are also joining the CISO ranks for the first time as companies add the position to their C-suites

Cover your top 7 basic security threats first (Dark Matters) When it comes to infosec, many of the most core basics are being overlooked

3 Ways Information Sharing Can Help You Fend Off a Cyber Attack (Inc.) A new report shows half of businesses suffered major cyber attacks, and more businesses want to exchange information about security to fend off future hits

Crypto and The Imitation Game (SIGNAL) Cryptography is an old game of secrecy with a storied history that millennia later, secures information in the digital age

Design and Innovation

Secure IoT from Outset, Experts Say (eSecurity Planet) With use of connected devices on rise, enterprises must address IoT security issues from top down, experts say

Embedded systems face design, power, security challenges (EDN Network) As the market for embedded systems grows dramatically, all eyes are turning to embedded systems designers who are tasked with combining microprocessors, connectivity, and operating systems that span a wide range of applications from the tiniest IoT device to those embedded in large networking systems

Intel Primes The Internet Of Things Pump (InformationWeek) Intel has enhanced its Internet of Things platform, including new forms of silicon for "smart" things, partnering with other companies to put it to use

Research and Development

Artificial Intelligence "Future is Uncertain," Says Microsoft's Head of Research (Pure Content) Eric Horvitz, Microsoft's head of research, has spoken out about the current debate surrounding artificial intelligence (AI) and the concerns many people have about the way it might be used in the future

Academia

Colleges Take a Comprehensive Approach to Security (EdTech) IT managers don't rely on one manufacturer to lock down the network

Legislation, Policy, and Regulation

Britain Announces Plan to Update Surveillance Laws (New York Times) Stirring a fraught debate about the balance between security and privacy, the British government on Wednesday proposed tougher scrutiny over snooping by spy agencies, but also said it wanted technology companies to store data about every Briton's Internet use for a year

Down With Big Brother — UK Police to get new Cyber Powers (Check & Secure) How controllable is the internet? That really is the question for a lot of the world's most powerful governments (and some of the less powerful ones too), but it is a conundrum bordering on an obsession for the powers that be in the UK Government at the moment

UK Government Works on Restricting Encryption, Urges Staff to Use It (Motherboard) Today, the UK government will announce details of the Draft Investigatory Powers Bill, a piece of legislation that will propose sweeping surveillance powers for law enforcement. These are expected to include the retention of citizens' internet browsing history, and restrictions on encryption

Encrypt voice calls, says GCHQ's CESG team … using CESG encryption (Register) Snooping left hand, meet keen-on-crypto right hand

President Obama: Be ready to pull the trigger on Chinese hacking (American Enterprise Institute) At the September summit between President Barack Obama and Chinese President Xi Jinping, the two leaders reached what was counted as a major breakthrough — and concession to the United States — when they agreed that "neither country's government will conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sectors"

De-escalation Is The Answer To Today's Growing Cyber Tension (TechCrunch) Leading up to Chinese President Xi Jinping's visit to the United States, media buzzed with talk of an unprecedented cybersecurity agreement on par with previous governance around the creation and handling of nuclear, chemical and biological weapons

Offensive Cyber Strategy the Right Call (FedTech) The government long resisted an offensive cyber strategy, but increased threats call for a new plan

Ex-NSA Chief Warns of Cyberspace Dangers (US News and World Report) Keith Alexander tells a Senate committee more must be done to safeguard the U.S. in an evolving era of battle

Pentagon Contractors Developing Lethal Cyber Weapons (Nextgov) Under a forthcoming nearly half-billion-dollar military contract, computer code capable of killing adversaries is expected to be developed and deployed if necessary, according to contractors vying for the work and former Pentagon officials

Senate Passes Cybersecurity Information Sharing Act: Where Do We Go From Here? (National Defense) The U.S. Senate last week overwhelmingly passed the Cybersecurity Information Sharing Act of 2015. It is the most significant cyber security bill to pass the Senate in a decade. CISA seeks to improve the nation's cyber security posture and improve information sharing between government and industry

FBI official: It's America's choice whether we want to be spied on (Ars Technica) Encryption secures our data — and helps terrorists, bureau's general counsel says

Homeland Security Boss Reports Progress Rolling Out Security System (Foreign Policy) Homeland Security chief Jeh Johnson had some good news Wednesday about Washington's cybersecurity efforts: 47 percent of government websites have installed advanced systems for preventing devastating hacks from countries like China. He also had some bad news: more than half of the government's sites may still be vulnerable

OPM Hires New Cyber Adviser (Nextgov) The Office of Personnel Management is hiring a new senior adviser in an effort to fulfill its cybersecurity improvement plan from the summer, the agency announced Wednesday

There's a new hired gun at OPM. He's there to take on hackers and tighten cybersecurity. (Washington Post) The government's personnel agency announced Wednesday that it has hired a full-time cybersecurity expert to help modernize its fleet of aged computer systems following a massive breach of U.S. personnel records

Oversight Committee Announces FITARA Scorecard (House Oversight and Government Reform Committee) Today, Members of the House Oversight and Government Reform Committee released a scorecard assigning letter grades to federal agencies on their implementation of the bipartisan Federal Information Technology Acquisition Reform Act (FITARA), enacted in December 2014

Litigation, Investigation, and Law Enforcement

U.K. lawmakers start inquiry into TalkTalk hack (Reuters) British lawmakers will hold an inquiry into the circumstances surrounding a cyber attack on telecom firm TalkTalk, which was initially thought to have put the private details of over 4 million customers at risk

Teenager arrested in Norwich over TalkTalk cyber-attack bailed (Guardian) 16-year-old who was detained after search of an address in Norwich has been released on police bail until March

Pentagon Farmed Out Its Coding to Russia (Daily Beast) The Pentagon was tipped off in 2011 by a longtime Army contractor that Russian computer programmers were helping to write computer software for sensitive U.S. military communications systems, setting in motion a four-year federal investigation that ended this week with a multimillion-dollar fine against two firms involved in the work

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

CyberPoint 2nd Annual Women in Cyber Security Reception (Baltimore, Maryland, USA, November 19, 2015) CyberPoint International announces its 2nd Annual Women in Cyber Security Reception to be held on November 19, 2015. Bringing together women from across the region and all different points on the career...

TU-Automotive Cybersecurity USA 2016 (Novi, Michigan, USA, March 29 - 30, 2016) TU-Automotive Cybersecurity dissects the real issues behind the headlines, helping you to apply technology and best practices to deliver robust security defenses and processes within a more secure ecosystem.

MCRCon 2016: Some Assembly Required (Ypsilanti, Michigan, USA, May 10, 2016) The annual conference focuses on hacking prevention, incident handling, forensics and post-event public relations, with presentations delivered by nationally-recognized experts, cybersecurity skills competitions,...

Upcoming Events

4th International Internet-of-Things Expo (Santa Clara, California, USA, November 3 - 5, 2015) With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo in Santa Clara. Learn what is going on, contribute to the discussions, and...

RSA Conference 2015 Abu Dhabi (Abu Dhabi, United Arab Emirates, November 4 - 5, 2015) Join your fellow information security professionals at RSA Conference 2015 Abu Dhabi, where we'll be discussing security issues from a global perspective

ICMC (the International Cryptographic Module Conference) (Washington, D.C., USA, November 4 - 6, 2015) ICMC core focus includes cryptographic modules, FIPS 140-2, ISO/IEC 19790 and cryptographic algorithms. Specialists from all over the world gather in Washington to discuss about commercial cryptography...

After the Shift: Securing Tomorrow's Payment Technology (Washington, DC, USA, November 5, 2015) From encryption to tokenization, what does the future hold for keeping consumer data safe? Policymakers, industry leaders, and technology experts will explore the cutting edge of cyber technology and discuss...

2nd Annual Journal of Law and Cyber Warfare Conference (New York, New York, USA, November 5, 2015) The 2015 symposium speakers represent an unparalleled group of cyber security experts with a wide variety of industry expertise and knowledge. Attendees will hear from experts on cybersecurity and cyber...

Start with Security (Austin, Texas, USA, November 5, 2015) This one-day conference will continue the FTC's work to provide companies with practical tips and strategies for implementing effective data security. Aimed at start-ups and developers, this event will...

University of Phoenix® Technology Conference (Arlington, Virginia, USA, November 7, 2015) At the University of Phoenix® Technology Conference 2015, a free event hosted by the University of Phoenix College of Information Systems and Technology, you will be introduced to cyber security,...

Cyber³ Conference: Crafting Security in a less Secure World (Nago City, Okinawa, Japan, November 7 - 8, 2015) An international conference on cyber security hosted by the Government of Japan with the support of the World Economic Forum. At this conference, multi-stakeholders, including policymakers, business leaders,...

FedCyber 2015 (Tyson's Corner, Virginia, USA, November 10, 2015) This conference, orchestrated by cyber practitioners Matt Devost and Bob Gourley, is designed to advance the state of cyber defense. The FedCyber.com Threat Expo will bring together thought leaders who...

First International Conference on Anti-Cybercrime (ICACC-2015) (Riyadh, Saudi Arabia, November 10 - 12, 2015) Al Imam Mohammad Ibn Saud Islamic University is organizing this international conference to establish a forum where discussions on vital issues related to anti-cybercrime can occur. This conference will...

Black Hat Europe (Amsterdam, the Netherlands, November 10 - 13, 2015) Black Hat prides itself with being "the most technical and relevant global information security event series in the world." For the past 16 years, the Black Hat events have given their attendees the opportunity...

Data Privacy, Data Security, and Business Risks — What Lawyers Should Know (Baltimore, Maryland, USA, November 12, 2015) Continuing Legal Education presented by the Baltimore Bar Association. The sessions will include "An Overview of Data Privacy Laws Issues for Lawyers,? ?Obligations to Keep Data Secure? Cyber Insurance??...

Pen Test Hackfest Summit & Training (Alexandria, Virgina, USA, November 16 - 23, 2015) SANS Pen Test Hackfest Training Event and Summit is coming back to Washington DC, bigger and better than ever! The Hackfest is an ideal way to learn offensive techniques so you can better defend your environment.

cybergamut Technical Tuesday: Hackproof Signal Processing for Wireless Communications ("Central Maryland, " USA, November 17, 2015) Conventional computing and communications expose myriad attack surfaces because of the Turing-equivalence of the instruction set architectures and the mathematical impossibility of forming a complete set...

Cybersecurity, the SEC and Compliance (New York, New York, USA, November 18, 2015) The recent SEC CyberSecurity Examination Initiative focuses on information safeguards for financial services organizations. Are you prepared? Please join us for a panel discussion on what cybersecurity...

CyberCon 2015 (Pentagon City, Virginia, USA, November 18, 2015) CyberCon 2015 is the forum for dialogue on strategy and innovation to secure federal and defense networks, as well as private sector networks that hold their sensitive data

Internet-of-Things World Forum 2015 (London, England, UK, November 18 - 19, 2015) This conference features speakers from leading IoT companies and their customers. Learn how the Internet-of-Things is creating new markets for products, services, and solutions

2015 U.S. Cyber Crime Conference (National Harbor, Maryland, USA, November 14, 2015) The 2015 U.S. Cyber Crime Conference (Formerly the DoD Cyber Crime Conference) has brought world-class forensics and incident response training combined with outstanding community networking for over 15...

DefCamp6 (Bucharest, Romania, November 19 - 20, 2015) Why DefCamp? Because it's the most important conference on Hacking & Information Security in Central Eastern Europe, bringing hands-on talks about the latest research and practices from the INFOSEC field,...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.