skip navigation

More signal. Less noise.

Daily briefing.

Policymakers and analysts in Washington and elsewhere call for development of international rules of cyber conflict ("e-Neva," riffing on "Geneva," as in the Conventions, some infelicitously call it). The Wall Street Journal advises those interested in the coming shape of cyber warfare to look at Ukraine, and how Russia's slow-motion imperial re-engorgement of that country has used cyber operations as a combat multiplier.

The ISIS-inspired "Cyber Caliphate" is back with Twitter hacks in a renewed campaign to avenge its fallen Internet star.

European authorities take down the Iranian Revolutionary Guard's "Rocket Kitten" cyber espionage campaign. Check Point Software, Europol's principal industry partner in the action, offers a long list of Rocket Kitten's targets (which include regional rivals like Saudi Arabia and the UAE, human rights groups, Iranian dissidents, Israel — particularly that country's nuclear R&D, the United States, and even commercial interests in friendly Venezuela).

ProtonMail comes online again, expressing regret for having paid ransom to get the "Armada Collective" DDoS extortionists off its back. Other services the DDoS gang recently hit are said to include Zoho and banks in Switzerland and Thailand.

Extortion is the classic way of monetizing DDoS attacks. It's also the route taken by ransomware operators, who continue to up their game. Some good news, though: Linux.Encoder.1 ransomware turns out, finds Bitdefender, to be relatively easy to break.

In industry news, KEYW stock plummets after the company reports disappointing results. Tenable and Cybric each close new funding rounds.

GCHQ's head says the market is failing cyber security.

Notes.

Today's issue includes events affecting Afghanistan, Belgium, European Union, Georgia, Germany, India, Iran, Iraq, Ireland, Israel, Netherlands, Russia, Saudi Arabia, Switzerland, Syria, Thailand, Turkey, Ukraine, United Arab Emirates, United Kingdom, United States, and Venezuela.

As we observe Veterans Day tomorrow, the CyberWire will take a day off. We'll resume normal publication Thursday.

Cyber Attacks, Threats, and Vulnerabilities

Ukraine: Cyberwar's Hottest Front (Wall Street Journal) Ukraine gives glimpse of future conflicts where attackers combine computer and traditional assaults

ISIS Hacks Thousands Of Twitter Accounts: Islamic State Hacker Group Vows A Come-Back Following Death Of Cyber Caliphate Leader (International Business Times) Some 54,000 Twitter accounts were reportedly hacked Sunday night by members of the Islamic State militant group, also known as ISIS, who sought revenge for the killing of one of the group's lead hackers earlier this year

Iran cyber spy group hit in coordinated European raids (Reuters via Business Insurance) European authorities have taken action to shut down a cyber espionage operation linked to Iran's powerful Revolutionary Guard in the first operation of its kind since Tehran signed a nuclear treaty, according to security researchers who located computers used to launch attacks

Iranian Hackers Tried to Spy on Israeli Physicists, Nuclear Scientists (Haaretz) Most of the group's cyberattacks were directed at Saudi Arabia, United States, and targets within Iran

Iran 'Rocket Kitten' cyber group hit in European raids after targeting Israeli scientists (Jerusalem Post) Europol, the FBI and Israel's internal security service Shin Bet declined immediate comment

Iranian cyberespionage group attacked over 1,600 high-profile targets in one year (PC World) Security researchers believe they've identified the group's main programmer

Rocket Kitten: A Campaign With 9 Lives (Check Point Software) The customized malware and creative phishing techniques of cyber-espionage groups prove that there is a recurring industry problem

ProtonMail Back Online Following Six-Day DDoS Attack (Threatpost) Encrypted email service ProtonMail is back online today following a crippling six-day attack that saw the company's ISPs and data centers under siege

More websites hit by Armada Collective DDoS blackmail attacks, but won't pay up (Graham Cluley) An online criminal gang calling itself the "Armada Collective" has been demanding that online businesses pay thousands of dollars in Bitcoins, or face having their websites brought to their knees by crippling internet attacks

'Unwieldy' DDoS attacks growing, lasting longer (MISCO) A new study by security firm Kaspersky has revealed some interesting findings on distributed denial of service (DDoS) attacks, including the fact that most of them target the same ten countries — and even cyber criminals take holidays

Experts: DDoS, Extortion Fuel New Attacks on Banks (BankInfo Security) New wave of attacks discussed at Dallas Fraud, Breach Summit

Paying Ransoms to Hackers Stirs Debate (Wall Street Journal) One FBI official says the simplest solution for firms and individuals hit by 'ransomware' is often to pay to retrieve data

Hackers Infect British Parliament Computers with Ransomware (HackRead) Cyber cooks breached the security of British parliament's secure network and hacked into many of its computer systems

New crypto-ransomware targets Linux web servers (Help Net Security) There's a new piece of crypto-ransomware out there, but unlike most malware of this particular type, this one is mainly directed at web servers running on Linux

Linux Ransomware has predictable key, automated decryption tool released (CSO) Linux.Encoder.1 has been broken by researchers, administrators warned that this flaw was a lucky one

The Economist urges readers to check it they were saddled with malware (Help Net Security) Popular UK-based news outfit The Economist — or rather, some of its online readers — have become the latest confirmed victims of an attack executed by hacking anti-adblocking service PageFair

Final TalkTalk breach tally: 4% of customers affected (Help Net Security) TalkTalk continues with its practice of updating the public with information regarding the recent data breach on Fridays, and according to the latest update, the total number of customers whose personal details were accessed is 156,959

Why the cyber attack on TalkTalk should be a wake up call for all organisations (Government Computing) Nick Wilding, head of cyber resilience, AXELOS, explains why cyber security is not just about bits and bytes, it's about behaviour

Quick Heal: IoT and iOS the new targets of malware (ZDNet) Security firm Quick Heal has highlighted devices running Apple's mobile operating system as well as wearables in the Internet of Things space as the next to be hit by historically Android-based hackers

iOS apps more vulnerable than Android (CSO) Applications written for iOS devices have more vulnerabilities than those written for Androids

Beware of Apple-themed phishing emails threatening to limit your account (Help Net Security) A new email phishing campaign is targeting businesses and consumers who have Apple IDs, trying to get them to enter their Apple login credentials, personal and credit card information into a site that mimics that of the popular tech company, the Comodo Antispam Labs team warns

British Airways Facebook Scam — Free Tickets? (Check & Secure) With the recent goings on in Egypt, British Travellers would undoubtedly be pleased for a little good news

Comodo Issues Eight Forbidden Certificates (Threatpost) Certificate authority Comodo admits it incorrectly issued eight certificates that include forbidden internal server names or reserved IP addresses

Norwich International Airport's website hacked in cyber-attack (Eastern Daily Press) Bosses at Norwich airport have confirmed they have been the victims of a cyber-attack — but insisted security was not compromised

San Jose: City websites recovering from unspecified cyber attack (San Jose Mercury News) The city's public-facing websites were rolling back into function Monday after an apparent cyber attack caused intermittent disruptions, including a lengthy outage for the San Jose Police Department's home page

Cyber scammers con firm of £80,000 in two hours (Irish Times) Companies face going out of business if they don't legislate against cyber-crime — which is costing the Northern Ireland economy £100 million a year

New 4G LTE Hacks Punch Holes In Privacy (Dark Reading) Black Hat Europe researchers to demonstrate newly found flaws in 4G mobile that expose privacy and disrupt phone service

6 Critical SAP HANA Vulns Can't Be Fixed With Patches (Dark Reading) Onapsis releases 21 SAP HANA security advisories, including some Trexnet vulnerabilities that require upgrades and reconfigurations

88 Percent of Networks Susceptible to Privileged Account Hacks (Threatpost) IT professionals have long grappled with the inherent risks associated with privileged accounts. Whenever credentials that allow other employees to login to servers, routers, and so forth, are compromised, it can have a dire outcome on the rest of the network

Critical Java Bug Extends to Oracle, IBM Middleware (Threatpost) For close to 10 months, a critical vulnerability in a library found in most Java rollouts has been twisting in the wind, unpatched, and until this week without proof-of-concept exploits that people paid attention to

Three Little Phishes — security lessons from the week just past… (Naked Security) We come across a lot of spams, scams and phishing attempts here at Naked Security

7 ways hackers can use Wi-Fi against you (CSO) Wi-Fi — oh so convenient, yet oh so dangerous. Here are seven ways you could be giving away your identity through a Wi-Fi connection and what to do instead

10 riskiest applications that have passed their expiration dates (CSO) Applications that have reached the ends of their lives are no longer maintained by their original developers, and do not receive security updates. However, many users forget to remove these applications from their machines, or do not realize that they pose a danger

Evading cyber legislation: Jurisprudence cloaking is the future of cyber warfare (Help Net Security) When is an IP address not actually the person, country of origin or device you thought? From Klingons, to Harry Potter, to Xbox Halo's Master Chief, the world has dreamt up scores of science fiction stories around the concept of visually cloaking someone in plain sight

Government CIOs and CISOs under siege by insider threats (CIO) As the Office of Management and Budget rolls out a framework to help agencies advance their cybersecurity posture, a new report highlights pervasive vulnerabilities from insiders

Privileged access to federal IT systems remains a problem, survey finds (FierceGovernmentIT) Federal workers may have more access to IT systems and applications than they need, and those working in agencies' more sensitive systems often go unmonitored, a recent survey found

Stolen or lost devices and the risks of remote working (Help Net Security) 44 percent of organizations believe a member of their senior management has lost a mobile device in the last year, whilst 39 percent say senior management had a device stolen

Own a Vizio Smart TV? It's watching you (Ars Technica) Vizio is offering advertisers "highly specific viewing behavior data on a massive scale"

Security Patches, Mitigations, and Software Updates

Symantec Endpoint Protection Elevation of Privilege Issues (Security Advisories Relating to Symantec Products) The management console for Symantec Endpoint Protection Manager (SEPM) is susceptible to OS command execution, Java code execution elevation of privilege. SEP clients are susceptible to a binary planting vulnerability that could result in arbitrary code running with system privileges on a client due to only partially addressing this issue in previous releases

Comodo fixes bug that led to issue of banned digital certificates (IDG via CSO) The company issued new certs for internal hosts, which is now banned by the CAB Forum

Everyone blames someone else as classified military smartphones lack patches (Ars Technica) Telecoms, manufacturers hold back critical updates to put classified information at risk

7 serious software update SNAFUs of the last 25 years (CSO) Microsoft's Windows 10 eager early upgrade wasn't the first software update gone way too wrong

Cyber Trends

GCHQ chief to say free market failing on cyber security (Financial Times) The free market is failing when it comes to cyber security, Britain's electronic spy chief is to warn on Tuesday, in a rare public intervention that could pave the way for tougher regulation as the threat of attack becomes "exponential"

Privacy will hit tipping point in 2016 (CNBC) Concerns about online privacy will reach a tipping point in 2016, prompting regulators to crack down on companies, and consumers to demand greater protection, a new study by Forrester Research predicts

Almost two thirds of employees don't understand that critical company information loss, could heavily impact on their company's future (IT Security Guru) Only 39% of UK employees recognise that intellectual property (IP) could damage their company if leaked, according to new research from data loss prevention company Clearswift

Dealing With Emerging Threats (CXO Today) Technology has a major impact on the gathering, storage, retrieval and dissemination of information. However, its main ethical impact relates to accessibility/inaccessibility and the manipulation of information

Cybercrime is the new healthcare crisis (Techspective) The scale and intensity of healthcare related cybercrime is a critical and growing threat to the U.S. medical system

Banks Should Prepare For The Internet Of Things (TechCrunch) It is widely acknowledged that the Internet of Things (IoT) will have a huge impact on nearly every industry, and financial services is no exception

Middle East cyber security market to value $10 billion by 2020 (Security Middle East) Middle East cyber security market to value $10 billion by 2020 as regional companies boost defences against cyber-attacks

Marketplace

4 Ways Boards Can Strengthen Cybersecurity (Corporate Compliance Insights) With new cyberthreats constantly emerging, directors need to play an active part

Prepare before you head into the breach on cyber cover (Business Insurance) Risk of cyber attacks is only going to increase, and there is little to prevent it, as hackers seem to stay a step ahead of the technology. Bill Cosgrove, managing principal and practice leader for EPIC Insurance Brokers & Consultants' Financial Institution Practice, says preparation, diligence and a good insurance policy can ease the pain for targeted companies

How Much Is Encryption Worth to the Economy? (National Journal) With strong, ubiquitous encryption under fire, a new research paper tries to assess the economic benefits of encryption

KEYW's losses widen, miss estimates in third quarter (Baltimore Business Journal) KEYW Holding Corp. on Monday reported a worse-than-expected loss in its third quarter, the last before newly hired CEO William J. Weber came on board

The KEYW Holding Corporation (KEYW — $7.39*) Lower Price Target: Delivers Soft September Results; Major Challenges Ahead — Maintain Market Perform (FBRFlash) Last night, November 9, KEYW delivered soft September results with the company missing the Street's estimates across the board. Notably, KEYW's all-important commercial cyber solutions revenue missed the Street estimates yet again, as the company continues to struggle with converting pipeline into deal flow on this front

AVG Technologies Announces 1.6 Million Share Repurchase Program (PRNewswire) AVG® Technologies N.V. (NYSE: AVG), the online security company™ for more than 200 million monthly active users, announced today that it has adopted a share repurchase program under which AVG intends to repurchase up to 1,666,667 of its ordinary shares (the shares) to cover its obligations to deliver shares under its employee stock options incentive and restricted share units plans

Invotas Announces Spin Off from Parent Company CSG International (BusinessWire) Company to become Invotas International and operate as an independent entity

Tenable Network Security Raises $250 Million in One of the Largest Funding Rounds for a Private Security Company (BusinessWire) Series B funding led by Insight Venture Partners and Accel will help accelerate development of the company's next-generation cyber security software

Cybric Closes $1.3 Million Investment to Virtualize and Automate Security, Speeding Remediation from Months to Minutes (Yahoo! Finance) Proven security practitioners from Bank of America, Netflix, Yahoo, Actifio and Dell unite to pioneer the industry's fastest way to find, fix and prevent cyber vulnerabilities

Qualcomm and KT to build LTE-based IoT security solution (ZDNet) Following their agreement in January to jointly develop equipment with secure gateways to the Internet of Things, the companies' recently announced business project aims to make ATMs easier to install and cheaper to maintain

Fortinet, Intel, Palo Alto Networks and Symantec — Big four unite to combat cyber crime (Reseller News) "Managing this risk is a shared responsibility. We need to step forward, and not wait for the adversary to make the move first"

Homeland Security to Fast Track Hiring of up to 1,000 New Cyber Personnel (Nextgov) The Department of Homeland Security plans to fast track the hiring of up to 1,000 new cybersecurity personnel by June, according to a notice set to be published tomorrow in the Federal Register

Former NYPD Commissioner Ray Kelly Joins K2 Intelligence (K2 Intelligence) K2 Intelligence, an industry-leading investigative, compliance and cyber defense services firm founded by Jules B. Kroll and Jeremy M. Kroll announced the appointment of former New York Police Department (NYPD) Commissioner Raymond W. Kelly as Vice Chairman of the firm

Products, Services, and Solutions

Bluebox Security Introduces First Solution to Create Self-Defending Mobile Apps for Public App Stores (Bluebox) Bluebox Security®, the mobile app security and analytics company first to pioneer self-defending apps for BYOD employees and the extended enterprise, today introduced a new solution for enterprises to secure their consumer-facing apps and fight back against escalating mobile threats that are placing consumers and businesses at risk

Resilient Systems Enhances Incident Response Platform through Strategic Integrations with IBM and HP (BusinessWire) Resilient's latest release provides response teams with deeper intelligence and quicker enterprise-wide deployment

Cryptzone Releases New Site Module for Security Sheriff (Cryptzone) Integration with Microsoft RMS allows companies to leverage existing technology to dynamically encrypt and control the sharing of sensitive SharePoint data

ESET offers up secure USB drives with built in antivirus (SecurityWatch) ESET has teamed up with Swedish tech firm CTWO Products AB to develop a new range of secure USB drives

Dimension Data launches Managed Security Services in Middle East and Africa (ITWeb) New suite of standardised managed and cloud-based services deployed to tackle current and emerging security threats

ThreatConnect Partners with EnergySec (BusinessWire) EnergySec to use industry's most widely adopted threat intelligence platform for intelligence aggregation, analysis and member collaboration

Niara Goes with Flow for Security Analytics (eSecurity Planet) Security analytics must go beyond server logs to the network packet level, says Niara CEO

Technologies, Techniques, and Standards

Expert: Intel Community Needs to Stabilize Reliance on All Disciplines (SIGNAL) "We need to find the middle and do the middle well," former ambassador says

Technology not always the best fix for operational security issues, expert warns (CSO Australia) Companies must be prepared to end-of-life old security investments and start anew rather than trying to endlessly patch up ponderous legacy environments, an infrastructure-security expert has warned as growing executive attention to cybersecurity empowers CISOs to execute new security mandates

A Security Collaboration Model for IoT (Tripwire: the State of Security) Fifteen years ago, I retired from law enforcement and joined the private sector like many other ex-officers with some expertise in digital forensics investigations

Why Threat Intelligence Feels Like A Game Of Connect Four (Dark Reading) In real life, solving the cybersecurity puzzle has many challenges. But shared wisdom and community defense models are making it easier to connect the dots

Are you ready to anticipate breach? (ITWorld) Leadership mindset is the key to success when it comes to handling breaches and better security

Protecting Users and Enterprises from the Mobile Malware Threat (Internet Storm Center) With recent news of mobile malicious adware that "roots" smartphones, attention is again being paid to mobile security and the malware threat that is posed to it

Design and Innovation

How 3 Oregon tech firms plan to make the Internet of Things smarter — and less creepy (Portland Business Journal) Computer science research and development firm Galois, mobile ticketing firm GlobeSherpa and smart home startup IOTAS are teaming up on a project funded by the federal National Institutes of Standards and Technology

The Secret World Of Ciphers (Semiconductor Engineering) What's changing in this clandestine sector, and what does it really take to be an expert?

Academia

Northrop Grumman to be Industry Partner in "CyberInvest" UK University Research Initiative (Nasdaq) U.K. government announces public/private partnership to bolster cyber security research investment across the U.K.'s academic sector

The secret school that trains 'silent warriors.' (Hint: It helps the NSA.) (Chicago Tribune) Leonard Reinsfelder's wife found a note on her car as she was leaving a shopping center one day: "Have your husband give us a call. We think we could use him"

Legislation, Policy, and Regulation

The Draft Investigatory Powers Bill — what it actually says (Graham Cluley) Many security commentators reacted strongly to UK Prime Minister David Cameron's stated desire to ensure that there could be "no safe place" on the internet for terrorists and criminals

On weakening data encryption, Tim Cook warns "any backdoor is a backdoor for everyone" (Quartz) The UK government wants to increase its power to oversee data on the internet, and has insisted that new measures it plans to put in place are necessary in order effectively to fight terrorism. On the other side of that debate is Apple, which has embraced end-to-end encryption

GCHQ's infosec arm bins advisor accreditation scheme (Register) Too busy listening in to phone calls to listen to customers?

EU Sharpens Tone on Need for Safe Harbor Agreement Replacement (Legaltech News) In addition to releasing a new set of guidelines, EU Commissioner says, 'It is now for the U.S. to come back with their answers'

'E-Neva Convention' needed to set international standards for cyberwarfare, say lawmakers (FierceGovernmentIT) Members of the House Intelligence Committee's National Security Agency and cybersecurity subcommittee sent an open letter to Secretary of State John Kerry and National Security Advisor Susan Rice last week urging the Obama administration to work to create clearer international laws and regulations for cyberwarfare and attacks

Risk of crippling cyber war yet to be addressed, says former US official (ComputerWeekly) Governments need to do more with defensive cyber security because offensive capability will not restore critical services after an attack, says a former US official

Industry says it's fed up with feds' no hack-back rules (FCW) Some companies are frustrated that the government is not hitting back at foreign cyber adversaries and prohibiting the companies themselves from retaliating, according to speakers at a Nov. 5 Chertoff Group event

Closer Look at CISA's Cybersecurity Information-Sharing Provisions (National Law Review) As we reported on October 27, the U.S. Senate passed the Cybersecurity Information Sharing Act ("CISA," S. 754). If enacted into law, CISA would, among other things, establish a voluntary framework for the sharing of cybersecurity threat information between and among the federal government and private entities

The rise of the citizen cyber-soldier (Federal Times) It's no secret that the United States faces advanced, persistent threats to the security of the networks and data that drive our daily lives — from state, state-sponsored, and non-state actors, to criminal organizations, hacktivists, and 'lone wolf' cyber terrorists, even insiders who work amongst us

Litigation, Investigation, and Law Enforcement

Tackling crime on the Dark Web with new Joint Operations Cell (Naked Security) GCHQ and the National Crime Agency (NCA) in the UK have formed a new unit with which to police the Dark Web

Federal judge halts NSA phone surveillance of plaintiffs (USA TODAY) A federal judge ruled Monday that the National Security Agency must stop collecting the phone records of a handful of Americans who challenged the legality of the mass surveillance program

House committee letter demands: 'Who's using Stingrays?' (Federal Times) Rep Jason Chaffetz, R.-Utah, wants to know which federal agencies own cell-phone tracking devices, known as Stingrays and what they are doing with them

Facebook must stop tracking Belgian users in two days or be fined &126;$267K daily (Ars Technica) More privacy woes for company in the wake of Safe Harbour being struck down

Fugitive nabbed after posting selfies from Mexico (Naked Security) A fugitive is back in custody having spent a year posting selfies onto Facebook showing his tanned mug and his beachside hideaway

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

FedCyber 2015 (Tyson's Corner, Virginia, USA, November 10, 2015) This conference, orchestrated by cyber practitioners Matt Devost and Bob Gourley, is designed to advance the state of cyber defense. The FedCyber.com Threat Expo will bring together thought leaders who...

First International Conference on Anti-Cybercrime (ICACC-2015) (Riyadh, Saudi Arabia, November 10 - 12, 2015) Al Imam Mohammad Ibn Saud Islamic University is organizing this international conference to establish a forum where discussions on vital issues related to anti-cybercrime can occur. This conference will...

Black Hat Europe (Amsterdam, the Netherlands, November 10 - 13, 2015) Black Hat prides itself with being "the most technical and relevant global information security event series in the world." For the past 16 years, the Black Hat events have given their attendees the opportunity...

Data Privacy, Data Security, and Business Risks — What Lawyers Should Know (Baltimore, Maryland, USA, November 12, 2015) Continuing Legal Education presented by the Baltimore Bar Association. The sessions will include "An Overview of Data Privacy Laws Issues for Lawyers,? ?Obligations to Keep Data Secure? Cyber Insurance??...

2015 U.S. Cyber Crime Conference (National Harbor, Maryland, USA, November 14, 2015) The 2015 U.S. Cyber Crime Conference (Formerly the DoD Cyber Crime Conference) has brought world-class forensics and incident response training combined with outstanding community networking for over 15...

Pen Test Hackfest Summit & Training (Alexandria, Virgina, USA, November 16 - 23, 2015) SANS Pen Test Hackfest Training Event and Summit is coming back to Washington DC, bigger and better than ever! The Hackfest is an ideal way to learn offensive techniques so you can better defend your environment.

cybergamut Technical Tuesday: Hackproof Signal Processing for Wireless Communications ("Central Maryland, " USA, November 17, 2015) Conventional computing and communications expose myriad attack surfaces because of the Turing-equivalence of the instruction set architectures and the mathematical impossibility of forming a complete set...

CyberCon 2015 (Pentagon City, Virginia, USA, November 18, 2015) CyberCon 2015 is the forum for dialogue on strategy and innovation to secure federal and defense networks, as well as private sector networks that hold their sensitive data

Cybersecurity, the SEC and Compliance (New York, New York, USA, November 18, 2015) The recent SEC CyberSecurity Examination Initiative focuses on information safeguards for financial services organizations. Are you prepared? Please join us for a panel discussion on what cybersecurity...

Internt-of-Things World Forum 2015 (London, England, UK, November 18 - 19, 2015) This conference features speakers from leading IoT companies and their customers. Learn how the Internet-of-Things is creating new markets for products, services, and solutions

Internet-of-Things World Forum 2015 (London, England, UK, November 18 - 19, 2015) This conference features speakers from leading IoT companies and their customers. Learn how the Internet-of-Things is creating new markets for products, services, and solutions

CyberPoint 2nd Annual Women in Cyber Security Reception (Baltimore, Maryland, USA, November 19, 2015) CyberPoint International announces its 2nd Annual Women in Cyber Security Reception to be held on November 19, 2015. Bringing together women from across the region and all different points on the career...

DefCamp6 (Bucharest, Romania, November 19 - 20, 2015) Why DefCamp? Because it's the most important conference on Hacking & Information Security in Central Eastern Europe, bringing hands-on talks about the latest research and practices from the INFOSEC field,...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.