skip navigation

More signal. Less noise.

Daily briefing.

The new ISIS cyber push continues to get tepid technical reviews from the security industry—not much real computer network attack capability, and probably not much capability for anything other than propaganda. The US anti-ISIS cyber campaign’s goal seems clear: visit the “loser effect” on the Caliphate.

The Panama Papers are likely to appear in searchable form on the ICIJ’s website this coming month, Computerwoche reports.

Cisco’s Talos unit says software exhibiting “adware and spyware capabilities” is installed on some 12 million PCs worldwide, effectively presenting attackers with a backdoor into the devices. The application Talos flagged is Tuto4PC’s OneSoftPerDay. Tuto4PC strongly disputes Talos’s conclusions, and says it’s taking legal advice.

PhishLabs researchers say they’re seeing more serpents in Google Play’s walled garden. In this case cash-stealing HTML scams are slithering through.

Criminals continue devoting attention to mobile malware. Zscaler finds information stealing Android malware circulating in the wild posing as a Chrome update.

University of California Santa Barbara researchers say the Wave navigation app leaves users vulnerable to geo-stalking.

Some developers building applications for the popular messaging and collaboration platform Slack have been carelessly, inattentively, putting API credentials out in GitHub. Detectify researchers warn sensitive corporate information could be exposed.

The American Dental Association mailed dental offices USB drives containing dental procedure codes. Some of those drives also opened a website known for malware distribution.

SWIFT is updated; observers think more needs to be done to upgrade the financial transaction network’s security.

Symantec’s disappointing results prompt an executive reshuffle.

Notes.

Today's issue includes events affecting Albania, Australia, Austria, Belgium, Bosnia, Brazil, China, Colombia, Denmark, Estonia, European Union, Finland, France, India, Iraq, Jamaica, Japan, Netherlands, New Zealand, Norway, Panama, Russia, Spain, Sweden, Syria, Trinidad and Tobago, United Kingdom, United States, and Uruguay.

Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. We'll have some particularly interesting interviews in today's program, as we speak with Dave Ostertag, Global Investigations Manager for Verizon's Risk Team about his company's recently released and widely consulted Data Breach Report. We also talk with Level 3's Dale Drew, who shares insights into the risks surrounding point-of-sale systems.

Cyber Security Summit (Dallas, Texas, USA, May 3, 2016) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security. Register with promo code cyberwire50 for half off your admission (Regular price $250)

Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 25 - 26, 2016) Experienced government officials, general counsels, and cybersecurity practitioners offer insight into governance, preparedness, and resilience. Register Today, CyberWire readers receive a $100 DISCOUNT using code WIRE16.

Cyber Attacks, Threats, and Vulnerabilities

Pro-ISIS hackers: Tactics, methodology and tools (Help Net Security) While the threat that emanates from ISIS-inspired cyber attacks is of high concern, especially in light of the formation of a new United Cyber Caliphate composed of previously disparate pro-ISIS hacking collectives, these hacking groups still operate unofficially and remain poorly organized and are likely underfunded, according to Flashpoint

ISIS cyberattack capabilities are unorganized, underfunded -- for now (IDG via CSO) Pro-ISIS hackers are largely unsophisticated, but they are looking for experts, Flashpoint says

ISIS hacking groups merge as United Cyber Caliphate, but don’t worry too much (Digital Trends via Yahoo! Tech) ISIS is organizing its cyber efforts, and might move on from amateur attacks to serious recruitment of black hat hackers

ISIS and the ‘Loser Effect’ (Atlantic) Could the Islamic State's recent failures signal its demise?

Pentagon Working to 'Take Out' Islamic State's Internet (Agence France Presse via SecurityWeek) The US military's secretive Cyber Command (CYBERCOM) is working to destroy the Islamic State group's Internet connections and leave the jihadists in a state of "virtual isolation," Pentagon chiefs said Thursday

ISIS reveals how Jihadi John evaded security en route from UK to Syria (Fox News) ISIS executioner Jihadi John easily dodged British authorities, riding in the back of a truck to exit the UK before boarding a flight in Belgium -- despite being on a terror watch list -- according to a chilling account by a jihadist who traveled with him through six countries before reaching Syria

Panama Papers: Soon searchable by everyone thanks to the cloud (Computerwoche CSO) How did journalists organize and analyze 2.6 terabytes of data?

Cisco Finds Backdoor Installed on 12 Million PCs (SecurityWeek) UPDATED. Cisco’s Talos security intelligence and research group has come across a piece of software that installed backdoors on 12 million computers around the world. The software, which exhibits adware and spyware capabilities, was developed by a French online advertising company called Tuto4PC

The "Wizzards" of Adware (Talos Blog) Talos posted a blog, September 2015, which aimed to identify how often seemingly benign software can be rightly condemned for being a piece of malware. With this in mind, this blog presents an interesting piece of “software” which we felt deserved additional information disclosure. This software exhibits several questionable behaviors including

Google Play infested with cash-stealing web apps (Register) Simple HTML scams look to be sneaking through the app inspection process

Android infostealer posing as a fake Google Chrome update (Zscaler) Our research team has recently seen a large amount of activity in our cloud related to an Android infostealer disguised as a Google Chrome update

Waze Navigation App Vulnerable, Allow Hackers to Spy on Users (HackRead) Waze is a well-known and widely used navigation app developed and owned by Google. It is in use by literally million of drivers because it helps in identifying the most appropriate, safe and fastest route to any destination. However, according to the latest research by the University of California-Santa Barbara people relying upon this app for navigational purposes might be at the risk of being stalked by malicious actors

Slack API Credentials Left in GitHub Repos Open New Door for Corporate Hacking (Softpedia) Careless developers from companies around the world have forgotten to remove sensitive API access tokens from Slack bots uploaded on GitHub, security researchers from Detectify Labs reported today

Slack bot developers were unwittingly leaking sensitive corporate data (Quartz) Developers at major businesses who build apps for the instant-messaging platform Slack have unwittingly exposed key information like chat logs, direct messages, and passwords by recklessly sharing their programs in public

Slack bot token leakage exposing business critical information (Detectify Labs) TL;DR, Developers are leaking access tokens for Slack widely on GitHub, in public repositories, support tickets and public gists. They are extremely easy to find due to their structure. It is clear that the knowledge about what these tokens can be used for with malicious intent is not on top of people’s minds…yet. The Detectify team shows the impact, with examples, and explains how this could be prevented

Ransomware is everywhere, but even black hats make mistakes (We Live Security) Ransomware is everywhere. At least that might be the impression left by a seemingly endless stream of news reports on recent cyberattacks. Well, there were several (good) reasons why criminals have made it all the way to the front page

Spike in ransomware attacks as malicious code spreads (Charity Digital News) Security firm ESET has revealed that ransomware accounted for a quarter of the threats aimed at UK computer users over the past week

IT Security Firm ESET Issues New Survey Revealing Public's Knowledge and Attitudes About Ransomware (PRNewswire) ESET®, a global pioneer in IT security for more than two decades, released findings from a survey today that illustrates attitudes and knowledge individuals have about ransomware, a proliferating malicious software that holds files hostage until a ransom is paid

Encrypted Network Traffic Comes at a Cost (SecurityWeek) The use of encryption over the Internet is growing. Fueled by Edward Snowden's revelations on the extent of NSA and GCHQ content monitoring, encryption is now increasingly provided by the big tech companies as part of their standard product offerings. It's effectiveness can be seen in the continuing demands by different governments for these same tech companies to provide government backdoors for that encryption. Encryption works: it safeguards privacy

Vulnerability in Java Reflection Library Still Present after 30 Months (InfoQ) In 2013, security organization Security Explorations discovered a security vulnerability in Java 7u25 by which an attacker could completely escape the Java sandbox. Oracle released a patch in update 7u40, but as Security Explorations announced earlier this year, the patch only addressed the proof of concept, and a simple code modification still exposes the vulnerability. Oracle has released three new versions of Java since the vulnerability was rediscovered, but none have addressed the issue, and subsequent investigation has revealed that the vulnerability is even more severe than initially reported

Dental Assn Mails Malware to Members (KrebsOnSecurity) The American Dental Association (ADA) says it may have inadvertently mailed malware-laced USB thumb drives to thousands of dental offices nationwide

Understanding EdgeHTML’s Attack Surface and Exploit Mitigations (IBM Security Intelligence) EdgeHTML is the rendering engine of the Edge browser in Windows 10. It is a fork of the MSHTML/Trident rendering engine currently used in Internet Explorer. The forking was done to support modern Web standards and remove legacy code

What the Tech: Cybercrime Black Market (Texoma's Homepage) The place hackers go to buy stolen information is slashing prices

IBM researcher: 'Mobile malware marketplace' is heating up (FierceWireless) But just how big a threat that is to U.S. consumers is still unclear

Security pros concerned about Facebook payment expansion (CSO) Experts have concerns about Facebook's move to allow retail payments

Security Patches, Mitigations, and Software Updates

Finance bods SWIFT to update after Bangladesh hack (Register) But infosec folk say full revamp needed

NTP-4.2.8p7 (NTP Support) NTP-4.2.8p7 was released on 26 April 2016. It addresses 11 low- and medium-severity security issues, 16 bugfixes, and contains other improvements over 4.2.8p6. NTP users are strongly urged to take immediate action to ensure that their NTP daemons are not susceptible to being used in distributed denial-of-service (DDoS) attacks. Please also take this opportunity to defeat denial-of-service attacks by implementing Ingress and Egress filtering through BCP38

Cyber Trends

Verizon’s 2016 Data Breach Investigations Report finds cybercriminals are exploiting human nature (Verizon) Cybercriminals are continuing to exploit human nature as they rely on familiar attack patterns such as phishing, and increase their reliance on ransomware, where data is encrypted and a ransom is demanded, finds the Verizon 2016 Data Breach Investigations Report

Data Breaches Aren’t Just an IT Issue (Harvard Business Review) You don’t see it coming. You don’t know who’s behind it. And you probably won’t even know you’ve been affected until it’s too late to prevent significant damage to your company’s finances, operations, and reputation

The Morning After: What Happens to Data Post Breach? (Dark Reading) We need consumers and businesses to not simply shrug off data breaches but to take active measures to protect their data. We are hopeful that new insights will provide a compelling answer to the question "So what?"

Building a Resilient Cyber Ecosystem to Combat Threats (InfoRisk Today) TCS' Singh on coping with the changing threat landscape

1 in 10 people have posed as someone else online (Help Net Security) Our need for ease and convenience is putting our digital identities and security at risk. A new BehavioSec report finds that 37% of us have shared our personal security data with a friend or partner. Of this group, 87% said that they trust the recipient with this information

Government Cybersecurity Performance, Confidence Bottoms Out (Dark Reading) In the wake of OPM and other big gov breaches, government cybersecurity performance scores and employee confidence ratings sink through the floor

10 Newsmakers Who Shaped Security In the Past Decade (Dark Reading) In celebration of Dark Reading's 10th anniversary, we profile ten people whose actions influenced and shaped the trajectory of the industry - for better or for worse -- in the past ten years

Latin America: The New Frontier for Cyber Attacks (Cipher Brief) Latin America and the Caribbean (LAC) is the new frontier for cyber attacks, a crime that costs the world up to $575 billion a year, according to a joint study by the Center for Strategic Studies and McAfee. In LAC alone, the cost is estimated at about $90 billion per year

Marketplace

BlackBerry's Turnaround CEO Dials Up Cybersecurity, And It Answers (Forbes) BlackBerry executive chairman and CEO John Chen took a battered smartphone brand and turned it into a hot and innovative cybersecurity company

Symantec Slashes Quarterly Guidance; CEO to Step Down (Wall Street Journal) Ajei Gopal named interim president, operating chief

Symantec CEO Mike Brown ousted after nasty numbers (Register) Board says with Veritas gone, its time for pure-play security CEO

Gigamon Reports First Quarter 2016 Financial Results (PRNewswire) Record revenue delivers 43% year-over-year growth. Results driven by strong demand for both Security and Mobility solutions

Evident.io Secures $15.7 Million in Series B Funding (MarketWired) Venrock leads the round; Doug Dooley joins board; Jeff Williams leads sale

Ridge Global and OptioLabs Partner to Offer Effective Cybersecurity Products and Solutions (OptioLabs) Tom Ridge, first U.S. Secretary of Homeland Security and former Governor of Pennsylvania joins OptioLabs Board of Advisors

Products, Services, and Solutions

Cylance shows first ever live ransomware prevention demo (ETCIO) Ransomware is one of 2016’s most challenging cyber threats and Cylance is demonstrating its anti-ransomware capabilities during the tour

Trend Micro Rated “Best Antivirus Software” by AV-TEST Institute (TechTree) Trend Micro Internet Security 2016 receives Top Product Certificate from AV-TEST Institute

Intelligent automation systems spark Accenture, Splunk pact (TechTarget) Accenture, a global professional services firm, has entered a formal alliance with Splunk to tap the company's operational intelligence products and services

MSPAlliance Names RapidFire Tools Best MSP Solution in the MSPWorld Cup Awards, Recognizing Its Support for the MSP Model (MarketWired) Network Detective Is acknowledged for its ability to help MSPs gain revenues and grow business through effective IT assessments & reporting

IBM MaaS360 bets big in revamp to “massively reimagine EMM” (Apps Tech News) Enterprise mobility management (EMM) provider IBM MaaS360 has announced a revamp of its productivity apps, enabling users to switch seamlessly between email, calendar and documents among others

Palo Alto Networks Named A Leader In Automated Malware Analysis Report (PRNewswire) Palo Alto Networks® (NYSE: PANW), the next-generation security company, today announced that its WildFire™ offering was recognized by Forrester® Research as a leader among automated malware analysis providers

Fortinet unveils 'security fabric' for distributed security in an IoT world (ChannelLife) Fortinet has unveiled its security fabric, which it says will arm global enterprises with pervasive, adaptive cybersecurity from IoT to cloud networks

Varonis to Stifle Ransomware With New Threat Models (Cybersecurity Investing News) Varonis Systems, Inc. (NASDAQ:VRNS), a leading provider of software solutions that protect data from insider threats and cyberattacks, today announced the beta availability of more than 20 new threat models and enhanced discovery capabilities from its behavior research laboratory, allowing organizations to analyze and detect attacks, insider threats, breaches and new variants of ransomware before damage can be inflicted

Microsoft's Azure ML cloud-based machine learning gets security and privacy certifications (V3) Microsoft has declared that its Azure ML service for predictive analytics with machine learning has achieved certification for security and privacy standards including ISO 27001 and the EU Model Clauses, a move designed to reassure potential enterprise users that their data will be safe

Technologies, Techniques, and Standards

Securing NPCI's Unified Payment Service Against Online Fraud (InfoRisk Today) Banking CISOs have a huge task ahead in ensuring seamless secure transactions

How to Distinguish Between Advanced and Garden-Variety Attacks (Recorded Future) The following interview is with Christopher Pierson and is from our Threat Intelligence Thought Leadership Series. Christopher is currently EVP, Chief Security Officer and General Counsel for Viewpost

How To Stay Secure At The Hotel On A Business Trip (Dark Reading) As POS malware attacks on hotels increase and threat actors target executives, traveling for business puts company data at risk

6 Reasons ISPs Must Step Up Defenses Against DDoS Attacks (Dark Reading) Conducting a DDoS attack used to require a significant amount of talent. But today, a high school student with basic hacking skills can access tools that will challenge even the most experienced ISP security teams

Design and Innovation

The Security Industry Needs Its John Snow (Digital Guardian) The recently released Verizon Data Breach Investigations Report (DBIR) is one of our best sources of information on breaches and other malicious activity – it is also woefully inadequate to the task

Research and Development

Computer Scientist Earns Prestigious ACM Award for Encryption Achievement (College of Natural Sciences, University of Texas at Austin) Brent Waters of The University of Texas at Austin has been selected to receive the Grace Murray Hopper Award from the Association for Computing Machinery (ACM). This award recognizes the outstanding young computer professional of the year for a recent major technical or service contribution that was made at 35 years of age or less

NIST Kicks Off Effort to Defend Encrypted Data from Quantum Computer Threat (Imperial Valley News) If an exotic quantum computer is invented that could break the codes we depend on to protect confidential electronic information, what will we do to maintain our security and privacy? That's the overarching question posed by a new report from the National Institute of Standards and Technology (NIST), whose cryptography specialists are beginning the long journey toward effective answers

Why quantum cryptography could be a one-way street (Physics World) A curious type of nonlocal phenomenon known as one-way quantum steering has been demonstrated experimentally for the first time by two independent groups of physicists. This phenomenon is similar to quantum entanglement but applies when one of the two parties sharing a quantum state does not trust the source of quantum particles. The researchers say their work could help to broaden applications of quantum cryptography

Academia

NSA lauds The Citadel for cybersecurity training (Post and Courier) As a computer science intern at the Department of Homeland Security this spring, Citadel junior cadet Anthony Zovich said he helped make a little tweak that solved a big problem

AFA's CyberPatriot Names Lee's Summit R-7 School District CyberPatriot Center of Excellence (PRNewswire) The Air Force Association's CyberPatriot program has announced Lee's Summit R-7 School District as its eighth CyberPatriot Center of Excellence

Sandia National Laboratory looks for the next cyber warriors (KRQE News 13) Terrorism comes in many forms, one of the most destructive can be in the form of a cyber attack. Sandia National Laboratories in Albuquerque deals with those types of attacks all the time. They’re looking for the next generation of brilliant minds to protect computers, right here in New Mexico

Legislation, Policy, and Regulation

India has tremendous scope to enhance its cybersecurity readiness (Tech2) Leaders of the world today have an additional challenge to worry about – cybersecurity. With cyber attacks getting bigger, stronger and smarter, no country can afford to ignore this looming threat

IAITAM: U.S. Companies Need to Gear Up Now for New EU Data Privacy Regulations (International Association of Information Technology Asset Managers) Thousands of American companies that do business in Europe directly or online with European customers will need to start reckoning with data privacy regulations enacted this month by the European Union (EU) that are due to go into full effect in just two years, according to the International Association of Information Technology Asset Managers, Inc. (IAITAM)

Top 10 operational impacts of the GDPR (International Association of Privacy Professionals) The new General Data Protection Regulation (GDPR), put forth by the European Commission in 2012 and finally generally agreed upon by the European Parliament and Council in December, is set to replace the Data Protection Directive 95/46/ec. Although many companies have already adopted privacy processes and procedures consistent with the Directive, the GDPR contains a number of new protections for EU data subjects and threatens significant fines and penalties for non-compliant data controllers and processors once it comes into force in the spring of 2018. In this 10-part series, the IAPP outlines specific provisions of the regulation

EU National Data Protection Regulators Raise Privacy Shield Concerns (Squire Patton Blogs) The Article 29 Working Party (WP29) has delivered a non-binding opinion on the EU-U.S. Privacy Shield which, though critical of the proposed package, leaves open the possibility that a version of the proposed framework will be blessed by the EU Commission

Councils must prepare cyber security strategies in face of growing attack threats (Public Sector Executive) Hackers will be increasingly likely to target local government, who needs to be involved in preparing national cyber security strategies, Socitm has warned in a new policy briefing

Dem rallies opposition to new fed hacking powers (The Hill) A key senator is trying to block the Justice Department's request to expand its remote hacking powers, after the Supreme Court signed off on the proposal Thursday

Defense authorization bill would elevate Cyber Command (The Hill) A defense authorization bill that cleared a House committee early Thursday would elevate U.S. Cyber Command and launch a review into whether the agency should still be run by the National Security Agency (NSA) head

Long and Matsui Introduce Bipartisan Solution to Improve HHS Cybersecurity (US House of Representatives Energy and Commerce Committee) Legislation empowering top HHS cybersecurity officer follows Committee investigation on agency’s cyber breaches

Senate committee leaders ask OMB to update 15-year-old cyber policy (SC Magazine) In a letter to the Office of Management and Budget (OMB), Senate Homeland Security Committee Chairman Ron Johnson (R-Wis.) and ranking member Sen. Tom Carper (D-Del.) asked the agency's director Shaun Donovan to complete changes to a privacy and cyber policy framework. The current framework, called Circular A-130, which has not been updated in 15 years, has slowed federal agencies from responding effectively to cyber threats, the lawmakers said

The NSA has no idea how many Americans it’s spying on (Quartz) The National Security Agency (NSA) is watching the electronic communications of hundreds of millions people, allegedly to find foreign threats. But before Congress reauthorizes laws allowing this, it has a question: How many Americans are caught up in the government’s digital dragnets?

Litigation, Investigation, and Law Enforcement

Gamekeeper turns poacher? The ex-Tor developer who unmasked Tor users for the FBI (Naked Security) We feel a bit sorry for Matt Edman at the moment. He’s a computer scientist and security researcher currently working in the private sector

Former Tor developer created malware for the FBI to hack Tor users (Daily Dot) How does the U.S. government beat Tor, the anonymity software used by millions of people around the world? By hiring someone with experience on the inside

3 Tied to San Bernardino Gunman Are Indicted (New York Times) The investigation into the San Bernardino massacre produced criminal charges on Thursday against the brother of one of the attackers and two other people — not for contributing to the mass shooting, but for their roles in a sham marriage designed to skirt immigration laws

Arrested brother of San Bernardino shooter is decorated Navy veteran (Los Angeles Times) Syed Raheel Farook, a Navy veteran and brother of San Bernardino shooter Syed Rizwan Farook; along with his wife, Tatiana Farook; and her sister Mariya Chernykh were arrested Thursday and charged in a five-count indictment that focuses on allegations of a fraudulent marriage

Three More People Charged With Terrorism Offenses in Britain (Wall Street Journal) Suspects detained in investigation with French and Belgian authorities into possible U.K. links to recent Paris, Brussels attacks

Belgian police knew since 2014 that Abdeslam brothers planned ‘irreversible act’ (Politico) Damning report into Belgian response to Paris attacks shows sloppiness and lack of resources

Global Impact: China's ZTE Added to BIS Entity List but Granted Temporary Export License (Lexology) On March 8, 2016, the United States Commerce Department's Bureau of Industry and Security (BIS) published a notice in the Federal Register announcing that China's ZTE Corporation (ZTE), along with three of its affiliates, were added to the Entity List for attempting to circumvent US export control laws and reexporting US origin items to Iran in violation of US law

Estonian man gets over 7 years in prison for role in global DNS hijacking botnet (IDG via CSO) Vladimir Tsastsin was one of seven individuals behind a $14 million click fraud operation that used the DNSChanger botnet

Child porn suspect jailed indefinitely for refusing to decrypt hard drives (Ars Technica) Man to remain locked up "until such time that he fully complies" with court order

Cop Exploited iPhone App to Secretly Watch Mom Breastfeeding (HackRead) Baby monitors have been in trouble lately and this new incident has re-established the fact that one needs to be very careful while using these devices. — In the latest occurring, a cop has been accused of virtually sneaking into the private moments of a mother and her infant while she was busy breastfeeding her newborn

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Cyber Security Summit 2016 (Aukland, New Zealand, May 5, 2016) New Zealand’s first Cyber Security Summit will be held in Auckland on 5 May 2016. The theme is “Keeping New Zealand’s Economy Cyber Secure”. Hosted by the Minister for Communications Hon Amy Adams, the...

Enfuse 2016 (Las Vegas, Nevada, USA, May 23 - 26, 2016) Enfuse is a three-day security and digital investigations conference where specialists, executives, and experts break new ground for the year ahead. It's a global event. It's a community. It's where problems...

New York State Cyber Security Conference (Albany, New York, USA, June 8 - 9, 2016) June 8-9 marks the 19th Annual New York State Cyber Security Conference and 11th Annual Symposium on Information Assurance (ASIA) and we invite you to join us for this nationally recognized event. The...

CyberSec 2016 (New York, New York, USA, July 19, 2016) Ask any bank CEO in the U.S. what keeps them up at night and cybersecurity is bound to be in the top five. Maybe even no. 1. And while the threat matrix is evolving rapidly, along with the regulatory demands,...

Upcoming Events

3rd East Africa Cyber Defense Convention 2016 (Nairobi, Kenya, April 29, 2016) Building on the success of previous conventions series in the last two years and with insights from cybersecurity experts, participants at this conferene learn how organisations should successfully respond.

CISO United States (Chicago, Illinois, USA, May 1 - 3, 2016) The CISO Summit will bring together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda...

SANS Security West 2016 (San Diego, California, USA, May 1 - 6, 2016) With cyber-attacks and data breaches on the rise, attacks becoming more frequent, sophisticated and costlier, the gap in the ability to defend has become wider and more time sensitive. Now is the perfect ...

CEBIT (Sydney, New South Wales, Australia, May 2 - 4, 2016) With the Australian Federal Government officially announcing its national cyber security policy, ahead of CeBit Australia’s business technology event, CeBIT is ultra strong on cyber security, too. CeBIT’s...

Cyber Investing Summit 2016 (New York, New York, USA, May 3, 2016) The Cyber Investing Summit is an all-day conference focusing on the investment opportunities, trends and strategies available in the $100+ billion cyber security sector. Network with investment professionals,...

SecureWorld Kansas City (Overland Park, Kansas, USA , May 4, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry...

National Oceanic Atmospheric Administration (NOAA) IT Security Conference (Silver Spring, Maryland, USA, May 4, 2016) The purpose of this event is to provide training and to educate NOAA and Department of Commerce personnel about various topics relating to Cyber Security. Attendance is open to NOAA and Department of Commerce...

SecureWorld Kansas City (Overland Park, Kansas, USA, May 4, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry...

2016 Cybersecurity Summit (Scottsdale, Arizona, USA, May 5, 2016) The Arizona Technology Council (AZTC), Arizona Commerce Authority (ACA) and Arizona Cyber threat Response Alliance (ACTRA)/Arizona InfraGard present the third annual Cybersecurity Summit on Thursday, May...

2016 Cybersecurity Summit (Scottsdale, Arizona, USA, May 5, 2016) The Arizona Technology Council (AZTC), Arizona Commerce Authority (ACA) and Arizona Cyber threat Response Alliance (ACTRA)/Arizona InfraGard present the third annual Cybersecurity Summit on Thursday, May...

Cyber Security Summit 2016 (Aukland, New Zealand, May 5, 2016) New Zealand’s first Cyber Security Summit will be held in Auckland on 5 May 2016. The theme is “Keeping New Zealand’s Economy Cyber Secure”. Hosted by the Minister for Communications Hon Amy Adams, the...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.