skip navigation

More signal. Less noise.

Daily briefing.

Cisco (whose Product Security Incident Response Team chief told FedScoop "as you can imagine, we have all hands on deck for this") and FireEye report that Shadow Brokers' leaked exploits being "test-driven" in the wild.

Comae says Huawei should be added to the short list of companies affected by the published vulnerabilities, joining Cisco, Fortinet, and Juniper Networks.

Speculation (not crazy, but a little overheated) about the source of the leaks turns again to chatter about a GRU mole at Fort Meade.

The New York Times acknowledges that it's been the subject of successful Russian hacking. The paper's Moscow Bureau seems most directly affected, and other news organizations are said to have received similar ministrations. The FBI is investigating.

Fallout from Russian penetration of Democratic Party networks turns up in Republican attack ads.

Investigation of Democratic Presidential nominee Clinton's State Department era emails continues; the focus is on interaction with the Clinton Foundation.

Wikileaks draws more unfavorable attention for indiscriminately dumping personal information about people who aren't remotely public figures.

The Goznym banking Trojan moves west, from Polish to German banks.

Gaming sites are under attack: first Epic, now Blizzard Entertainment and Grand Theft Auto.

Ransomware has been troubling British universities and enterprises in the Netherlands. There's now a decryptor for Wildfire, the strain active in the Netherlands, courtesy Intel Security and Kaspersky Labs.

In industry start-up news, ThreatQuotient raises $12.5 million; Logikcull and Auth0 raise $10 million and $15 million respectively.

France and Germany want Europe-wide restrictions on encryption.

Notes.

Today's issue includes events affecting Australia, Austria, Canada, China, Denmark, European Union, France, Germany, India, Iran, Iraq, New Zealand, Norway, Poland, Russia, Sweden, Syria, United Kingdom, United States.

A note to our readers, especially those of you interested in art and design--"STEM to STEAM," as they call it: the CyberWire is partnering with Maryland Art Place to sponsor a competition for an original work of art on the theme "creating connections." You can read about the competition in NY Arts Magazine. A full prospectus may be found here.

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we talk about fog computing with Malek Ben Salem from our partners at Accenture Technology Labs. (If you enjoy the podcast, please consider giving it an iTunes review.)

7th Annual Billington CyberSecurity Summit (Washington, DC, USA, Invalid Date Invalid Date, Invalid Date) Cyber attacks continue to pose high-stake threats to national security. Top government, military and private sector cybersecurity leaders will explore the threats and solutions at the leading fall cybersecurity forum.

Cyber Attacks, Threats, and Vulnerabilities

Random hackers are taking NSA-linked cyber weapons for a test drive (FedScoop) “Most of these exploits, I mean, just about anyone with a college computer science degree can run them, honestly,” said one expert

NSA Targeted Chinese Firewall Maker Huawei, Leaked Documents Suggest (Motherboard) When the mysterious Shadow Brokers dumped a cache of hacking tools used by an NSA-linked group last week, researchers quickly identified a number of the spy agencies’ targets, including American security companies like Cisco, Juniper, and Fortinet

NSA-linked Cisco exploit poses bigger threat than previously thought (Ars Technica) With only a small amount of work, ExtraBacon will commandeer new versions of ASA

Cisco Exploit Leaked in NSA Hack Modifies to Target Latest Version of Firewalls (Hacker News) Recently released NSA exploit from "The Shadow Brokers" leak that affects older versions of Cisco System firewalls can work against newer models as well

Hacking the hackers: everything you need to know about Shadow Brokers' attack on the NSA (Wired) A mystery group claims to be selling malware and tools used by America's National Security Agency

The Real Russian Mole Inside NSA (Observer) The media has finally noticed that the National Security Agency has a problem with Kremlin penetration

Report: Russian Hackers Target New York Times (Foreign Policy) Every day, the scope of alleged Russian hacking against U.S. organizations widens. On Tuesday, CNN reported that the FBI is investigating hackers believed to be working for Moscow who “carried out a series of cyber breaches targeting reporters at the New York Times and other U.S. news organizations"

Journalists are easy targets for hackers, and that shouldn't surprise anyone (CSO) Each email or meeting is a potential compromise waiting to happen

Democrats cry foul as internal memo leaked by hacker cited in GOP attack ad (Washington Times) The official fundraising wing of House Democrats accused its Republican counterpart of aiding the Russian government Tuesday after the GOP used a leaked Democratic Party document as ammo in a new ad

Private lives are exposed as WikiLeaks spills its secrets (AP) Its scoops have rattled the Saudi foreign ministry, the National Security Agency and the U.S. Democratic Party. But WikiLeaks' spectacular mass-disclosures have also hit hundreds of average people — including sick children, rape victims and mental patients — who just happened to find their personal information included in the group's giant data dumps, The Associated Press has found

Chinese cyber spies may be watching you, experts warn (CNN) About a year ago, China and the United States formally agreed not to conduct or knowingly support the cyber theft of each other's intellectual property

Are hi-tech spies stealing all your firm's secrets? (BBC) Last weekend's reports about the New Zealand rugby team's discovery of a listening device sewn in to a hotel meeting room chair, have illustrated just how much spying technology has advanced in recent years

Android: Neuer Infektionsweg (Das Sicherheitsmagazin) "Mobile Malware Report":Neue Ransomware bedroht Android-Geräte Durch Drive-by-Infektion: Malware gelangt auf das Mobilgerät

GozNym Banking Trojan Targeting German Banks (Threatpost) GozNym’s Euro trip rolls on. Fresh from targeting banks in Poland, the banking Trojan has reportedly begun taking aim at banks in Germany

Dridex Resurfaces to Make New Smaller Spam Outbreaks (Spamfighter News) The Dridex gangsters or those cyber criminals responsible for the banker Trojan Dridex have been somewhat silent starting middle of June 2016 approximately when Necurs another botnet the Dridex cyber criminals run was terminated only to re-emerge following a 3-week period

CryptXXX Ransomware Emerges For a Slice of the Pie (Fortinet) Recently, a new variant of the ransomware family named CryptXXX has begun circulating around the web. Fortiguard Research Lab has discovered several new variants during the life of this family of attacks. In this blog we will discuss a particular variant, which arrived in the form of an executable (.exe), as opposed to previous variants that were based around dynamic-link library (.dll) files

UK universities hit repeatedly with ransomware, one over 21 times! (Help Net Security) 63 percent of UK universities have been hit by ransomware – most of them multiple times, and Bournemouth University a total of 21 times in the last year, SentinelOne has found

Hit-And-Run Tactics Fuel Growth In DDoS Attacks (Dark Reading) A majority of organizations in Imperva DDoS study suffer multiple consecutive attacks

The New Frontier in Terror Fundraising: Bitcoin (Cipher Brief) When I worked as a counterterrorism analyst for the CIA, I always looked out for signs of terrorist groups adapting their methods. Now, as someone outside of government who analyzes how nefarious groups fund themselves, I am concerned about terrorists using innovative technologies to bolster their finances. And I recently came across a troubling case of terrorist financial innovation

Hackers can easily take over cellphone towers, researchers found (Help Net Security) Zimperium researchers have unearthed three critical vulnerabilities in widely used software running on base transceiver stations (BTS), i.e. the equipment that makes cellphone towers work

New Collision Attacks Against 3DES, Blowfish Allow for Cookie Decryption (Threatpost) RC4 apparently is no longer the lone pariah among smaller cryptographic ciphers. Already broken and set for deprecation by the major browser and technology makers, RC4 could shortly have company in Triple-DES (3DES) and Blowfish

US Ports Targeted with Zero-Day SQL Injection Flaw (Softpedia) Flaw in Navis WebAccess exposes port authorities to hacking

DNSSEC Servers Not So Secure (Industrial Safety and Security Source) Attackers can hijack improperly configured DNSSEC servers to carry out reflection DDoS attacks, researchers said

Blizzard Suffers Yet Another DDoS Attack (HackRead) Another day another victim of DDoS attack — this time, it’s the Blizzard Entertainment, Inc. is an American video game developer

Gamers Warned After Grand Theft Auto Forum is Hacked (Infosecurity Magazine) Grand Theft Auto fans have become the latest to be targeted by hackers after the personal details of an estimated 200,000 gamers were discovered being traded online

Epic Games Forums Hacked, SQL Injection Vulnerability Blamed (Threatpost) Epic Games is warning users of a breach that impacts 800,000 user accounts tied to the company’s online forums. On Monday, the game developer temporarily shut down many of its forums and advised users to change passwords on any accounts that shared the same credentials for some of its forums

Epic Games forum hack underscores the need to install security patches (CSO) The hack stole emails and hashed passwords from 808,000 users

Has your internet provider been compromised? Malicious insiders are helping cybercriminals hack telecoms firms (ZDNet) Hackers are using both willing and blackmailed staff at internet and phone providers to help them breach networks and steal data

Threat intelligence report for the telecommunications industry (SecureList) The telecommunications industry keeps the world connected. Telecoms providers build, operate and manage the complex network infrastructures used for voice and data transmission – and they communicate and store vast amounts of sensitive data. This makes them a top target for cyber-attack

Cyber criminals target holiday-related P2P media platforms (ComputerWeekly) Cyber criminals capitalise on the popularity of holiday-related media sites to spread malware

Security Patches, Mitigations, and Software Updates

VMSA-2016-0013 (VMware Security Advisories) VMware Identity Manager and vRealize Automation updates address multiple security issues

Cyber Trends

Proactive Defense: Understanding the 4 Main Threat Actor Types (Recorded Future) Understanding the four main threat actor types is essential to proactive defense

Ransomware and Business Email Compromise (BEC) Lead Year of Online Extortion (Trend Labs Security Intelligence Blog) Emails have become the battleground for the first half of the year in terms of security

How do you measure success when it comes to stopping Phishing attacks? (CSO) Experts offer their thoughts on measuring success when it comes to Phishing

Saving money on security software by improving cyber posture, report (SC Magazine) Spending big bucks is not always necessary for corporations to put a decent cybersecurity program in place

Cybersecurity Ventures predicts cybercrime will cost the world in excess of $6 trillion annually by 2021. (Cybersecurity Ventures) This special report on cybercrime is sponsored by Herjavec Group, a leading global information security advisory firm and Managed Security Services Provider (MSSP) with offices across Canada, the United States, United Kingdom and Australia

Forcepoint™ and Ponemon Institute Survey Finds Organizations Challenged when Monitoring Privileged Users, Preventing Insider Threats (PRNewswire) Survey reveals majority of IT operations and security managers believe access often extends beyond the needs of privileged users

The 2016 Study on the Insecurity of Privileged Users (Forecepoint) Did you know that privileged users often are your riskiest employees? What are they doing to put your data at risk?

The Australian blindspot to mobile security (ARN) New research shows business and consumers do not take app security seriously

Marketplace

Stand out from the crowd: What prospects look for when selecting a MSSP (Data Center News) An increasing number of enterprises have by and large accepted the concept of a Managed Security Service Provider (MSSP). And why not?

Unsealing the Deal: Cyber Threats to Mergers and Acquisitions Persist in a Hot Market (FireEye Threat Intelligence) Risks posed by sensitive corporate communications, broadened attack surface

Cybersecurity Diligence Issues in Verizon-Yahoo Merger (Bloomberg BNA) The $4.83 billion deal for Verizon Communications Inc. to acquire Yahoo! Inc. will create one of the largest technology companies in the world. But the new mega-brand and other merging tech companies may come crumbling down if they aren't diligent in finding and patching cybersecurity deficiencies before and after the deal, mergers and acquisitions analysts told Bloomberg BNA

Accenture to acquire Australian cyber defence firm (IHS Jane's Defence Industry) US consultancy firm Accenture is set to acquire privately owned Australian company Redcore as part of its efforts to expand its presence in the Asia-Pacific cyber-defence market

Symantec Exec: Partners Are Critical To Our Success After Blue Coat Acquisition (CRN) Fresh off the closing of its blockbuster acquisition of Blue Coat Systems, Symantec channel leadership said the company is more committed than ever to its partners

Frost & Sullivan Applauds the Breadth of Symantec's Security Solutions As Well As Collaborations with Customers and Peers to Provide Customized Tools (PRNewswire) Symantec focuses on developing security solutions that are designed horizontally, but can be applied vertically

5 Reasons to Buy Cisco Systems Now (Motley Fool) The networking hardware giant is a great company at a bargain price

These 2 Stocks Prove The Future Is Bright For Cybersecurity Investors (Investing) Last February, a hospital was held hostage

Logikcull Closes $10 Million Series A Round from OpenView and Storm Ventures (BusinessWire) Legal intelligence platform automates costly and complex eDiscovery and legal search processes

Authentication startup Auth0 raises $15M as it beefs up security features (TechCrunch) “Identity-as-a-service” startup Auth0 (pronounced “auth zero”) has raised $15 million in Series B funding

Cybersecurity firm led by former Sourcefire execs raises $12 million (Baltimore Sun) ThreatQuotient, a cyber security firm led by former executives of Columbia-based Sourcefire, raised $12 million to boost product development and expand international sales

RiskIQ Accelerates Momentum Across Entire External Threat Management Solution Set in First Half of 2016 (BusinessWire) Triples bookings for RiskIQ PassiveTotal compared to the prior six months (2H 2015)

US hails Samsung-Darktrace IoT cyber security move (Business Weekly) Cambridge UK cyber security specialist Darktrace and new investor Samsung SDS in Korea are to jointly develop cyber security solutions for the Internet of Things

U.S. Air Force CIO: San Antonio has big opportunity with cybersecurity jobs (San Antonio Business Journal) A San Antonio native who helps lead the U.S. Air Force's worldwide cyber operations highlighted the first day of CyberTexas, a two-day conference that brings together private industry and government agencies to discuss the state of cybersecurity

San Diego Selects Tenable Network Security to Protect its Complex Network of Smart City and Legacy Technology (BusinessWire) City gains continuous visibility and actionable context for network threats through enterprise-wide vulnerability management from Tenable

CrowdStrike Names Brian Brouillette Vice President of Customer Success (BusinessWire) CrowdStrike, the leader in cloud-delivered next-generation endpoint protection, today announced that Brian Brouillette has joined CrowdStrike as vice president of Customer Success

Rapid7 Recognized for Outstanding Culture and Commitment to Employee Satisfaction by TMCnet (GlobeNewswire) Rapid7 receives 2016 Tech Culture Award for dedication to core values, innovation, and scaling with soul

Products, Services, and Solutions

Amped Wireless Introduces ALLY Wi-Fi System, available for Pre-Order Aug. 23 (PRWeb) The first seamless roaming solution with blazing-fast Wi-Fi speeds, whole-home coverage with award winning, high power technology and security against malware provided by AVG

Zimperium: Acting as the Intel-Inside of Smartphone Security (Silicon India) The wider smartphone adoption has triggered the spread of mobile malware. In light of this rapid growth, there is a pressing need to develop effective solutions. But due to the lack of understanding about emerging mobile malware, our defense capability is largely limited

Kaspersky launches self-titled OS to protect ICS (SC Magazine) Kaspersky Lab has reportedly finished its self-titled OS which has been built from the ground up with the aim of protecting industrial control systems

Sophos looks to enhance leading email providers' security (Channelnomics) Executive talks implications new Sophos Email offering has for channel

CloudPassage Halo Now in Solution-Specific Packages (Yahoo! Finance) CloudPassage today announced new packaged offerings for CloudPassage Halo to more cost-effectively address enterprises' need for workload security

Technologies, Techniques, and Standards

Researchers Douse Wildfire Ransomware with Decryption Tool (Infosecurity Magazine) Intel Security and Kaspersky Lab have announced the release of a decryption tool to stifle the Wildfire ransomware that has beset users across Belgium and the Netherlands

Cryptography and cyber-security at NTNU and the mathematics of electronic elections (European Consortium for Mathematics in Industry) Cryptography as a practice is very old, dating back at least 2000 years

Technology Foraging for Cybersecurity Solutions (AlienVault Blogs) Technology foraging, or searching for smart ideas and technologies, is a key element of research and development both in the public and private sectors

Unleashing the Immune System: How to Boost Your Security Hygiene (IBM Security Intelligence) Over the years, companies have responded to threats by backing up the security tool truck and unloading it onto their IT environments. An expanding security arsenal of fragmented, disconnected point products and perimeter solutions can add complexity without vastly improving the organization’s overall security posture

How APIs are Changing the Face of Enterprise Cybersecurity (Data Informed) Cyber threats today are more sophisticated than ever. They are specifically engineered to avoid traditional detection methods while silently siphoning data and assets from an organization or, even worse, disrupting the business

CISO Security ‘Portfolios’ Vs. Reporting Structures (Dark Reading) Organizational structure is a tool for driving action. Worrying about your boss's title won't help you as much as a better communication framework

What you need to do to stop data from leaving with exiting employees (CSO) Having policies in place can help keep employees from walking out the door with company information

Research and Development

Researchers design a chip that checks for sabotage (Help Net Security) With the outsourcing of microchip design and fabrication a worldwide, $350 billion business, bad actors along the supply chain have many opportunities to install malicious circuitry in chips. These Trojan horses look harmless but can allow attackers to sabotage healthcare devices; public infrastructure; and financial, military, or government electronics

Verizon Patent Pertains To Blockchain Technology (Android Headlines) Blockchain technology is present in cryptocurrencies like Bitcoin and Dogecoin, and has been hailed as a “game changer”. The technology powers the currencies through a network-based approach

Academia

4th grader’s project on cyber security proves people will click on anything (KXAN) Evan Robertson is kind of a big deal

Deloitte Runs University Cyber Contest as Recruiting Tool (Campus Technology) In just a couple of weeks students from universities across the country will vie for scholarships (and attention from a potential employer) in the latest Deloitte Foundation Cyber Threat Competition. The program is designed to give people exposure to both the technology and business aspects of cyber risk

UTSA professors inducted into San Antonio Cyber Hall of Honor (UTSA Today) Two professors from The University of Texas at San Antonio (UTSA) are are set to be inducted into the Inaugural San Antonio Cyber Hall of Honor on Tuesday, August 23. Gregory White, professor of computer science and director of the UTSA Center for Infrastructure Assurance and Security (CIAS), and Glenn Dietrich, professor of Information Systems and Cyber Security, will be part of the first class of leaders and pioneers in the cybersecurity industry in San Antonio

Legislation, Policy, and Regulation

Encryption under fire in Europe as France and Germany call for decrypt law (TechCrunch) A fresh chapter of the crypto wars looks to be opening up in Europe, after the French and German interior ministers took to a podium yesterday to lobby for a law change that would enable courts to demand that Internet companies decrypt data to help further criminal investigations

Cyber attacks: Hindsight is 20/20, GDPR is even better (Help Net Security) The dust is beginning to settle on the EU referendum result. But, while the UK’s departure from the union is set to shake things up for many businesses nationwide, there’s at least one EU ruling that UK businesses will still have to comply with: the General Data Protection Regulation

IP Bill Approved – Spies Allowed to Harvest Data (Information Security) The Investigatory Powers (IP) bill has been given approval by David Anderson in a report. Britain’s spies should be allowed to continue harvesting large amounts of data from emails, the government’s reviewer of terror legislation said. IT security experts from AlienVault, MIRACL and Lieberman Software commented below

Iran looking to enhance cyber capabilities (C4ISRNET) While China and Russia have built up a robust profile in cyberspace, many are warning against Iran’s growing capabilities and behavior

Mind the air-gap: Singapore's web cut-off balances security, inconvenience (Reuters via Yahoo! Finance) Singapore is working on how to implement a policy to cut off web access for public servants as a defence against potential cyber attack - a move closely watched by critics who say it marks a retreat for a technologically advanced city-state that has trademarked the term "smart nation"

After NSA leaks, a renewed interest in vulnerability disclosure (SC Magazine) The code leaked by the Shadow Brokers group last week has set off calls from security researchers and tech groups for a national conversation about vulnerability disclosure policy

Litigation, Investigation, and Law Enforcement

Iran's Revolutionary Guard targets 450 social media users (AP) The cyber-arm of Iran's powerful Revolutionary Guard says it has summoned, detained and warned some 450 administrators of social media groups in recent weeks

French submarine builder DCNS loses critical secret docs: India investigates (Register) The French are said to be going ballistic

Judge Orders Immediate Review of 14,900 Hillary Clinton Emails (Wall Street Journal) Federal request says review must be complete by Sept. 22 and comes as new correspondence shows Clinton Foundation sought access to State Department on donors’ behalf

Many Donors to Clinton Foundation Met with her at State (AP) More than half the people outside the government who met with Hillary Clinton while she was secretary of state gave money - either personally or through companies or groups - to the Clinton Foundation. It's an extraordinary proportion indicating her possible ethics challenges if elected president

Jill Stein: Clinton emails reveal security risks, ‘special deals’ for donors (Washington Post) The Green Party's nominee for president rejoined the debate about Hillary Clinton's use of email at the State Department on Tuesday, telling reporters that Clinton clearly "attempted to cover up" shady behavior by using a private server

A Life or Death Case of Identity Theft? (KrebsOnSecurity) On Feb. 20, 2016, James William Schwartz, 84, was going about his daily routine, which mainly consisted of caring for his wife, MaryLou. Mrs. Schwartz was suffering from the end stages of endometrial cancer and wasn’t physically mobile without assistance. When Mr. Schwartz began having a heart attack that day, MaryLou went to use her phone to call for help and discovered it was completely shut off

Ashley Madison misled users with a fake security award (CSO) The site showed the award before getting hit by a massive breach last year, watchdogs say

Some ISPs in India are blocking access to ThePirateBay.org (HackRead) ThePirateBay.org domain has been blocked by some ISPs in India and users are not happy about it

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

SANS Alaska 2016 (Anchorage, Alaska, USA, August 22 - 27, 2016) SANS is bringing our renowned security training to Alaska! Join us in August for a week of hands-on training and compelling bonus sessions while taking in breathtaking views and experiencing the great...

Chicago Cyber Security Summit (Chicago, Illinois, USA, August 25, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers...

Air Force Information Technology and Cyberpower Conference 2016 (Montgomery, Alabama, USA, August 29 - 31, 2016) America is faced with a national emergency in cyberspace. US national security, economic vitality, financial stability and foreign policy are being eroded. Increasingly prevalent and severe malicious cyber...

CISO Toronto (Toronto, Ontario, Canada, August 30, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...

ISAO SO Public Forum (Tysons, Virginia, USA, August 31 - September 1, 2016) This public forum is the last opportunity to meet face-to-face and participate in conversations that will shape the first set of standards and guidelines to be published in September! Speakers will include ...

cybergamut Technical Tuesday: Quantifying Cyber Attacks: To Optimize and Assess your Defense by Jason Syversen of Siege Technologies (Elkridge, Maryland, USA, September 6, 2016) cybergamut Technical Tuesday is for cyber professionals to exchange innovative ideas and discuss technical issues of mutual interest. We’ll have a Technical Tuesday event on 6 September 2016 (1600 – 1730...

2016 Intelligence & National Security Summit (Washington, DC, USA, September 7 - 8, 2016) Third annual unclassified summit hosted by AFCEA International and the Intelligence and National Security Alliance (INSA). There are five plenary sessions and nine breakout sessions related to cybersecurity,...

Annual Privacy Forum 2016 (Frankfurt, Hesse, Germany, September 7 - 8, 2016) In the light of the upcoming data protection regulation and the European digital agenda, DG CONNECT, ENISA and, Goethe University Frankfurt is organizing APF 2016. In the light of the upcoming data protection...

SecureWorld Cincinnati (Sharonville, Ohio, USA, September 8, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry...

Borderless Cyber Europe (Brussels, Belgium, September 8 - 9, 2016) Join CIOs, CISOs and cyber threat intelligence experts from industry, government and CSIRTs worldwide to share experiences, strategies, tactics and practices that will improve your state of preparedness...

SANS Network Security 2016 (Las Vegas, Nevada, USA , September 10 - 16, 2016) We are pleased to invite you and your colleagues to attend SANS Network Security 2016 at the magnificent Caesars Palace, Las Vegas, on September 10-19. SANS Network Security is your annual networking opportunity!...

Business Insurance Cyber Risk Summit 2016 (San Francisco, California, USA, September 11 - 12, 2016) The Business Insurance Cyber Risk Summit provides risk management professionals and chief information security officers with the practical information and tools needed to combat the latest cyber risks...

Hacker Halted 2016 (Atlanta, Georgia, USA, September 11 - 16, 2016) This ​year, ​Hacker ​H​alted’s theme​ is​ the Cyber Butterfl​​y Effect​:​ When ​S​mall ​M​istakes ​L​ead to ​B​ig ​D​isasters​. The goal of the conference is to bring the IT security community together...

(ISC)² Security Congress (Orlando, Florida, USA, September 12 - 15, 2016) (ISC)² Security Congress offers attendees over 90 education sessions, designed to transcend all industry sectors, focus on current and emerging issues, best practices, and challenges facing cybersecurity...

7th Annual Billington Cybersecurity Summit (Washington, DC, USA, September 13, 2016) Join over 600 senior-level attendees, more than 50 distinguished speakers, and over 40 prestigious sponsors and exhibitors at the 7th Annual Billington CyberSecurity Summit, the leading Fall forum on cybersecurity...

CISO GAS (Frankfurt, Hessen, Germany, September 13, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. CISOs and IT security executives...

ISS World Americas (Washington, DC, USA, September 13 - 15, 2016) ISS World America is the world's largest gathering of North American Law Enforcement, Intelligence and Homeland Security Analysts as well as Telecom Operators responsible for Lawful Interception, Hi-Tech...

Tarleton State University Cyber Security Summit 2016 (Dallas, Texas, USA, September 13, 2016) Cyber Security for the Board and the C-Suite: "What You Need to Know." Cyber Security experts will discuss corporate cyber-attacks and legal practitioners will discuss strategies to help companies comply...

Insider Threat Program Development Training For NISPOM CC 2 with Legal Guidance (Germantown, Maryland, USA, September 14 - 15, 2016) Insider Threat Program Development Training for NISPOM CC 2 (Germantown, Maryland, September 14 - 15, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development...

SecureWorld Detroit (Dearborn, Michigan, USA , September 14 - 15, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

Insider Threat Program Development Training for NISPOM CC 2 (Milwaukee, Wisconsin, USA, September 19 - 20, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795...

4th ETSI/IQC Workshop on Quantum-Safe Cryptography (Toronto, Ontario, Canada, September 19 - 21, 2016) This three-day workshop brings together diverse players in the quantum-safe cybersecurity community to facilitate the knowledge exchange and collaboration required to transition cyber infrastructures and...

Cyber Physical Systems Summit (Newport News, Virginia, USA, September 20 - 22, 2016) On September 20-22, 2016 the Commonwealth will be hosting a Cyber and Physical Systems Summit. The three day event will consist of roundtable discussions, plenary and panel presentations across the intersection...

hardwear.io Security Conference (The Hague, the Netherlands, September 20 - 23, 2016) hardwear.io Security Conference is a platform for hardware and security community where researchers showcase and discuss their innovative research on attacking and defending hardware. The objective of...

3rd Annual Senior Executive Cyber Security Conference: Navigating Today's Cyber Security Terrain (Baltimore, Maryland, USA, September 21, 2016) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 3rd Annual Senior Executive Cyber Security Conference on Wednesday, September 21, from 8:30 a.m. –...

New York Cyber Security Summit (New York, New York, USA, September 21, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers...

Gigaom Change 2016 Leader's Summit (Austin, Texas, USA, September 21 - 23, 2016) Over an immersive 2.5 days, we will explore the current state-of-the-art technologies, how these are transforming industry, and why this all matters. You’ll emerge with a greater understanding of the exponential...

NYIT Annual Cybersecurity Conference (New York, New York, USA, September 22, 2016) Presented by NYIT School of Engineering and Computing Sciences, this conference brings together cyber experts from academia, business, and government to address: Cyber Defense Against Attacks–How Industry...

Cyber Security: How to Identify Risk and Act (Frankenmuth, Michigan, USA, September 26, 2016) Join us on 9/26/2016 for the PMI-MTC's annual project management PDD focusing on "Cyber Security: How to Identify Risk and Act." Earn 7 PDUs during the interactive sessions with well-known information ...

CYBERSEC (Kraków, Poland, September 26 - 27, 2016) The CYBERSEC forum is the first of its kind in Poland and one of just a few regular public policy conferences in Europe devoted to the strategic issues of cyberspace and cybersecurity.The goal of the CYBERSEC...

Third Annual Women in Cyber Security Reception (Baltimore, Maryland, USA, September 27, 2016) The CyberWire is pleased to present the 3rd Annual Women in Cyber Security Reception in cooperation with our partner the Cybersecurity Association of Maryland (CAMI) on Tuesday, September 27, 2016, in...

IP EXPO Nordic 2016 (Stockholm, Sweden, September 27 - 28, 2016) IP EXPO Nordic is part of Europe’s number ONE enterprise IT event series, designed for those looking to find out how the latest IT innovations can drive business growth and competitiveness. The event showcases...

SecureWorld Dallas (Plano, Texas, USA , September 27 - 28, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.