skip navigation

More signal. Less noise.

Daily briefing.

Yesterday, as the US Intelligence Community reported on Russian election hacking—it's calling the campaign "Grizzly Steppe"—the Government announced its first round of sanctions against Russian individuals and organizations. President Obama amended Executive Order 13964 (April 2015) to "address the national emergency with respect to significant malicious cyber-enabled activities," authorizing sanctions against those who interfere with elections. Two intelligence services (GRU and FSB), three companies supporting those services (STLC Ltd., Zorsecurity, and ANO PO KSI), and four named GRU officers were immediately sanctioned.

The State Department declared thirty-five Russian diplomats from the Washington embassy and San Francisco consulate persona non grata for actions "inconsistent with their diplomatic and consular status." State says the expulsions are prompted both by attempts to interfere with US elections and by "harassment" of US diplomatic personnel and activities.

Russian Foreign Minister Lavrov publicly recommended retaliation against a like number of US diplomats, but early this morning President Putin turned the recommendation down (for now), not wishing, he says, to descend to the Americans' low level.

The joint FBI-DHS report on Grizzly Steppe describes the campaign as the culmination of a decade of Russian intelligence services' hacking. US citizens are urged to be on the lookout for Bears.

Russian authorities deny hacking charges—RT sniffs at US evidence, citing in support of Russian innocence various IC-skeptical tweets and the alleged puerility of names like Fancy Bear and Cozy Bear.

A Guardian op-ed sums up by saying we're in the midst of an unacknowledged world cyberwar.

Notes.

Today's issue includes events affecting Australia, Brazil, France, Germany, India, Israel, Democratic Peoples Republic of Korea, Republic of Korea, Lithuania, Pakistan, Russia, Singapore, Ukraine, United Kingdom, United States, and Vietnam.

A note to our readers: New Year's Day falls on Sunday, and so we'll take a break this Monday, January 2nd. We'll be back as usual on the 3rd. Best wishes for the new year from all of us at the CyberWire.

You can find information security lessons everywhere. We think we see some in the new Star Wars flick, "Rogue One." Here's a thought: the Empire's contractors on Eadu were apparently less than fully NISPOM compliant. Didn't Director Krennic require them to self-certify? (For background on NISPOM, see this account of a CRTC symposium, and lawyer up, padawans. Even the Empire has privacy and employment laws. We're pretty sure...although Krennic's HR policies seem a little strict...)

The CyberWire podcast this week offers a series of end-of-year long-form (but still brief) episodes. We're running extended interviews that include never-before aired conversations with some of our most interesting partners and guests. Our normal programming returns on January 3rd. If you've been enjoying the podcasts, please consider giving us an iTunes review.

Today we also have a new special edition of our Podcast. The topic is buying cyber security. Every day there seems to be a new security product on the market, with many of them claiming to provide something that you simply can’t live without. Companies appear and disappear, and businesses are faced with difficult, confusing, and often expensive choices. In this CyberWire special edition, we explore how businesses are navigating the process of choosing products and technologies in a crowded marketplace. We talk to some key stakeholders to find out what drives their purchasing decisions, and what they wished their vendors knew before they came knocking on their doors.

Cyber Attacks, Threats, and Vulnerabilities

OSCE victim of ‘major’ cyber attack (Guardian) The Organization for Security and Co-operation in Europe, an international election and war monitor, said Wednesday it had become the latest global institution to suffer a “major” cyber attack

Ukraine hit by 6,500 hack attacks, sees Russian 'cyberwar' (Reuters) Hackers have targeted Ukrainian state institutions about 6,500 times in the past two months, including incidents that showed Russian security services were waging a cyberwar against the country, President Petro Poroshenko said on Thursday

Lithuania says Russian spyware infected government computers (Graham Cluley) Lithuanian officials call it “part of psychological warfare”

Report Shows Kim Jong-Un’s Cyber Squads Could ‘Paralyze’ US Pacific Command (Daily Caller) A full-scale North Korean cyber attack could leave the U.S. Pacific Fleet, as well as parts of the continental U.S., in the dark, a South Korean defense agency revealed

Cyber experts from Kerala unleash 'surgical strikes' on Pakistan cyberspace (India Times) After Pakistani cyber attackers hacked Thiruvananthapuram airport's website yesterday, a group of cyber experts from Kerala - the 'Mallu Cyber Soldiers' - decided to respond in kind: by hacking the website of a Pakistani airport

KillDisk Disk-Wiping Malware Adds Ransomware Component (Bleeping Computer) A malware family previously used to sabotage computers by deleting and rewriting files has added a ransomware component, now encrypting files and demanding a huge ransom

Threat Actors Bring Ransomware To Industrial Sector With New Version of KillDisk (Dark Reading) Disk-erasing malware has been tweaked to encrypt data instead and to ask for a Bitcoin payment

Recent Spam Runs in Germany Show How Threats Intend to Stay in the Game (TrendLabs Security Intelligence Blog) In early December, GoldenEye ransomware (detected by Trend Micro as RANSOM_GOLDENEYE.A) was observed targeting German-speaking users—particularly those belonging to the human resource department. GoldenEye, a relabeled version of the Petya (RANSOM_PETYA) and Mischa (RANSOM_MISCHA) ransomware combo, GoldenEye not only kept to the James Bond theme of its earlier iteration, but also its attack vector

Microsoft Reports Cerber Ransomware Staging Holiday Onslaught (eWeek) Microsoft security researchers warn that after a brief quiet period, the Cerber ransomware family has reemerged with a vengeance to target holiday shoppers and enterprise business data files

Steganography Is Very Popular with Exploit Kits All of a Sudden (Bleeping Computer) Steganography, the technique of embedding hidden messages inside public files, has become very popular with exploit kit operators in 2016

Meet the Leet DDoS Botnet, Just as Powerful as Mirai (HackRead) Security experts from Imperva Security are describing Leet Botnet as more powerful than its counterpart botnet Mirai. In fact, Leet is being regarded as the winner of the title of most powerful DDoS (distributed denial of service) attack of 2016 with a humongous speed of 650 GBPS (gigabit per second) noticed recently by Imperva network. The attack launched through Leet on Imperva displayed this overwhelming traffic and thus, Mirai’s title as the most powerful DDoS attack was claimed by Leet

It's Almost 2017 and Users Are Still Getting Infected with Malware via Fake AV Software (Bleeping Computer) You'd expect that by now, users should be aware that downloading "cracks" for any kind of software would come with inherent dangers, such as adware, infostealers, backdoors, and even ransomware. Sadly, this isn't the case and a fairly decent amount of users are still get infected with all sort of nasties this way

State IT chief says human error allowed DHHS data breach (Manchester Union Leader) A patient at the state psychiatric hospital was able to access confidential information on 15,000 clients of Health and Human Services because of human error, according to Denis Goulet, the state’s chief technology officer - See more at: http://www.unionleader.com/state-government/state-it-chief-says-human-error-allowed-dhhs-data-breach--20161229#sthash.oFEqC3Ly.dpuf

All at Sea (Infosecurity Magazine) When you watch Netflix, deal with your email or make a Skype call, the traffic travels along a relatively small number of routes to its destination. Like most of the world’s internet traffic, it travels via submarine cables, typically the width of a garden hose. Today, there are 356 of these cables spread across the world. How safe are they from attack or disruption?

Security Patches, Mitigations, and Software Updates

PHPMailer, Swiftmailer Updates Resolve Critical Remote Code Execution Vulnerabilities (Threatpost) Critical remote code execution vulnerabilities in two different libraries used to send emails via PHP were patched this week.

Cyber Trends

Threatpost 2016 Year in Review (Threatpost) Mike Mimoso, Tom Spring, and Chris Brook recap 2016’s biggest news stories, including the proliferation of IoT botnets, the rise of ransomware, the FBI vs. Apple battle, Yahoo, and a rash of old password breaches

5 signs we're finally getting our act together on security (cio) Despite all the bad news in information security in 2016, some positive developments may finally shift momentum

Marketplace

The Next Sector To Invest In: Cybersecurity (BW Disrupt) “Global spending on cybersecurity products and services for defending against cybercrime is projected to exceed $1 trillion cumulatively over the next five years, from 2017 to 2021.” The Israeli startups are rushing to the Silicon Valley in search of funds for their cutting edge digital defense ideas. And the VCs are waiting with arms wide open

Tech stocks for your portfolio: FireEye, Inc. (FEYE), Brocade Communications Systems, Inc. (BRCD) (Independent Republic) FireEye, Inc. (FEYE) ended last trading session with a change of -3.51 percent. It trades at an average volume of 4.14M shares versus 3.83M shares recorded at the end of last trading session. The share price of $11.95 is at a distance of 9.94 percent from its 52-week low and down -46.84 percent versus its peak. The company has a market cap of $2.03B and currently has 170.25M shares outstanding. The share price is currently -7.93 percent versus its SMA20, -7.29 percent versus its SMA50, and -20.71 percent versus its SMA200. The stock has a weekly performance of -7.94 percent and is -42.38 percent year-to-date as of the recent close

How Symantec Transformed in 2016 (Investopedia) Shares of cybersecurity pioneer Symantec Corp. (SYMC) are trading up about 16% year to date (YTD) at a price of $24.17 per share on Thursday afternoon

Siemens will sich neu erfinden und Software-Konzern werden (Deutsche Wirtschafts Nachrichten) Siemens will den Trend der Industrie 4.0 nutzen und Software-Lösungen anbieten - auch, um zu verhindern, dass der Konzern von anderen Anbietern ausgebremst wird

Louisville's Swimlane raises $3M in private offering (Daily Camera) Louisville software company, Swimlane LLC, has raised $3 million of a scheduled $3,175,000 private offering, according to documents filed with the U.S. Securities and Exchange Commission

Products, Services, and Solutions

Good Guy Hacker Launches 'Security Without Borders' to Defend At-Risk Dissidents (Motherboard) Some hackers have lost their way. Today, countless techies have entered the for-profit cybersecurity business, potentially neglecting what one security researcher calls their responsibility to civil society: helping at-risk users like dissidents with the security of their work, for example

Quick Heal launches ad campaign focusing on the risks of free antivirus solutions (exchange4media News Service) Quick Heal Technologies Limited has released an ad campaign to draw consumers’ attention towards the risks associated with free antivirus solutions. Targeting the youth and working professionals in its TVCs, Quick Heal aims to create awareness on the security threats, which a free antivirus product is not capable to mitigate, as compared to the protection guaranteed by a purchased antivirus solution for safe banking, privacy protection, anti-ransomware, anti-phishing, enhanced firewall, and web security

Technologies, Techniques, and Standards

Your new year’s resolution: get ready for GDPR (Naked Security) By 2018, the General Data Protection Regulation (GDPR) will require any company doing business in the European Union to more securely collect, store and use personal information

What to do if your data is taken hostage (CSO) Find out how to respond to ransomware threats

Cash for Bugs: should you crowdsource your application security? (IT Pro Portal) A bug bounty programme can be quite effective if managed properly

Making Bugs Bountiful (Infosecurity Magazine) Apple recently joined the growing number of corporates to launch a vulnerability reward program, better known as a bug bounty scheme. Initially limited to a couple of dozen researchers already known to Apple, it will pay as much as $200,000 for a critical security vulnerability, which sounds a lot, until you learn that a small private firm called Exodus Intelligence offers as much as $500,000 for zero-day vulnerabilities in iOS

Defending Against the Unknown (Economic Times) Insights on the need for multi-layered protection

Skills Gap: How to Attract the Best Staff (Infosecurity Magazine) As the cybersecurity skills gap continues to plague the industry, it has never been more important for organizations to have a sound understanding of how to attract and retain the best staff

Academia

University Of Maryland Francis King Carey School Of Law Launches Online Masters Programs (HS Today) Two new online Master's degree programs designed primarily for non-lawyers, a Master of Science in Cybersecurity Law and a Master of Science in Homeland Security & Crisis Management Law, are now being offered by the University of Maryland Francis King Carey School of Law

Legislation, Policy, and Regulation

We're living through the first world cyberwar – but just haven’t called it that (Guardian) he job of the historian is often to pull together broad themes and trends, then give them a snappy title that people will easily recognise and understand. That’s how we end up with labels like “The decline and fall of the Roman Empire” or “The Rise of Hitler and the Third Reich"

Obama Strikes Back at Russia for Election Hacking (New York Times) President Obama struck back at Russia on Thursday for its efforts to influence the 2016 election, ejecting 35 suspected Russian intelligence operatives from the United States and imposing sanctions on Russia’s two leading intelligence services

US expels Russian diplomats over cyber attack allegations (BBC) The US has expelled 35 Russian diplomats as punishment for alleged interference into the presidential election

Obama retaliates against Russia for election hacking (AP via Federal News Radio) In a sweeping response to election hacking and other meddlesome behavior, President Barack Obama on Thursday sanctioned Russian intelligence services and their top officials, kicked out 35 Russian officials and closed down two Russian-owned compounds in the U.S. It was the strongest action the Obama administration has taken to date to retaliate for a cyberattack

Obama’s Russian Hacking Retaliation Is Biggest “Since the Cold War” (Wired) Since US intelligence agencies in October identified the Russian government as the source of hacker attacks that breached the Democratic party organizations and leaked private email conversations, President’s Obama’s White House has been searching for an appropriate response. Now, the administration has finally shot back, deporting Russian officials and calling out the individuals and organizations responsible for that hacking, in a set of measures never before seen in America’s digital diplomacy

Obama announces sanctions for Russian election hacking (TechCrunch) The Obama administration announced today that it will impose sanctions on Russian intelligence services and officials in response to the hacks of American political institutions during the election season

Obama imposes sanctions on Russia over hack, expels 35 diplomats; Trump says time 'to move on' (Chicago Tribune) The United States struck back Thursday at Russia for hacking the U.S. presidential campaign with a sweeping set of punishments targeting Russia's spy agencies and diplomats. The U.S. said Russia must bear costs for its actions, but Moscow called the Obama administration "losers" and threatened retaliation

McConnell: New Russia sanctions an 'initial step' (The Hill) Senate Majority Leader Mitch McConnell (R-Ky.) on Thursday called new sanctions against Russia an "initial step" but reiterated that lawmakers will review Moscow's meddling in the U.S. presidential election next year

Obama tosses 35 Russians out of US, sanctions others for election meddling (Ars Technica) Intelligence dump from DHS and FBI bolsters claims of Russian election interference

US reportedly plans retaliation against Russian election hacks soon [Update: sanctions announced] (Ars Technica) A “proportional response” won't deter future meddling, says one security expert

FACT SHEET: Actions in Response to Russian Malicious Cyber Activity and Harassment (The White House) Today, President Obama authorized a number of actions in response to the Russian government’s aggressive harassment of U.S. officials and cyber operations aimed at the U.S. election in 2016. Russia’s cyber activities were intended to influence the election, erode faith in U.S. democratic institutions, sow doubt about the integrity of our electoral process, and undermine confidence in the institutions of the U.S. government. These actions are unacceptable and will not be tolerated

Statement by the President on Actions in Response to Russian Malicious Cyber Activity and Harassment (The White House) Today, I have ordered a number of actions in response to the Russian government’s aggressive harassment of U.S. officials and cyber operations aimed at the U.S. election. These actions follow repeated private and public warnings that we have issued to the Russian government, and are a necessary and appropriate response to efforts to harm U.S. interests in violation of established international norms of behavior

Executive Order -- Taking Additional Steps to Address the National Emergency with Respect to Significant Malicious Cyber-Enabled Activities (The White House) By the authority vested in me as President by the Constitution and the laws of the United States of America, including the International Emergency Economic Powers Act (50 U.S.C. 1701 et seq.) (IEEPA), the National Emergencies Act (50 U.S.C. 1601 et seq.) (NEA), and section 301 of title 3, United States Code

Annex to Executive Order -- Taking Additional Steps to Address the National Emergency with Respect to Significant Malicious Cyber-Enabled Activities (The White House) Entities[:] 1. Main Intelligence Directorate (a.k.a. Glavnoe Razvedyvatel’noe Upravlenie) (a.k.a. GRU); Moscow, Russia

Letter from the President -- Taking Additional Steps to Address the National Emergency with Respect to Significant Malicious Cyber-Enabled Activities (The White House) Dear Mr. Speaker: (Dear Mr. President:) Pursuant to the International Emergency Economic Powers Act (50 U.S.C. 1701 et seq.) (IEEPA), I hereby report that I have issued an Executive Order (the "order") that takes additional steps to address the increasing use of significant malicious cyber-enabled activities to undermine democratic processes or institutions. These steps have been taken with respect to the national emergency declared in Executive Order 13694 of April 1, 2015

Department of State Actions in Response to Russian Harassment (US Department of State) The State Department today declared persona non grata 35 Russian officials operating in the United States who were acting in a manner inconsistent with their diplomatic or consular status. The Department also informed the Russian Government that it would deny Russian personnel access to two recreational compounds in the United States owned by the Russian Government

Treasury Sanctions Two Individuals for Malicious Cyber-Enabled Activities (US Department of the Treasury) Building on the authority previously provided to the Secretary of the Treasury, the President amended Executive Order 13694, “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities,” which was issued by President Obama on April 1, 2015 to authorize sanctions against individuals and entities that threaten the national security, foreign policy, or economic health or financial stability of the United States through involvement in malicious cyber-enabled activities that constitute tampering with, altering, or causing a misappropriation of information with the purpose or effect of interfering with or undermining election processes or institutions. In an Annex to the amended E.O., the President imposed sanctions on five entities and four individuals in response to the Government of Russia’s interference with U.S. elections and processes in recent months

Putin says Russia won't expel US diplomats in tit-for-tat measure (Guardian) ‘We will not drop to this level of irresponsible diplomacy,’ says Russian president in response to US move to kick out 35 Russian officials

Russia moves to expel US diplomats in response to sanctions (BBC) The Russian foreign ministry has called for the expulsion of 35 US diplomats in response to a similar move by Washington

Russia Set to Expel 35 U.S. Diplomats in Response to Move by Obama (New York Times) Russia moved on Friday to impose tit-for-tat measures against the United States in the latest crisis in relations between the two countries, with the foreign minister recommending that the country expel 35 American diplomats and close two diplomatic facilities

How Russia Recruited Elite Hackers for Its Cyberwar (New York Times) Aleksandr B. Vyarya thought his job was to defend people from cyberattacks until, he says, his government approached him with a request to do the opposite

Brazil announces establishment of new cyber defence command (IHS Jane's 360) The Brazilian Army has approved the establishment of a cyber defence command, known as Comando de Defesa Cibernética (ComDCiber), to help protect the country's online infrastructure

The cybersecurity priority for DHS in 2017 (Federal Times) As one of his first national security appointments, President-elect Donald Trump has selected retired Marine Gen. John F. Kelly to lead the Department of Homeland Security. Gen. Kelly is widely recognized for his expertise in counterterrorism, his dedication, composure and intellect. He is especially known for his excellent leadership skills honed by over 40 years of military service, including as the commander of U.S Southern Command

Litigation, Investigation, and Law Enforcement

Joint DHS, ODNI, FBI Statement on Russian Malicious Cyber Activity (US Department of Homeland Security) On October 7, 2016, Secretary Johnson and Director Clapper issued a joint statement that the intelligence community is confident the Russian Government directed the recent compromises of e-mails from U.S. persons and institutions, including from U.S. political organizations, and that the disclosures of alleged hacked e-mails on sites like DCLeaks.com and WikiLeaks are consistent with the Russian-directed efforts. The statement also noted that the Russians have used similar tactics and techniques across Europe and Eurasia to influence public opinion there

Joint DHS, ODNI, FBI Statement on Russian Malicious Cyber Activity (IC on the Record) On October 7, 2016, Secretary Johnson and Director Clapper issued a joint statement that the intelligence community is confident the Russian Government directed the recent compromises of e-mails from U.S. persons and institutions, including from U.S. political organizations, and that the disclosures of alleged hacked e-mails on sites like DCLeaks.com and WikiLeaks are consistent with the Russian-directed efforts. The statement also noted that the Russians have used similar tactics and techniques across Europe and Eurasia to influence public opinion there

GRIZZLY STEPPE – Russian Malicious Cyber Activity (US-CERT) This Joint Analysis Report (JAR) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities. The U.S. Government is referring to this malicious cyber activity by RIS as GRIZZLY STEPPE

FBI, DHS release report on Russia hacking (The Hill) The FBI and the Department of Homeland Security (DHS) on Thursday released a joint report detailing how federal investigators linked the Russian government to hacks of Democratic Party organizations

FBI, Department of Homeland Security outline conclusion that Russian agencies, military hacked U.S. election (Daily News) The feds on Thursday detailed how U.S. officials concluded Russian military and intelligence services were behind a massive election-related cyber assault on the U.S

Full List of All Gov’t Docs in US Response to Russian Election Hacking–with summaries (Just Security) Below is a list of all the U.S. government documents released on Thursday as part of the Obama administration’s announced response to Russian interference in the U.S. election process. See also Kristen Eichensehr’s initial post in response to the announcement and released documents. And stay tuned for more coverage and analysis by Eichensehr and others at Just Security

FBI and Homeland Security detail Russian hacking campaign in new report (Guardian) Experts say report is too little too late and comes after several others from private sector detailing alleged exploits of groups Fancy Bear and Cozy Bear

Who helped Russia "hack" the US election? It might have been you... (Graham Cluley) USA kicks out 35 Russian intelligence officers after election-related hacks

Report on ‘Russian hacking’ offers disclaimers, barely mentions Russia (RT) As the White House and Treasury Department announced new sanctions against Russia over the alleged hacking of US elections, the FBI and Homeland Security released a report that offered supposed proof amid an abundance of disclaimers

The shocking failure in how the FBI warned the DNC that it had been hacked (Graham Cluley) Not having your warnings taken seriously? Visit the victims!

Snowden doc shows NSA blamed Russia for hack of murdered journalist: report (The Hill) The National Security Agency (NSA) knew that the Russian government hacked the email account of a prominent journalist the year before she was killed in Moscow, documents published by The Intercept show

Here’s what a “digital Miranda warning” might look like (Ars Technica) Smartphone owners need to know if—and when—they need to reveal their passcodes

Op-ed: Five unexpected lessons from the Ashley Madison breach (Ars Technica) This is the first FTC complaint involving lying bots—there will be more

DOJ won’t prosecute Redflex in exchange for restitution and cooperation (Ars Technica) Red light firm adds “rigorous anti-bribery and anti-corruption compliance code”

Facebook stalls in lawsuit alleging its facial recognition tech violates Illinois law (TechCrunch) An Illinois law is proving a thorn in Facebook’s side as a class action lawsuit, alleging mishandling of biometric information, moves toward trial. The latest developments in the case have the social network objecting against releasing or even admitting the existence of all manner of data, but the plaintiffs aren’t taking “objection” for an answer

Former BlackRock Manager Sentenced in Insider Trading Case (New York Times) A former fund manager at BlackRock was sentenced to one year in prison on Wednesday after he pleaded guilty to insider trading charges in November

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

CES® CyberSecurity Forum (Las Vegas, Nevada, USA, January 5, 2017) Now in its second year, the CES® CyberSecurity Forum presented by CyberVista is designed to ensure all stakeholders in developing high tech solutions understand the complexity and the need for action in...

SANS Security East 2017 (New Orleans, Louisiana, USA, January 9 - 14, 2017) Start the year off right by choosing from outstanding, cutting-edge courses presented by our top-rated instructors. SANS is looking forward to an exciting kickoff of 2017 with SANS Security East 2017 in...

Global Institute CISO Series Accelerating the Rise & Evolution of the 21st Century CISO (Scottsdale, Arizona, USA, January 11 - 12, 2017) These intimate workshops address the challenges that Board of Directors are placing on security and risk executives, and how to successfully manage and communicate today’s enterprise and organizational...

Cybersecurity of Critical Infrastructure Summit 2017 (College Station, Texas, USA, January 11 - 13, 2017) An inaugural event to convene thought-leaders, experts, and strategic decision makers from government, industry, and academia to discuss the technology and policy implications of the ever-evolving cyber-threats...

ShmooCon 2017 (Washington, DC, USA, January 15 - 17, 2017) ShmooCon is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and...

SANS Las Vegas 2017 (Las Vegas, Nevada, USA, January 23 - 28, 2017) Attend SANS Las Vegas 2017, where SANS will provide outstanding courses in IT security, forensics, and security management presented by the best cybersecurity teachers in the country. At SANS events you...

BlueHat IL (Tel Aviv, Israel, January 24 - 25, 2017) Announcing BlueHat IL – a special edition of Microsoft's leading cyber security conference for top professionals, to be held for the very first time in Tel Aviv, Israel. Over the past 10 years, BlueHat conferences have drawn the brightest minds in security to discuss key industry challenges. And now, BlueHat IL is here to crank it up by exploring and creating new cyber security thoughts and boundaries. This exclusive, by invitation only, single track event will host top cyber security professionals from around the world, who will come together to tackle the present and peek into the future. It will feature brilliant speakers and focus on breakthrough research, key trends and emerging threats in the field. Registration closes December 28.

SANS Cyber Threat Intelligence Summit & Training 2017 (Arlington, Virginia, USA, January 25 - February 1, 2017) Join SANS at this innovative Summit as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities. Most organizations are familiar with threat intelligence, but...

Blockchain Protocol and Security Engineering (Stanford, California, USA, January 26 - 27, 2017) This conference will explore the use of formal methods, empirical analysis, and risk modeling to better understand security and systemic risk in blockchain protocols. The conference aims to foster multidisciplinary...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.