skip navigation

More signal. Less noise.

Daily briefing.

The emerging consensus over late December's rolling blackouts in Western Ukraine moves decisively toward the conclusion initially reached by ESET and iSight Partners that the affected oblast's grid sustained a cyber attack. The SANS Institute's influential Industrial Control Systems blog says, "We assess with high confidence based on company statements, media reports, and first-hand analysis that the incident was due to a coordinated intentional attack." Attackers apparently gained network access to control systems, turning them on and off at will. Other bits of malware and supporting attacks served as misdirection. Ukraine's government plans to release results of its investigation next week.

German intelligence services resume cooperation with US services after an interruption brought on by objections to US electronic surveillance of German and other friendly European targets.

A group of Germany-based jihadists begin publishing a cryptography magazine. While denying adherence to ISIS, the publishers nonetheless expect their work to useful to colleagues in cyber-jihad.

Counter-terror operations were the focus of Friday's White House outreach to Silicon Valley, with particular emphasis on denying ISIS a platform in social media. But the Daily Beast points out that the old-school, dead-tree ISIS magazine "Dabiq" enjoys wide influence, the message apparently trumping the medium.

Twitter finds itself in conflict with Turkey's government over Kurdish pro-independence.

UK opposition leader Jeremy Corbyn's Twitter account was briefly hijacked.

The Rovnix Trojan worries Japanese banks. Other countries go on alert against similar infestations.

Juniper Networks drops its backdoored encryption scheme. Microsoft's support for older IE versions ends tomorrow.

Notes.

Today's issue includes events affecting European Union, France, Germany, Iran, Iraq, Japan, Moldova, Nigeria, Philippines, Romania, Russia, Syria, Turkey, Ukraine, United Kingdom, United States.

Cyber Attacks, Threats, and Vulnerabilities

Hackers used malware to confuse utility in Ukraine outage — report (Reuters) Hackers likely caused a Dec. 23 electricity outage in Ukraine by remotely switching breakers to cut power, after installing malware to prevent technicians from detecting the attack, according to a report analyzing how the incident unfolded

Malware wasn't sole cause of Ukraine power station outage (Computerworld) The attackers manually intervened to open breakers that caused power outages

Confirmation of a Coordinated Attack on the Ukrainian Power Grid (SANS Industrial Control Systems Blog) After analyzing the information that has been made available by affected power companies, researchers, and the media it is clear that cyber attacks were directly responsible for power outages in Ukraine. The SANS ICS team has been coordinating ongoing discussions and providing analysis across multiple international community members and companies. We assess with high confidence based on company statements, media reports, and first-hand analysis that the incident was due to a coordinated intentional attack

Russian Hacker Sandworm Blamed For Ukraine Power Outage (Radio Free Europe/Radio Liberty) U.S. cyberintelligence firm iSight Partners said it is certain that a Russian hacking group known as Sandworm caused last month's unprecedented power outage in Ukraine

The Ukranian electric grid cyber attack — it can it happen here (Control) iSight partners gave a presentation at the ICS Cyber Security Conference in Atlanta identifying the BlackEnergy malware and what it meant to critical infrastructures including electric utilities

ICS Cross-Industry Learning: Cyber-Attacks on Electric Transmission and Distribution (Part One) (SANS Industrial Control Systems Blog) When stories of cyber attacks against industrial control systems (ICS) emerge there are always statements around what malware did or did not do in the environment. To truly understand the impact on industrial control systems (ICS) though requires the understanding of the system itself and what is possible

Was the Cyber Attack on a Dam in New York an Armed Attack? (Just Security) Concerns about the vulnerability of infrastructure to cyber attacks were highlighted in two recent news articles. Last month, the Wall Street Journal reported that in 2013, Iranian hackers infiltrated the control system of a dam 20 miles outside of New York City…How should this event be characterized? Is it an act of cyberwar? Is it an inter-state attack? What measures can the United States take in response to this event?

Jihadists Launch Tech Magazine Focusing On Cryptography (Radio Free Europe/Radio Liberty) A group of German-speaking jihadists has released the first issue of an online magazine that provides information on encrypted communications and Internet security

'Supporters Of The Islamic State' — Anatomy Of A Private Jihadi Group On The Encrypted 'Telegram' App, Offering Secret Chats And Private Encryption Keys (MEMRI) The November 13, 2015 Paris attacks relaunched the debate about Islamic State (ISIS) and other jihadi use of encryption technology and apps, with particular attention, and unprecedentedly negative media coverage, directed at Telegram, which these groups and individuals now heavily favor

Twitter's Latest Challenge: Deciding Who's a Terrorist (Wired) Times are challengeing for Twitter. Its stock price is down. Its product strategy is under constant scrutiny. And recently, it's put itself in the position of defying a government's claim that it's offering a venue for terrorists

Anonymous Targets Nigerian Government Sites, Wages War Against Corruption (Hack Read) Anonymous, the infamous hacktivist group having footprints around the world, waged a cyber war against the Nigerian government on Friday

Labour leader Jeremy Corbyn's Twitter account hacked (BBC) A series of foul-mouthed posts have been published on Jeremy Corbyn's Twitter feed following the apparent hacking of the Labour leader's account

Hacked Twitter account embarrasses UK politicial leader (Naked Security) The UK's Leader of the Opposition is Jeremy Corbyn MP, head of the Labour Party, and we think we can say, while remaining entirely objective, that he's controversial

Why GPS is more vulnerable than ever (Christian Science Monitor Passcode) The space-based navigation and timing system faces a growing risk of attack. But there is a simple solution

Fatally weak MD5 function torpedoes crypto protections in HTTPS and IPSEC (Ars Technica) MD5 and its only slightly stronger SHA1 cousin put world on collision course

Japanese Banks Targeted With New Rovnix Trojan (Dark Reading) US organizations need to monitor such threats because cyber criminals can easily modify and migrate such threats for use here, IBM says

Ransomware evolution: Another brick in the CryptoWall (Naked Security) The evolution of ransomware is always a hot topic, or at least a hot under the collar topic, because of its odiousness

A Look Inside Cybercriminal Call Centers (KrebsOnSecurity) Crooks who make a living via identity theft schemes, dating scams and other con games often run into trouble when presented with a phone-based challenge that requires them to demonstrate mastery of a language they don't speak fluently. Enter the criminal call center, which allows scammers to outsource those calls to multi-lingual men and women who can be hired to close the deal

U.S. Says Only Jeeps Had Hacker Vulnerability Via Radios (Wall Street Journal) National Highway Traffic Safety Administration ends five-month investigation, saying problem appears isolated

National Lottery fails to set a good security example to Android users (Graham Cluley) It's a huge weekend for the UK's National Lottery — with a jackpot of almost £60 million up for grabs in what's set to be the biggest payout since the Lotto began 21 years ago

Fitbit users fall victim to account takeovers. Don't reuse passwords! (Naked Security) Online crooks have recently broken into dozens of Fitbit accounts using leaked email addresses and passwords from third-party sites

Cyber crooks abuse legitimate EU Cookie Law notices in clever clickjacking campaign (Help Net Security) Cyber crooks have set up a clever new clickjacking campaign that takes advantage of pop-up alerts that European users are (by now) accustomed to see: the "EU Cookie Law" notifications

A Guide on 5 Common Twitter Scams (Tripwire: the State of Security) For National Cyber Security Awareness Month (NCSAM) last year, The State of Security published an article offering advice on how users can securely navigate the world of social networking. Among other things, our experts cited users sharing too much information and posting revealing photos as dangerous behaviors that could potentially invite attackers to profile their accounts

Social Network Sharing Makes Users an Easy Target for Cyber-Criminals (Information Security Buzz) A quiz from Kaspersky Lab has found that almost a third (30 per cent) of social network users share their posts, check-ins and other personal information, not just with their friends, but with everybody who is online. This is leaving the door wide open for cyber-criminals to attack, as users remain unaware of just how public their private information can be on these channels

Intel Skylake bug causes PCs to freeze during complex workloads (Ars Technica) Bug discovered while using Prime95 to find Mersenne primes

Bulletin (SB16-011) Vulnerability Summary for the Week of January 4, 2015 (US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week

Security Patches, Mitigations, and Software Updates

Juniper Networks will drop code tied to National Security Agency (Business Insider) Juniper Networks said late on Friday it would stop using a piece of security code that analysts believe was developed by the National Security Agency in order to eavesdrop through technology products

Older IE Versions Losing Security Support on Tuesday (Threatpost) Anxiety was high around April 8, 2014 when Microsoft officially closed the door on security support for Windows XP. Many envisioned black hats worldwide stockpiling exploits waiting for the day when XP machines would be left permanently exposed

MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature (Mozilla Foundation Security Advisory 2015-150) Security researcher Karthikeyan Bhargavan reported an issue in Network Security Services (NSS) where MD5 signatures in the server signature within the TLS 1.2 ServerKeyExchange message are still accepted. This is an issue since NSS has officially disallowed the accepting MD5 as a hash algorithm in signatures since 2011. This issues exposes NSS based clients such as Firefox to theoretical collision-based forgery attacks. This issue was fixed in NSS version 3.20.2

Unlike Mozilla, Google anticipated SHA-1 errors caused by HTTPS traffic inspection systems (IDG via CSO) Google plans to ban only SHA-1-signed certificates that were issued after Jan. 1 by public certificate authorities

VMware Security Advisories: VMSA-2016-0001 (VMWare) VMware ESXi, Fusion, Player, and Workstation updates address important guest privilege escalation vulnerability

VMware beefs up security, announces IBM and Intel collaborations (Business Cloud News) VMWare campus logoVMware has moved to patch flaws in several of its services and has worked with Intel Security to beef up its protection of mobile cloud systems

About the security content of QuickTime 7.7.9 (Apple Support) This document describes the security content of QuickTime 7.7.9. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available

After two fixes, OAuth standard deemed secure (Help Net Security) OAuth 2.0 is one of the most used single sign-on systems on the web: it is used by Facebook, Google, Microsoft, GitHub and other big Internet companies

Cyber Trends

Cybersecurity Predictions From 2015: Were the Experts Right? (Business 2 Community) About this time last year, experts and analysts all placed their official predictions for the cyber threat landscape in 2015. Now that a year has come and gone, it would be interesting to see if these so called analysts were correct

2016 Cyber Threat Predictions to Use to Your Advantage (SecurityWeek) Predictions describe a set of events that will or are highly likely to happen in the future; they connote a degree of inevitability

Majority of Companies Use Risk-Based Cybersecurity Framework (HealthIT Security) Nearly all companies surveyed in the recent PwC Global State of Information Security Survey 2016 — 91 percent — reported that they follow a risk-based cybersecurity framework

Majority of parents monitor their teens' digital activity. Do you? (Naked Security) Been poking around to see what your teen's up to online? If so, join the crowd

BSP wary of financial cybercrimes (Manilla Bulletin) Late last year, the Bangko Sentral ng Pilipinas (BSP) held its first-ever "Cybersecurity Summit for the Financial Services Industry" as the central bank and the banking community recognized the growing threat in digital, mobile and Internet banking from hackers-for-hire and cyber syndicates

Marketplace

Cockroaches Versus Unicorns: The Golden Age Of Cybersecurity Startups (TechCrunch) According to Gartner, worldwide information security spending reached $76.9 billion in 2015. As the frequency and intensity of hacks worsen, security spending is expected to reach $170 billion by 2020. That's more than 100 percent growth in five years

Simi Valley's American Technology Solutions targets cybersecurity products (Ventura County Star) With increasingly sophisticated threats to cybersecurity, it has become more important to find new and better ways to protect valuable information and systems. Chuck Sedlacek, president of Simi Valley-based firm American Technology Solutions Inc., or ATS, believes he and his colleagues have the solution

GM Asks Friendly Hackers to Report Its Cars' Security Flaws (Wired) As automotive cybersecurity has become an increasingly heated concern, security researchers and auto giants have been locked in an uneasy standoff. Now one Detroit mega-carmaker has taken a first baby step toward cooperating with friendly car hackers, asking for their help in identifying and fixing its vehicles' security bugs

SBA wants contractors to train small business on cyber (Federal Times) Cybersecurity is becoming big business, which can make it difficult for small businesses that don't have the funds to buy needed security tools

Smee joins ambitious CensorNet (CRN) Cohort founder Grahame Smee rocks up as security vendor's sales VP

Blue Coat hires NetApp's Nick Noviello as new CFO (ARN Net) Will be responsible for leading the company's finance, IT, human resources, manufacturing, and supply chain teams

Infoblox Appoints Edzard Overbeek to Its Board of Directors (CNN Money) Infoblox Inc. (NYSE: BLOX), the network control company, today announced the appointment of technology executive Edzard Overbeek to its Board of Directors, effective immediately

Products, Services, and Solutions

Cryptography Guru Announces Anonymous Communications Network Called PrivaTegrity (Softpedia) David Chaum announces new PrivaTegrity network, his own take on Tor and I2P, but with better encryption

Cloud Security Alliance Announces Formation of Australia and New Zealand Regional Coordinating Body (Cloud Security Alliance) New body to serve growing demand for cloud security interest and best practices through access to more regional activities

Sookasa Adds Security to Box's Cloud Storage Platform (CloudWedge) Sookasa has emerged as a leader within the cloud access security broker (CASB) market. As evidence of Sookasa's rapid rise in popularity, the security suite can now be integrated directly into your organization's Box storage accounts

Technologies, Techniques, and Standards

Vulnerability Management Program Best Practices — Part 1 (Tripwire: the State of Security) An enterprise vulnerability management program can reach its full potential when it is built on well-established foundational goals that address the information needs of all stakeholders, its output is tied back to the goals of the enterprise, and there is a reduction in the overall risk of the organization

The Most Common Ecommerce Security Mistakes — And How to Avoid Them (Information Security Buzz) If there is one concern that all ecommerce site owners share, it's security

How to Tell Whether You're Getting a Return on Governance (SecurityWeek) Surveys can be mind-numbingly dry, but there is occasionally something surprising to be learned about what is happening in the industry

The Key Missing Piece of Your Cyber Strategy? Visibility (Nextgov) As cyberattacks are becoming cheaper and easier to perform, government IT personnel are diligently trying to maintain increasingly complex IT systems

The futility of data breach notifications (TechTarget) Olivia Eckerson discusses how her healthcare insurance provider was hacked, and why the data breach notification letter she received was less than helpful

How to Set up a Successful Bug Bounty Program [VIDEO] (eSecurity Planet) What does it take to run a successful bug bounty program?

Design and Innovation

Passwords being phased out in favour of biometrics (SecurityWatch) Passwords are being phased out as biometric security options take centre stage, according to new information from security software firm Wynyard Group

Academia

ISI Professor: Research, Training are Key to Quality Cybersecurity Instruction (Ferris State University) Hwee-Joo KamAn assistant professor in Ferris State University's Information Security and Intelligence program said she, and her peers are perpetually involved in training and research, so as to keep their curriculum up-to-date and relevant for students

Legislation, Policy, and Regulation

Germany restarts joint intelligence surveillance with US (Deutsche Welle) Germany's BND intelligence agency is once again working with its US counterpart on Middle East surveillance. Collaboration had been suspended after it was revealed the US was spying on European officials and firms

Europe Sets Up Digital 'SWAT' Team for Aviation Cyber Threats (Wall Street Journal) European aviation agency's team would identify and combat potential hacking attacks

White House Lobbies Tech Leaders in War Against Online Militants (Fortune) Top Obama Administration officials met with leaders from Apple, Google, and Facebook

Monitor Exclusive: How the US government wants Silicon Valley to counter terrorism (Christian Science Monitor Passcode) In the wake of Islamic State and other violent attacks, an Obama administration delegation met with technology leaders Friday to develop a strategy for battling terrorists' use of technology

Can Silicon Valley help fight terrorism and still protect privacy? (Naked Security) The big Silicon Valley tech companies like Google, Apple and Facebook have an obligation to protect their users' privacy and security — that much most of us can agree on

Why the U.S. Can't Make a Magazine Like ISIS (Daily Beast) ISIS's propaganda success isn't just online. Its magazine, Dabiq, is read all over the world. If only the U.S. government was so creative and effective

Why We Don't Need Backdoors to Move Ahead on Cybersecurity (Wall Street Journal) There is no such thing as 'good enough' encryption once a backdoor has been added

New National Security Tool Activated At Challenging Time (IC on the Record) Late last year, a judge of the Foreign Intelligence Surveillance Court gave the green light to the National Security Agency to start using a new tool to help the government protect against international terrorism while balancing the legitimate need to protect privacy and civil liberties

5 things Obama will say, should say, won't say on cyber (Federal Times) Cybersecurity was a small but important part of President Barack Obama?s 2015 State of the Union address. And with the events of the last year — the hack of Office of Personnel Management networks, breach of an IRS database, passage of information sharing legislation and an agreement with China to curb economic espionage — one would expect cyber to be a major part of this year's speech on Jan. 12

Fearful of Hacks, Pentagon Considers More Classified Programs (Defense News) When the Pentagon awarded the contract for the Long Range Strike-Bomber (LRS-B) program on Oct. 27, it declined to list key details, including which subcontractors would support prime contractor Northrop Grumman

9 DoD IT moves you missed over the holidays (C4ISR & Networks) Between Christmas Eve and New Year's Day, most people were checked out of the office — but not so at the Pentagon, where over the holidays new guidance, memos, reports and contract action all quietly emerged under the radar

HHS Office for Civil Rights unveils new guidance on patient rights to data under HIPAA (FierceHealthIT) OCR Director Jocelyn Samuels: 'Far too often individuals face obstacles to accessing their health information'

Building a better cyber weapon (Politico) If the United States is going to have an effective cyber strike capability, then cyber weapons must resemble traditional ordnance, says William Leigher, a retired Navy admiral turned top Raytheon executive. "It's got to look and smell like a weapon," he told MC on Thursday. "It doesn't yet"

Litigation, Investigation, and Law Enforcement

Bombshell: In Email, Hillary Ordered Aide to Strip Classified Marking and Send Sensitive Material (Townhall) The State Department waited until the middle of the night to execute its belated, court-ordered release of the latest tranche of Hillary Clinton's emails — the ones she and her attorneys didn't unilaterally delete with no oversight, that is

Clinton says she did not get classified information through email (Reuters) Democratic presidential candidate Hillary Clinton said on Sunday that she did not ask for classified information to be sent over a non-secure system while heading the State Department, responding to the latest development in an issue that has dogged her campaign for months

NSA, the black hole of government spying (Examiner) It was revealed last week that Israeli diplomats were not the only targets of the Department of Defense's data gathering operation on Capitol Hill. The NSA also intercepted sensitive calls by members of Congress in the data collection frenzy

FTC Levies Hefty Fine Over False Encryption Claims (Infosecurity Magazine) Dental software provider Henry Schein Practice Solutions has agreed to settle with the Federal Trade Commission (FTC) over charges it misled customers on the level of encryption its software provided to protect sensitive patient data

Takedown of criminal gang behind ATM malware attacks (Help Net Security) The Romanian National Police and the Directorate for Investigating Organised Crimes and Terrorism (DIICOT), assisted by Europol and Eurojust as well as a number of European Law Enforcement authorities, disrupted an international criminal group responsible for ATM malware attacks

States say Volkswagen has refused to turn over internal documents (Ars Technica) The automaker is citing German privacy laws as justification for not cooperating

Two months after FBI debacle, Tor Project still can't get an answer from CMU (Ars Technica) Ars Q&A: We sit down with Tor Project's new executive director, Shari Steele

Judges struggle with cyber crime punishment (The Hill) Judges are struggling to determine the appropriate punishments for cyber crimes even as U.S. law enforcement works to bring more of the Internet's bad actors to justice

Verizon Routing Millions of IP Addresses for Cybercrime Gangs (Spamhaus) Over the past few years, spammers have sought out large ranges of IP addresses. By spreading out their sending patterns across a wide range of IP addresses, they can attempt to defeat spam filters and get spam and malware emails delivered where they are not wanted. However, IPv4 addresses are getting scarce and hard to come by

How Stories Deceive (New Yorker) On the afternoon of October 10, 2013, an unusually cold day, the streets of downtown Dublin were filled with tourists and people leaving work early. In their midst, one young woman stood out. She seemed dazed and distressed as she wandered down O?Connell Street, looking around timidly, a helpless-seeming terror in her eyes

Ex-St. Louis Cardinals' Scout Pleads Guilty to Hacking Astros (BloombergBusiness) A former St. Louis Cardinals scouting director pleaded guilty to hacking into the Houston Astros' "Ground Control" database to steal private reports and player trade details, according to U.S. Justice Department

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

The Law and Policy of Cybersecurity Symposium (Rockville, Maryland, USA, February 5, 2016) This one-day symposium will cover the critical legal and policy issues, challenges, and developments in cybersecurity. Legal professionals, professionals who develop cybersecurity strategies and policies,...

CISO Chicago Summit (Chicago, Illinois, USA, March 8, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...

CISO Atlanta Summit (Atlanta, Georgia, USA, March 10, 2016) Tactics and Best Practices for Taking on Enterprise IT Security Threats. With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing...

CISO Summit France (Paris, France, March 22, 2016) A forum for innovative IT thought leaders across France. Despite economic instability in the euro zone amid an on-going global financial crisis, IT spending worldwide is expected to increase in the coming...

Creech AFB–AFCEA Las Vegas Cyber Security, IT & Tactical Tech Day (Indian Springs, Nevada, USA, April 19, 2016) The Armed Forces Communications & Electronics Association (AFCEA) Las Vegas Chapter, with support from the 432d Wing, will host the 4th Annual Cyber Security, IT & Tactical Technology Day at Creech AFB...

Army SIGINT (Fort Meade, Maryland, USA, April 25, 2016) Approximately 500 attendees will come together to discuss future technologies in Signals Intelligence (SIGINT), focusing on applications for the actual users in the field (the soldiers). Most attendees...

Upcoming Events

FloCon 2016 (Daytona Beach, Florida, USA, January 11 - 14, 2016) The FloCon network security conference provides a forum for large-scale network flow analytics. Showcasing next-generation analytic techniques, FloCon is geared toward operational analysts, tool developers,...

Breach Planning & Incident Response Summit: Proactive Collaboration Between Private Industry and Law Enforcement to Mitigate Damage (Odenton, Maryland, USA, January 12, 2016) The Cybersecurity Association of Maryland, Inc.(CAMI), Chesapeake Regional Tech Council, Maryland Chamber of Commerce, Chesapeake Innovation Center, Tech Council of Maryland are partnering together to...

Cyber Security Breakdown: Chicago (Chicago, Illinois, USA, January 12, 2016) This half day session will provide you with the critical information you need to start formulating an effective response in the eventuality of a cyber security event. Rather than try and handle the breach...

Insider Threat Program Development Training Course — Georgia (Atlanta, Georgia, USA, January 12 - 14, 2016) The National Insider Threat Special Interest Group website has some very "eye opening" examples of how "damaging and costly" an "insider threat incident" can be. The FBI Insider Threat Alert states companies...

FTC PrivacyCon (Washington, DC, USA, January 14, 2016) The Federal Trade Commission will in January hold a wide-ranging conference on security and privacy issues lead by all manner of whitehat security researchers and academics, industry representatives, consumer...

National Insider Threat Special Interest Group Meeting (Laurel, Maryland, USA, July 16, 2015) Topics to be discussed at the meeting; Insider Threat Program Development & Implementation, Behavioral Indicators Of Concern, Legal Considerations When Developing & Managing An Insider Threat Program.

POPL 2016 (St. Petersburg, Florida, USA, January 20 - 22, 2016) The annual Symposium on Principles of Programming Languages is a forum for the discussion of all aspects of programming languages and programming systems. Both theoretical and experimental papers are welcome,...

Automotive Cyber Security Summit — Shanghai (Shanghai, China, January 21 - 22, 2016) The conference, which brings together automakers, suppliers, various connected-services providers and security specialists, will focus on government regulations, emerging automotive cyber security standards...

SANS Institute: Information Security Training (Las Vegas, Nevada, USA, September 12 - 21, 2015) Information security training in Las Vegas from SANS Institute, the global leader in information security training. At SANS Network Security 2015, SANS offers more than 40 hands-on, immersion-style security...

CyberTech 2016 (Tel Aviv, Israel, January 26 - 27, 2016) Cybertech is the most significant conference and exhibition of cyber technologies outside of the United States. Cybertech provided attendees with a unique and special opportunity to get acquainted with...

Global Cybersecurity Innovation Summit (London, England, UK, January 26 - 27, 2016) SINET presents the Global Cybersecurity Innovation Summit, which focuses on providing thought leadership and building international public-private partnerships that will improve the protection of our respective...

Fort Meade IT & Cyber Day (Fort Meade, Maryland, USA, January 27, 2016) The Ft. Meade IT and Cyber Day is a one-day event held at the Officers' Club (Club Meade) on base. The event is held on-site, where industry vendors will have the opportunity to display their products...

ESA 2016 Leadership Summit (Chandler, Arizona, USA, January 31 - February 3, 2016) The electronic security industry is rapidly changing and continuously evolving. It's not enough to just survive. Businesses looking to thrive need to adapt to ensure their people, products, services and...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.