skip navigation

More signal. Less noise.

Daily briefing.

ISIS-controlled territory shrinks. Its messaging continues, but (suggests VICE) the messaging increasingly looks like what a sinking business would use to reassure investors.

Orange Labs claims that Android’s KeyStore default implementation could be susceptible to forgery attacks. This report joins concerns expressed earlier this week about Android’s KeyMaster module, whose Qualcomm environment was found vulnerable to reverse engineering. (Qualcomm says that it fixed the vulnerabilities in 2014, and so informed Google.)

Cryptobit, a new strain of ransomware, has been found joining distribution channels used by a revised CryptXXX. “Realstatistics,” as the criminal campaign is known, pushes ransomware through the Neutrino exploit kit. Sucuri says the vectors are usually infected sites based on Joomla or WordPress content management systems.

CryptXXX itself has grown harder to track. It’s being distributed in more effectively obfuscated forms (as, for example, in pseudo-DarkLeech). It now directs victims to a new [.]onion site for payment and removes the opportunity to contact customer (that is, victim) service.

DedCryptor ransomware is still around, with more infections of Anglophone users reported as it spreads outward from Russia.

In other campaigns, Kovter click-fraud malware poses as a Firefox update, Japanese banks are hit by the BEBLOH Trojan, and NetTraveler returns to Eastern Europe. Mac backdoors make a comeback—ESET has found another, “Keydnap,” which goes after passwords in the keychain.

FBI Director Comey’s testimony yesterday mollified few critics of former Secretary of State Clinton’s email practices—not-enough-to-indict seemed tepid vindication. Defendants in similar cases are already invoking a sauce-for-the-goose defense.

Notes.

Today's issue includes events affecting Albania, Belgium, Benin, Brazil, Bulgaria, Canada, Chad, China, Republic of Congo, Croatia, Czech Republic, Denmark, Estonia, European Union, France, Guinea Bissau, Germany, Greece, Hungary, Iceland, Iraq, Italy, Japan, Kenya, Latvia, Lithuania, Luxembourg, NATO, Netherlands, Nigeria, Norway, Mauritania, Poland, Portugal, Romania, Russia, São Tomé and Príncipe, Saudi Arabia, Sierra Leone, Slovakia, Slovenia, South Africa, Spain, Syria, Ukraine, United Kingdom, United States, and Zambia.

Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we'll hear from our Malek Ben Salem, from our partners at Accenture Labs, on how big data helps analytics. We'll also be speaking with Bob Stratton of the Mach 37 cyber accelerator, who'll describe the early stages of business life for a security start-up. (If you enjoy the Podcast, by the way, please share an iTunes review.)

E8 Security at Cisco Live 2016 (Las Vegas, NV, USA, July 11 - 13, 2016) E8 Security - DETECT. HUNT. RESPOND. Cisco Live 2016

SINET Innovation Summit 2016 (New York, NY, USA, July 14, 2016) SINET Innovation Summit 2016 - Connecting Wall Street, Silicon Valley and the Beltway

Cyber Attacks, Threats, and Vulnerabilities

The Islamic State's new propaganda film is like an HR meeting, but with beheadings (VICE News) People don't commonly associate the Islamic State, the brutal extremist outfit that has established a rudimentary state that transcends the borders of Iraq and Syria, with organization

Islamic stateless? (Economist) The jihadists are losing their caliphate, but they remain deadly

Android KeyStore Encryption Scheme Broken, Researchers Say (Threatpost) The default implementation for KeyStore, the system in Android designed to store user credentials and cryptographic keys, is broken, researchers say

CryptXXX, Cryptobit Ransomware Spreading Through Campaign (Threatpost) Researchers have spotted several types of ransomware, including CryptXXX and a fairly new strain, Cryptobit, being pushed through the same shady series of domains

CryptXXX Ransomware Updates Ransom Note, Payment Site (Threatpost) For the second time since June 1, the handlers of CryptXXX ransomware have changed their ransom note and Tor payment site. More importantly to those developing detection signatures and administrators, this update no longer makes changes to the file extensions of encrypted files

CryptXXX Developers Remove Support For Victims With Bitcoin Payment Problems (The Merkle) The cat and mouse game between Bitcoin ransomware developers and security researchers continues. The CryptXXX developers have come up with another improvement to their malware. A change in ransom note may not be significant, but the change in Tor payment site is rather interesting. It is the second time in a few weeks the developers have upped the ante again

Ded Cryptor: Greedy ransomware with open-source roots (Kaspersky Labs) Recently, English and Russian-speaking people were attacked with a new ransomware Trojan called Ded Cryptor. It’s voracious, demanding a whopping 2 bitcoins (about $1,300) as ransom. Unfortunately, no decryption solution is available to restore files held hostage by Ded Cryptor

Kovter malware masquerades as Firefox update (Help Net Security) Click-ad-fraud Kovter malware, packaged as a legitimate Firefox browser update, is being delivered to unsuspecting victims via drive-by-download attacks

Japanese Banking Industry Hit by BEBLOH Trojan (IBM Security Intelligence) BEBLOH is a banking Trojan that first appeared in 2009, according to Softpedia, but it has maintained its cybercrime status and ranked sixth on the list of most active Trojans in 2015

Decade-old NetTraveler Malware Used in Multi-National Attacks (SecurityWeek) NetTraveler, a Trojan that is over a decade old, was recently observed in a series of cyber-espionage attacks launched against victims in Russia and neighboring European countries, Proofpoint researchers warn. Proofpoint believes the group is operating out of China

Keydnap malware opens backdoor, goes after passwords in OS X keychain (Help Net Security) ESET researchers have revealed the existence of another new piece of malware aimed at Mac machines and users: Keydnap

After hiatus, in-the-wild Mac backdoors are suddenly back (Ars Technica) Three new pieces of Mac-targeting malware access webcams, passwords, and more

Code reuse exposes over 120 D-Link devices models to hacking (CSO) A vulnerability in a service shared by many D-Link products allows attackers to take over cameras, routers and other devices

D-Link Wi-Fi Camera Flaw Extends to 120 Products (Threatpost) A software component that exposed D-Link Wi-Fi cameras to remote attacks is also used in more than 120 other products sold by the company

Pentesters (and Attackers) Love Internet Connected Security Cameras! (SANS Internet Storm Center) A recent story making the rounds in both the infosec and public press is the recent use of internet-connected security cameras as a base for DDOS attacks. They don't have a lot of CPU, but they're linux platforms that are easily hackable, never get updated and usually have good bandwidth available to them

Remote Code Execution in Xiaomi MIUI Analytics (IBM Security Intelligence) The IBM X-Force Application Security Research Team has discovered a remote code execution (RCE) vulnerability in MIUI, which we privately disclosed to Xiaomi in January

Samba up to 4.2.13/4.3.10/4.4.4 Client-Signing Protection Smbxcli_Base.C Smb2cli_Session_Set_Session_Key Weak Authentication (vulbd) Temp Score: 7.0. Current Exploit Price (≈) $2k-$5k. A vulnerability was found in Samba up to 4.2.13/4.3.10/4.4.4. It has been rated as critical. Affected by this issue is the function smb2cli_session_set_session_key of the file libcli/smb/smbXcli_base.c of the component Client-Signing Protection. The manipulation of the argument SMB2_SESSION_FLAG_IS_GUEST/SMB2_SESSION_FLAG_IS_GUEST with an unknown input leads to a weak authentication vulnerability (spoofing). Impacted is confidentiality, integrity, and availability

Ripping Away The Mobile Security Blanket (Dark Reading) Upcoming Black Hat USA talk will highlight vulns in Good Technology platform and discuss the dangers of overreliance on enterprise mobility security suites

Wendy's hack was bigger than thought and exposed credit card data (CSO) The company has published a list of the affected restaurants

What I learned playing prey to Windows scammers (CSO) Three months of phone calls prove Windows scammers are more skilled at social engineering than you think

New Dark Web Hitman Site Scams You Even Before Signing Up (Motherboard) Sites offering hitman services have periodically sprung up on the dark web, that part of the internet that’s only reachable using the anonymizing tool Tor

Cyber-attack allows pirates to target cargo to steal (SeatradeMaritime News) There have been a lot of warnings about shipping and cyber security but one shipowner found out the hard way how pirates were able hack the company’s systems and target to steal specific high value cargoes on its vessels

Security Patches, Mitigations, and Software Updates

Qualcomm says it issued patch for Android encryption flaw over a year ago (Tech Crunch) CCracking encryption is a topic of perpetual fascination

Symantec admits it won't patch 'catastrophic' security flaws until mid-July (Inquirer) Google's Project Zero described vulnerabilities as 'as bad as it gets'

How Android Nougat will help protect your password from ransomware (Graham Cluley) New condition will partially prevent unwanted Android lockscreen password resets

Cyber Trends

DDoS extortion campaigns increasingly target businesses (Help Net Security) 80 percent of European IT security professionals expect their business to be threatened with a DDoS ransom attack during the next 12 months, according to Corero Network Security

Growth prospects of the cloud-based information governance market (Help Net Security) The global cloud-based information governance market will grow at a CAGR of more than 27% through 2020, according to Technavio

Unsung cybersecurity vulnerabilities in US infrastructure and utilities (Help Net Security) This past May, the Internet was abuzz about a report by the Government Accountability Office (GAO) highlighting a number of outdated “legacy systems” still in use across the U.S. government. According to the report, “The Strategic Automated Command and Control System coordinates the operational functions of the United States’ nuclear forces, such as intercontinental ballistic missiles, nuclear bombers, and tanker support aircrafts. This system runs on an IBM Series/1 Computer—a 1970s computing system—and uses 8-inch floppy disks.” Many reading this article may have worked on similar systems when they were much younger

IBM says company insiders are responsible for more cyber attacks than hackers (Property Casualty 360) The constant threat of cyber attacks on businesses globally has led to vast sums of money being spent to protect against them

Small business cybersecurity lagging as attacks increase — security experts (FedScoop) Sixty percent of hacked small to medium businesses are forced out of business within six months of being breached

G DATA Sommerumfrage: 80 Prozent der Deutschen sind im Urlaub online Mobile Devices sind beliebteste Reise-Begleiter - Sicherheit bleibt auf der Strecke (Presseportal) Sommer, Sonne, Sicherheit - egal ob am Strand oder in den Bergen, auch unterwegs wollen Urlauber online sein

Need for cultural shift to improve cyber security awareness: Wombat Security (Canadian Underwriter) It is disheartening to see how the end-user is being managed when it comes to combating cyber security threats, suggests Amy Baker, vice president of marketing for Wombat Security Technologies, Inc

Twenty Years Ago, Trolling Was Repeatedly Posting ‘Meow’ in Usenet Groups (Motherboard) In a YouTube clip from an episode of American kids’ show Mr Rogers’ Neighbourhood, dating from 1971, a puppet named Henrietta Pussycat has flown into a rage. “Meow meow meow meow meow…” Everything Henrietta says is punctuated with meows

Marketplace

Can Cybersecurity Insurance Improve Threat Management? (Techwire) Just hours after the terrorist bombs went off in Brussels on March 22, the U.S. House Homeland Security Cybersecurity Subcommittee held a hearing to explore the market-based incentives that cyberinsurance can potentially bring to managing online risks and promoting wider adoption of cybersecurity industry best practices

Local hardware chain takes on global security threat (Chain Store Age) Operating seven stores, McLendon Hardware Inc. may not seem like a top target for a customer data breach

Jhonsa: Intel, FireEye and Others Should Be Pleased With Avast/AVG Deal (The Street) Avast Software announced Thursday it's buying rival security software provider AVG Technologies for a healthy premium, and that's a good news for a number of potential sellers

Avast Takeover Bid for AVG Bounces Cybersecurity ETFs (ETF Trends) Cybersecurity-related exchange traded funds led gains Thursday after Avast Software made a $1.3 billion bid to acquire rival AVG Technologies N.V.

Cyber security firm NCC raises concerns about Brexit as FY revenues rise (DigitalLook) Cyber security and risk mitigation consultant NCC’s full year revenues grew as they joined the FTSE 250 index but it also raised concerns about cyber security in light of Brexit

FireMon Accelerates Year-Over-Year Bookings in Second Quarter 2016 (Yahoo! Finance) Market leader in security management and risk assessment software continues global growth streak, adds more Fortune 500 companies and continues to drive high renewal rates

'We have no channel conflict' - Sophos CEO lauds new-found focus (Channelnomics) Security vendor's leader discusses acting 'more like a start-up company'

Bitdefender turns to CNN for smart home cybersecurity branded content campaign (CNN) Bitdefender, a leading internet security technology company protecting 500 million users worldwide, is raising awareness about cybersecurity threats in the Internet of Things space (IoT) through a unique, highly targeted advertising campaign on CNNMoney with a goal to grow sales of its Bitdefender BOX product

Commerce rebrands Turkey trip as ‘Cyber Security Mission’ (Federal Times) Few would argue against the notion that cybersecurity has become a hot topic in government and industry circles. But now and again there are clear, unassailable signs that this is the case

Arctic Slope Mission Services awarded FMS cyber contract (C4ISRNET) Arctic Slope Mission Services has been awarded a contract to develop and certify IT systems delivered under Foreign Military Sales contracts

Amida Technology Solutions Welcomes Governor Martin J. O’Malley as Advisor (Amida Technology Solutions) Former Governor of Maryland and Mayor of Baltimore brings experience using data for social good to Maryland-based start-up dedicated to open data, data security, and data interoperability

Cyphort Strengthens Management Team with Two New Executive Hires (BusinessWire) Cybersecurity veterans bring sales and marketing leadership to further accelerate company growth

PhishMe Expands Senior Leadership Team (BusinessWire) Global leader in phishing defense hires experienced engineering and professional services leaders to support company’s hyper-growth

Products, Services, and Solutions

Savvius Vigil Integrates With Cisco FirePOWER for Additional Risk Mitigation Through Direct Access to Critical Network Forensics Information (MarketWired) Joint solution makes network data easily available to security professionals, reducing both the likelihood and the impact of breaches by speeding up investigations into security alerts

Ixia Integrates ControlTower with Cisco Nexus Switches to Deliver a Scalable, Reliable Visibility Architecture (Yahoo! Finance) Ixia to showcase integration at Cisco Live 2016

Locking down Internet of Things data and devices (Inside SAP) With growing attention on security, data sent by Internet of Things-enabled devices has not escaped scrutiny, and it is this link in the chain that is the focus of a new collaboration between Swiss cybersecurity company WISeKey and SAP

Technologies, Techniques, and Standards

GDS puts security top of the agenda for G-Cloud 9 (CRN) Suppliers and buyers admit they struggle to understand each other on security

Predicting Cyber Attacks: A Study of the Successes and Failures of the Intelligence Community (Small Wars Journal) Technology capability and dependency has increased at a tremendous rate in the last three decades and has changed the way we live our lives on a daily basis. Technology developments that claim origin with the original mechanical computation device of the early 1900s can now operate anything from your AC in your house to the Satellite providing direct support to an operation overseas

3 Data Protection Tips, in Light of Proposed Cybersecurity Laws (eSecurity Planet) Proposed cybersecurity legislation is making business owners nervous – with good reason. These tips will help you be prepared no matter what Congress does

What is Ransomware and 15 Easy Steps To Keep Your System Protected [Updated] (Heimdal Security) A few weeks ago, a delivery guy walked into our office. While we signed for the package, he realized that we work in cyber security and asked: My entire music collection from the past 11 years got encrypted by ransomware. Is there anything I can do about it? They’re asking for $500 for the decryption key

Hacking A Penetration Tester (Dark Reading) How even a pen test conducted by a security pro can be hacked by a determined attacker looking for a way to its target

Insider Threat: How Being 'Noisy' Can Reduce Fraud (BankInfoSecurity) Bank of the West's Pollino on why covert monitoring Is the wrong approach

Design and Innovation

Google is experimenting with post-quantum cryptography (ZDNet) The internet company is adding a post-quantum key-exchange algorithm to a small fraction of connections between desktop Chrome and Google's servers

Researchers add software bugs to reduce the number of… software bugs (CSO) A new strategy for training bug-finding tools could help catch more vulnerabilities

Can gaming integrate cyber, traditional military forces? (C4ISRNET) The U.S. and its allies face a regional dispute over territory claims with another major nation state. An increasing number of cyberattacks probe both the Department of Defense Information Networks (DoDIN) and U.S. critical infrastructure, successfully leaving millions without power and shutting down West Coast ports. The still-nascent forces of Cyber Command must prepare to support joint forces to de-escalate the situation or, if necessary, prevail if full-scale conflict breaks out

Legislation, Policy, and Regulation

EU prepares to raise Privacy Shield over data transfers to U.S. (CSO) The European Commission is set to issue an adequacy decision early next week, bringing Privacy Shield into effect

NATO Ambassador: How The Ukraine Crisis Fits Cyber War Narrative (Dark Reading) Kenneth Geers previews his Black Hat talk and discusses the strategic military maneuvers governments can make within cyberspace

Cyber Diplomacy with Africa: Lessons From the African Cybersecurity Convention (Council on Foreign Relations) Two years ago, the African Union (AU) adopted its Convention on Cybersecurity and Personal Data Protection. The Convention seeks to improve how African states address cybercrime, data protection, e-commerce, and cybersecurity. However, only eight of the AU’s fifty-four members have signed the Convention, with none ratifying it. Despite this currently limited uptake, the Convention, and how the AU produced it, signals that African states value political autonomy and independence when developing cyber policy. The U.S. government should keep this in mind as it reaches out to AU member states in promoting cyber norms and capacity building efforts

Litigation, Investigation, and Law Enforcement

Marine's attorney: If Hillary Clinton wasn't prosecuted, this officer shouldn't be discharged (Marine Corps Times) The attorney representing a Marine officer accused of mishandling classified information by warning troops in Afghanistan about the threat of an insider attack said he plans to argue that his client deserves the same leniency that Hillary Clinton received

Clinton Case Raises Questions About Discipline For Government Employees (NPR) Susan Hennessey, a fellow at the Brookings Institution and managing editor of the Lawfare blog, talks about disciplinary actions for employees implicated in "sloppy" handling of classified materials

State Department reopens probe into Clinton emails (CNN) The State Department is reopening its investigation into Hillary Clinton's use of a private email server during her tenure as secretary of state

Paul Ryan Asks Director of National Intelligence to Deny Clinton Classified Information (Epoch Times) Paul Ryan, the Speaker of the House, formally asked the head of National Intelligence to deny Hillary Clinton access to any classified information

Texas Senator Files Bill To Revoke Hillary Clinton’s Security Clearance (CBS DFW) Texas Senator John Cornyn is taking the next step in the scandal surrounding Hillary Clinton’s use of a private email server

F.B.I. Director James Comey Testifies Before Congress (New York Times) Mr. Comey was questioned by the House Oversight Committee about the investigation into Hillary Clinton’s use of a personal email network as secretary of state. Republicans have questioned Mrs. Clinton’s truthfulness, and Representative Mark Meadows raised the specter of more hearings on whether Mrs. Clinton lied to a Congressional committee. Democrats have defended Mr. Comey amid personal attacks regarding his decision not to prosecute

Clinton's email claims challenged by FBI director during hearing (Engadget) Director Comey testified in front of Congress today on the decision not to recommend charges

Comey testifies Clinton email claims ‘not true’ at heated Hill hearing (Fox News) FBI Director James Comey testified Thursday that Hillary Clinton’s claims -- some made under oath -- about her use of a private email server were “not true,” fueling Republican questions about whether in doing so she committed a felony

Hillary Clinton Email Investigation (C-SPAN) FBI Director James Comey testified at a hearing on the FBI’s investigation into Hillary Clinton’s use of private email servers while serving as secretary of state, as well as the decision to not recommend criminal charges against her

FBI chief says Guccifer lied about hacking into Clinton's email server (CSO) Guccifer had boasted to media outlets that the hack was easy

Petraeus' security breaches much worse than Clinton's, FBI chief says (Military Times) FBI Director James Comey on Thursday refuted assertions that email abuses by former Secretary of State Hillary Clinton outweighed security lapses by former CIA and U.S. Central Command head David Petraeus, calling the retired general’s crimes “intentional misconduct”

11 takeaways from FBI Director James Comey's testimony (Washington Examiner) 1. A new investigation of Hillary Clinton is imminent

Senate GOP leader: Release Clinton's FBI interview (The Hill) Senate Majority Leader Mitch McConnell (R-Ky.) wants Hillary Clinton's interview with the FBI made public as GOP lawmakers demand more information on the investigation into her private email server

State defends classified marking practice in Clinton email case (Washington Examiner) State Department spokesman John Kirby on Thursday defended a State Department practice of marking sections of emails for then-Secretary of State Hillary Clinton with a "(C)" for classified though he couldn't say whether it followed federal rules regarding designations for classified material

No free passes on mishandling top secret info (York Daily Record) If what has come to light is true, then the American public should demand answers

Clinton’s Email Scandal Reveals an Unlikely National Security Threat (Time) We classify way too much information, to our own detriment

Prosecutors reveal efforts by ISIS recruiter in Syria to encourage attacks in U.S. (Washington Post) Federal prosecutors on Thursday said a top Islamic State recruiter in Syria was involved in directing an American college student to kill a member of the U.S. military and then attack a police station in southern Ohio

Mohamed Mohamud case appeal challenges NSA surveillance (KGW) Civil rights attorneys say surveillance evidence used to convict a Somali-American man who plotted to bomb a 2010 Christmas tree-lighting ceremony was gathered unconstitutionally through the U.S. government's warrantless foreign surveillance program

CIS Security Controls Added to Law Enforcement Cyber-Guide (Infosecurity Magazine) The Cybersecurity Guide for State Local Law Enforcement has added the Center for Internet Security’s (CIS) the Multi-State Information Sharing and Analysis Center (MS-ISAC) and the CIS Critical Security Controls as key resources

A UK Government Department Uses Hacking Powers to Catch Price-Fixing Cartels (Motherboard) Over the past few months, traditionally tight-lipped UK law enforcement agencies have released snippets of how they use “equipment interference,” or hacking powers. In response to enquiries from Motherboard, one government department has been unusually forthcoming about what it actually uses hacking for: catching price fixers and others involved in criminally anti-competitive behaviour

Polish Authorities Want to Question UK Tor Operator Over 'Offensive' Forum Post (Motherboard) Volunteers who maintain the Tor network are sometimes hassled by the authorities. Perhaps child pornography travelled across their exit node—the part of the network where a user's traffic joins the normal web—or maybe it was implicated in the hacking of a website. The FBI has even raided the houses of Tor operators in response to instances like these

3 years after taking off Guy Fawkes mask, Kentucky Anon indicted (Ars Technica) Deric Lostutter accused of aiding hack of local Steubenville, Ohio sports website

Ex-employee pleads guilty to cyber attack on Northborough company (MetroWest Daily News) A disgruntled IT worker will pay more than $130,000 in restitution after admitting he damaged a Northborough company’s computer systems and waged a cyber attack against three of its clients, according to the U.S. Attorney’s Office

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

ISS World South Africa (Johannesburg, South Africa, July 10 - 12, 2016) ISS World South Africa is the world's largest gathering of Southern Africa Law Enforcement, Intelligence and Homeland Security Analysts as well as Telecom Operators responsible for Lawful Interception,...

Insider Threat Program Development Training (Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC.

SINET Innovation Summit 2016 (New York, New York, USA, July 14, 2016) “Connecting Wall Street, Silicon Valley and the Beltway.“ SINET Innovation Summit connects America’s three most powerful epicenters and evangelizes the importance of industry, government and academic collaboration...

Insider Threat Program Development Training (Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC.

cybergamut Technical Tuesday: The Importance of Managing Attribution Online by Dani Charles of Ntrepid Corporation (Elkridge and Calverton, Maryland, USA, July 19, 2016) cybergamut Technical Tuesday is for cyber professionals to exchange innovative ideas and discuss technical issues of mutual interest. We’ll have a Technical Tuesday event on 19 July 2016 (1600 – 1730 East...

CyberSec 2016 (New York, New York, USA, July 19, 2016) Ask any bank CEO in the U.S. what keeps them up at night and cybersecurity is bound to be in the top five. Maybe even no. 1. And while the threat matrix is evolving rapidly, along with the regulatory demands,...

Nominations are now open: National Cyber Security Hall of Fame (Baltimore, Maryland, USA (nominations submitted online), July 20, 2016) The Cyber Security Hall of Fame "Respect the Past - Protect the Future" accepts nominations from companies and organizations that are engaged in, and committed to, the growth of the cyber security industry.

Insider Threat Program Development Training (Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC.

Billington Global Automotive Cybersecurity Summit (Detroit, Michigan, USA, July 22, 2016) Billington Cybersecurity, an independent conference company focused exclusively on cybersecurity seminars, announces the first global summit that brings together the most senior government and industry...

Community College Cyber Summit (3CS) (Pittsburgh, Pennsylvania, USA, July 22 - 24, 2016) The third annual Community College Cyber Summit (3CS) is organized and produced by six Advanced Technological Education (ATE) centers funded by the National Science Foundation (NSF) and involved in cybersecurity.

SANS ICS Security Summit & Training — Houston 2016 (Houston, Texas, USA, July 25 - 30, 2016) SANS has joined forces with industry leaders and experts to strengthen the cybersecurity of Industrial Control Systems (ICS). The initiative is turning ICS cybersecurity around by equipping both security...

SANS San Jose 2016 (San Jose, California, USA , July 25 - 30, 2016) Information security training is coming to Silicon Valley from SANS Institute, the global leader in information security training. At SANS San Jose 2016, July 25-30, 2016, choose from 7 hands-on, immersion-style...

AfricaHackOn (Nairobi, Kenya, July 28 - 29, 2016) What began as a casual meet up for information security professionals has become one of the formidable forces in the profession. That group is the AfricaHackOn. Housed under its parent umbrella, Euclid...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.