skip navigation

More signal. Less noise.

Daily briefing.

Some doxer soul-searching appears at week’s end. The large hacktivist dump of data about Turkey proved to include too much personal information. WikiLeaks’ release of DNC files has come under similar criticism. Some such criticism comes from NSA-leaker Edward Snowden, now resident in Moscow, who reprehends WikiLeaks’ “resistance to modest curation.” WikiLeaks tells Snowden he’s just angling for a pardon from prospective President Clinton; on the other hand, if you’ve lost Ed (who’s living in Russia) you’ve lost a lot of leakers.

The FBI is said to have warned the Clinton campaign of a possible compromise back in March, at about the same time the DNC realized someone was in its servers.

What the Russians (and the speculators are convinced it was the Russians) were after with the hacking remains under dispute. FireEye thinks it may have been a capability demonstration—they wanted to get caught and show the world the US could do nothing about it. CrowdStrike isn’t so sure—what intelligence service wants to be caught? And Taia Global’s Carr continues to point out the evidence’s circumstantial nature.

The US is sifting through captured intelligence—much of it in digital form—detailing ISIS recruiting efforts.

North Korea has stolen some ten million online shopping credentials, South Korean investigators report.

Researchers continue window-shopping in the Dark Web. Arizona State packages what it sees in a study of vendor and market entropy.

Security companies post mixed results in the market (but some see a threat-driven upside). FireEye buy-out rumors reappear.

Notes.

Today's issue includes events affecting China, Estonia, European Union, France, Germany, India, Democratic Peoples Republic of Korea, Republic of Korea, Kosovo, Latvia, Lithuania, Russia, Saudi Arabia, Turkey, United Arab Emirates, United Kingdom, United States.

A note to our readers: We'll be at Black Hat this year, talking to people and keeping our ears open, as usual. You'll see coverage next week in our daily briefings, and you'll hear updates in our podcasts. In the meantime, we begin our coverage with some links to selected reading about the conference.

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Jonathan Katz from our partners at the University of Maryland Cybersecurity Center (MC2) talks about post-quantum encryption. Our guest, Daniel Ennis, former NTOC Director at NSA, currently Executive Director of the University of Maryland Global initiative on Cyber, puts some flesh on the familiar bones of government, industry, and academic collaboration to address cyber threats. (If you enjoy the podcast, please consider giving it an iTunes review.)

​3rd Annual Senior Executive Cyber Security Conference: Navigating Today’s Cyber Security Terrain​ (Baltimore, MD, September 21, 2016) Hear from industry leaders on cyber security best practices and trends that will help you better secure your organization’s data. This year’s agenda examines the current cyber security landscape, threats, and challenges ahead for organizations and how senior leaders can work towards “shifting their data to being safe and secure.”

Dateline Black Hat

Anticipating Black Hat (Network World) Back to Vegas next week, big interest in anti-ransomware, endpoint security, security analytics, cloud and IoT security

Multiple Major Security Products Open To Big Vulns Via 'Hooking Engines' (Dark Reading) Black Hat USA talk will show how flawed implementation of hooking techniques are putting security and other software at risk

Cylance Scientists to Deliver Machine Learning and Reverse Engineering Sessions at Black Hat USA (PRNewswire) Reverse engineering tool "Ablation" will be made open source during the conference

Cyber Attacks, Threats, and Vulnerabilities

How 'Kind of Everything Went Wrong' With the Turkey Data Dump (Motherboard) Dumping hacked data can get real messy. Earlier this week, the Internet Archive removed several files uploaded by an activist after it was revealed they included vast amounts of personal information of Turkish citizens, including a database of most of the country's adult women

WikiLeaks' methods questioned by whistleblower Edward Snowden (CSO) The former NSA contractor wants WikiLeaks to curate information it releases

Intelligence trove provides details of Islamic State recruitment drive (Los Angeles Times) A large trove of captured Islamic State records and computer files has provided new details of the extremist group’s efforts to send terrorists into Europe, according to senior U.S. intelligence officials

Syria's Nusra Front says ending al Qaeda ties; U.S. fears for Aleppo (Reuters) Al Qaeda's powerful Syrian branch, the Nusra Front, announced on Thursday it was ending its relationship with the global jihadist network founded by Osama bin Laden, to remove a pretext used by world powers to attack Syrians

Islamic State says militant ‘soldiers’ carried out Normandy church attack (Washington Post) Two attackers backing the Islamic State — including one on a watch list — stormed a village church in northern France during Mass on Tuesday, taking hostages and slitting the throat of an 85-year-old priest before police commandos shot and killed the assailants, authorities said

Islamic State Threat in Europe Shifts (Wall Street Journal) Some U.S. officials see terror group benefitting from smaller attacks while continuing to plot

FBI warned Clinton campaign last spring of cyberattack (Yahoo! Tech) The FBI warned the Clinton campaign that it was a target of a cyberattack last March, just weeks before the Democratic National Committee discovered it had been penetrated by hackers it now believes were working for Russian intelligence, two sources who have been briefed on the matter told Yahoo News

Trump walks back email hack comments, but damage lingers (CNN) Donald Trump said Thursday that he was being sarcastic when he appeared to suggest that Russia should use espionage to find Hillary Clinton's deleted emails

Trump's hacking comment rattles the cybersecurity industry (PC World) Trump suggested that Russia should steal Hillary Clinton’s emails

What’s this whole email thing about, anyway? (TechCrunch) What do you know about the Clinton email scandal? If you’re anything like me, not much — yet! Let’s take a stroll into our political Swamp of Sadness where both parties are currently mired. One candidate became stuck there while trying to beat the dead horse of the Crooked Hillary meme and the other candidate is sinking simply because government email is just so damn crappy

Did Putin Try to Steal an American Election? (New York Times) Some foreign leaders settle for stealing billions of dollars. Russia’s president, Vladimir Putin, may have wanted to steal something even more valuable: an American presidential election

Russia Wanted to be Caught, Says Company Waging War on the DNC Hackers (Defense One) Pointing a finger at Russia is easy. Punishing them is hard. That’s why they hacked the DNC, according to the company that first named one of the key suspects

Can Facts Slow The DNC Breach Runaway Train? (Medium.com) “No, no! The adventures first, explanations take such a dreadful time.” (Lewis Carroll)

DNC Email Hack Reflects Growing Threat of Cyberwarfare Amongst U.S. Allies, Adversaries (Government Technology) The Goverment Accountability Office last year disclosed that there had been more than 67,000 intrusions in 2014 into computer systems belonging to 24 major federal agencies

North Korea makes Off with 10 Million e-Commerce Records (Infosecurity Magazine) South Korea has fingered North Korea as the actor behind a major data heist of online shopping credentials

Petya and Mischa For All Part II: They’re Here… (Cylance) The time has come to follow up on our previous analysis of the Petya and Mischa ransomware family. When we last left off, private ransomware distributor Janus Cybercrime Solutions had started opening up the platform by offering private stubs and support, in line with most ransomware as a service (RaaS) offerings

Locky Ransomware Ranks #1 on the Malware Threat List (Virus Guides) Proofpoint security firm reports that the Locky ransomware has been #1 malware threat in the second quarter of 2016

Moving past the ransomware hype to focus on real solutions (CSO) Andrew Hay shares powerful insights on the reality of ransomware, where it could lead, and what we need to do about it today

Ransomware Poses Potential Threat to Oil, Gas Cybersecurity (RigZone) The number of cyberattacks against global oil and gas industry’s industrial control systems (ICS) is expected to keep rising due to industry’s growing use of automation, Internet of Things (IoT) technologies and the increasingly unstable geopolitical environment

Hackers spreading Chthonic Zeus malware via 'legitimate' PayPal emails (Inquirer) Banking trojan spearheading campaign via PayPal money request feature

Long-running malvertising campaign infected thousands of computers per day (CSO) The AdGholas malvertising operation tricked ad networks and malware scanners using steganography

Massive AdGholas Malvertising Campaigns Use Steganography and File Whitelisting to Hide in Plain Sight (Proofpoint) Proofpoint researchers have discovered and analyzed a massive malvertising network operating since 2015. Run by a threat actor we designated as AdGholas and pulling in as many as 1 million client machines per day

Over 100 malicious campaigns tracked by Kaspersky Lab (Times of India) Russia-based software security company Kaspersky Lab on Thursday announced that its global research and analysis team has tracked 100-plus sophisticated malicious operations targeting commercial and government organisations in 85 countries

Cyber Hack Immunity - A Piped Dream? Cyber Attack on Department of Health in Hong Kong (Lexology) A recent possible hack of the Hong Kong Department of Health's (DH) record system in Hong Kong may affect 17,000 patients

Investigating the supply on 17 underground hacker markets (Help Net Security) Did you ever wonder what kind of malicious offerings can be found on dark web “hacker markets,” who sells them and how widely they are available?

Ist das Darknet ein Treffpunkt für Kriminelle? (Pressebox) G DATA erklärt das "versteckte Internet" und wer es wozu nutzt

Russia-based Deer[.]io identified as cybercrime hub linked to hacker behind LinkedIn breach (International Business Times) Deer[.]io is said to be hosting over 1,000 shops, most of which sell stolen products from compromised accounts

Would You Use This ATM? (KrebsOnSecurity) One basic tenet of computer security is this: If you can’t vouch for a networked thing’s physical security, you cannot also vouch for its cybersecurity. That’s because in most cases, networked things really aren’t designed to foil a skilled and determined attacker who can physically connect his own devices. So you can imagine my shock and horror seeing a Cisco switch and wireless antenna sitting exposed atop of an ATM out in front of a bustling grocery store in my hometown of Northern Virginia

Home of National Security Agency Says Pokémon Go Off Limits (Odenton-Severn Patch) Fort Meade officials warn Pokemon Go players not to come onto the post, home of the NSA, just to play the game. You can be searched

Cyber Trends

Cyber Experts Draw Line Between Active Defense, Illegal Hacking Back (Wall Street Journal) A panel of security experts cautioned companies against taking an offensive approach to cybersecurity

Securing the World-Sized Web (InfoRisk Today) Bruce Schneier on how IoT changes everything in security

IoT: A hacker’s dream come true? (Help Net Security) There’s a lot more to the web than the cat-video-laden sites we normally see. In fact, according to most sources, the web that we can typically get to via our browser of choice represents only a small fraction of what’s out there

A Day in the Life of an IT Pro: Hacked off with IoT (Infosecurity Magazine) Friends, Romans, fellow IT Pros, lend me your ears. It’s time to talk about Internet of Things (IoT) now, I know the topic of connected fridges and the like is often covered, but amid the cacophony of excited consumers is a warning – the impact of IoT on enterprise security could be monumental

Defining a Smart City's Security Architecture (InfoRisk Today) Webroot's Dufour on CISOs' role in securing known and unknown networks

Virtually all business cloud apps lack enterprise grade security (Help Net Security) Blue Coat Systems analyzed apps for their ability to provide compliance, data protection, security controls and more. Of the 15,000 apps analyzed, it was revealed that 99 percent do not provide sufficient security, compliance controls and features to effectively protect enterprise data in the cloud

Businesses need to protect data, not just devices (Help Net Security) As organizations embrace the digital transformation of their business, they are increasingly facing new security concerns. More companies are moving away from device-centric, platform-specific endpoint security technologies toward an approach that secures their applications and data everywhere

IT security experts struggle to measure ROI (IT Pro Portal) The majority of IT security experts actually struggle to measure the return on investment in security measures, Tenable Network Security says

Intel Security : La pénurie de talents en matière de cyber-sécurité accentue la vulnérabilité des entreprises et des Etats (Global Security) Intel Security, en partenariat avec l’institution CSIS (Center for Strategic and International Studies), publie une nouvelle étude internationale intitulée ‘Hacking the Skills Shortage’. Cette dernière porte sur la pénurie des compétences en matière de cyber-sécurité tant au niveau des entreprises que des pouvoirs publics. Elle révèle qu’une large majorité des entreprises IT (82 %) reconnaît souffrir d’une pénurie de profils compétents dans le domaine de la cyber-sécurité. Elles considèrent, à hauteur de 71 %, qu’une telle pénurie est directement responsable d’une part de leurs dégâts informatiques, car elle les expose davantage comme cible auprès des hackers

Marketplace

These businesses are booming thanks to Russian hackers (Washington Post) When the Democratic National Committee discovered in April that its computer networks had been hacked, leaders there did not just alert government intelligence. They called CrowdStrike, a 5-year-old cybersecurity firm that makes millions of dollars from mercenary work sold with a promise: "We Stop Breaches"

Fortinet Focuses On Improving Productivity, Slowing Headcount Growth As Sales Reorg Slow To Show Benefit (CRN) After undergoing a broad salesforce reorganization earlier this year, Fortinet executives said the company is “pleased” with the progress it’s made, but plans more changes as the full benefits of the shift were not yet fully realized

Fortinet (FTNT) Stock Tumbles on Downbeat Guidance (The Street) Fortinet (FTNT) stock is falling on Thursday afternoon after the company posted better-than-expected second quarter results, but provided soft guidance for the third quarter and full year

FireEye Stock Jumps on Takeover Speculation (Motley Fool) There's been no confirmation that a deal is in the works, but investors seem to think that the cybersecurity provider could be a target

FireEye Can Stop Cyber Crime But Not A Takeover (The Street) Cybersecurity products provider looks increasingly like the target of bigger tech enterprises

Cisco: 9-Year High And Still A Buy (Seeking Alpha) Cisco is near its 9-year intraday high, but still carries one of the highest dividend yields among Dow components. With an earnings report due in mid-August, we wanted to evaluate Cisco and determine if now was the time for dividend investors to take some profits. Our conclusion: Cisco’s combination of a high dividend, strong balance sheet, low valuation and understated outlook make it a strong play for dividend investors looking for value

Security FUD and malware outbreaks boost Sophos' coffers (Register) Targeting the 'underserved mid-market' pays off nicely

BAE Systems lifted by increased security spend (City A.M.) BAE Systems jumped in early morning trading, after the defence and aerospace group was boosted by increased security spending

LookingGlass Actively Recruits Partners For Cyber Guardian Network (Channel Partners) Security firm LookingGlass Cyber Solutions is launching its Cyber Guardian Network, an expansion/enhancement of its existing partner program

How to attract a board-level cybersecurity expert (CSO) Suzanne Vautrinot’s impressive cybersecurity experience has been in high demand since she retired from the U.S. Air Force in October 2013. As a major general and commander, she helped create the Department of Defense's U.S. Cyber Command and led the Air Force's IT and online battle group

Paladion Networks appoints ex Infosys's EdgeVerve COO Sunil Gupta as President and COO (India Infoline News Service) In this new role, Sunil is responsible for the business strategies and outcomes in MEA and India, and will direct all business units and delivery

Products, Services, and Solutions

Enterprises partnering with Bugcrowd to hunt down software bugs (Sotfware Development Times) Enterprises are teaming up with Bugcrowd, a crowdsourced security organization that helps fight back against the persistent hackers and vulnerabilities in software

How Does SentinelOne's Ransomware Guarantee Stack Up? (BankInfo Security) Protection: up to $1,000 per endpoint - subject to terms and conditions

Appmobi Launches World's First Real-Time Mobile App Cyber Attack Detection and Resolution Platform for IT Teams (Yahoo! Finance) Mobile security company, Appmobi (https://appmobi.com) today announced the launch of the Appmobi Protection Center, a first-of-its-kind complete mobile security solution that detects and resolves attacks at the app level

IOActive offers offensive security approach to risk assessment (Help Net Security) IOActive launched its Advisory Services practice, offering strategic security consulting that leverages IOActive’s testing and research expertise to help customers better align their security programs with business objectives

Mac security software gets 100% score in AV-Comparatives tests (IT-Wire) AV-Comparatives' latest testing of Mac security software gave all ten products a 100% score for malware protection

RiskIQ Launches Real-Time Security Intelligence Services to Predict Attacker's Next Move (BusinessWire) Empowers customers to fight back by detecting malicious activity as it appears on the Internet

CyberVista Announces Board Cybersecurity Literacy Program for Company Boards and Executives (Yahoo! Finance) Cybersecurity education and workforce development company CyberVista today announced the launch of their board and executive cyber literacy program, which aims to provide business leaders and corporate governance professionals with a comprehensive understanding of cyber issues that affect their organizations, as well as the tools to oversee and manage 21st century cyber risks

Technologies, Techniques, and Standards

Building an Effective Incident Response Plan (Infosecurity Magazine) When it comes to incident response and a company’s ability to manage a data breach, no organization can afford to be caught off guard. The effects of an uncontrolled and poorly managed data breach can be catastrophic to businesses of all sizes, not to mention the public relations nightmare and subsequent liability that can ensue when an organization drops the ball in the wake of a cyber-attack

Metrics Project May Help CISOs Measure Effectiveness Better (InfoRisk Today) ClubCISO's Phil Cracknell describes initiative and framework roadmap

Three Principles of an Effective Cybersecurity Strategy (InfoRisk Today) RSA CTO Zulfikar Ramzan siscusses visibility, identity and risk

Back to School: Dashlane Releases List of Top 10 Most Popular Kids' Websites with Safe Password Practices (PRNewswire) Dashlane has released a list of the top ten websites with safe password practices, just in time to help parents navigate online safety risks during the busy back-to-school season

What Learning to Lockpick Taught Me About Digital Security (Motherboard) Tucked in an alley behind an old church in downtown Toronto, there’s a makerspace called Site 3: Two stories crammed with workbenches, retro video game consoles, art projects, a mannequin, and an incinerating toilet that torches human poop, turning it to ashes. (Site 3 doesn’t have running water, although the toilet wasn’t working anyway when I visited)

Design and Innovation

Dark Patterns are designed to trick you (and they’re all over the Web) (Ars Technica) No, it's not only you—some user interfaces today intentionally want to confuse and enroll

Academia

White House celebrates cyber contests to attract young talent (FedScoop) A White House workshop highlighted the importance of cybersecurity contests to get students interested in the field

Legislation, Policy, and Regulation

European privacy advisor wants encryption without backdoors (Help Net Security) “The confidentiality of online communications by individuals and businesses is essential for the functioning of modern societies and economies. The EU rules designed to protect privacy in electronic communications need to reflect the world that exists today,” European Data Protection Supervisor (EDPS) Giovanni Buttarelli opined after reviewing a new proposal on the ePrivacy Directive

Brits fear Snooper's Charter powers that already exist (IT Pro) General public unaware of existing police powers to spy on the public

With Army in Disarray, a Pillar of Modern Turkey Lies Broken (New York Times) As a rebel faction of Turkey’s military began a violent attempt to topple the elected government, the country’s top officer, Gen. Hulusi Akar, was held at gunpoint in his office in the capital and told for the first time about what was happening

Cybersecurity in Saudi Arabia Calls for Clear Strategies (Frontera) When it comes to cyberattacks, Saudi Arabia is the most targeted country in the Middle East. While the Kingdom’s cybersecurity is improving, clear national strategies, policies, and legal frameworks are absent

Using a VPN to access blocked services in the UAE can cost you $545,000 (The Next Web) Want to make half a million dollars disappear in no time? Try using a VPN in the UAE and the government will fine you that amount right quick

British Spies Used a URL Shortener to Honeypot Arab Spring Dissidents (Motherboard) A shadowy unit of the British intelligence agency GCHQ tried to influence online activists during the 2009 Iranian presidential election protests and the 2011 democratic uprisings largely known as the Arab Spring, as new evidence gathered from documents leaked by Edward Snowden shows

After tonight, Hillary Clinton and Donald Trump can get classified intelligence briefings (Los Angeles Times) Hillary Clinton and Donald Trump can be given classified intelligence briefings now that they are the Democratic and Republican presidential nominees, the top U.S. intelligence official said Thursday, despite calls from party leaders to limit the other candidate's access to national security secrets

Industry Supports White House Cyber Directive (MeriTalk) The Presidential Directive that defined roles and responsibilities of Federal agencies in the event of a cyber incident is being applauded as a step in the right direction by private sector cybersecurity companies

New Federal Cybersecurity Strategy Aims to Reverse Growing Work Force Shortage (SIGNAL) Government must boost salaries, change motivational messaging and seek eccentric talent, expert says

The Situation Report: DHS Cyber Reorganization Gains Support (MeriTalk) The Department of Homeland Security’s long-standing plans to reorganize the National Protection Programs Directorate (NPPD) to better deal with the growing threat of cyberattacks on national critical infrastructure may have received the boost it needed this week to obtain congressional approval

Litigation, Investigation, and Law Enforcement

Exclusive: FBI probes hacking of Democratic congressional group - sources (Reuters) The FBI is investigating a cyber attack against another U.S. Democratic Party group, which may be related to an earlier hack against the Democratic National Committee, four people familiar with the matter told Reuters

It’s Not Over: FBI Reportedly Investigating Cyber Attack At DCCC (Talking Points Memo) Days after damaging hacked information from the Democratic National Committee was published online, leading to the resignation of its chair, Reuters reported Thursday that the FBI was investigating a cyber intrusion at the Democratic Congressional Campaign Committee

Turkey has intelligence cleric Gulen could flee United States: justice minister (Reuters) Turkey is receiving intelligence that the Muslim cleric it blames for orchestrating a coup attempt this month could flee his residence in the United States, Justice Minister Bekir Bozdag said on Thursday

Cleric's Kosovo Arrest Puts Iran's Balkan Activities Under Spotlight (Radio Free Europe/Radio Liberty) Iran's promotion of its brand of Shi'ite Islam across the Middle East has been obvious for decades, but such activities in Europe largely managed to fly under the radar

'It's Been Harrowing': Alleged Hacker Lauri Love Awaits Extradition Decision (Motherboard) Early in the evening of 25 October 2013, a man dressed as a UPS delivery guy arrived at Lauri Love's family home in Suffolk holding a box. When Love's mum answered the door, she was told that only her son could sign for the delivery. She called him downstairs, and when he emerged wearing his dressing gown, he was told that the man was in fact an officer of the National Crime Agency, and that he was being arrested on suspicion of hacking into a long list of systems, including those controlled by the US Federal Reserve, NASA, and the FBI. Love asked if he still got to keep the box

Get Transcript IRS fraud lands married couple in prison (Graham Cluley) Pair laundered over $1.5 million after filing fake tax returns

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

CyberMaryland 2016 (Baltimore, Maryland, USA, October 20 - 21, 2016) The CyberMaryland Conference is an annual two-day event presented jointly by The National Cyber Security Hall of Fame and Federal Business Council (FBC) in conjunction with academia, government and private...

Upcoming Events

SANS San Jose 2016 (San Jose, California, USA , July 25 - 30, 2016) Information security training is coming to Silicon Valley from SANS Institute, the global leader in information security training. At SANS San Jose 2016, July 25-30, 2016, choose from 7 hands-on, immersion-style...

SANS ICS Security Summit & Training — Houston 2016 (Houston, Texas, USA, July 25 - 30, 2016) SANS has joined forces with industry leaders and experts to strengthen the cybersecurity of Industrial Control Systems (ICS). The initiative is turning ICS cybersecurity around by equipping both security...

Black Hat USA (Las Vegas, Nevada, USA, August 1 - 6, 2015) Black Hat — built by and for the global InfoSec community — returns to Las Vegas for its 18th year. This six day event begins with four days of intense Trainings for security practitioners...

SANS Boston 2016 (Boston, Massachusetts, USA , August 1 - 6, 2016) SANS will be returning to Boston with an exceptional cyber security training lineup this August, including a special evening event hosted by Stephen Northcutt, where you'll get choose your favorite chowder!...

Secure Bermuda 2016 (Bermuda, August 10, 2016) Industry-leading intelligence from expert cybersecurity thought leaders and innovators. In addition to human capital shortages, the Bermudian cybersecurity industry faces an uphill battle to keep up with...

TECHEXPO Top Secret Polygraph-Only Hiring Event (Baltimore, Maryland, USA, August 10, 2016) Polygraph-Tested Professionals are invited to interview for new career opportunities on Wednesday, August 10 at the BWI Marriott in Baltimore, MD. A CI or Full Scope Polygraph is Required to Attend. Hot...

Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, August 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered...

TECHEXPO Top Secret Polygraph-Only Hiring Event (Baltimore, Maryland, USA, August 10, 2016) Polygraph-Tested Professionals are invited to interview for new career opportunities on Wednesday, August 10 at the BWI Marriott in Baltimore, MD. A CI or Full Scope Polygraph is Required to Attend. Hot...

International Conference on Cyber Security (ICCS) 2016 (Kota, Rajasthan, India, August 13 - 14, 2016) The International Conference on Cyber Security (ICCS) 2016 is an unparalleled opportunity to discuss cyberthreat analysis, operations, research, and law enforcement to coordinate various efforts to create...

2016 Information Assurance Symposium (Washington, DC, USA, August 16 - 18, 2016) The Information Assurance Symposium is the premier IA event at which leaders and practitioners share vital information and provide direction and best practices to meet today’s challenges in IA and the...

Insider Threat Program Development Training (Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC.

SANS Alaska 2016 (Anchorage, Alaska, USA, August 22 - 27, 2016) SANS is bringing our renowned security training to Alaska! Join us in August for a week of hands-on training and compelling bonus sessions while taking in breathtaking views and experiencing the great...

CISO New Jersey (Hoboken, New Jersey, USA, August 23, 2016) With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility...

CyberTexas (San Antonio, Texas, USA, August 23 - 24, 2016) CyberTexas was established to provide expanded access to security developments and resources located in Texas; provide an ongoing platform for the education and skill development of cyber professionals...

Chicago Cyber Security Summit (Chicago, Illinois, USA, August 25, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers...

Air Force Information Technology and Cyberpower Conference 2016 (Montgomery, Alabama, USA, August 29 - 31, 2016) America is faced with a national emergency in cyberspace. US national security, economic vitality, financial stability and foreign policy are being eroded. Increasingly prevalent and severe malicious cyber...

CISO Toronto (Toronto, Ontario, Canada, August 30, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.