skip navigation

More signal. Less noise.

Daily briefing.

At this point consensus holds that the DNC hack was the work of Russian intelligence services (despite a flat Kremlin denial of involvement, and Guccifer 2.0’s protestations of hacktivist purity). SecureWorks says that Fancy Bear (GRU) is also prospecting military spouses (leads on US operations), journalists critical of Russia, and unspecified “activists.” Much a priori speculation circulates that President Putin wishes to influence US elections. More stolen documents are expected soon via Wikileaks.

Most of the hacking news today involves ransomware developments. SentinelOne reports a new CryptXXXX variant—the code now defeats free decryption tools designed for earlier versions. Avanan this morning released details on a Cerber email phishing campaign targeting Office 365 users—Microsoft began blocking malicious traffic last Thursday. Trend Micro notes odd behavior from Guy-Fawkes-masked MIRCOP ransomware: it accuses victims of “having stolen from a notorious hacktivist group” (the circumlocution is Trend Micro’s) and demands 48.48 Bitcoin (almost $29,000 at current rates). MIRCOP gives the victim a Bitcoin address and that’s it—they assume you’re familiar with Bitcoin transactions.

Intel appears ready to sell its security unit.

Observers continue to mull Brexit: early speculation sees Berlin as the next European start-up center.

There’s widespread disagreement over the importance of motive in understanding and parrying denial-of-service attacks, like those organized by LizardSquad against gaming sites last week. Money, ideology, or just the lulz, however mixed and overdetermined the motive might be, arrested development or teenage anomie probably play a role. (Like a chickie run off a Calabasas cliff.)

Notes.

Today's issue includes events affecting Albania, Algeria, Australia, Brazil, China, India, Palestinian Territories, Russia, United Kingdom, United States.

Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we'll talk with Johns Hopkins' Joe Carrigan about (again) the importance of not reusing passwords. (And as always, please, if you feel so inclined, consider giving us an iTunes review.)

Cyber Security Summit (Washington, DC, USA, June 30, 2016) ​Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from the NSA, FBI and more. Register with promo code cyberwire50 for half off your admission (Regular price $250)

Billington Global Automotive Cybersecurity Summit (Detroit, Michigan, USA, July 22, 2016) ​Connected cars are on the roads, and autonomous vehicles are coming. Connect with industry experts at the first summit devoted to this emerging, life-changing technology.​ Register here and use code CyberWire2016 for a 20% discount off the corporate rate.​

E8 Security (Detroit, Michigan, USA, July 22, 2016) E8 Security - DETECT. HUNT. RESPOND. Find out how.

Cyber Attacks, Threats, and Vulnerabilities

Report Says Russian Hackers in DNC Breach Waged Wider Campaign (Wall Street Journal) Cyberattack targeted a range of email accounts, including Clinton campaign, military spouses and activists

Is Moscow trying to influence Trump-Clinton race? (The Hill) The unknown identity of a mysterious hacker claiming to be the sole architect behind the infiltration of the Democratic National Committee (DNC) has raised fears that Russia may be trying to influence the U.S. election

The clownish fight over who hacked the DNC (Engadget) How do you prove you're not a Russian spy?

DDoS it matter what motivates Lizard Squad? (SC Magazine) Lizard Squad is best known for launching DDoS attacks against Microsoft Xbox Live and Sony PlayStation Network, and doing so 'for the lulz!' SC Magazine UK has been pondering whether the motivation actually matters?

Broken Phishing scam targets several tech journalists (CSO) A series of errors ensured the scam was easily spotted, but the risk is real

Facebook ‘Comment Tagging Malware’ Spreading via Google Chrome (Hack Read) If you receive a Facebook notification regarding a friend tagging you in a comment be very careful before clicking on the link it can be a Javascript malware found targeting users lately

Chrome vulnerability lets attackers steal movies from streaming services (Help Net Security) A significant security vulnerability in Google technology that is supposed to protect videos streamed via Google Chrome has been discovered by researchers from the Ben-Gurion University of the Negev Cyber Security Research Center (CSRC) in collaboration with a security researcher from Telekom Innovation Laboratories in Berlin, Germany

PunkeyPOS Variant Slurping Data from US POS Terminals (Infosecurity Magazine) Security researchers have spotted a new variant of the PunkeyPOS malware family designed to lift credit card details from victim organizations

How to Spot Ingenico Self-Checkout Skimmers (KrebsOnSecurity) A KrebsOnSecurity story last month about credit card skimmers found in self-checkout lanes at some Walmart locations got picked up by quite a few publications. Since then I’ve heard from several readers who work at retailers that use hundreds of thousands of these Ingenico credit card terminals across their stores, and all wanted to know the same thing: How could they tell if their self-checkout lanes were compromised? This post provides a few pointers

MWR Labs Warns Of Command Injection Vulnerability In IBM’s GPFS / Spectrum Scale (Information Security) Allows adversary on any system which mounts GPFS to inject commands which are later executed as root

New CryptXXX Variant Discovered (SentinelOne) A new version of the CryptXXX family of ransomware has been discovered which is spreading through spam and perhaps other means. This latest iteration fixes flaws in its file encryption methods which prevents use of free decryption tools and makes it impossible to decrypt files without paying the ransom

Widespread Attack on Office 365 Corporate Users with Zero-day Ransomware Virus (Avanan) Millions of Office 365 business users likely effected

MIRCOP Crypto-Ransomware Channels Guy Fawkes, Claims To Be The Victim Instead (TrendLabs Security Intelligence) Ransomware behavior has been the talk of the town. We have seen oddly long ransom payment deadlines from GOOPIC, password stealing capabilities from RAA, chat support from the latest JIGSAW variant, and all these are just incidents discovered this June. But among these new behaviors, we came across a unique behavior in MIRCOP crypto-ransomware

Bart - a new Ransomware (SANS Internet Storm Center) Phishme is reporting the discovery of a new ransomware which its creators have named Bart. Bart shares several commonalities with the Locky ransomware. Bart is delivered by the same downloader, RockLoader. The payment site bares a striking resemblance to the Locky page

RockLoader Delivers New Bart Encryption Ransomware (Phishme) Another ransomware tool has been added to the ever-growing encryption ransomware market with the introduction of the Bart encryption ransomware

Anime site redirects to Neutrino exploit kit, CryptXXX ransomware (Graham Cluley) Neutrino exploit kit? Why not Angler or Nuclear? Oh yeah that's right

Necurs BotNet Back With A Vengeance Warns AppRiver (Information Security Buzz) Following the news that AppRiver has warned that the Necurs botnet is back online and distributing malware, Jon French security analyst at AppRiver commented below

Crypto-ransomware attacks have reached 'epidemic' status, Kaspersky Lab says (International Business Times) The number of users hit by crypto-ransomware has jumped by more than five times in the past year

Ransomware is helping make the cyber threat real (ComputerWeekly) The Scottish government is working to help businesses understand and manage the cyber security risk

U.S. targets top lists of ransomware hackers (FCW) Cybercriminals are focusing their ransomware attacks on the U.S. and a handful of other countries, according to a new report from Kaspersky

Trends in Ransomware Affecting Small Business (National Cybersecurity Institute) Cyber security news has been filled in the last few weeks with articles about ransomware attacks. Indicators show that attacks are increasing, with threats to businesses of all sizes

History and Statistics of Ransomware (SecurityWeek) Ransomware is not new - it has been around in one form or another for more than 20 years. It comes in two main varieties: 'blockers' that simply block the users' access to files, and 'encryptors' that irreversibly encrypt the users' files. Both hold the victim to ransom. Kaspersky Lab has analyzed figures from its users between 2014 and 2015 and finds that while crypto ransomware is increasing dramatically, ransom blockers remain worryingly common

NASCAR team nearly shut down due to cyber attack (Examiner) Not many knew it publicly at the time but Circle Sport-Levine Family Racing and driver Michael McDowell almost didn’t race at the NASCAR Sprint Cup event at Texas Motor Speedway in April. It was revealed Friday as the team prepared for Sunday’s Toyota/Save Mart 350 at Sonoma Raceway, that the team was forced to pay a ransom prior to the Texas race due to a cyber hacker who had locked up the team’s computer files

NASCAR team falls victim to ransomware, pays ransom (Help Net Security) Most US businesses would perhaps not pay in the event of a ransomware attack, but Circle-Sport Leavine Family Racing (CSLFR), a professional NASCAR car racing team, is not one of these

Malwarebytes Puts NASCAR Team Back In The Driver's Seat After A Ransomware Attack (Forbes) Dave Winston is the crew chief for the NASCAR racing team TISI +% Circle Sport-Levine Family Racing. Around lunchtime on April 5th he got a phone call from race team engineer Kevin Walter who wanted to know what was going on with all the communication between Winston’s computer and their Dropbox account. Winston wasn’t using his computer and didn’t know what Walter was talking about. Walter told him to get his computer offline. Fast. Winston took his system off the network and then a window no one wants to see popped up on his screen. Circle Sport-Levine Family Racing had been hit by a ransomware attack

WatchMojo Hacked: Another YouTuber Gets Attacked, PayPal Account, Twitter Breached [VIDEO] (EnStarz) Popular YouTube channel WatchMojo was the victim of a massive cyber attack. Is there a particular meaning behind the hacking of the prominent channel?

YouTube’s Popular Channels WatchMojo and Redmercy Hacked (Hack Read) A group of hackers calling themselves ”Obnoxious and Pein” is on a hacking spree where they are taking over popular YouTube channels and renaming videos title with their own. The recently hacked YouTube channels include popular WatchMojo with 12,291,423 subscribers and RedMercy with 975,765 subscribers

Brazilian Telecom Giant “Oi” Websites Hacked (Hack Read) A defacer from Algeria hacked Brazilian telecom Oi websites in support of Palestine — yes, we are also trying to figure out the connection

South Yorkshire (UK) Police Websites Hacked (Hack Read) Hackers took over two South Yorkshire police websites and replaced home pages with one of their own — reason behind the attack remains unknown

Complex Bitcoin Phishing Scheme Revealed - Cisco's OpenDNS Security Team (Coin Telegraph) Criminals have started staging phishing campaigns having discovered that Bitcoin can provide an easier way to steal, says Cisco’s OpenDNS security team after they revealed a complex phishing scheme aimed at collecting user credentials from various Bitcoin-related services

Hacker Selling 1.1 million Lookbook.nu Emails and Plain Text Passwords (Hack Read) Login data of Lookbook’s 1.1 million users is available on the Darknet for sale — we are not sure if the targeted company is even aware of the fact that their security may have been compromised

Compromised RDP Server Tally From xDedic May Be Higher (InfoRisk Today) Initial estimate of compromised RDP servers on marketplace was low: Kaspersky

xDedic: The Black Market Of Hacked Servers Decoded (CXO Today) Is your server hack proof? The Russian security vendor, Kaspersky has exposed the hacker marketplace that trades compromised servers. The ‘xDedic’ marketplace currently offers access to more than 70,000 compromised servers at very cheap price. The alarming number of hacked servers on xDedic is a clear indication that cybercriminals are stepping up towards cybercrime-as-a-service model. It is a high time for organizations to gear up to tackle organized and sophisticated attack launches of cyber crooks

The malicious 'Godless' exploit found in a few Google Play apps sounds scary, but that's about it (Android Central) Another week, another scary-sounding security story. Here's why we wouldn't worry too much about "Godless"

Google CEO Sundar Pichai's Quora Account Hacked (Hacker News) Nobody is immune to being hacked

Cyber Trends

On This Date In Cyber Doom History: An Example of Getting It So Wrong For So Long (Forbes) I recently returned from presenting at this year’s International Conference on Cyber Conflict in Tallinn, Estonia. In his presentation to a “Lessons Learned” panel at that conference, Jason Healey of Columbia University argued, “For twenty five years of the seventy five since Pearl Harbour, we have been talking about a digital Pearl Harbour. It still hasn’t happened, so we are probably missing the point"

Energy networks in catch-up mode on cyber security (Financia lReview) Australia's electricity networks are falling behind other industries and their peers in Europe and the US in their preparedness to counter cyber attacks just as the grid is becoming more vulnerable due to the addition of solar panels and batteries, experts say

Bitglass warms of ‘MDM mayhem’ in latest research (EnterpriseAppsTech) Cloud access security provider Bitglass has warned of ‘MDM mayhem’ in the results of its latest study which argues mobile device management (MDM) software contains major privacy issues for users

Medical Study Blasts Hospitals’ Security Practices (Threatpost) A scathing rebuke of medical professionals’ attitudes toward information security reveals nurses and doctors fumble over protocols often putting patients at risk

Data Science vs. Security: Where's the Synergy? (InfoRiskToday) Is it time to focus on data science to secure against fraud?

Cyberattacks: Here’s reason why India Inc should be very worried (Financial Express) Eight in 10 businesses witnessed increased cyberattacks in 2015; a third expect to be targeted within 90 days, points out a VMware study

Marketplace

Brexit creates a new vocabulary for startups in Europe (Tech Crunch) The “United” Kingdom just punched the European startup scene in the face and we’ll see if Europe can recover

10 Stats About Cybersecurity That Will Alarm You (Motley Fool) Here are ten reasons investors shouldn’t ignore the growing cybersecurity market

How the ‘insecurity of things’ creates the next wave of security opportunities (TechCrunch) More than 5 billion IoT devices were installed in 2015. Gartner estimates this will grow to 20 billion by 2020. Unfortunately, experts agree that security is not only an afterthought, but often is actively resisted and circumvented

Mind The Gap: CISOs Versus 'Operators' (Dark Reading) How open communication among security execs and analysts, incidents responders, and engineers can help organizations stay on top of the constantly changing threat landscape

How executives really feel about infosec reports (Help Net Security) More than half of IT and security executives will lose their jobs as a result of failing to provide useful, actionable information. While the majority of board members say they understand everything they’re being told by IT and security executives in their presentations, more than half believe the data presented is too technical, according to Bay Dynamics

Chubb Wins Cyber Risk Innovation and Pre-Breach Team Awards (PRNewswire) Chubb received top honors at the 2016 Advisen Cyber Risk Awards in two categories: Cyber Risk Innovation of the Year and Pre-Breach Team of the Year. Now in its third year, the Advisen Cyber Risk Awards winners are determined by the largest number of votes received from members of the insurance community

FireEye Wins NYSE Governance Services 2016 Leadership Award (Yahoo! Finance) Company honored as Best In-House Legal Team for Corporate Governance at a Small to Mid-Cap Company

WISeKey International Holding Ltd Secures CHF3 Million of Cash in a First Tranche of a Mandatory Convertible Loan Note Placed with Selected Strategic Investors (BusinessWire) WISeKey International Holding Ltd (WIHN.SW) (“WISeKey”) announced today that it has raised CHF3 million of cash via the placement of a first tranche of a mandatory convertible loan note (“Mandatory Loan Note”) with selected strategic investors. At maturity of the Mandatory Loan Note on 21 September 2016, the security automatically converts into 725,000 - 745,000 new WISeKey International Holding Ltd Class B Shares, issued from existing listed conditional capital

Why IBM Stock Is Up 12% in 2016 (Motley Fool) The pessimism that has beaten down the stock over the past few years appears to be letting up

CrowdStrike talks APAC, cyber security, EDR & nation-state attacks (Security Brief AU) CrowdStrike's leading endpoint threat detection is launching in the APAC region. To explain more about threat detection technology and why CrowdStrike chose APAC to launch, Michael Sentonas, vice president for Technology Strategy shares his thoughts about this dynamic new market and what this means for cyber security

Look into our network, not around our network... you're under (Register) Negev desert foxes aim to outwit hackers

Intel is said to mull sale of its security business (PCWorld) The chipmaker has been talking to bankers about the sale, said a report

Intel weighs sale of cyber security business (Financial Times) Intel is looking at options for Intel Security, including potentially selling the antivirus software maker formerly known as McAfee which it bought for $7.7bn almost six years ago

Intel to Quit the Security Business (Again), and Jettison McAfee? (Graham Cluley) A long time ago, Intel used to have its own anti-virus product. They called it Intel LanDesk Virus Protect

Why is Dell really dropping its assets? To fund its EMC acquisition (Channel Life) Dell is cutting its losses with its sale of Dell Software Group, according to a Technology Business Research white paper, titled 'Selling the Software Group makes strategic and financial sense for Dell and its partners'

Products, Services, and Solutions

CrowdStrike: Defenders Must Look Beyond Malware Detection (BankInfoSecurity) Executive says beware of attack techniques that leave no trace

CloudLock Announces New Threat Analytics Powered by Machine Learning (MarketWired) State-of-the-art machine learning delivers actionable visualization and anomaly detection in the CloudLock CASB and Cloud Cybersecurity Platform

Technologies, Techniques, and Standards

Managing a Cyber Attack: How to Communicate to Customers (B2C) Cyber attacks are de rigueur these days. Respondents to a recent survey of IT professionals reported an average of 40 attacks per year

So Hey You Should Stop Using Texts for Two-Factor Authentication (Wired) Since two-factor authentication became the norm for web services that care about securing your accounts, it’s started to feel like a security blanket, an extra layer keeping your data safe no matter whether your password is as strong as 8$&]$@I)9[P&4^s or as dumb as dadada. But a two-factor setup—which for most users requires a temporary code generated on, or sent to, your phone in addition to a password—isn’t an invincibility spell. Especially if that second factor is delivered via text message

Micro-segmentation key to new approach to infosec, says Unisys (ComputerWeekly) Micro-segmentation enables organisations to improve data security at reasonable cost without compromising agility, governance, risk and compliance, says Unisys

5 questions the CISO should ask the Threat Analyst (IT Pro Portal) Threat intelligence data is a powerful tool for understanding attackers and their activities. Once organised in a threat intelligence platform, the data often reveals techniques and methodologies used by attackers as evidenced in malware, infected websites, suspicious domain name registrations and mass credential exposures

Cybersecurity & software vulnerability management: The ounce of prevention that’s worth a pound of cure (Security Brief NZ) A recent cyber-attack on the BBC, the New York Times and MSN saw tens of thousands of computers potentially exposed to hacker threat because of malicious online advertisements that ran on these companies’ websites. The hackers were able to embed malicious code into ads which connected with servers that were hosting the Angler exploit kit

Research and Development

Selfrando Technique Mitigates Attacks Unmasking Tor Users (Threatpost) The FBI’s apparent capability to unmask users of the Tor Network has caused hand-wringing among those concerned with privacy and civil liberties, many of whom are busy trying to win legal battles to get law enforcement to confess as to how they’re doing it

An MIT Algorithm Predicts the Future by Watching TV (Wired) The next time you catch your robot watching sitcoms, don’t assume it’s slacking off. It may be hard at work

Academia

Akamai Partners with Girls Who Code for 2016 Summer Immersion Program (PRNewswire) Akamai Technologies, Inc. (NASDAQ: AKAM), the global leader in content delivery network (CDN) services, announced today its continued partnership with Girls Who Code – a national non-profit organization that aims to inspire, educate and equip young women for futures in computing-related fields. Akamai will serve as a host company for the organization's acclaimed seven-week Summer Immersion Program (taking place at Akamai's Cambridge headquarters from June 27 – August 12)

Cyber Security camp wraps up at Louisiana Tech (KNOE) A cyber security camp is wrapping up at Louisiana Tech, giving students and teachers a real world perspective on protecting computers from outside threats

Legislation, Policy, and Regulation

Wassenaar negotiators warming to industry’s arguments (Politico) It looks like Wassenaar negotiators are actually coming around to the industry-desired carveouts for cybersecurity tools

Rai's 5-Point Plan to Secure Digital India (InfoRiskToday) Security leaders ask: what's new about this agenda?

Rajan's Lasting Cybersecurity Impressions (InfoRiskToday) Security leaders believe RBI Governor set tone and vision for banking security

China's Cyber Spying on the U.S. Has Drastically Changed (Fortune) Last year United States President Barack Obama and Chinese President Xi Jinping entered into a dubious agreement during Xi’s first state visit: No more hacking one another’s businesses. Military and political espionage? Fair game. Industry? Hands off

DoD Recommendation on Unified Cyber Command Expected Soon (DefenseTech) Nearly six years after the cyber warrior force – made up of personnel from all four service branches and the U.S. Coast Guard – became fully operational as a subordinate unit of USSTRATCOM, House Armed Services Committee Chairman Rep. Mac Thornberry, R- Texas, is asking: “Isn’t it time for CYBERCOM to stand on its own as a combatant command?”

Litigation, Investigation, and Law Enforcement

Top IT official: Disabling security for Clinton server laid out 'welcome mat' for hackers (Fox News) A 2010 decision temporarily disabling State Department security features to accommodate Hillary Clinton’s private server effectively laid out a "welcome mat" for hackers and foreign intelligence services, a leading IT official who oversaw computer security at the Defense Intelligence Agency told Fox News

Battle erupts over security of chip-enabled credit card readers (Christian Science Monitor Passcode) The Home Depot and Walmart are suing MasterCard and Visa in separate lawsuits over what the retailers claim is lax security on chip-enabled card readers that puts consumers at risk of fraud

Comodo says they'll abandon Let's Encrypt trademark applications (CSO) Comodo says the dispute was resolved due to collaboration with Let's Encrypt

Meet ‘URL’: the newest canine police recruit who sniffs out storage devices (Naked Security) A 16-month old black labrador retriever who was rescued from the pound as a puppy is the latest police dog to start a highly specialized new job: sniffing out hidden electronic devices during police searches

Scam Victim Sues TalkTalk (Graham Cluley) The Mirror reports on Michael Robinson, who is taking British broadband provider TalkTalk to court after they were hacked and he suffered at the hands of scammers

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

CyberTech (Beverly Hills, California, USA, June 30, 2016) Since 2014, CyberTech has served as one of the largest cyber solutions events around the globe. From Tel Aviv, to Singapore and Toronto, CyberTech is one of the most popular networking events for industry...

Cyber Security: How to Identify Risk and Act (Frankenmuth, Michigan, USA, September 26, 2016) Join us on 9/26/2016 for the PMI-MTC's annual project management PDD focusing on "Cyber Security: How to Identify Risk and Act." Earn 7 PDUs during the interactive sessions with well-known information ...

Upcoming Events

Security of Things World (Berlin, Germany, June 27 - 28, 2016) Security. Privacy. Connected Devices. Exploring Security and the Internet of Things. A world class event focused on the next information security revolution. Be part of Security of Things World in June...

SANS Salt Lake City 2016 (Salt Lake City, Utah, USA , June 27 - July 2, 2016) We are pleased to invite you to SANS Salt Lake City 2016, June 27-July 2. Are you ready to immerse yourself in the most intense cyber training experience available anywhere? Do you need to become a more...

DC / Metro Cyber Security Summit (Washington, DC, USA, June 30, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers...

TECHEXPO Cyber Security Hiring Event (Tysons Corner, Virgina, USA, June 30, 2016) Cyber security professionals are invited to interview face-to-face with employers including The CIA, Deloitte, Intel Security, Northrop Grumman, Lockheed Martin, Deloitte, Vencore and many more. Hundreds...

ISS World South Africa (Johannesburg, South Africa, July 10 - 12, 2016) ISS World South Africa is the world's largest gathering of Southern Africa Law Enforcement, Intelligence and Homeland Security Analysts as well as Telecom Operators responsible for Lawful Interception,...

Insider Threat Program Development Training (Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC.

SINET Innovation Summit 2016 (New York, New York, USA, July 14, 2016) “Connecting Wall Street, Silicon Valley and the Beltway.“ SINET Innovation Summit connects America’s three most powerful epicenters and evangelizes the importance of industry, government and academic collaboration...

Insider Threat Program Development Training (Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC.

CyberSec 2016 (New York, New York, USA, July 19, 2016) Ask any bank CEO in the U.S. what keeps them up at night and cybersecurity is bound to be in the top five. Maybe even no. 1. And while the threat matrix is evolving rapidly, along with the regulatory demands,...

Nominations are now open: National Cyber Security Hall of Fame (Baltimore, Maryland, USA (nominations submitted online), July 20, 2016) The Cyber Security Hall of Fame "Respect the Past - Protect the Future" accepts nominations from companies and organizations that are engaged in, and committed to, the growth of the cyber security industry.

Insider Threat Program Development Training (Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC.

Billington Global Automotive Cybersecurity Summit (Detroit, Michigan, USA, July 22, 2016) Billington Cybersecurity, an independent conference company focused exclusively on cybersecurity seminars, announces the first global summit that brings together the most senior government and industry...

Community College Cyber Summit (3CS) (Pittsburgh, Pennsylvania, USA, July 22 - 24, 2016) The third annual Community College Cyber Summit (3CS) is organized and produced by six Advanced Technological Education (ATE) centers funded by the National Science Foundation (NSF) and involved in cybersecurity.

SANS ICS Security Summit & Training — Houston 2016 (Houston, Texas, USA, July 25 - 30, 2016) SANS has joined forces with industry leaders and experts to strengthen the cybersecurity of Industrial Control Systems (ICS). The initiative is turning ICS cybersecurity around by equipping both security...

SANS San Jose 2016 (San Jose, California, USA , July 25 - 30, 2016) Information security training is coming to Silicon Valley from SANS Institute, the global leader in information security training. At SANS San Jose 2016, July 25-30, 2016, choose from 7 hands-on, immersion-style...

AfricaHackOn (Nairobi, Kenya, July 28 - 29, 2016) What began as a casual meet up for information security professionals has become one of the formidable forces in the profession. That group is the AfricaHackOn. Housed under its parent umbrella, Euclid...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.