skip navigation

More signal. Less noise.

Daily briefing.

Guccifer 2.0 resurfaces with an FAQ blog and lots of matey denials that he (she? they?) is a Russian sockpuppet, but few seem to be buying this story. SecureWorks sees the DNC hack as one aspect of a comprehensive espionage campaign against US targets likely to be of close interest to you-know-whom. ThreatConnect concludes Guccifer 2.0 is a denial-and-deception operation. Their evidence is admittedly circumstantial, and they consider just two possibilities (hacktivist vs. Russian organs), but their reasoning is interesting.

Researcher Chris Vickery reports that a 2014 version of Thompson-Reuters’ widely used World-Check data base of terrorist actors has leaked online. Thompson-Reuters says it’s “secured” the third-party source of the leak.

Motherboard thinks the (still unconfirmed, possibly genuine but possibly bogus) healthcare insurance data for sale on the dark web represent an attempt to “game the media” into aiding extortion. The DarkOverlord seems pleased with his promotion: “I have a reputation with this handle now. Another step accomplished. Every time I put a new listing up it gets reported without hesitation now.”

Occulus hasn’t appointed a new CEO. Their Twitter account was hacked to spread the hoax, latest in the ongoing series of tech-company hijackings.

LizardStresser is involved in assembling the large security camera botnet. The DDoS tool is expected to make further inroads into the IoT.

The Hard Rock Hotel and Casino Las Vegas and the fast-dining chain Noodles and Company both confirm they suffered data breaches.

Observers look at China’s control of its Internet and see surprising success.

A note to our readers: The CyberWire won't publish Monday as we celebrate Independence Day. We'll be back as usual on Tuesday, July 5, with both our daily news summary and our podcast.

Notes.

Today's issue includes events affecting Belgium, Canada, China, European Union, France, Germany, Iran, Kenya, Russia, Turkey, United Kingdom, United States.

Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we'll hear from Level 3's Dale Drew on the seasonal nature of cyber attacks, and our guest Dan Pastor from Cytegic will update us on SWIFT-based funds-transfer frauds.

(We welcome reviews. Please consider putting on up on iTunes. We appreciate it.)

Cyber Security Summit (Washington, DC, USA, June 30, 2016) ​Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from the NSA, FBI and more. Register with promo code cyberwire50 for half off your admission (Regular price $250)

Billington Global Automotive Cybersecurity Summit (Detroit, Michigan, USA, July 22, 2016) ​Connected cars are on the roads, and autonomous vehicles are coming. Connect with industry experts at the first summit devoted to this emerging, life-changing technology.​ Register here and use code CyberWire2016 for a 20% discount off the corporate rate.​

E8 Security (Detroit, Michigan, USA, July 22, 2016) E8 Security - DETECT. HUNT. RESPOND. Find out how.

Cyber Attacks, Threats, and Vulnerabilities

Kremlin hackers and the Democratic National Committee: How deep is the rabbit-hole? (Register) US politicos a side project for spies, claims report

DNC Hacker Denies Russian Link, Says Attack Was His ‘Personal Project' (Motherboard) The hacker who claimed responsibility for the hack on the Democratic party is back online after a week of radio silence

FAQ from Guccifer 2.0 (Guccifer 2.0) Hello! I received lots of questions from journalists and other people who are interested in my doings. Many thanks to all of you, it’s a pleasure for me!

Shiny Object? Guccifer 2.0 and the DNC Breach (ThreatConnect) The Shiйy ФbjЭkt? ThreatConnect challenges Guccifer 2.0’s claimed attribution for the Democratic National Committee (DNC) breach

Global terror database World-Check leaked (Register) Thomson Reuters 'working furiously' to secure 2.2 million sensitive records

Terror-suspect database used by banks, governments, has been leaked (CSO) Thomson Reuters has secured the source of the leak

How a Hacker Is Gaming the Media to Extort His Victims (Motherboard) Over the past few days, millions of health care organisation records have been listed on the dark web. But rather than simply selling the data at a low price for a quick payday, this hacker is advertising it to extort the unnamed companies into paying money to protect their patients’ details

Hacker takes over Oculus CEO’s Twitter account, announces new CEO (TechCrunch) Oculus CEO Brendan Iribe had his Twitter account hacked Wednesday; the hacker took the opportunity to promptly announce a new CEO for the virtual reality company

Threat Report Reveals Every Large Enterprise Has Mobile Malware (Skycure) Malicious hackers are targeting big enterprises for spying, data theft, defamation and extortion, and they have figured out many creative ways to silently take control of the best surveillance and infiltration tool ever created – your smart phone. Skycure’s new Mobile Threat Intelligence Report focuses on mobile malware, found on 4% of all mobile devices. The report is based on worldwide data from Skycure’s massive crowd-sourced threat intelligence platform

Apocalypse: Ransomware which targets companies through insecure RDP (Emsisoft) Beyond a shadow of a doubt 2016 has been the year of the ransomware. So it comes as no surprise that new ransomware families are popping up on weekly basis

Ransomware Update: TeslaCrypt, Locky And An Ounce Of Prevention (Channel Partners) As if customers didn’t have enough to worry about when it comes to securing their devices and data, new and seemingly more bulletproof threats are emerging to give even the most confident among us reason to take notice. So what’s all the fuss about?

Legit Tools Helping Attackers Hide Malicious Activity, Study Finds (Dark Reading) Malware often just used only for initial break-in, LightCyber report says

LizardStresser recruits an army of zombie webcams to launch DDoS attacks (Hot for Security) Do you have an internet-accessible webcam? If so, are you sure it is secured with a strong password and not still using the default password that it shipped with?

Always-on CCTVs with no effective security harnessed into massive, unstoppable botnet (BoingBoing) When security firm Sucuri investigated the source of a 50,000-request/second DDoS attack on a jewelry shop, they discovered to their surprise that the attacks originated on a botnet made of hacked 25,500+ CCTV cameras in 105 countries

Giant CCTV Camera Botnet Highlights IoT Security Threats (Techweek Europe) A botnet made up of more than 25,000 hacked security cameras spread around the world is being used to launch DDoS attacks, researchers say

There Are over 100 DDoS Botnets Based on Lizard Squad’s LizardStresser (Tirate Un Ping) Lizard Squad’s tool becomes very popular thanks to the millions of unsecured IoT devices ready for the taking

Rooting Hummer malware brings $500,000 per day to its creator (Help Net Security) Android malware with device rooting capabilities has been hitting Google Play for a while now, but for users third-party app stores the situation is even more dangerous

Easily exploitable LibreOffice flaw is a godsend for hackers (Help Net Security) A serious LibreOffice flaw can be easily exploited by attackers to deliver malware on computers running a vulnerable version of the popular free and open source office suite

Wormable flaws in Symantec products expose millions of computers to hacking (CSO) The flaws could have allowed hackers to execute malicious code on computers with no user interaction

Google Found Disastrous Symantec and Norton Vulnerabilities That Are 'As Bad As It Gets' (Fortune) An attacker’s unopened email is enough to compromise you

Phishing Campaign with Blurred Images (SANS Internet Storm Center) For a few days, I’m seeing a lot of phishing emails that try to steal credentials from victims. Well, nothing brand new but, this time, the scenario is quite different : The malicious email contains an HTML body with nice logos and texts pretending to be from a renowned company or service provider. There is a link that opens a page with a fake document but blurred with a popup login page on top of it. The victim is enticed to enter his/her credentials to read the document. I found samples for most of the well-known office documents. Here are some screenshots

Hacked: Private Messages From Dating Site ‘Muslim Match’ (Motherboard) Specialty dating site “Muslim Match” has been hacked. Nearly 150,000 user credentials and profiles have been posted online, as well as over half a million private messages between users

Saint John Development Corporation finds cyber attack damage (CBC) Group lost annual report, other data, part of wave of email attacks

Hard Rock Las Vegas, Noodle and Co. Confirm Hacks (Threatpost) If you’re one of the millions who rocked out at Hard Rock Hotel and Casino Las Vegas or slurped noodles at a Noodles & Company fast food chain in the past year, it’s time to get paranoid. Both companies announced this week separate breaches that include unauthorized access to credit card data

Noodles & Company Payment Data May Have Been Hacked (Fortune) Breach affects credit and debit cards used at just some locations

Another Popular YouTuber Lilly Singh’s Channel Hacked (Hack Read) Poodle Corp hackers have done it again — this time, the victim was Lilly Singh

Cyber Trends

Beyond the Password: The Future of Account Security (TeleSign) Commissioned by TeleSign and conducted by Lawless Research, “The Future of Account Security” report surveyed 600 security professionals across 15 industries in the U.S. and revealed that securing consumer accounts is a top concern for businesses

Passwords To Be Phased Out By 2025, Say InfoSec Pros (Dark Reading) Behavioral biometrics technology and two-factor authentication are on the rise as safer alternatives, according to a study

The Attribution Question: Does It Matter Who Attacked You? (Dark Reading) Everyone will ask whodunnit, but how can an organization put that information to practical use during disaster recovery and planning for the future?

IT professionals spend a lot of time ignoring security alerts (IT Pro Portal) Alert fatigue, lack of relevant skills and complexities at endpoint agent deployment are the most common headaches business have when adopting cloud solutions, it was said

European Orgs Not Prepared for Next Cyber-Attack (Infosecurity Magazine) The majority of European companies are failing to prepare themselves for the next cyber-attack, according to new research from operational intelligence software platform provider Splunk

Marketplace

Recalibrating Cybersecurity Spending Projections (Dark Reading) How big and how fast will the cybersecurity market grow in five years? Inquiring minds want to know

How To Bridge The Cyber Insurance Gap (Dark Reading) CISOs and insurance executives must unite and create more defined terminology and expectations for cyber insurance

Failure to protect data a costly business (ITWire) Businesses already suffering the economic impact of data loss for failing to protect their data are unprepared for new, emerging threats to the security of their data, and it comes at a huge cost

Intel Spin-Out Would Boost Imperva, Proofpoint (Barron's) A potential sale of Intel Security would cause disruption. Imperva and Proofpoint are two favorites in security

Deloitte revenue soars to $1.53bn (Australian) Deloitte will pursue further acquisitions in the cloud computing and design sectors to further beef up its technology capacity after reporting a 15 per cent increase in revenue to a record $1.53 billion

Cylance, Sophos Trade Heated Words, With A Reseller Partner Caught In The Middle (CRN) A war of words between Cylance and Sophos that began last week continues to escalate, with both sides now accusing the other of throwing their mutual reseller partner under the bus

Cylance® Attracts Top Industry Executives (Sys-Con Media) As company eclipses 1,000 customers, Cylance adds top-flight executives to help drive global expansion and continued innovation

Hexadite Strengthens Executive Team and Establishes Boston Headquarters (BusinessWire) Cybersecurity company plants roots in Boston and appoints experienced sales and marketing VPs amid growing demand for security orchestration and automation

FireEye Only Cyber Security Company Named to 2016 List of 50 Smartest Companies by MIT Technology Review (MarketWired) Annual list honors companies that combine innovative technology to create new opportunities

Products, Services, and Solutions

Versasec vSEC:CMS 4.5 Smart Card Lifecycle Management Solution Offers Remote (Verasec) Security devise management, new interfaces, and Yubikey token support new version boasts management enhancements, customizable features

E8 Security Joins Intel Security Innovation Alliance (MarketWired) Faster identification and response to insider threats, and increased return on existing security investment

A New Security Card the Size and Thickness of a Credit Card That Uses Biometrics for Safeguarding Buildings, Networks and Identity by SmartMetric (Marketwired) SmartMetric, Inc. (OTCQB: SMME) -- SmartMetric, the creator of the biometric credit card that has a built inside the card, powerful fingerprint scanner, is using the same biometric card based technology to bring enhanced portable biometric technology to the security and identity market

SandBlast Protects Customers from Widespread Cerber Ransomware Attack (Check Point) Starting at 6:44am UTC on June 22nd, Avanan, a partner of Check Point, detected a large-scale ransomware attack against its Cloud Security Platform customers across multiple companies. We believe this attack was only detected by SandBlast – Check Point’s Zero Day Protection solution

Swimlane Automated Security Operations Platform Wins 2016 MongoDB Innovation Award (PRNewswire) Swimlane, a developer of cybersecurity automation solutions, today announced that it has won the 2016 MongoDB Innovation Award in the "Securing the Enterprise Category"

Carbon Black's Detection eXchange puts humans back into threat sharing (ComputerWorld) Threat sharing needs more work. Carbon Black thinks the answer lies in a different kind of intel

Cloud Harmonics Expands Training and Channel Services for Palo Alto Networks Security Platform (PRNewswire) Comprehensive channel program helps partners grow their business with added endpoint security training and support for partners

State-of-the-art intelligence centre aims to thwart cyber attacks (Montreal Gazette) The huge “threat detection” screen at the front of the Montreal Cyber Intelligence Centre is ablaze with blinking lights, but none of the eight or so Deloitte employees manning the restricted centre seem particularly alarmed. Cyber attacks are routine for this gang of cybersecurity specialists, who try to keep the world safe from Internet thugs while hunkered down in their state-of-the art facility in downtown Montreal

IBM MaaS360 Answers the Call for Secure Chat in the Enterprise (IBM Security Intelligence) Organizations that have begun to embrace it know it best: Since its inception, bring-your-own-device (BYOD) has been the have-it-your-way approach to cut costs and achieve mobile productivity in the enterprise

Technologies, Techniques, and Standards

How to Keep Calm and Mitigate a 470 Gbps DDoS Attack (Imperva Incapsula) On June 14, Imperva Incapsula mitigated a 470 gigabits per second (Gbps) distributed denial of service (DDoS) attack—the largest assault in our records to date

Watch out for these 4 types of cyber attacks (Pensacola News Journal) It turns out that despite all the hackers in the world and technological mischief flying around cyberspace at any given minute, the biggest threat to a company, large or small, is you

DevNation Live Blog: Cryptography: What every application developer needs to know (Red Hat) Cryptography is something that technical folks either get excited over or completely tune out. There does not seem to be much of a middle ground. That said, cryptography is such an essential component of modern life that without it, the Internet and many, many companies would crumble

How CISOs can work with the C-suite to define the cybersecurity risk level (Help Net Security) Defining the cybersecurity risk level for any organization should be a collaborative effort that balances the need for risk mitigation with fiscal responsibility. Although the CISO is primarily focused on cybersecurity, the ultimate goal is to run a successful business. As a result, the CISCO will be reliant on the cooperation of their C-Suite colleagues to strike the right balance between operational business needs and security to derive a successful outcome

How to keep criminal hackers from ruining your vacation (Christian Science Monitor Passcode) Following basic security measures, like leaving extra devices at home and avoiding public Wi-Fi, could be enough to protect your information while you're traveling

How to Prevent Identity Theft in 20 Essential Steps (Heimdal Security) Do you know how to prevent identity theft attempts? Let’s get this clear first: identity theft is the illegal use of someone’s personal information

Research and Development

OptioLabs Awarded Patent for Innovative Mobile Security Technology (Optio Labs) US Patent US9363670 relates to systems and methods for restricting access to network resources via in-location access point protocol

Legislation, Policy, and Regulation

New Russian law to force service providers to decrypt encrypted comms (Help Net Security) An extremely wide-ranging anti-terrorism law has been passed last week by the lower house of the Russian Federal Assembly (i.e. parliament), and it is widely expected to pass the upper house without a hitch and be signed into law by president Putin within the next few weeks

The Man Who Nailed Jello to the Wall (Foreign Policy) Westerners said the web could never be controlled. Lu Wei, China's departing internet czar, proved them all wrong

State to double penalties for cyber crimes in proposed law (Star) Persons using the Internet to spread hate, hack into a protected computer system or intercept communication face a penalty of up to Sh20 million or 20 years jail or both in a proposed law. This is double the Sh10 million or 10-year jail term under section 25 of the Kenya Information and Communications (Amendment) Act 2013, for unauthorised access to a computer system with an intent to commit a crime

Brexit security implications: Major, and only starting to unfold (Help Net Security) Brexit security implicationsThe Brexit shock continues to reverberate throughout the global economic and policy worlds. Despite protests against the referendum’s results being cancelled due to concerns of violence, hundreds of protesters demonstrated outside the House of Parliament earlier this week

Frexit Is Coming (Foreign Policy) Britain's departure meant the end of an era. France's departure would mean the end of the EU

EU Data Sharing to China Under the Privacy Scanner (LIFARS) A group of European Members of Parliament (MEPs) have sought formal questioning of European Union data sharing mechanisms with China

Opinion: Chinese cyberespionage is down. That's a win for Obama's diplomacy (Christian Science Monitor Passcode) Almost a year after a historic deal between Beijing and Washington to curtail cyberespionage, reports indicate digital attacks from China are fewer but more sophisticated

Even Congress Is Slamming That Crummy Crypto Bill (Wired) Since Senators Richard Burr and Diane Feinstein released their long-awaited legislation to address the conflict between encryption software makers and law enforcement last April, it’s made about as much progress as a TI-82 calculator trying to crack a 2048-bit PGP key. The bill, which required all crypto tools to offer some way for a warrant-holding FBI agent to access encrypted information, was roundly reviled by the technology and privacy communities, and quickly lost momentum in DC, too. Now the Burr-Feinstein proposal has received its most definitive rejection yet, and this time the call is coming from inside the House

Carlin: U.S. is looking to unite on cyber deterrence (Defense Systems) Deterring cyber threats is a team sport. Government officials from the White House to individual agencies have been peddling the notion that a cyber deterrence strategy involves the whole of government and the response to a cyber incident might not necessarily occur in cyberspace

Loading…. Obama’s Cyber Executive Order Remains Unused (Daily Signal) In April 2015, President Obama signed Executive Order 13964, “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities”

Rethinking the Doctrine of Homeland Security – Reflections on Orlando (Lawfare) Almost everything we think we know about homeland security is outdated

FTC Closes 70 Percent of Data Breach Investigations, Weighing PCI-DSS Standard (https://wp.me/p3AjUX-uWW) The Federal Trade Commission doesn’t investigate every reported breach, but when it comes to prosecuting data security cases it has an impressive 70 percent closure rate, according to agency officials

Litigation, Investigation, and Law Enforcement

Why Isn’t ISIS Claiming the Istanbul Airport Bombing? (Foreign Policy) Because the Islamic State is trying to keep Turkey's focus on the Kurds -- and to do all it can to undermine Erdogan

CIA chief Brennan looks at Turkish attack and sees a warning for Americans (Yahoo! News) Four hours after three suicide bombers killed at least 41 people and wounded hundreds more at Istanbul’s Ataturk airport, CIA Director John Brennan said the attacks bore the grim hallmarks of ISIS and warned that the fanatically violent Islamic terrorist group wants to conduct similar large-scale attacks in the United States

5 held for planning attacks on Indian religious, other sites (Washington Post) India’s federal investigative agency has arrested five people for allegedly collecting weapons and explosive materials to attack religious sites and sensitive government building in various parts of the country. During questioning late Wednesday, the suspects revealed that they were being guided by an online handler suspected to be based in Iraq or Syria, the National Investigation Agency said in a statement, adding it’s looking into their possible links with the Islamic State group

ISIS in the Twin Cities (City Journal) What the national media missed about an important terrorism trial

DOJ: States, Terrorists Team With Organized Crime Outfits to Commit Cyber Theft (USNI News) As law enforcement, the intelligence community and the private sector work more closely together to bring cyber attackers to ground, a senior Justice Department official said some nations and terrorist groups are marrying with organized crime to continue stealing what they want

Facebook wins privacy case, can track any Belgian it wants (Facebook) Doesn't matter if Internet users are logged into Facebook or not

ACLU lawsuit challenges US computer hacking law (CSO) The Computer Fraud and Abuse Act limits online discrimination research, the group says

Researchers Sue the Government Over Computer Hacking Law (Wired) In the age of big data analytics, the proprietary algorithms web sites use to determine what data to display to visitors have the potential to illegally discriminate against users. This is particularly troublesome when it comes to employment and real estate sites, which could prevent users from having a fair crack at jobs and housing simply by failing to display certain listings to them based on their race or gender

Microsoft to share cyber threat info with BTRC (Daily Star) The government will get forecasts about cyber threat from tech giant Microsoft from now on. Bangladesh Telecommunication Regulatory Commission (BTRC) and Microsoft Corporation will sign a Memorandum of Understanding in this regard tomorrow afternoon, said Tarana Halim, stare minister for the telecommunication

New analysis shows 160 emails missing from Clinton’s disclosure to State (Washington Post) As Hillary Clinton tries to put to rest the controversy over her private email server that has dogged her presidential campaign, she has repeatedly cited her willingness to make her work correspondence public as evidence that she has nothing to hide

Aide said Clinton didn't want emails accessible to 'anybody' (AP) Longtime Hillary Clinton aide Huma Abedin said in a legal proceeding that Clinton did not want the State Department emails that she sent and received on her private computer server to be accessible to "anybody," according to transcripts released Wednesday. Her comments provided new insights into the highly unusual decision by the presumptive Democratic presidential candidate to operate a private email server in her basement to conduct government business as secretary of state

Hillary Clinton's email story continues to get harder and harder to believe (Washington Post via Alaska Dispatch News) On Monday night, the Associated Press published a piece noting the release of an additional 165 pages of emails Hillary Clinton sent from her private email address while serving as secretary of state. These were emails that had never been previously released and only were made public because of a court order in response to a request from a conservative group

ZTE wins extended reprieve from US export ban (Telecomasia) ZTE has won an extended reprieve from the US export restrictions imposed on the vendor for allegedly violating sanctions on trading with Iran

Man arrested after Twitter threats are made against U.S. senators (Washington Post) A federal judge has banned a Virginia man from using Twitter after he was charged with making threats directed at Republican senators and other members of Congress using the social media platform

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Black Hat USA (Las Vegas, Nevada, USA, August 1 - 6, 2015) Black Hat — built by and for the global InfoSec community — returns to Las Vegas for its 18th year. This six day event begins with four days of intense Trainings for security practitioners...

Upcoming Events

SANS Salt Lake City 2016 (Salt Lake City, Utah, USA , June 27 - July 2, 2016) We are pleased to invite you to SANS Salt Lake City 2016, June 27-July 2. Are you ready to immerse yourself in the most intense cyber training experience available anywhere? Do you need to become a more...

CyberTech (Beverly Hills, California, USA, June 30, 2016) Since 2014, CyberTech has served as one of the largest cyber solutions events around the globe. From Tel Aviv, to Singapore and Toronto, CyberTech is one of the most popular networking events for industry...

DC / Metro Cyber Security Summit (Washington, DC, USA, June 30, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers...

TECHEXPO Cyber Security Hiring Event (Tysons Corner, Virgina, USA, June 30, 2016) Cyber security professionals are invited to interview face-to-face with employers including The CIA, Deloitte, Intel Security, Northrop Grumman, Lockheed Martin, Deloitte, Vencore and many more. Hundreds...

ISS World South Africa (Johannesburg, South Africa, July 10 - 12, 2016) ISS World South Africa is the world's largest gathering of Southern Africa Law Enforcement, Intelligence and Homeland Security Analysts as well as Telecom Operators responsible for Lawful Interception,...

Insider Threat Program Development Training (Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC.

SINET Innovation Summit 2016 (New York, New York, USA, July 14, 2016) “Connecting Wall Street, Silicon Valley and the Beltway.“ SINET Innovation Summit connects America’s three most powerful epicenters and evangelizes the importance of industry, government and academic collaboration...

Insider Threat Program Development Training (Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC.

CyberSec 2016 (New York, New York, USA, July 19, 2016) Ask any bank CEO in the U.S. what keeps them up at night and cybersecurity is bound to be in the top five. Maybe even no. 1. And while the threat matrix is evolving rapidly, along with the regulatory demands,...

Nominations are now open: National Cyber Security Hall of Fame (Baltimore, Maryland, USA (nominations submitted online), July 20, 2016) The Cyber Security Hall of Fame "Respect the Past - Protect the Future" accepts nominations from companies and organizations that are engaged in, and committed to, the growth of the cyber security industry.

Insider Threat Program Development Training (Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC.

Billington Global Automotive Cybersecurity Summit (Detroit, Michigan, USA, July 22, 2016) Billington Cybersecurity, an independent conference company focused exclusively on cybersecurity seminars, announces the first global summit that brings together the most senior government and industry...

Community College Cyber Summit (3CS) (Pittsburgh, Pennsylvania, USA, July 22 - 24, 2016) The third annual Community College Cyber Summit (3CS) is organized and produced by six Advanced Technological Education (ATE) centers funded by the National Science Foundation (NSF) and involved in cybersecurity.

SANS ICS Security Summit & Training — Houston 2016 (Houston, Texas, USA, July 25 - 30, 2016) SANS has joined forces with industry leaders and experts to strengthen the cybersecurity of Industrial Control Systems (ICS). The initiative is turning ICS cybersecurity around by equipping both security...

SANS San Jose 2016 (San Jose, California, USA , July 25 - 30, 2016) Information security training is coming to Silicon Valley from SANS Institute, the global leader in information security training. At SANS San Jose 2016, July 25-30, 2016, choose from 7 hands-on, immersion-style...

AfricaHackOn (Nairobi, Kenya, July 28 - 29, 2016) What began as a casual meet up for information security professionals has become one of the formidable forces in the profession. That group is the AfricaHackOn. Housed under its parent umbrella, Euclid...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.