skip navigation

More signal. Less noise.

Recorded Future

Get threat intelligence on hackers and vulnerabilities FREE every day with the Recorded Future Cyber Daily. Sign up today.

Daily briefing.

Some high-profile sites have been hit by an Angler-driven malvertising campaign. Among businesses infected are the New York Times, BBC, The Hill, Newsweek, AOL, and MSN. Trend Micro, Trustwave, and Malwarebytes noticed increased malicious traffic over the weekend, much of it serving ransomware. Users in the US are the principal targets.

Iran, which detained a US riverine command boat on January 12, says it extracted data from devices the US sailors carried. Iran characterizes the information as "thirteen thousand pages" and says it's putting it to good intelligence use.

No word, yet, on the widely anticipated US indictment of Iranian hackers for the Bowman Avenue Dam incident.

FireEye warns that attackers use Citrix products to access corporate networks.

The Office of Inadequate Security publishes a long, interesting interview with Ghostshell, as the onetime hacktivist star continues his repentance and expiation tour. He expresses guilt over having enriched security companies with the FUD he provided.

The attempt on the Bangladesh Central Bank should prompt enterprise introspection over authorization and security controls. (Reflect as well on the current popularity of business email compromise fraud as an attack vector.)

In the US, NIST issues draft data security guidelines for BYOD and telework.

An Indian government biometric identity program aims to help the poor, but also raises privacy concerns. The snoopers' charter debate in the UK and the crypto wars in the US arouse similar disputes.

Apple hits back at the Justice Department in its last filings before the iPhone case goes to court.

Notes.

Today's issue includes events affecting Bangladesh, China, Iran, Iraq, Israel, Netherlands, Philippines, Syria, United Kingdom, United States.

2016 National Conference of Minority Cybersecurity Professionals (Washington, DC, March 23 - 24, 2016) The landmark ICMCP conference will elevate the national dialogue on the necessary measures needed to attract and develop minority cybersecurity practitioners to address the cross-industry cybersecurity skills shortage.

Women in Cybersecurity (WiCYS) 2016 (Dallas, TX, March 31 - April 2, 2016) The 3rd annual conference brings together women (students, faculty, researchers, professionals) in cybersecurity from academia, research organizations and industry for the sharing of knowledge and experience, networking and mentoring.

Cyber Attacks, Threats, and Vulnerabilities

Malvertising campaign hits New York Times, BBC, others (CSO) Several top-tier domains were victims of a malvertising campaign driven by the Angler Exploit Kit

Malvertising – When trusted websites go rogue (Naked Security) Crooks don’t need to hack into a mainstream website to infect it with malware

Iran says it recovered information from Navy sailors' devices (Navy Times) Iran has retrieved thousands of pages of information from devices used by U.S. Navy sailors who were briefly detained in January, the country's state television reported Tuesday

Attackers use these Citrix products to 'fly under the radar' of corporate security tools, warns FireEye (FierceITSecurity) Attackers are using Citrix products to remotely access the victim's environment, such as a corporate network, once a breach has occurred, warned security firm FireEye

Finally, someone to blame for the ransomware surge, just don't feed the hackers (FierceCIO) The end of last year saw a significant uptick in incidents where system administrators were denied access to their technology until they paid hackers ransom

Beware PowerSniff! Malware uses Word macros and PowerShell scripts (Graham Cluley) Malware appears to be hunting for point of sales systems, while actively avoiding healthcare and educational computers

GhostShell, On the Record – The Extended Interview (Office of Inadequate Security) “When it’s the middle of the night and you realise you’ve just been attacking and mapping entire cyber continents the only thought left in your head is “Who even cares anymore?”

Pedophiles May Be Using Anonymous’ Symbolic Mask To Trap Children (Hackread) A Pastebin post claims that pedophiles are using Anonymous' Guy Fawkes mask to trap children online

Physical Attack Can Breach Cryptographic Security for Mobile Devices (Check Point Blog) Researchers from the Check Point Institute for Information Security at Tel Aviv University have discovered that the encryption mechanism used for securing money transfers on mobile phones can be broken using a simple piece of $2 equipment

Cyber heist shakes up Bangladesh banking system (Reuters via Business Insurance) Bangladesh’s central bank governor resigned on Tuesday over the theft of $81 million from the bank’s U.S. account, as details emerged in the Philippines that $30 million of the money was delivered in cash to a casino junket operator in Manila

What We Can Learn From the Bangladesh Central Bank Cyber Heist (TrendLabs Secuirty Intelligence Blog) The reported hacking of Bangladesh’s central bank accounts with the U.S. Federal Reserve once again shows how bad the impact of cyber attacks to organizations, enterprises or even nation-states can be

Three things to learn from the New York Fed hack (Housingwire) Think your company is immune? Think again

Researcher seeks help contacting developers of iPhone app exposing 198,000 users (CSO) The database is just sitting in the open, but there is no one to claim it

What is this "/smoke/" about? (Internet Storm Center) I am currently seeing a lot of requests against my honeypot like the following

Business email compromise fraud rising fast, hard to fight (CSO) The email comes from a trusted source -- the CEO

Steam Stealer Malware ‘Booming Business’ For Attackers Targeting Gaming Service (Threatpost) Malware that targets Steam accounts has proliferated the gaming platform and become what researchers are calling a “booming business” for cybercriminals over the last few months

1-800 FLOWERS warns that hacker may have stolen customers' personal info (Graham Cluley) Online florist failed to nip hackers in the bud

Android diabetes apps lack privacy, data-sharing protection (FierceMobileHealthcare) Consumers using Android-based diabetes apps may mistakenly believe data collected and stored by the software isn't being shared and their privacy is being protected, according to a new study

Fake Frappe-Photos: the Great Coffee Instagram Scam (ZeroFOX) There are only two certainties in life: people love coffee, and people love Instagram. The two are a match made in heaven. Enter, the Instagram scam

Top 5 Healthcare Data Breaches in 2016 Not From Hacking (Health IT Security) 2015 was filled with hacking incidents, but the top healthcare data breaches so far this year are from different causes

Risk management: fake social media sites drive growth of ‘threat intelligence’ sector (Financial Times) How many of the people who follow you on social media sites really exist — and how many are lifelike avatars created by criminal hackers?

Stuxnet Part Of Widespread Cyber-Intrusion Of Iranian Infrastructure, New Film Claims (Dark Reading) New Stuxnet documentary that debuts tomorrow in Berlin reportedly reveals how Israel blew its cover, and the worm just one element of a much larger US-Israel cyber spy operation in Iran

The Unusual Suspects: Cyber threats, methods and motivations (BAE Systems) They’re the unseen, threatening, mysterious adversaries your business must defend against. But holding them up to the cold light of day diminishes their power – and helps defeat their attacks

Security Patches, Mitigations, and Software Updates

OpenSSH Implementations With X11forwarding Enabled Should Heed Recent Security Update (Threatpost) Users who choose to enable X11Forwarding in OpenSSH, or those who use software products that re-enable it, should pay close attention to last Wednesday’s OpenSSH security update

Cyber Trends

Internet of things: humble lightbulbs could become a form of attack (FInancial Times) If anyone in the technology industry believes the cyber security risk posed by the internet of things is exaggerated, then Daniel Miessler, a director at IOActive, a security company, is keen to put them straight

Tech firms warn public on growing cyber-risks (St. Louis Post Dispatch) It's not just computers and mobile phones that are vulnerable to cyber attack, according to software firm Trend Micro. As more devices are hooked up to the Internet, it could be anything from medical equipment to industrial machinery — and even sex toys

Behind every stupid user is a stupider security professional (CSO) Security professionals should look in the mirror, before declaring a user, “stupid”

Threat Intelligence's Big Data Problem (Dark Reading) Security teams are drowning in often useless threat intel data, but signs of maturity are emerging in what IT-Harvest predicts will be a $1.5 billion market by 2018

Indian parents are very worried about their children’s online security: Report (First Post) A recently published report by Norton by Symantec indicates that Indian parents are more worried about their children than the rest of the world

Marketplace

IDC: Cyber Insurance Will Be Commonplace In The Future (InformationWeek) IDC is advising insurers faced with a mature market to consider offering cyber insurance. Cybercrimes, it says, have cost the global economy $445 billion

Vodafone entering the cyber-security game (IT Pro Portal) Vodafone announced today it is entering the world of cyber-security with a new global line of business

Alphabet and Cisco Fund Ex-HP Security Lead's Startup (Fortune) $30 million in the bank for Skyport

Top-30 Cybersecurity Providers in Silicon Valley (Let's Talk Payments) Palo Alto Networks produces hardware firewall products that take an app-centric method for traffic classification and enable app visibility

Why the US Is Buying Up So Many UK Artificial Intelligence Companies (Motherboard) Autonomy, DeepMind, SwiftKey, VocalIQ. Each are British artificial intelligence and machine learning startups bought by US tech giants—HP, Google, Microsoft, and Apple, respectively

Wombat Security Announces Three-Year Annual Growth Rate Greater Than 900% in Exploding Security Awareness and Training Industry (MarketWired) Company boasts over 1,000 enterprise customers and over 100% growth in revenue and headcount in 2015; company completes integration with ThreatSim to create market leading security education solution

How Palantir Uses Big Data to Find Missing Kids (Fortune) The software unicorn has a growing ‘philanthropy engineering’ arm

SpectorSoft Changes Name to Veriato to Reflect Growing Demand for Corporate Truth (BusinessWire) Plans to Grow Staff By As Much As 30 Percent, Including New Senior VP of Worldwide Sales Joseph Torano; Launches $5,000 Online Scavenger Hunt March 15

UK contracts for new EW and cyber framework (IHS Jane's 360) The UK Ministry of Defence (MoD) has placed contracts with four companies under a new long-term framework agreement supporting electronic warfare and cyber (EW&C) research and technology

iPhone Encryption Battle: What Apple Can Learn From BlackBerry (InformationWeek) BlackBerry was the preferred smartphone for business users a mere five years ago, until the company decided to allow certain governments to access user messages. Apple could face the same confidence loss from corporate customers if the company assists the FBI to crack the security of the iPhone

Cybersecurity Sales Vet Beau Hutto Joins Gurucul as Federal Sales VP (GovConWIre) User behavior analytics provider Gurucul has appointed Beau Hutto as vice president for federal sales to help drive the company’s government market reach

Products, Services, and Solutions

Thomson Reuters Special Services and Terbium Labs Partner to Expand Data Intelligence Capacity for Corporate and Government Organizations (Terbium Labs) Thomson Reuters Special Services (TRSS), a business of Thomson Reuters, and Terbium Labs, the company behind the world's first fully private, fully automated Dark Web data intelligence system, today announced a collaboration to improve the analytical and data intelligence capabilities for TRSS corporate and government customers

Triumfant Extends Its Advanced Endpoint Threat Detection and Remediation Capabilities to the Cloud (BusinessWire) New cloud offering makes Triumfant’s AtomicEye easily accessible to any data provider

Symantec launches a Web site encryption service (Seeking Alpha) Symantec's (NASDAQ:SYMC) Encryption Everywhere service, to be offered via Web hosting partners, promises to let hosting firms "integrate encryption into every website from the moment it is created." Basic and premium service tiers can be provided

ESET Launches New Version of Secure Authentication Solution (BusinessWire) Mobile two-factor authentication system provides secure connection to company networks

Taking data security to the next level (Philly.com) Tom Patterson, head of global security for Unisys, talks about the company’s Stealth system, which keeps data from unauthorized users

Endgame Unveils Cyber Operations Platform to Automate Attacker Searches, Defense Mechanisms (ExecutiveBiz) Endgame will a release new cyber operations platform to the market March 30 in an effort to help enterprise organizations detect, block and disable cyber threats in the early stages of the attack

South River Technologies Releases Titan FTP Server Version 2016 (MarketWired) South River Technologies, Inc. (SRT), an innovator in secure file transfer, announced today the release of version 2016 of the popular Titan FTP Server. This release includes enhanced security updates as well as a new support structure

Technologies, Techniques, and Standards

How to update Adobe Flash - or uninstall it completely! (Graham Cluley) Friends don't let friends run out-of-date plugins

NIST Issues Data Security Guidelines for BYOD, Telework Devices (ExecutiveGov) The National Institute of Standards and Technology has introduced draft guidelines that seek to help corporate organizations protect networks from data breaches and other cyber attacks as a result of the adoption of bring-your-own-devices and computers for telework

How to respond to ransomware threats (CSO) It all depends upon your level of risk and how badly you want the data returned to you unharmed

Why PCI DSS cannot replace common sense and holistic risk assessment (CSO) Cybersecurity compliance is not designed to eliminate data breaches or stop cybercrime

With Legal and Cybersecurity Hurdles, Is Selling Through Amazon as Easy as it Seems? (Legaltech News) Despite ease and potential cost savings, sales via Amazon raise legal and security concerns for entrepreneurs to consider

ASC cybersecurity: Developing an effective breach prevention program (Becker's ASC Review) In February 2015, Anthem, Inc. announced its computer systems were hacked — “a very sophisticated external cyber attack” that sent shockwaves throughout the healthcare industry

The ‘Human Firewall’ Is Dead – Long Live the People (Tripwire: the State of Security) Recently, I read an article that suggested the ‘human firewall’ is broken and that it cannot be fixed

6 Tips for CISOs Selling Security to the Board (eSecurity Planet) Some CISOs may dread presenting to the board of directors. These tips will help ensure it goes well

Design and Innovation

Biometrics Are Coming, Along With Serious Security Concerns (Wired) You're buying a pair of jeans. At the register, instead of reaching for your wallet or phone, you pull back your hair

Research and Development

Cryptography: Attack on the clones (Nature) A method to produce unclonable cryptographic keys based on self-assembled carbon nanotubes (CNTs) has been developed by Shu-Jen Han and colleagues, as they report in Nature Nanotechnology

Academia

National Cyber Intelligence Center at UCCS has interim director (Colorado Springs Gazette) Retired Army Lt. Gen. Ed Anderson has been named interim executive director for the National Cyber Intelligence Center while the national search finds a permanent leader for the Colorado Springs facility scheduled to begin operation April 1

STEM mentors put students on path to careers in security (CSO) Providing training and mentoring to students might be the solution to filling the enormous dearth of skilled candidates needed in cybersecurity

Legislation, Policy, and Regulation

A scheme in India to help the poor raises privacy concerns (IDG via CSO) The government has introduced legislation for a biometrics-based digital identity program

Sophos raises five concerns about snoopers’ charter (ComputerWeekly) As the draft Investigatory Powers Bill takes another step to becoming law, Sophos raises five key concerns that remain even after its revision

Can you strengthen security by weakening it? (Naked Security) You’re in a dilemma: some regulators want stronger security for the data you hold on customers. But other regulators want to make it easier to catch the Bad Guys by weakening the very technologies – such as encryption – that make it easier to protect the Good Guys

New EU Regulation to Standardize E-Signature Processes by July (Legaltech News) eIDAS streamlines the use of new technologies and defines three new levels of e-signatures, though individual countries have discretion on when to use e-signatures

Anti-ISIS-Propaganda Czar’s Ninja War Plan: We Were Never Here. (Daily Beast) Forget Twitter wars with hard-core extremists—the U.S. is going after jihadis the same way Amazon targets your shopping habits

Why the government can’t actually stop terrorists from using encryption (Washington Post) Even if the U.S. government prevails in its quest to compel Apple and other U.S. companies to give the authorities access to encrypted devices or messaging services when they have a warrant, such technology would still be widely available to terrorists and criminals, security analysts say

National debate over encryption seeps into SXSW Interactive (My Statesman) A former lawyer for the National Security Agency was bickering with one of the world’s leading cryptographers in a panel discussion Tuesday at the South by Southwest Interactive Festival

3 realistic solutions to prevent another FBI-Apple fight over encryption (Los Angeles Times) Since the 1990s, U.S. law enforcement has expressed concern about "going dark," defined as an inability to access encrypted communications or data even with a court order

Lawmakers blast 'sluggish' response by HHS on HIPAA technical guidance (FierceMobileHealthcare) Lawmakers say the U.S. Department of Health and Human Services' progress on promised updated technical compliance guidance for HIPAA has been "sluggish" and "disappointing"

Can Army Cyber Command change the military’s way of thinking? (C4ISR & Networks ) At the Defense Department, a common catchphrase, “boiling the ocean,” is often used as a euphemism for over-exerting time or resources to fix a given problem

Litigation, Investigation, and Law Enforcement

Apple fires back: “Government is adept at devising new surveillance techniques” (Ars Technica) In final filing before hearing, Apple says gov't hasn't shown "necessity"

Apple: “Government misunderstands the technology” involved in demanding they decrypt an iPhone (TechCrunch) On March 22nd, Apple and the FBI will head to federal court to determine whether or not the government can force Apple to open up an otherwise deeply-encrypted iPhone used by terrorist Syed Rizwan Farook leading up to the San Bernardino shootings

FBI v. Apple is a security and privacy issue. What about civil rights? (Ars Technica) Jesse Jackson: "Activities of civil rights organizations and activists" at stake

Legal group submits plan to depose 7 top Clinton, State Dept. aides in email battle (Washington Post) A conservative legal advocacy group submitted plans Tuesday to question under oath seven current and former top State Department officials and aides to Democratic presidential contender Hillary Clinton

Local authorities, feds investigating alleged ISIL 'kill list' for Minnesota law enforcement (Minneapolis Star-Tribune) Caliphate Cyber Army released names; FBI is investigating threat

Home Depot deal may set standard for cyber breach settlements (Business Insurance) The $19.5 million settlement Home Depot Inc. was able to reach in connection with its massive 2014 data breach was relatively low, which can be attributed to the difficulty plaintiffs in many related cases have had in successfully claiming damages, say experts

China's ZTE said to appeal U.S. export ban after lobby efforts fail (Reuters) China's ZTE Corp will appeal tough U.S. export restrictions imposed last week, according to a person familiar with the matter, after the telecom equipment maker's costly lobbying effort failed to allay concerns about its business

Teens arrested for hacking hundreds of key Instagram users (SC Magazine) Police say two teenagers made tens of thousands of euros by hacking 'big' Instagram users with many thousands of followers

Celebgate hack: Man to plead guilty to nude photos theft (BBC) A man has been charged with hacking the Apple iCloud and Gmail accounts of celebrities and stealing nude photos and videos from them

Prosecutors find that ‘Fappening’ celebrity nudes leak was not Apple’s fault (TechCrunch) Hacker Ryan Collins pleaded guilty to stealing a number of nude photos — including ones of Jennifer Lawrence — from Apple’s servers

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

cybergamut Tech Tuesday: Providing Consistent Security Across Virtual and Physical Workloads (Elkridge, MD, Calverton, March 22, 2016) Data centers today are being tasked with many more requirements. This has been increasing as companies leverage server virtualization in new ways. This has made the data center a rich source of information...

Upcoming Events

SANS 2016 (Orlando, Florida, USA, March 12 - 19, 2016) It is time we unite, join forces, and show that if we work together, we can make a measurable difference in security. It is our pleasure to announce that SANS 2016 is back in Orlando, Florida March 12-21 ...

CONAUTH/EKMS/COMSEC Information Sharing and Key Management Infrastructure (ISKMI) 2016 (Waikiki, Hawaii, USA, March 14 - 18, 2016) The ISKMI will draw global-wide participation and Allied (Five Eyes and NATO) attendees. Information sharing will be centralized to Key Management Infrastructure (KMI), Cryptographic Modernization (CM),...

Pwn2Own 2016 (Vancouver, British Columbia, Canada, March 16 - 17, 2016) Since its inception in 2007, Pwn2Own has increased the challenge level at each new competition, and this year is no different. While the latest browsers from Google, Microsoft, and Apple are still targets,...

Insider Threat Symposium & Expo™ (San Antonio, Texas, USA, March 17, 2016) The Insider Threat Symposium & Expo was created in the wake of the recent data breaches affecting the U.S. Government (WikiLeaks, NSA Breach), and the continued damaging and costly insider threat incidents...

ICCWS 2016 (Boston, Massachusetts, USA, March 17 - 18, 2016) ICCWS 2016 will cover the complex but exciting aspects of international cyber warfare and security

CISO Summit France (Paris, France, March 22, 2016) A forum for innovative IT thought leaders across France. Despite economic instability in the euro zone amid an on-going global financial crisis, IT spending worldwide is expected to increase in the coming...

Risk Management Summit (New York, New York, USA, March 22 - 23, 2016) The Business Insurance Risk Management Summit is a unique two-day conference serving the information and networking needs of senior risk managers, benefits managers and related decision makers from the...

Artificial Intelligence and Autonomous Robotics (Clingendael, the Netherlands, March 23 - 24, 2016) Artificial Intelligence (AI) has been a feature of science fiction writing for almost a century, but it is only in more recent years that the prospect of truly autonomous robotics — even those that...

International Consortium of Minority Cybersecurity Professionals (ICMCP) Inaugural National Conference (Washington, DC, USA, March 23 - 24, 2016) The conference will focus on the public, private and academic imperatives necessary to closing the growing underrepresentation of women and minorities in cybersecurity through diversification of the workforce.

Commonwealth Cybersecurity Forum 2016 (London, England, UK, March 23 - 24, 2016) The Commonwealth, built on consensus and mutual support, is an ideal platform to build international cooperation on various aspects of cybersecurity. CTO's Commonwealth Cybersecurity Forum brings together...

Black Hat Asia 2016 (Singapore, March 29, 2016) Black Hat is returning to Asia again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days — two...

SecureWorld Boston (Boston, Massachussetts, USA, March 29 - 30, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

Insider Threat Summit (Monterey, California, USA, March 29 - 30, 2016) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical...

TU-Automotive Cybersecurity USA 2016 (Novi, Michigan, USA, March 29 - 30, 2016) TU-Automotive Cybersecurity dissects the real issues behind the headlines, helping you to apply technology and best practices to deliver robust security defenses and processes within a more secure ecosystem.

Insider Threat Program Development Training (Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC.

Women in Cyber Security 2016 (Dallas, Texas, USA, March 31 - April 2, 2016) With support from National Science Foundation, Award #1303441 (Capacity Building in Cybersecurity: Broadening Participation of Women In Cybersecurity through the Women in Cybersecurity Conference and Professional...

SANS Atlanta 2016 (Atlanta, Georgia, USA, April 4 - 9, 2016) Learn the most effective steps to prevent attacks and detect adversaries with actionable techniques that you can directly apply when you get back to work. Take advantage of tips and tricks from the experts...

Billington CyberSecurity INTERNATIONAL Summit (Washington, DC, USA, April 5, 2016) On April 5, in Washington, D.C., join leading cybersecurity officials from across the globe at the Billington CyberSecurity INTERNATIONAL Summit to engage in an intensive information exchange between leading...

ISC West 2016 (Las Vegas, Nevada, USA, April 6 - 8, 2016) ISC West is the leading physical security event to unite the entire security channel, from dealers, installers, integrators, specifiers, consultants and end-users of physical, network and IT products.

ASIS 15th European Security Conference & Exhibition (London, England, UK, April 6 - 8, 2016) ASIS Europe 2016 invites you to join security professionals and experts from over Europe and beyond in one of the most dynamic centres of business and culture in the world

Cybersecurity and Privacy Protection Conference (Cleveland, Ohio, USA, April 7 - 8, 2016) The Center for Cybersecurity and Privacy Protection 2016 Conference will bring together experienced government officials, in-house counsels, business executives, cyber insurance leaders, litigators, information...

Threat Hunting & Incident Response Summit 2016 (New Orleans, Louisiana, USA, April 12 - 13, 2016) The Threat Hunting & Incident Response Summit 2016 focuses on specific hunting and incident response techniques and capabilities that can be used to identify, contain, and eliminate adversaries targeting...

QuBit Conference (Prague, the Czech Republic, April 12 - 14, 2016) QuBit offers you a unique chance to attend 2 selected Mandiant training courses, taught by some of the most experienced cyber security professionals in the business

CISO Dallas (Dallas, Texas, USA, April 14, 2016) With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility...

CSO 50 Conference and Awards (Litchfield Park, Arizona, USA, April 18 - 20, 2016) We at CSO, the award-winning media brand, will bring you speakers from up to 50 organizations with outstanding security prowess. Over 2 ½ days, these distinguished executives and technologists will share...

Creech AFB–AFCEA Las Vegas Cyber Security, IT & Tactical Tech Day (Indian Springs, Nevada, USA, April 19, 2016) The Armed Forces Communications & Electronics Association (AFCEA) Las Vegas Chapter, with support from the 432d Wing, will host the 4th Annual Cyber Security, IT & Tactical Technology Day at Creech AFB...

Amsterdam 2016 FIRST Technical Colloquium (Amsterdam, the Netherlands, April 19 - 20, 2016) FIRST Technical Colloquia & Symposia provide a discussion forum for FIRST member teams and invited guests to share information about vulnerabilities, incidents, tools and all other issues that affect the...

Security & Counter Terror Expo 2016 (London, England, UK, April 19 - 20, 2016) Security & Counter Terror Expo (formerly Counter Terror Expo) is the event for any professional tasked with protecting assets, business, people and nations from terrorism. It brings over 9000 attendees...

SecureWorld Philadelphia (King of Prussia, Pennsylvania, USA, April 20 - 21, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

AFCEA Defensive Cyber Operations Symposium (Baltimore, Maryland, USA, May 5 - 7, 2015) The U.S. Defense Information Systems Agency's new operational role in the cyber domain as network defender creates a formal relationship between DISA, U.S. Cyber Command and the command's military service...

2016 Akamai Government Forum: Safeguarding a Dynamic Government — End–to–End Security for your Agency (Washington, DC, USA, April 21, 2016) Today's public demands a high performance — and safe — web experience from government and public organizations. And public IT leaders require flawless web protection to securely meet that demand. Join...

Army SIGINT (Fort Meade, Maryland, USA, April 25, 2016) Approximately 500 attendees will come together to discuss future technologies in Signals Intelligence (SIGINT), focusing on applications for the actual users in the field (the soldiers). Most attendees...

CISO San Francisco (San Francisco, California, USA, April 26, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions...

CISO Houston (Houston, Texas, USA, April 28, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.