skip navigation

More signal. Less noise.

Recorded Future

Get threat intelligence on hackers and vulnerabilities FREE every day with the Recorded Future Cyber Daily. Sign up today.

Daily briefing.

The convergence among criminals and nation-state espionage services continues to develop, as US Cyber Command chief Admiral Rogers warned Congress during budget hearings this week. Lest one be tempted to write such warnings off as mere appropriations-driven FUD, compare recent reports of PLA code appearing in ransomware, and of stolen digital certificates used in both espionage and malware campaigns.

The US Department of Justice warns that ISIS is actively seeking cyber attack tools; it's unclear whether the warning derives from specific intelligence or is instead a sensible conclusion drawn from a priori possibility.

Anonymous say it will start hitting US Presidential candidate Donald Trump's online presence on April 1. A10 Networks thinks Trump's campaign unusually well-prepared against such attacks. (We may see, although the activities of any anarcho-syndicalist collective are difficult to predict. Just ask Ghostshell.)

Sophisticated crooks impersonate FinCERT to successfully phish Russian banks.

The Olympic Vision business email compromise campaign continues to hit companies in the Middle Eastern and Asia-Pacific regions.

Several malware developments are worth noting. Palo Alto says malware authors have found ways around iOS defenses with "AceDeceiver." Recorded Future reports upgrades to Hydra, a version of Umbra Loader with Tor-based support. Shape Security describes Sentry MBA, an automated tool for credential stuffing. TeslaCrypt has become harder to break ("unbreakable," according to Cisco Talos). Fortinet finds that Nemucode has added ransomware functionality.

Information sharing remains a vexed issue, especially government-to-corporate sharing, but TruSTAR and others increasingly focus on sharing techniques as opposed to mere threat data.

Notes.

Today's issue includes events affecting Canada, China, Denmark, European Union, Germany, Iran, Iraq, New Zealand, Philippines, Russia, Syria, Ukraine, United Kingdom, United States.

2016 National Conference of Minority Cybersecurity Professionals (Washington, DC, March 23 - 24, 2016) The landmark ICMCP conference will elevate the national dialogue on the necessary measures needed to attract and develop minority cybersecurity practitioners to address the cross-industry cybersecurity skills shortage.

Women in Cybersecurity (WiCYS) 2016 (Dallas, TX, March 31 - April 2, 2016) The 3rd annual conference brings together women (students, faculty, researchers, professionals) in cybersecurity from academia, research organizations and industry for the sharing of knowledge and experience, networking and mentoring.

Cyber Attacks, Threats, and Vulnerabilities

Top DOJ prosecutor: ISIS 'actively' seeking cyberattack tools (Fox News) The Justice Department’s chief national security prosecutor said Wednesday that the Islamic State is “actively attempting” to possess destructive cyberattack capabilities, adding that the group is intent on causing major damage via cyber means

Cyberespionage groups are stealing digital certificates to sign malware (CIO) The China-based Suckfly group has used nine stolen digital certificates to sign its malicious programs since 2014

Cyber Command chief: Foreign governments use criminals to hack U.S. systems (Baltimore Sun) Foreign governments are building relationships with criminals and other hackers to hide their attempts to break into American computer systems, the head of U.S. Cyber Command told members of Congress on Wednesday

Breaking Down the Malware Behind the Ukraine Power Outage (ThreatTrack Labs) Security researchers recently discovered that the power outage in the Ukraine in December was caused by a malware and identified as an evolved version of BlackEnergy

Anonymous declares cyber war on Donald Trump (The Hill) The hacking group Anonymous is urging its followers to launch a barrage of cyberattacks on April 1 to take down Donald Trump’s websites and expose the “appalling” GOP presidential candidate

Anonymous To Launch Cyberattacks Against Trump Campaign Starting April 1 (Dark Reading) Planned attacks a response to candidate's controversial campaign rhetoric, hacking collective says

Dozens of Russian banks Phished by crooks pretending to be FinCERT (CSO) Campaign was well executed and planned, researchers say

Olympic Vision Business Email Compromise Campaign Targets Middle East and Asia Pacific Companies (TrendLabs: Simply Security) There’s a reason why the FBI estimates that the average loss caused by Business Email Compromise (BEC) to be $130,000 per company

AceDeceiver iOS malware exploits Apple design flaw to infect non-jailbroken devices (Help Net Security) Malware developers have found another hole in Apple’s iOS defenses, and this one, according to Palo Alto researchers, will be difficult to plug

Release the Hydra: Umbra Loader With Tor Support (Recorded Future) The Hydra open source Tor-based botnet (an Umbra Loader variant) recently received an update. Potential to serve as a blueprint for new malware written in Delphi, specifically around ease of Tor integration. Malicious network traffic-based detection becomes more difficult as additional families piggyback on the Tor network

Sentry MBA makes credential stuffing attacks easy and cheap (CSO) An automated attack tool called Sentry MBA makes credential stuffing attacks simple

Security Pros Love Python? and So Do Malware Authors! (Internet Storm Center) Learning how adversaries compromise our systems and, more importantly, what are the techniques they use after the initial compromise is one of the activities that we, Incident Responders and Forensic/Malware investigators, dedicate most of our time to

Large advertising-based cyber attack hit BBC, New York Times, MSN (IDG via InfoWorld) The attack bypassed the security systems of many online advertising companies, putting users at risk of being infected with ransomware

TeslaCrypt ransomware now impossible to crack, researchers say (CSO) Victims can either either restore files from a backup or if that's not possible, pay up

Nemucod Adds Ransomware Routine (Fortinet Security Research) It came to our attention that a new, rather peculiar version of Nemucod has been recently landing on users. Nemucod is a well-known JavaScript malware family that arrives via spam email and downloads additional malware to PCs. Most recently, Nemucod has been known to download TeslaCrypt ransomware variants

Ransomware Will Spike As More Cybercrime Groups Move In (Dark Reading) The lure of easy money attracting organized groups is a trend that spells more trouble for enterprises, researchers say

Carbanak Cyber Thieves Back on the Scene (Infosecurity Magazine) Security researchers are warning of an uptick in activity from the notorious Carbanak cyber bank robbing gang signalling a change of focus to the Middle East, US and Europe

American Express warns customers about third-party breach (CSO) Incident took place in 2013, but the third-party service provider isn't named

Thieves Phish Moneytree Employee Tax Data (KrebsOnSecurity) Payday lending firm Moneytree is the latest company to alert current and former employees that their tax data — including Social Security numbers, salary and address information — was accidentally handed over directly to scam artists

Malware Increasingly Making its Way into Organizations through Social Media (Legaltech News) The Osterman Research survey also found just over half of organizations feature a written policy governing the use of social networks

How do you break into a private network? All it takes is a free dinner (CSO) David Spark asked conference attendees at RSA 2016 how to access their network. What's the secret? The answers might surprise you

Fitness wearables: Who's tracking who? (CSO) They are a hot product, since they can tell you so much about your health. The problem is fitness wearables can tell the same things to a lot of other people, from marketers to identity thieves

Security Patches, Mitigations, and Software Updates

Java vulnerability report strains responsible disclosure (SearchSecurity) A security researcher reports Oracle's 30-month-old failed patch for a Java vulnerability, and experts suggest it was an irresponsible disclosure, despite frustration with Oracle's patching process

Microsoft drops another big batch of Windows patches (InfoWorld) Third Tuesday patching regime proffers a mystery patch and 46 mildly interesting fixes

VMware Security Advisories: VMSA-2016-0003 (VMware) VMware vRealize Automation and vRealize Business Advanced and Enterprise address Cross-Site Scripting (XSS) issues

TP-Link blocks open-source router firmware to comply with new FCC rules (PCWorld) Other manufacturers are quietly blocking open-source firmware, too

Google starts tracking, encourages worldwide HTTPS usage (Help Net Security) Google has added a new section to its Transparency Report, which will allow users to keep an eye on Google’s use of HTTPS, and HTTPS use of the top 100 non-Google sites on the Internet

Cyber Trends

Opinion: Hacker or hacktivist? In data security, it doesn't really matter (Christian Science Monitor Passcode) Much of the cybersecurity field is too focused on attributing hacks. Instead, companies trying to defend their data should do more to protect their data from any attacker

2016 Cybersecurity Confidence Report: Measuring confidence levels of IT pros and executives (Barkly) How confident are you in the current state of your security? What's working, what isn't, and if you were calling all the shots what would be the first thing you’d change?

As cyber attack surface expands, consumers and companies face more risk than ever (Third Certainty) Everyone, not just IT, must take responsibility for security and protect ‘crown jewels'

White paper: Orgs not doing enough to manage social media content (FierceContentManagement) 43% fail to archive social information

Cybersecurity, Off the Record: Leadership’s Approaches to the Threat Landscape (Legaltech News) Hogan Lovells’ Cyber Summit brought together leaders from businesses and government to discuss how to handle cyber threats

Is Company Data Protected or in Peril? UK Management, Employees Can’t Agree (Legaltech News) There is a wide disconnect between whether companies have formal BYOD policies in place, and whether they are doing enough to educate and train their employees in data protection policies

Marketplace

The IT security industry is not consolidating (CSO) The numbers speak: 1,440 vendors and growing

Why Silicon Valley’s ‘unicorn problem’ will solve itself (TechCrunch) The rise was like a tech startup fairytale. Within three years of founding, this unicorn company had raised more than $1 billion in venture capital

LANDesk To Acquire AppSense (Dark Reading) LANDesk looks to expand endpoint protection across virtual, cloud, physical environments

Why the next wave of cybersecurity talent won’t have a ‘security’ job title (Help Net Security) Over the past five years, we’ve witnessed the state of cybersecurity become chaotic – and, quite frankly, grim – across a variety of industries

Microsoft rescinds mistaken ‘Bitcoin ban’ (IBS Intelligence) Microsoft has revealed that inaccurate information, which had lead people to believe the computing giant had stopped accepting Bitcoin, had been posted on its online store’s FAQ in error

New Relic offers security researchers cred – not cash – for bug reports (Register) The bounty is the exposure. You oughta be grateful!

Ben Horowitz to Take Board Seat at Security Startup Tanium (Re/code) Ben Horowitz, the rap-loving, book-writing co-founder of the big shot venture capital firm Andreessen Horowitz will be joining the board of directors at Tanium, the computer security outfit in which the firm has so heavily invested

Products, Services, and Solutions

Deutsche Telekom ushers in a new era of mobile security (Telekom) "Mobile Protect Pro" can detect even new and unknown types of malware...The new solution, which has been developed by Zimperium, an Israeli-American provider, is based on machine-learning algorithms that can identify even previously unknown attacks

ZeroFOX for HootSuite Finds the Bad Stuff on Social Media (ZeroFOX) Fake accounts impersonate your company and employees in order to distribute fraudulent or offensive content

The power to immediately counter data theft with Matchlight from Terbium Labs (Help Net Security) In June 2015, Terbium Labs launched Matchlight, a first-of-its-kind data intelligence system used to find stolen enterprise data on the dark web within minutes of it appearing

MobSF: Security analysis of Android and iOS apps (Help Net Security) The Mobile Security Framework (MobSF) is an open source framework capable of performing end to end security testing of mobile applications

Security CLTRe Toolkit: Build and improve security culture (Help Net Security) Norwegian security culture startup CLTRe has announced today at CeBIT its Security CLTRe Toolkit

How a digital pathology solution secures patient data (Help Net Security) Dutch tech company Philips recently announced that its digital pathology solutions have been certified for compliance with the U.S. Department of Defense (DoD) security requirements

Kaspersky Lab and WISeKey Launch an Encrypted Vault for All That is Precious on Your Mobile: the WISeID Kaspersky Lab Security App (BusinessWire) Kaspersky Lab and WISeKey, a Swiss based cyber-security company, today announced the release of a special edition of the cyber-resilience app, WISeID Kaspersky Lab Security

File Encryption on Mac OS X Easier Than Ever with Jetico's BestCrypt (Virtual Strategy Magazine) Mac users now have vastly improved options for protecting their data as Jetico, developer of world-class data encryption software, has just released BestCrypt Container Encryption 2.0 - their TrueCrypt alternative

Ixia Partners to Deliver a Full Lifecycle Security Solution Against Cybercrime (BusinessWire) The world’s leading security providers rely on Ixia to train resources; and build and deploy their solutions in the most demanding environments

Thycotic Enables Mobile, Offline Password Resetting (PRNewswire) Password Reset Server 5.0 allows access to password resetting without the need for physical machine login

5nine Software Announces Security Partnership with Bitdefender (Benzinga) 5nine Cloud Security Optimizes the Leading Antivirus Solution for Microsoft Hyper-V

PLDT addresses cyber threats with Akamai tie-up (Business Inquirer) An enterprise unit of the Philippine Long Distance Telephone Co. (PLDT) has rolled out an expanded portfolio of services aimed at providing businesses with more secure Internet solutions

Technologies, Techniques, and Standards

Blog: Are Hackers Honing In On Teleworkers? (SIGNAL) NIST seeks public comment to update guidelines to help organizations secure data

Is The Government Getting Stingier With Cyber Threat Data? (Defense One) Virginia Tech's network security chief thinks so. He says overclassification is making it harder to prep and respond

Suffocating Volume of Security Alerts Challenge Incident Response (SecurityWeek) A new study shows that incident response (IR) has become more difficult over the past two years due to an increasing number of IT activities and security alerts, and the difficulty of extending existing IR processes to new technologies

How can a cyber incident exchange help you avoid the next attack? (LInkedIn) In February, Hollywood Presbyterian Medical Center was hit by a serious ransomware attack placing many patient lives at risk

Evolving Threats: Why Deep Packet Inspection Is Critical for Intrusion Prevention (IBM Security Intelligence) Imagine what would happen if the police in a major city regularly published their plans to stop crime and catch thieves, including where all patrols are every hour

Spring Cleaning: How to Remove Old Software that makes your PC Vulnerable (Heimdal) On today’s episode of „Digital Hoarders”, I share how we can all make our PCs more organized and less insecure

Pwn2Own: Day 1 Recap (Trend Micro: Simply Security) Pwn2Own day 1 is done

Design and Innovation

Solutions emerge at highly anticipated SXSW harassment summit (Christian Science Monitor Passcode) This year's South by Southwest Interactive festival in Austin dedicated a series of panel discussions on how to combat the growing problem of online abuse in social media and gaming

Cybersecurity Needs a Moonshot! (SecurityWeek) Coming out of the 2016 RSA Conference, it is clear we have hit a watershed moment in the history of the IT industry

Legislation, Policy, and Regulation

Canada’s national cyber threat centre looking to expand (ITWorld Canada) Everyone looks forward to April 1 as a sign that spring will really be here. Gwen Beauchemin, director of the federal government’s Canadian Cyber Incident Response Centre (CCIRC) is looking forward to it even more

Denmark's Intelligence Agency Creates 'Hacker Academy' (ABC News) Denmark's military intelligence agency says it's creating "a hacker academy" where to train IT specialists who, if they graduate, will be offered employment

Will the Privacy Shield Truly Redefine International Data Transfers? (Legaltech News) Awaiting confirmation by the EU court, the Privacy Shield details leave some wondering whether it’s the right agreement for their business

Schneck: Critical infrastructure operators should assume malware is there (FierceGovernmentIT) A senior Homeland Security Department official on Tuesday said the department is hoping to turn the recent BlackEnergy malware attack on a portion of the Ukraine's power grid into a teaching moment for U.S.-based critical infrastructure operators

Cyber Command Needs Silicon Valley Input, Official Says (Law360) U.S. Cyber Command's head argued for further cooperation with private sector companies at a House budget hearing Wednesday, saying that as the U.S. Department of Defense ramps up its cyberspace capabilities, it must draw on expertise from companies in Silicon Valley and elsewhere

CYBERCOM gets easiest budget hearing ever (Federal Times) It’s said that cybersecurity is a bipartisan issue. Nowhere was that more apparent than a budget hearing for U.S. Cyber Command

Air Force Cyber Simulation Center preps to meet tighter deadlines (Federal Times) The Air Force is ramping up operations at its Cyber Simulation Center, run by the 90th Information Operations Squadron with contractor assistance from CACI Federal

HHS names members of Health Care Industry Cybersecurity Task Force (Becker's Hospital Review) HHS has announced the members of its Health Care Industry Cybersecurity Task Force, a collaboration of leaders in the public and private sectors that will address cybersecurity issues in healthcare

CIA appoints new CIO (FCW) John G. Edwards, an IT professional with a mix of government and private-sector experience, has succeeded Doug Wolfe as the CIA's CIO, an agency spokesman confirmed

Andrew Hampton to lead New Zealand national security agency (Global Government Forum) Andrew Hampton is to lead New Zealand’s national security agency less than two years after becoming the government’s first ever chief talent officer

Litigation, Investigation, and Law Enforcement

Apple’s Brief Hits the FBI With a Withering Fact Check (Wired) Apple's latest brief in its battle with the FBI over the San Bernardino iPhone offered the tech company an opportunity to school the Feds over their misinterpretation and misquotations of a number of statutes and legal cases they cited as precedent in their own brief last week

The Law is Clear: The FBI Cannot Make Apple Rewrite its OS (Backchannel) Barack Obama has a fine legal mind. But he may not have been using it when he talked about encryption last week

Lavabit's and Snowden's Solos (Metzdowd) As the sysop I feel qualified to clarify. I don't keep up with this list as closely as I should, so Mr Young, thank you for pointing me to this thread

Opinion: Before pointing fingers after cyberattacks, Remember the Maine (Christian Science Monitor Passcode) Without presenting evidence, Justice Department officials have blamed the Iranian government for a digital incursion at a small dam outside Rye, N.Y. But history shows unsupported accusations of that kind are dangerous

Facebook Hate Speech Probe Dropped in Germany (Wall Street Journal) German prosecutors​​ dropped an investigation of Facebook Inc.FB +1.34%​ ​managers on allegations ​the social network failed to remove hate speech from its platform, a spokeswoman for the prosecutors’ office in Hamburg said Wednesday

Ohio Man Pleads Guilty to Trying to Help ISIS (NBC News) An Ohio man who allegedly swore allegiance to the leader of the terror group ISIS and tried to recruit others on Wednesday pleaded guilty to federal charges

Clinton tried to change rules to use BlackBerry in secure facility for classified information (Fox News) Less than a month after becoming secretary of state, and registering the personal email domain that she would use exclusively for government business, Hillary Clinton’s team aggressively pursued changes to existing State Department security protocols so she could use her BlackBerry in secure facilities for classified information, according to new documents released under the Freedom of Information Act

Hillary Faces National Security Establishment ‘Uprising’ Over Emails (Daily Caller) Democratic presidential candidate and former Secretary of State Hillary Clinton is facing an “uprising” in the national security establishment prompted by long-standing anger about her cavalier handling of classified materials and government secrets

MobileIron Announces Dismissal of Class Action Lawsuit by United States District Court (PRNewswire) MobileIron (NASDAQ: MOBL), the leader in mobile enterprise security, announced today that the United States District Court for the Northern District of California has dismissed, with prejudice, the Panjwani v. MobileIron, Inc., et al. securities class action that was filed on May 1, 2015 against the Company and certain of the Company's officers

Court rulings threaten to upset defences against data breach claims (Financial Times) In February, a Los Angeles hospital paid a bitcoin ransom equivalent to about $17,000 to retrieve its medical records after hackers attacked its network

Consumer Data Breach Injury: Not a Guessing Game (Lexology) Big data breaches are all over the news lately, but when is a merchant liable to individuals whose information is breached? Two cases have recently addressed questions relating to the nature of damages needed to sustain a civil claim against a merchant for data breaches

Hospital data breach patients to receive settlement checks (Orange County Register) St. Joseph Health patients whose medical information was released in a 2012 data breach will receive checks for $242 in April as part of a class-action settlement finalized last month

As health data breaches increase, what do you have to lose? (CNBC) A recent ransomware attack that forced a Los Angeles hospital to fork over $17,000 to criminals to get its computer system unlocked might be the most brazen health data crime of 2016 so far

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

SANS 2016 (Orlando, Florida, USA, March 12 - 19, 2016) It is time we unite, join forces, and show that if we work together, we can make a measurable difference in security. It is our pleasure to announce that SANS 2016 is back in Orlando, Florida March 12-21 ...

CONAUTH/EKMS/COMSEC Information Sharing and Key Management Infrastructure (ISKMI) 2016 (Waikiki, Hawaii, USA, March 14 - 18, 2016) The ISKMI will draw global-wide participation and Allied (Five Eyes and NATO) attendees. Information sharing will be centralized to Key Management Infrastructure (KMI), Cryptographic Modernization (CM),...

Pwn2Own 2016 (Vancouver, British Columbia, Canada, March 16 - 17, 2016) Since its inception in 2007, Pwn2Own has increased the challenge level at each new competition, and this year is no different. While the latest browsers from Google, Microsoft, and Apple are still targets,...

Insider Threat Symposium & Expo™ (San Antonio, Texas, USA, March 17, 2016) The Insider Threat Symposium & Expo was created in the wake of the recent data breaches affecting the U.S. Government (WikiLeaks, NSA Breach), and the continued damaging and costly insider threat incidents...

ICCWS 2016 (Boston, Massachusetts, USA, March 17 - 18, 2016) ICCWS 2016 will cover the complex but exciting aspects of international cyber warfare and security

CISO Summit France (Paris, France, March 22, 2016) A forum for innovative IT thought leaders across France. Despite economic instability in the euro zone amid an on-going global financial crisis, IT spending worldwide is expected to increase in the coming...

cybergamut Tech Tuesday: Providing Consistent Security Across Virtual and Physical Workloads (Elkridge, MD, Calverton, March 22, 2016) Data centers today are being tasked with many more requirements. This has been increasing as companies leverage server virtualization in new ways. This has made the data center a rich source of information...

Risk Management Summit (New York, New York, USA, March 22 - 23, 2016) The Business Insurance Risk Management Summit is a unique two-day conference serving the information and networking needs of senior risk managers, benefits managers and related decision makers from the...

Artificial Intelligence and Autonomous Robotics (Clingendael, the Netherlands, March 23 - 24, 2016) Artificial Intelligence (AI) has been a feature of science fiction writing for almost a century, but it is only in more recent years that the prospect of truly autonomous robotics — even those that...

International Consortium of Minority Cybersecurity Professionals (ICMCP) Inaugural National Conference (Washington, DC, USA, March 23 - 24, 2016) The conference will focus on the public, private and academic imperatives necessary to closing the growing underrepresentation of women and minorities in cybersecurity through diversification of the workforce.

Commonwealth Cybersecurity Forum 2016 (London, England, UK, March 23 - 24, 2016) The Commonwealth, built on consensus and mutual support, is an ideal platform to build international cooperation on various aspects of cybersecurity. CTO's Commonwealth Cybersecurity Forum brings together...

Black Hat Asia 2016 (Singapore, March 29, 2016) Black Hat is returning to Asia again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days — two...

SecureWorld Boston (Boston, Massachussetts, USA, March 29 - 30, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

Insider Threat Summit (Monterey, California, USA, March 29 - 30, 2016) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical...

TU-Automotive Cybersecurity USA 2016 (Novi, Michigan, USA, March 29 - 30, 2016) TU-Automotive Cybersecurity dissects the real issues behind the headlines, helping you to apply technology and best practices to deliver robust security defenses and processes within a more secure ecosystem.

Insider Threat Program Development Training (Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC.

Women in Cyber Security 2016 (Dallas, Texas, USA, March 31 - April 2, 2016) With support from National Science Foundation, Award #1303441 (Capacity Building in Cybersecurity: Broadening Participation of Women In Cybersecurity through the Women in Cybersecurity Conference and Professional...

SANS Atlanta 2016 (Atlanta, Georgia, USA, April 4 - 9, 2016) Learn the most effective steps to prevent attacks and detect adversaries with actionable techniques that you can directly apply when you get back to work. Take advantage of tips and tricks from the experts...

Billington CyberSecurity INTERNATIONAL Summit (Washington, DC, USA, April 5, 2016) On April 5, in Washington, D.C., join leading cybersecurity officials from across the globe at the Billington CyberSecurity INTERNATIONAL Summit to engage in an intensive information exchange between leading...

ISC West 2016 (Las Vegas, Nevada, USA, April 6 - 8, 2016) ISC West is the leading physical security event to unite the entire security channel, from dealers, installers, integrators, specifiers, consultants and end-users of physical, network and IT products.

ASIS 15th European Security Conference & Exhibition (London, England, UK, April 6 - 8, 2016) ASIS Europe 2016 invites you to join security professionals and experts from over Europe and beyond in one of the most dynamic centres of business and culture in the world

Cybersecurity and Privacy Protection Conference (Cleveland, Ohio, USA, April 7 - 8, 2016) The Center for Cybersecurity and Privacy Protection 2016 Conference will bring together experienced government officials, in-house counsels, business executives, cyber insurance leaders, litigators, information...

Threat Hunting & Incident Response Summit 2016 (New Orleans, Louisiana, USA, April 12 - 13, 2016) The Threat Hunting & Incident Response Summit 2016 focuses on specific hunting and incident response techniques and capabilities that can be used to identify, contain, and eliminate adversaries targeting...

QuBit Conference (Prague, the Czech Republic, April 12 - 14, 2016) QuBit offers you a unique chance to attend 2 selected Mandiant training courses, taught by some of the most experienced cyber security professionals in the business

CISO Dallas (Dallas, Texas, USA, April 14, 2016) With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility...

CSO 50 Conference and Awards (Litchfield Park, Arizona, USA, April 18 - 20, 2016) We at CSO, the award-winning media brand, will bring you speakers from up to 50 organizations with outstanding security prowess. Over 2 ½ days, these distinguished executives and technologists will share...

Creech AFB–AFCEA Las Vegas Cyber Security, IT & Tactical Tech Day (Indian Springs, Nevada, USA, April 19, 2016) The Armed Forces Communications & Electronics Association (AFCEA) Las Vegas Chapter, with support from the 432d Wing, will host the 4th Annual Cyber Security, IT & Tactical Technology Day at Creech AFB...

Amsterdam 2016 FIRST Technical Colloquium (Amsterdam, the Netherlands, April 19 - 20, 2016) FIRST Technical Colloquia & Symposia provide a discussion forum for FIRST member teams and invited guests to share information about vulnerabilities, incidents, tools and all other issues that affect the...

Security & Counter Terror Expo 2016 (London, England, UK, April 19 - 20, 2016) Security & Counter Terror Expo (formerly Counter Terror Expo) is the event for any professional tasked with protecting assets, business, people and nations from terrorism. It brings over 9000 attendees...

SecureWorld Philadelphia (King of Prussia, Pennsylvania, USA, April 20 - 21, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

AFCEA Defensive Cyber Operations Symposium (Baltimore, Maryland, USA, May 5 - 7, 2015) The U.S. Defense Information Systems Agency's new operational role in the cyber domain as network defender creates a formal relationship between DISA, U.S. Cyber Command and the command's military service...

2016 Akamai Government Forum: Safeguarding a Dynamic Government — End–to–End Security for your Agency (Washington, DC, USA, April 21, 2016) Today's public demands a high performance — and safe — web experience from government and public organizations. And public IT leaders require flawless web protection to securely meet that demand. Join...

Army SIGINT (Fort Meade, Maryland, USA, April 25, 2016) Approximately 500 attendees will come together to discuss future technologies in Signals Intelligence (SIGINT), focusing on applications for the actual users in the field (the soldiers). Most attendees...

CISO San Francisco (San Francisco, California, USA, April 26, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions...

CISO Houston (Houston, Texas, USA, April 28, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.