skip navigation

More signal. Less noise.

Recorded Future

Get threat intelligence on hackers and vulnerabilities FREE every day with the Recorded Future Cyber Daily. Sign up today.

Daily briefing.

ISIS claims, online, as usual, responsibility for the Brussels massacres. Also as usual, ISIS welcomes all media coverage even when it execrates jihad. This serves only to inspire their recruits, increasingly drawn from the disaffected and the criminal. They easily organize into small cells whose coordinated actions are sufficiently local to require little more command-and-control than what face-to-face word-of-mouth can provide. European authorities recognize an old lesson in this guerrilla war: intelligence collection outstrips analysis and dissemination.

The US is expected to charge Iranian nationals later today with crimes related to cyber reconnaissance of a Rye, New York, flood control dam. The indictment comes as other concerns about the vulnerability of water and power infrastructures arise. A Verizon report indicates that an unnamed water supply utility was hacked in ways that enabled attackers to manipulate levels of chemicals in potentially dangerous ways. And the continuing investigation into December's Ukraine grid hack reveals more patient preparation on the attackers' part.

The US FBI has added two members of the Assad regime's Syrian Electronic Army to its most-wanted list. Observers think this case shows the convergence of political hacktivism and ordinary organized crime (a convergence also noted with ISIS).

Cisco's Talos group finds privilege escalation vulnerability in the Apple Intel HD3000 Graphics kernel driver. Apple's fixing it.

Consensus among observers is that the alternative method the FBI's come up with to open the San Bernardino jihadist's iPhone involves NAND mirroring. The "third-party" who's helping the Bureau is said to be Cellebrite.

Catch today's CyberWire podcast later this afternoon. We'll hear from the University of Maryland's Ben Yelin, who'll discuss US Constitutional rights to privacy in the cyber domain. (And we'll discuss more of the day's news.)

Notes.

Today's issue includes events affecting Australia, Bangladesh, Belgium, China, Estonia, European Union, France, Germany, Iraq, Iran, Israel, Netherlands, Russia, Syria, Turkey, Ukraine, United States.

2016 National Conference of Minority Cybersecurity Professionals (Washington, DC, March 23 - 24, 2016) The landmark ICMCP conference will elevate the national dialogue on the necessary measures needed to attract and develop minority cybersecurity practitioners to address the cross-industry cybersecurity skills shortage.

Women in Cybersecurity (WiCYS) 2016 (Dallas, TX, March 31 - April 2, 2016) The 3rd annual conference brings together women (students, faculty, researchers, professionals) in cybersecurity from academia, research organizations and industry for the sharing of knowledge and experience, networking and mentoring.

Cyber Attacks, Threats, and Vulnerabilities

Islamic State Claims Deadly Bombings in Brussels (ABC News) Islamic extremists struck Tuesday in the heart of Europe, killing at least 34 people and wounding scores of others in back-to-back bombings of the Brussels airport and subway that again laid bare the continent's vulnerability to suicide squads

ISIS Is Using the Media Against Itself (Atlantic) It doesn’t matter if the coverage that follows an attack is negative. For ISIS, any coverage is good coverage

Squeezed At Its Base, ISIS Grows More Dangerous Elsewhere (NPR) The Islamic State has been steadily losing territory in its self-declared caliphate in Syria and Iraq, where a U.S. bombing campaign and a host of rival forces chip away at its holdings

IS trains 400 fighters to attack Europe in wave of bloodshed (AP) The Islamic State group has trained at least 400 fighters to target Europe in deadly waves of attacks, deploying interlocking terror cells like the ones that struck Brussels and Paris with orders to choose the time, place and method for maximum chaos, officials have told The Associated Press

New ISIS recruits have deep criminal roots (Washington Post) One perpetrator was an automobile thief before he got religion, and served time in a Belgian prison on a carjacking charge

In Brussels Attacks, Chronicle of a Disaster Foretold (Foreign Policy) Belgian spies said attacks were coming, but overwhelmed security forces were powerless to prevent terrorists from killing 34 and wounding hundreds more

Between the Expected and the Inevitable (The Cipher Brief) First Paris, then San Bernardino, now Brussels. How widespread are ISIS networks in Europe and North America, and can we expect these kinds of attacks on a regular basis?

123 People Have Signed Up To Be I.S. Suicide Bombers (Sky News) Would-be suicide bombers come from countries including France, Germany, Spain, Tunisia and Egypt, Sky News can reveal. The information comes from exclusive Islamic State personnel files obtained by Sky. Stuart Ramsay explains more

Exclusive: U.S. to charge Iran in cyber attacks against banks, New York dam - sources (Reuters) The Obama administration is expected to blame Iranian hackers as soon as Thursday for a coordinated campaign of cyber attacks in 2012 and 2013 on several U.S. banks and a New York dam, sources familiar with the matter have told Reuters

Indictment against hackers linked to Iranian goverment to be unsealed (Washington Post) The Justice Department on Thursday expect to announce the unsealing of an indictment charging several hackers associated with the Iranian government with cybercrimes

Hackers hijacking water treatment plant controls shows how easily civilians could be poisoned (International Business Times) A group of hackers managed to infiltrate a water treatment plant and change the levels of chemicals being used to treat tap water four times during the cyberattack, security researchers report

The future of our city services? Cyberattackers target core water systems (ZDNet) In a recent case, cyberattackers have demonstrated that breaches are not limited to corporate targets

Hackers Infiltrated Ukrainian Power Grid Months Before Cyber-Attack (eWeek) Attackers controlled some systems within three Ukrainian power companies' networks for more than six months, a fact only revealed after they cut power to more than 225,000 people in December 2015

Are These Syrian Hackers Cyber Warriors, or Just Thieves? (Defense One) The FBI added two Syrian hackers to its most-wanted list for cybercriminals, a project that's only been running since 2013 and includes individuals from China, Russia and Eastern Europe

Vulnerability Spotlight: Apple OS X Graphics Kernel Driver Local Privilege Escalation Vulnerability (Cisco Talos Security) Cisco Talos, in conjunction with Apple’s security advisory issued on Mar 22, is disclosing the discovery of a local vulnerability in the communication functionality of the Apple Intel HD3000 Graphics kernel driver. This vulnerability was initially discovered by the Talos Vulnerability Research & Development Team and reported in accordance with responsible disclosure policies to Apple

Google publishes list of Certificate Authorities it doesn't trust (Register) Thawte experiment aims to expose issuers of dodgy creds

New self-protecting USB trojan able to avoid detection (We Live Security) A unique data-stealing trojan has been spotted on USB devices in the wild – and it is different from typical data-stealing malware

Three US hospitals hit by ransomware (BBC) The IT systems of three US hospitals have been infected with ransomware, which encrypts vital files and demands money to unlock them

VA cyber intrusion attempts down, non-cyber data loss incidents up in February (FierceGovernmentIT) The Veterans Affairs Department saw cyber intrusion attempts drop by more than 10 million attempts in February, but reported non-cyber data loss incidents increased significantly

Has health care hacking become an epidemic? (PBS Newshour) In February 2015, Anthem made history when 78.8 million of its customers were hacked. It was the largest health care breach ever, and it opened the floodgates on a landmark year

TeamViewer Denies It Is Ransomware Infection Vector (KnowBe4) A modified version of EDA2, an open source ransomware strain developed by Turkish computer engineering student Utku Sen, --by the way, thanks Utku, that was a very smart idea-- has been encrypting files and appending the .surprise extension to them. The cybercriminals using the Surprise ransomware have chosen an unusual infection vector: the popular remote control tool TeamViewer

4 cyber security companies that got hacked themselves (Computer Business Review) There have been several major cyber-attacks on large firms in recent years, with those on TalkTalk and Ashley Madison making the headlines last year

Lockheed F-35's Cybersecurity Flaws Cited by Pentagon Tester (Bloomberg) Cybersecurity weaknesses in Lockheed Martin Corp.’s F-35 are among “many unresolved deficiencies” hobbling the costliest U.S. weapons program as production of the fighter jet ramps up, the Pentagon’s top tester said

Security Patches, Mitigations, and Software Updates

Cisco Releases Security Updates (US-CERT) Cisco has released security updates to address vulnerabilities in multiple products. Exploitation of these vulnerabilities could allow a remote attacker to create a denial-of-service condition

Cyber Trends

Majority Of Bad Bots Behave Like Humans (Dark Reading) And for the first time since 2013, humans outnumber bad bots on the Web -- but that doesn't mean humans are beating bots, new study shows

What does privacy mean to you? (Christian Science Monitor Passcode) A photo series exploring this key issue of the Digital Age

Marketplace

INSIGHT: Are you liable for a cybersecurity attack? (Sioux Falls Business Journal) By far the most misunderstood insurance coverage is cyberliability

Is Cybersecurity a Top Risk Concern for Banks? The Experts Weigh In (Legaltech News) A Bank Director survey found many banks still aren’t doing enough to protect themselves—and their customers

DoD Seeks Cyber Platforms Through Solutions Meeting (ExecutiveBiz) The Defense Department will hold a meeting in Washington between June and July 2016 to allow potential contractors to deliver technical presentations about their cyber platforms

Q&A: FireEye CEO On Apple-FBI, Critical Infrastructure Attacks And Why We're At The Biggest Inflection Point In History (CRN) Since the beginning of the year, FireEye has been investing big in threat intelligence

Interview: John McCormack, Forcepoint (Infosecurity Magazine) Around 11 months on from the acquisition of Websense by defense contractor Raytheon, I had the chance to talk to the CEO of the newly formed entity of that company – Forcepoint

Former U.S. Security Specialist’s MGA Ridge Global Tackling Cyber Risk (Insurance Journal) It may be surprising to some that a former governor and head of National Security started an insurance company focused on cyber risk, but Tom Ridge, president and CEO of Ridge Global says it shouldn’t be

FourV wants to make it painfully simple to understand your company’s IT security risk (Technical.ly Baltimore) The startup's platform generates a numerical score that's designed to make it easier to show execs if their data is in danger

F5 Networks Nabs Fortinet, Lookout Execs To 'Supercharge' Security Sales (CRN) F5 Networks' channel sales team is getting a shot in the arm as it hires two top industry veterans with global experience to bolster the vendor's security charge

Products, Services, and Solutions

SecureRF Announces Veridify®, a Cloud‐based Platform and Application Suite Delivering Public‐Key Infrastructure to Tags and Devices in the IoT (SecureRF) SecureRF, a leading provider of security solutions for the Internet of Things, announced today the availability of Veridify, a cloud‐based platform delivering Public‐Key Infrastructure for devices, sensors and tags in the IoT

Knowns and Unknowns: What It Means to Shift from Prevention to Detection and Response (IKANOW) “We haven’t stopped huge breaches. The focus now is on resilience, with smarter ways to detect attacks and faster ways to respond to them"

Stock Update (NASDAQ:FEYE): FireEye Inc Launches Mandiant® Red Team Operations (Smarter Analyst) FireEye Inc (NASDAQ:FEYE), the leader in stopping today’s advanced cyber attacks, today announced the launch of Mandiant® Red Team Operations, a set of objectives-based assessments that conduct no-holds-barred attacks on organizations to highlight weakness in systems or procedures and to enhance detection and response capabilities

Bringing endpoint and firewall together is an idea so simple it’s revolutionary (Sophos) As the information security industry matures, we’re beginning to come to terms with the reality that there is no such thing as perfect prevention

A cybersecurity startup that aims to change the rules of web security game (TechWorm) High-Tech Bridge, a Geneva-based company with offices in San Francisco, is probably already known to you for its free SSL security service, which can be used to probe encryption of email, web or even SSL VPN servers

Technologies, Techniques, and Standards

Aetna CISO talks about threat intelligence and enterprise risk management (CISO) The growth of ISACs will continue as more companies learn that mature cyber security programs all share information to make their enterprises more resilient

Nemucod's CRYPTED Ransomware Can Be Neutralized with This Decrypter (Softpedia) Ransomware victims can recover files for free

This bag of tricks may help stop a Locky ransomware infection (IDG via CSO) A malware researcher has found a few tricks to stop one of the latest types of ransomware, called Locky, from infecting a computer without using any security programs

Security spring cleaning time (CSO) Time to get rid of that shelfware

Why DHS might hack your agency (FCW) The cybersecurity penetration team that has the Department of Homeland Security's only "hands-on" cybersecurity testing capabilities is planning to expand its stable of test threats

Design and Innovation

Into the Abyss: The Botnet Landscape as Seen Through a Social Graph (Imperva Incapsula) Our blog posts and reports typically provide insights into the technicalities of DDoS attacks, emerging threats and common attack trends faced by organizations

Research and Development

US Intelligence Wants Computers That Spot Fake Fingerprints (Defense One) Researchers at the Intelligence Advanced Research Projects Agency aim not only to spot prosthetic thumbs, it will also learn to predict attacks never seen before

Academia

Norwich University Applied Research Institutes to Develop Cybersecurity Course for First Responders (Vermont Digger) Norwich University Applied Research Institutes (NUARI) has been contracted to develop a cybersecurity course for first-responders. On February 11, 2016, NUARI signed a Subaward Agreement in the amount of $251,301 with the University of Arkansas System Criminal Justice Institute as prime contractor

Legislation, Policy, and Regulation

Five Ways to Devastate ISIL (Politico) In the wake of the Brussels terrorist attacks, the United States and its allies would do well to consider these new tactics

As Terrorists Cross Borders, Europe Sees Anew That Its Intelligence Does Not (New York Times) If another example of the failure of European intelligence services to share and act on information about potential terrorists was needed, Wednesday’s identification of the bombers in the deadly Brussels attacks the day before certainly provides it

What Can Estonia Teach Us about Cybersecurity? (GW Today) Estonian prime minister says in speech at GW that trust and privacy are keys to the future of digital societies

Australian industry lashes out at data breach notification scheme (IT News) Businesses complain of unclear obligations, broad scope

3 Big Changes in Transatlantic Data Regulation under the Privacy Shield (Legaltech News) The publically released text reveals what areas of the new agreement will be most impactful, and perhaps most burdensome

NPPD proposes plan to redefine itself as operational cybersecurity body (FierceGovernmentIT) The Homeland Security Department would rename and restructure the National Protection and Programs Directorate, or NPPD, in a new proposal redefining its mission. Its new identity of "Cyber and Infrastructure Protection," or CIP, would serve as a central cybersecurity taskforce and take a more operational role

Lawmakers warn of 'radical' move by NSA to share information (The Hill) A bipartisan pair of lawmakers is expressing alarm at reported changes at the National Security Agency that would allow the intelligence service’s information to be used for policing efforts in the United States

H.R. 3361 Department of Homeland Security Insider Threat and Mitigation Act of 2016 (Congressional Budget Office) H.R. 3361 would direct the Department of Homeland Security (DHS) to establish a program to protect the department’s critical assets from insider threats (that is, harmful activities by department employees and certain other persons with access to classified information)

Clinton calls for more surveillance, police after Brussels attacks (CNN) Hillary Clinton says the United States must increase its surveillance to avert Brussels-style attacks on unprotected "soft" targets

Commerce Dept Names Kiersten Todt Nat’l Cyber Commission Exec Director (ExecutiveGov) Commerce Secretary Penny Pritzker has appointed Kiersten Todt, former managing partner and president of Liberty Group Ventures, as executive director for the Commission on Enhancing National Cybersecurity

Litigation, Investigation, and Law Enforcement

Turkish Media: Police Arrest 17 IS Suspects (Voice of America) Police arrested as many as seven alleged Islamic State members Tuesday during raids on various addresses in Istanbul, Turkish news agencies said

Intel chairman: Brussels attacks appeared to target Americans (The Hill) The terror attacks in Brussels on Tuesday appear to have been designed to hit Americans, according to the head of the House Intelligence Committee

After Brussels Attacks, U.S. Must Shut Down Foreign Fighter Pipelines (National Interest) The first question security professionals around the world ask after a horrific terrorist attack is: What’s next? The second question is: How to stop it?

Can Predictive Analytics Help Governments Police ‘Violent Extremism’? (Legaltech News) International terrorism faces government with challenges of safety and policing. Is there balance to be found in analytics?

An Israeli Firm Is Reportedly Helping the FBI Unlock the San Bernardino Killer’s Phone (Time) Apple has refused to help investigators, citing privacy concerns

Here's how the FBI plans to crack terrorist's iPhone (CSO) In turn-about, government now says Apple's help not needed; 'outside party' has likely demonstrated 'NAND mirroring' technique, says iOS forensics expert

My Take on FBI’s “Alternative” Method (Zdziarski's Blog of Things) FBI acknowledged today that there “appears” to be an alternative way into Farook’s iPhone 5c – something that experts have been shouting for weeks now; in fact, we’ve been saying there are several viable methods

Apple v. FBI case on hold, but 'going dark' debate rages on (Christian Science Monitor Passcode) Though Apple and the FBI will not meet in court this week, questions about the role of encrypted communications in plotting terrorist attacks resurfaced after Tuesday's bombings in Brussels

Tor Project says developers would rather quit than give FBI a backdoor (Naked Security) The Tor Project is standing with Apple in its ongoing battle with the US government over encryption backdoors, and several developers for the anonymity service have said they would rather quit than add a backdoor to Tor’s software

Apple Policy on Bugs May Explain Why Hackers Would Help F.B.I. (New York Times) After a third party went to the F.B.I. with claims of being able to unlock an iPhone, many in the security industry said they were not surprised that the third party did not go to Apple

USA offers $100,000 bounty for alleged Syrian Electronic Army members (Hot for Security) The US Department of Justice believes it has identified three members of the notorious Syrian Electronic Army, who have in recent years made a name for themselves with their high profile hacks against media organisations, targeted spear-phishing attacks, and redirecting well-known websites to display propaganda in support of the Syrian Government and President Bashar al-Assad

Chinese National Pleads Guilty to Conspiring to Hack into U.S. Defense Contractors’ Systems to Steal Sensitive Military Information (US Department of Justice) A Chinese national pleaded guilty today to participating in a years-long conspiracy to hack into the computer networks of major U.S. defense contractors, steal sensitive military and export-controlled data and send the stolen data to China

BSEC asks CDBL to remain alert against cyber attack (Financial Express) The securities regulator has instructed the Central Depository Bangladesh Limited (CDBL) to ensure proper protection of the listed companies' shares by thwarting any possibility of cyber attack, officials said

Bangladesh Bank weighs lawsuit against New York Fed over hack (Reuters via Business Insurance) Bangladesh's central bank has hired a U.S. lawyer for a potential lawsuit against the Federal Reserve Bank of New York after hackers stole $81 million from its account with the New York Fed, according to an internal report by the Bangladesh bank

Bangladesh tech expert who went missing after cyber theft returns (Reuters via Yahoo!) A Bangladeshi cyber crime expert who went missing while he was assisting a police investigation into an attempted $951 million electronic theft from the central bank's computers, returned home early on Wednesday, his wife said

Experts see little chance of charges in Clinton email case (Press Herald) Several lawyers who specialize in this area say it's a stretch to apply existing statutes to a former cabinet secretary whose communication was with aides – not with a national enemy

AP data analysis finds federal employees do 'really crappy' record searches (FierceContentManagement) An Associated Press annual review of all FOIA requests handled by 100 federal agencies in 2015 revealed the federal government's ability to complete record searches is abysmal

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Staying Ahead of the Curve - Securing a Nation Amid Change (Washington, DC, USA, April 26, 2016) A discussion of the changing cybersecurity landscape, featuring a keynote by General Keith Alexander, former Director, National Security Agency, and a panel discussion of the challenges facing Federal...

Upcoming Events

Artificial Intelligence and Autonomous Robotics (Clingendael, the Netherlands, March 23 - 24, 2016) Artificial Intelligence (AI) has been a feature of science fiction writing for almost a century, but it is only in more recent years that the prospect of truly autonomous robotics — even those that...

International Consortium of Minority Cybersecurity Professionals (ICMCP) Inaugural National Conference (Washington, DC, USA, March 23 - 24, 2016) The conference will focus on the public, private and academic imperatives necessary to closing the growing underrepresentation of women and minorities in cybersecurity through diversification of the workforce.

Commonwealth Cybersecurity Forum 2016 (London, England, UK, March 23 - 24, 2016) The Commonwealth, built on consensus and mutual support, is an ideal platform to build international cooperation on various aspects of cybersecurity. CTO's Commonwealth Cybersecurity Forum brings together...

Black Hat Asia 2016 (Singapore, March 29, 2016) Black Hat is returning to Asia again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days — two...

SecureWorld Boston (Boston, Massachussetts, USA, March 29 - 30, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

Insider Threat Summit (Monterey, California, USA, March 29 - 30, 2016) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical...

TU-Automotive Cybersecurity USA 2016 (Novi, Michigan, USA, March 29 - 30, 2016) TU-Automotive Cybersecurity dissects the real issues behind the headlines, helping you to apply technology and best practices to deliver robust security defenses and processes within a more secure ecosystem.

Insider Threat Program Development Training (Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC.

Women in Cyber Security 2016 (Dallas, Texas, USA, March 31 - April 2, 2016) With support from National Science Foundation, Award #1303441 (Capacity Building in Cybersecurity: Broadening Participation of Women In Cybersecurity through the Women in Cybersecurity Conference and Professional...

SANS Atlanta 2016 (Atlanta, Georgia, USA, April 4 - 9, 2016) Learn the most effective steps to prevent attacks and detect adversaries with actionable techniques that you can directly apply when you get back to work. Take advantage of tips and tricks from the experts...

Billington CyberSecurity INTERNATIONAL Summit (Washington, DC, USA, April 5, 2016) On April 5, in Washington, D.C., join leading cybersecurity officials from across the globe at the Billington CyberSecurity INTERNATIONAL Summit to engage in an intensive information exchange between leading...

ISC West 2016 (Las Vegas, Nevada, USA, April 6 - 8, 2016) ISC West is the leading physical security event to unite the entire security channel, from dealers, installers, integrators, specifiers, consultants and end-users of physical, network and IT products.

ASIS 15th European Security Conference & Exhibition (London, England, UK, April 6 - 8, 2016) ASIS Europe 2016 invites you to join security professionals and experts from over Europe and beyond in one of the most dynamic centres of business and culture in the world

Cybersecurity and Privacy Protection Conference (Cleveland, Ohio, USA, April 7 - 8, 2016) The Center for Cybersecurity and Privacy Protection 2016 Conference will bring together experienced government officials, in-house counsels, business executives, cyber insurance leaders, litigators, information...

Rock Stars of Risk-based Security (Washington, DC, USA, April 12, 2016) Virtually every company will be hacked, and today, experts accept that a 100% security solution is not feasible. Advanced risk assessment and mitigation is the order of the day. Rock Stars of Risk-Based...

Threat Hunting & Incident Response Summit 2016 (New Orleans, Louisiana, USA, April 12 - 13, 2016) The Threat Hunting & Incident Response Summit 2016 focuses on specific hunting and incident response techniques and capabilities that can be used to identify, contain, and eliminate adversaries targeting...

QuBit Conference (Prague, the Czech Republic, April 12 - 14, 2016) QuBit offers you a unique chance to attend 2 selected Mandiant training courses, taught by some of the most experienced cyber security professionals in the business

CISO Dallas (Dallas, Texas, USA, April 14, 2016) With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility...

CSO 50 Conference and Awards (Litchfield Park, Arizona, USA, April 18 - 20, 2016) We at CSO, the award-winning media brand, will bring you speakers from up to 50 organizations with outstanding security prowess. Over 2 ½ days, these distinguished executives and technologists will share...

Creech AFB–AFCEA Las Vegas Cyber Security, IT & Tactical Tech Day (Indian Springs, Nevada, USA, April 19, 2016) The Armed Forces Communications & Electronics Association (AFCEA) Las Vegas Chapter, with support from the 432d Wing, will host the 4th Annual Cyber Security, IT & Tactical Technology Day at Creech AFB...

Amsterdam 2016 FIRST Technical Colloquium (Amsterdam, the Netherlands, April 19 - 20, 2016) FIRST Technical Colloquia & Symposia provide a discussion forum for FIRST member teams and invited guests to share information about vulnerabilities, incidents, tools and all other issues that affect the...

Security & Counter Terror Expo 2016 (London, England, UK, April 19 - 20, 2016) Security & Counter Terror Expo (formerly Counter Terror Expo) is the event for any professional tasked with protecting assets, business, people and nations from terrorism. It brings over 9000 attendees...

SecureWorld Philadelphia (King of Prussia, Pennsylvania, USA, April 20 - 21, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

AFCEA Defensive Cyber Operations Symposium (Baltimore, Maryland, USA, May 5 - 7, 2015) The U.S. Defense Information Systems Agency's new operational role in the cyber domain as network defender creates a formal relationship between DISA, U.S. Cyber Command and the command's military service...

2016 Akamai Government Forum: Safeguarding a Dynamic Government — End–to–End Security for your Agency (Washington, DC, USA, April 21, 2016) Today's public demands a high performance — and safe — web experience from government and public organizations. And public IT leaders require flawless web protection to securely meet that demand. Join...

Army SIGINT (Fort Meade, Maryland, USA, April 25, 2016) Approximately 500 attendees will come together to discuss future technologies in Signals Intelligence (SIGINT), focusing on applications for the actual users in the field (the soldiers). Most attendees...

CISO San Francisco (San Francisco, California, USA, April 26, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions...

CISO Houston (Houston, Texas, USA, April 28, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.