skip navigation

More signal. Less noise.

Recorded Future

Get threat intelligence on hackers and vulnerabilities FREE every day with the Recorded Future Cyber Daily. Sign up today.

Daily briefing.

Observers see the Islamic State's bombings in Brussels as suggesting two trends with implications not only for physical combat, but for information operations as well. As ISIS loses territory and combat capability, it looks elsewhere for propaganda-of-the-deed, and it seeks to inspire disaffected youth who'd otherwise be recruited by more conventional street gangs.

Local recruiting and cellular organization make online collection more difficult for authorities, and intelligence development and sharing remain as challenging as ever.

Anonymous declares another anti-ISIS operation, but few observers have high expectations.

Verizon Enterprise Solutions has apparently suffered a data breach, with some 1.5 million customer records exposed.

Fox IT reports certified ethical hacker credentialing shop E-Council's website has been redirecting to Angler and serving TeslaCrypt ransomware. Trend Micro discovers a new ransomware variant, "Petya," that overwrites an infected device's master boot record.

RSA researchers find a remote code execution flaw that affects widely used digital video recorders manufactured by the Chinese firm TVT.

Check Point outlines problems with the Google and Apple walled-garden app stores. You're better off getting your apps there than from, say, Leon's House o' Apps, but beware: there can still be snakes in those gardens.

In patch news, Google updates Chrome, and Oracle fixes a problem with Java SE. Microsoft will be providing an easy way for users to disable macros in Office.

The FBI and Cellebrite are still working on that jihadist iPhone, and the Justice Department yesterday indeed indicted seven Iranians for hacking that dam in Rye, New York.

Notes.

Today's issue includes events affecting Australia, Belgium, Canada, China, European Union, France, Germany, Iran, Iraq, Russia, Singapore, Syria, United Kingdom, United States.

Catch the CyberWire's Daily podcast this afternoon, and don't miss our Week-in-Review, either, up soon thereafter. In the Daily, we'll hear from the MorphoTrust's Mark DiFraia on protecting your identity when filing state tax returns, and from the Johns Hopkins University's Joe Carrigan on mobile app permissions. And the Week-in-Review will have two big interviews, with Craig Williams from Cisco's Talos unit on OSX graphics driver vulnerabilities, and with Cylance's Jon Gross on Dust Storm. Since the crypto wars continue, we ask the University of Maryland's Jonathan Katz to look back at the old Clipper Chip. (And of course we'll also discuss more of the day's news.)

2016 National Conference of Minority Cybersecurity Professionals (Washington, DC, March 23 - 24, 2016) The landmark ICMCP conference will elevate the national dialogue on the necessary measures needed to attract and develop minority cybersecurity practitioners to address the cross-industry cybersecurity skills shortage.

Women in Cybersecurity (WiCYS) 2016 (Dallas, TX, March 31 - April 2, 2016) The 3rd annual conference brings together women (students, faculty, researchers, professionals) in cybersecurity from academia, research organizations and industry for the sharing of knowledge and experience, networking and mentoring.

Cyber Attacks, Threats, and Vulnerabilities

Islamic State video calls for jihad after Brussels blasts (Reuters via Yahoo! News) Islamic State released a video on social media on Thursday calling on its followers to claim victory and wage jihad after deadly blasts in Brussels this week that the group said it had carried out

The Islamic State’s European Front (New York Times) The bombs that exploded in the Brussels airport and at a central metro station on Tuesday morning, killing at least 30 people, came as only the latest in a string of terrorist outrages on a continent that is starting to see horrific violence as the new normal. Hours later the Islamic State claimed responsibility

Brussels bombings are a sign of Islamic State’s panic (Reuters) The death count from Tuesday’s separate bombing attacks in Brussels continued to climb Wednesday, with Belgium police reporting at least 31 dead and nearly 270 injuried. The atrocities are tragic and unacceptable. But the West should understand that this is what winning may look like in the battle against Islamic State. The attackers’ coordinated strikes could well stem more from a sense of weakness, than strength

The Changing Logic Behind Suicide Bombings (Defense One) What was once purely a strategic action has become a tactical move meant to help hold territory

Anonymous Issues Threat Against ISIS After Belgium Attacks (Softpedia) First threats after the Paris November incident did not work as expected, so Anonymous does it again

In Syria and Iraq, the Islamic State is in retreat on multiple fronts (Washington Post) As European governments scramble to contain the expanding terrorist threat posed by the Islamic State, on the battlefield in Iraq and Syria the group is a rapidly diminishing force

OS X zero day bug allows hackers to bypass system integrity protection (Help Net Security) An OS X zero day vulnerability could allow attackers to bypass System Integrity Protection, Apple’s newest protection feature, and to escalate their privileges, simplifying the path to total system compromise in both OS X and iOS systems

RCE flaw affects DVRs sold by over 70 different vendors (Help Net Security) RSA security researcher Rotem Kerner has discovered a remote code execution vulnerability that affects digital video recorders (DVRs) sold by more than 70 different vendors around the world

Crooks Steal, Sell Verizon Enterprise Customer Data (KrebsOnSecurity) Verizon Enterprise Solutions, a B2B unit of the telecommunications giant that gets called in to help Fortune 500’s respond to some of the world’s largest data breaches, is reeling from its own data breach involving the theft and resale of customer data, KrebsOnSecurity has learned

Mobile Security: Why App Stores Don’t Keep Users Safe (Dark Reading) In a preview of his Black Hat Asia Briefing next week, a security researcher offers more proof of trouble in the walled gardens of the Apple and Google App stores

Video Malvertising Bringing New Risks to High-Profile Sites (Proofpoint) Exploit kits are powerful tools for cybercriminals, downloading malware onto vulnerable PCs whenever users surf to a compromised or malicious site

Rise of the advanced persistent bots (FierceITSecurity) Distil Networks report finds bad bot activity is declining, but advanced persistent bots are on the rise

Badlock critical vulnerability: nice logo, no details. (Naked Security) Engineers from Microsoft and the Samba Team are reportedly working together to fix a critical vulnerability in Windows and Samba software – patches are expected in three weeks time, on 12 April

PETYA Crypto-ransomware Overwrites MBR to Lock Users Out of Their Computers (TrendLabs Security Intelligence Blog) As if encrypting files and holding them hostage is not enough, cybercriminals who create and spread crypto-ransomware are now resorting to causing blue screen of death (BSoD) and putting their ransom notes at system startup—as in, even before the operating system loads

Certified Ethical Hacker website caught spreading crypto ransomware (Ars Technica) Major security certification group ignored private warnings for more than 3 days

Canadian hospital's website hacked to serve up Teslacrypt ransomware (Graham Cluley) Yes, you should have secure backups. But you should keep your website patched too

Varonis’ Frightening Report Reveals Companies Are Easy Prey for Locky Ransomware (IT Business Edge) This week, Varonis, which specializes in solutions that protect against insider threats, issued a comprehensive report generated from risk assessments the company does over the year

Locking up Europe With Ransomware: Origination, Targeting, and Payment (Recorded Future) Ransomware infections are on the rise in Europe, and former Soviet states are frequently associated with ransomware

Cyber Attack Forces Bitcoin Trading Platform To Temporarily Shut Down (Mobipicker) Popular bitcoin trading platform BitQuick announced last week that it would suspend all its services for the next two to four weeks to investigate a cyber attack that occurred on March 14, 2016

Sprouts Farmers Market employee falls for spear-phishing attack (FierceITSecurity) Payroll employee sends 2015 W-2 forms of all 20,000 employees to hacker posing as company exec

Doxing: An Increasingly Popular Form of Online Harassment (Cyveillance) Recently, a hacker released the personal information of 29,000 federal employees – twenty thousand from the Department of Justice and 9,000 from Homeland Security – which included names, job titles, phone numbers, and email addresses. Incidents like this, including the doxing of CIA director John Brennan by a hacktivism collective, prompted the FBI to issue a warning to law enforcement and high-profile public officials indicating they could be targeted by hacktivists, who have increasingly adopted doxing as a form of social justice

The things you discover when you test RF networks (Help Net Security) In my work as a penetration tester for SureCloud, I’m often asked to look at unusual, out-of-the-ordinary vulnerabilities

Security Patches, Mitigations, and Software Updates

Stable Channel Update (Chrome Releases) The stable channel has been updated to 49.0.2623.108 for Windows, Mac, and Linux

Oracle Security Alert for CVE-2016-0636 (Oracle) This Security Alert addresses CVE-2016-0636, a vulnerability affecting Java SE running in web browsers on desktops. This vulnerability is not applicable to Java deployments, typically in servers or standalone desktop applications, that load and run only trusted code. It also does not affect Oracle server-based software

Emergency Java update plugs system compromise hole (Help Net Security) Oracle has issued an emergency security update for Java to plug a critical flaw (CVE-2016-0636) that could be exploited by luring users to visit a web page hosting the exploit

Apple pulls iOS 9.3 update for older devices following activation problems (Ars Technica) iPhone 5S and older, iPad Air and older, and others are potentially affected

And now Apple is going to stop the FBI getting into iCloud data too (Graham Cluley) Apple announces plans to hand over iCloud encryption key management to users

Microsoft Deploys Macro Blocking Feature in Office to Curb Malware (Threatpost) If it ain’t broke, don’t fix it. If there’s one thing the recent surge in threats using macros to spread malware has shown, it’s that the vector is clearly working for attackers

Cyber Trends

Iranian Cyber Attack on New York Dam Shows Future of War (Time) The first nationstate warfare took place between soldiers on the ground, and then ships at sea

VulDB: NetIQ Self Service Password Reset up to 2.x/3.3.1 HF1 cross site scripting (IBM Security Intelligence) By all accounts, it appears to be a typical Friday afternoon for the application security team

Tripwire RSA Survey: Only 38 Percent of Security Professionals Confident in Ransomware Recovery (BusinessWire) Tripwire, Inc., a leading global provider of endpoint protection and response, security and compliance solutions, today announced the results of a survey of 200 security professionals attending the RSA Conference 2016 between February 29-March 4, 2016

Second-Hand Devices Are the Next Privacy Frontier (Wireless Week) The telecommunications industry is heating up right now, following the FCC’s latest proposed regulation that would require broadband and wireless carriers to get consumers’ permission before sharing data with third parties, such as marketers

Marketplace

Cyber insurance penetration continues to grow (Business Insurance) More U.S.-based Marsh L.L.C. clients are buying stand-alone cyber insurance and increasing the limits purchased, says the brokerage in a report issued Thursday

The Future Cyber Risk Insurance Market (LIFARS) The importance of cybersecurity in the future can hardly be overstated. Organizations everywhere know this very well and are increasing their cybersecurity spending – which in turn propels the cybersecurity industry forward at an increasing rate. Similarly, there is an immense growth potential in the cyber risk insurance market

Evolution of the enterprise managed security services market (Help Net Security) In this podcast recorded at RSA Conference 2016, Court Little, Director of Product Management at Solutionary, talks about how the enterprise managed security services market in the last year has taken some interesting turns

Why you need a CSO/CISO (CIO) When it comes to security, you're better off employing a specialist. However, according to recent research, less than half of companies employ a CSO/CISO

Meet The Fortune 100 CISO (Dark Reading) Digital Guardian data shows that the typical Fortune 100 CISO is a white male with a background in IT security and a Bachelor's degree in business

Burlington firm walks businesses through cyber security (Burlington Free Press) Justin Fimlaid kept Keurig Green Mountain's cyber secrets from 2009 to 2013. Then, Fimlaid founded his own firm, NuHarbor Security in Burlington, partly because he was so dissatisfied with the help he tried to hire to protect information while at Keurig

Bromium Announces $40m Funding Based on Record Growth; Appoints SVP Sales, CFO and General Counsel (EIN News) Next-generation endpoint protection company experiencing significant momentum

Mach37 Accelerates New Cyber-Security Startups (eWeek) Rick Gordon, managing partner of Mach37, discusses his firm's new investments and its current portfolio of cyber-security startups

Hacking Team Is Back In Business, But Struggling To Survive (Motherboard) Earlier this year, a representative for the notorious surveillance vendor Hacking Team traveled to South America to pitch the company’s marquee spyware product to a potential new customer

Optus, Cisco to co-invest $9m in cyber security, cloud & IoT spaces in Australia (Deal Street Asia) Optus Business, a subsidiary of Singapore Telecom, and US networking equipment major Cisco Systems are planning to invest A$12 million (about $9 million) in Australia over the next three years in areas related to cyber security, cloud, and the Internet of Things (IoT)

Cybersecurity Professional Awards – Winners & Finalists (Cybersecurity Excellence Awards) The 2016 Cybersecurity Excellence Awards honor individuals and companies that demonstrate excellence, innovation and leadership in information security. Based on the content of their nomination and the popular vote by the Information Security Community (both ratings and comments), we are announcing the following winners and finalists for the 2016 Cybersecurity Excellence Awards in the category Cybersecurity Professional

Products, Services, and Solutions

Local firm to train vets for cybersecurity jobs (Pittsburgh Business Times) One local firm is doing its part to help Pittsburgh become a cybersecurity hub: it's offering training for local vets, free of charge. Solutionary, a managed security services provider based in Pittsburgh, is partnering with the SANS Institute, an information security training and certification organization, to offer immersion training in cybersecurity

Niara and Carbon Black Partner to Extend Security Analytics to the Endpoint (EIN News) Integration fuses endpoint context with existing data sources for enhanced attack detection and incident investigation

Threat Stack Goes Slack For Chat Ops Security (eSecurity Planet) Threat intelligence is great, but will getting actionable alerts over Slack improve enterprise security?

Technologies, Techniques, and Standards

8 tips for preventing ransomware (Naked Security) Chances are you know someone, or some organization, who has suffered a ransomware attack – it could be your local police department, a small business, big hospital, or someone in your family

Pursuing Legal Cloud Computing Security Standards: Legal Market Reactions (Legaltech News) Insights into the latest LCCA Security and Data Privacy Standards

Chip-and-PIN adoption still slow (CSO) The “chip-and-PIN” credit card system is more secure than the legacy “swipe-and signature.” But adoption of the new system remains slow — many small merchants find the cost of upgrading more significant than the increased liability risk from fraud

Building Trust: Cyber Security Guidelines for Your Employees (Heimdal Security) If you run a business or plan to start one, you should read this. If you’re employed, you should also read this

How tax fraud occurs and how to stay safe (Help Net Security) The IRS is now taking up to 21 days to review a tax return

Design and Innovation

Secure code before or after sharing? (GCN) The White House wants federal agencies to share more of their custom code with each other, and also to provide more of it to the open source community

Facebook’s testing a feature that alerts you if someone’s impersonating you (Naked Security) Facebook’s real-name policy requires people “to provide the name they use in real life; that way, you always know who you’re connecting with"

Tay Tweets: Microsoft AI chatbot designed to learn from Twitter turns into Nazi-loving Trump supporter (Independent) The messages started out harmless, if bizarre, but have descended into outright racism — before the bot was shut down

Microsoft shuts down AI chatbot after it learns hate speech on Twitter (FierceCIO) The Twitterverse's capacity to be just as awful as it is amazing reached a new high

Artificial Intelligence Robot claims it will destroy human race (Hack Read) “Sophia,” an advanced, lifelike robot told its creator that it will “destroy humans” at the South by Southwest (SXSW) technology show

Legislation, Policy, and Regulation

European Commission President Calls for 'Security Union' (Defense News) European Commission President Jean-Claude Juncker has called for a European “security union” to face the threat of terrorism

Europeans balk at intelligence sharing as toll of terror rises (New York Times via Alaska Dispatch-News) If another example of the failure of European intelligence services to share and act on information about potential terrorists was needed, Wednesday’s identification of the bombers in the deadly Brussels attacks the day before certainly provides it

Former CIA, NSA Chief Hayden Blasts Euro Intelligence Failures In Tracking Terrorist Links (Forbes) A former top U.S. intelligence official and retired air force general is taking European governments to task for intelligence failures that may explain why terrorists could get away with this week’s suicide blasts that killed more than 30 people in Brussels on top of the bombings in Paris last November in which 130 died

How Belgium's Bumbling Bureaucrats Boosted Europe's Terror Threat (Newsweek) As the world sends its sympathy to the victims of the recent terror attacks in Brussels, the most fervent prayer to be uttered for Belgium itself is that it finally wakes up. The incompetent Belgian government, its bureaucratic law enforcement agencies and its half-hearted intelligence services deserve as much blame for the slaughter as the murderers

U.S., Germany eye ways to deepen cyber collaboration (Reuters) Senior U.S. and German officials agreed this week to deepen their collaboration on a range of cyber issues, including working to promote norms for responsible state behavior in cyberspace and expanding training in developing countries

Obama, in Argentina, rejects calls for change in strategy against Islamic State (Washington Post) President Obama declared Wednesday that defeating the terrorist threat posed by the Islamic State remains his top priority, but he forcefully dismissed calls to alter his strategy and vowed not to change course “simply because it’s political season"

Sessions: Obama not taking terror threat seriously enough (Washington Examiner) Alabama Sen. Jeff Sessions said late Thursday that President Obama's refusal to specifically connect recent terrorism acts to radical Islamic groups will impede the world's ability to fully address the threat

Special Report: What Will the Privacy Shield Mean for Legal? (Legaltech News) The announcement of the EU-U.S. Privacy Shield, and the release of documents explaining its principle and structures, herald the end of an uncertain era over transatlantic data transfers

House Subcommittee Examines the Role of Cyber Insurance (JDSupra) On March 22, the House Homeland Security Committee’s Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies held a hearing on The Role of Cyber Insurance in Risk Management

Employee Surveillance: Business Efficiency Vs. Worker Privacy (InformationWeek) Legal scholars argue that new laws are needed to define the parameters of acceptable workplace monitoring and to ensure respect for personal privacy

U.S. Beefs Up Cyber Defenses to Thwart Hacks of Nuclear Arsenal (Bloomberg) The U.S. military is beefing up cyber defenses to counter threats by hackers trying to gain access to nuclear missiles and other weapons

Blog: Space and Cyber Domains Combined Create 'Synergistic' Safeguards, General Says (SIGNAL) Every military operation conducted around the world is enabled by space as well as cyber operations, domains closely linked and threatened alike

Halvorsen: DoD's cybersecurity training, culture have improved (FierceGovernmentIT) Defense Department Chief Information Officer Terry Halvorsen said cybersecurity training and overall awareness of cyberthreats have improved across the organization since a phishing scheme last summer compromised the Joint Chiefs of Staff unclassified email network

Litigation, Investigation, and Law Enforcement

Justice Department indicts seven Iranians for campaign of cyberattacks (Christian Science Monitor Passcode) The Justice Department indictment against Iranians for attacking banks and hacking into a New York dam is just the second time the US government has named foreigners in an indictment involving computer crimes against US businesses

Why the Military Can’t Go After Iran for Hacking Your Dam (Defense One) Seven Iranians have been charged with cyber crimes in a case that reveals the limits of U.S. power

How security pros blunted alleged Iran cyber attacks (USA Today) New criminal charges linking Iran to 2011-2013 cyber attacks on the U.S. put suspects' names and faces on an episode that plagued 46 banks and financial institutions nationwide — and hundreds of thousands of their customers

Six arrested in raids in Brussels; officials regret not acting on earlier warning (UPI) Two American officials also reportedly said the brothers accused in the attacks were already known to U.S. intelligence

Clear links emerge between Paris, Brussels attacks (France24) Investigators say clear links have emerged between the jihadists involved in the Paris and Brussels attacks, suggesting a single cell was responsible for both

FBI director says fight with Apple about terrorism, not setting precedent (Ars Technica) "You are simply wrong to assert that the FBI and the Justice Department lied"

Here’s how much the FBI is paying Cellebrite for its iPhone hack (BGR) For the time being, Apple’s legal battle with the FBI appears to be on hold

The FBI is cautiously testing a way to get into the San Bernardino iPhone (Washington Post) The FBI’s announcement earlier this week that it may not need help from Apple to get into a terrorist’s iPhone set off a rush of speculation over what novel, last-ditch solution the agency had stumbled on

DOJ knew of possible iPhone-cracking method before Apple case (IDG via CSO) The DEA filed a warrant request to use an iPhone cracking technology weeks before the FBI went to court against Apple

Technology saves the day in FBI vs. Apple … or does it? (FierceITSecurity) Technology, it seems, has come to the rescue in the dispute between the Federal Bureau of Investigation and Apple over accessing the iPhone used by the San Bernardino terrorist

Even if the FBI Cracks the San Bernardino Shooter’s iPhone, the Encryption Debate Won’t Be Over (Slate) On Monday, the FBI postponed a planned Tuesday court hearing with Apple about unlocking the iPhone of one of the San Bernardino shooters. The agency said it had found a third party with a promising proposal for bypassing the device's passcode without help from Apple, which has been resisting providing assistance

Encryption pioneer Martin Hellman talks security, Apple, the FBI and the future of cryptography (TechCrunch) Martin Hellman, Stanford Professor Emeritus of Electrical Engineering, was one of those awarded this year’s Turing Award by the Association for Computing Machinery. Named for computer science pioneer Alan Turing, the award is widely regarded as the highest distinction in Computer Science

There's a slim chance the FBI will have to tell Apple how it'll break into terrorist's iPhone (CNN Money) If the FBI manages to break into a San Bernardino terrorist's iPhone, there's a tiny possibility it might be forced to tell Apple how it pulled off the hack

Influencers: FBI should disclose San Bernardino iPhone security hole to Apple (Christian Science Monitor Passcode) Now that American law enforcement may have a way into the iPhone used by the San Bernardino, Calif., shooter, it should also disclose details about the security hole to Apple, said 81 percent of Passcode’s Influencers

British Students Found Guilty of ISIS-Inspired Plot to Kill on London’s Streets (Newsweek) A British court has convicted two university students of planning to kill soldiers, police and civilians on the streets of London, in a plot inspired by the Islamic State militant group (ISIS)

Man arrested for tweet about “confronting” a Muslim woman (Ars Technica) The British PR exec demanded that the woman "explain Brussels"

Security and privacy controls on Healthcare.gov data hub remain weak (FierceGovernmentIT) Over a 17-month period, Healthcare.gov experienced 316 security incidents – none of which resulted in the leak of sensitive data or compromised systems – but the Government Accountability Office remains concerned that the technical controls that protect information flowing from the website to federal partners' data systems are inadequate

Kirk Nahra: HIPAA, data issues will keep providers on their toes (FierceHealthIT) Looking at the year to come in healthcare privacy and security, there will be many HIPAA and legislative issues providers should keep their eyes on, Kirk Nahra, a partner at Wiley Rein LLP, said during a talk at the 24th National HIPAA Summit in the District of Columbia this week

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Staying Ahead of the Curve - Securing a Nation Amid Change (Washington, DC, USA, April 26, 2016) A discussion of the changing cybersecurity landscape, featuring a keynote by General Keith Alexander, former Director, National Security Agency, and a panel discussion of the challenges facing Federal...

Cyber Investing Summit 2016 (New York, New York, USA, May 3, 2016) The Cyber Investing Summit is an all-day conference focusing on the investment opportunities, trends and strategies available in the $100+ billion cyber security sector. Network with investment professionals,...

Upcoming Events

Black Hat Asia 2016 (Singapore, March 29, 2016) Black Hat is returning to Asia again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days — two...

TU-Automotive Cybersecurity USA 2016 (Novi, Michigan, USA, March 29 - 30, 2016) TU-Automotive Cybersecurity dissects the real issues behind the headlines, helping you to apply technology and best practices to deliver robust security defenses and processes within a more secure ecosystem.

Insider Threat Summit (Monterey, California, USA, March 29 - 30, 2016) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical...

SecureWorld Boston (Boston, Massachussetts, USA, March 29 - 30, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

Insider Threat Program Development Training (Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC.

Women in Cyber Security 2016 (Dallas, Texas, USA, March 31 - April 2, 2016) With support from National Science Foundation, Award #1303441 (Capacity Building in Cybersecurity: Broadening Participation of Women In Cybersecurity through the Women in Cybersecurity Conference and Professional...

SANS Atlanta 2016 (Atlanta, Georgia, USA, April 4 - 9, 2016) Learn the most effective steps to prevent attacks and detect adversaries with actionable techniques that you can directly apply when you get back to work. Take advantage of tips and tricks from the experts...

Billington CyberSecurity INTERNATIONAL Summit (Washington, DC, USA, April 5, 2016) On April 5, in Washington, D.C., join leading cybersecurity officials from across the globe at the Billington CyberSecurity INTERNATIONAL Summit to engage in an intensive information exchange between leading...

Cyber Security Summit Atlanta (Atlanta, Georgia, USA, April 6, 2016) The Inaugural Atlanta Cyber Security Summit will be held April 6th at the Ritz-Carlton, Buckhead. This event is for Sr. Executives only. We are Honored to have the US Asst. Attorney General of National...

ASIS 15th European Security Conference & Exhibition (London, England, UK, April 6 - 8, 2016) ASIS Europe 2016 invites you to join security professionals and experts from over Europe and beyond in one of the most dynamic centres of business and culture in the world

ISC West 2016 (Las Vegas, Nevada, USA, April 6 - 8, 2016) ISC West is the leading physical security event to unite the entire security channel, from dealers, installers, integrators, specifiers, consultants and end-users of physical, network and IT products.

ASIS 15th European Security Conference & Exhibition (London, England, UK, April 6 - 8, 2016) ASIS Europe 2016 invites you to join security professionals and experts from over Europe and beyond in one of the most dynamic centres of business and culture in the world.

Cyber Risk Management 360 (Baltimore, Maryland, USA, April 7, 2016) The Cybersecurity Association of Maryland, Inc. (CAMI) is partnering with the MD Department of Commerce, Chesapeake Regional Tech Council and Greater Baltimore Committee to host our first Signature event...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.