skip navigation

More signal. Less noise.

Daily briefing.

Symantec continues to track the activities of cyber espionage group Tick against Japanese targets. Noted for delivering Gofarer malware in drive-bys, whence the group installs the Daserf backdoor on victim systems, Tick has shown particular interest in companies engaged in ocean engineering, broadcasting, and IT.

A parameter-tampering vulnerability renders Pwnedlist open to certain kinds of exploitation, KrebsOnSecurity reports. The InfoArmor service can apparently be induced to yield plaintext spreadsheets with usernames and credentials that don’t belong to the account holder requesting monitoring.

Microsoft swiftly patched a vulnerability in its widely used Office 365 product. The flaw lay in Microsoft’s implementation of the Security Authentication Markup Language (SAML) server. Exploitation could have enabled remote attackers to gain access to user files. The incident offers an encouraging example of responsible disclosure.

In patching news, Slack has closed a security hole some careless third-party developers tumbled into, and Valve has fixed a crypto flaw in Steam that exposed passwords (this latter is also an instance of responsible disclosure).

South Korea and the US announce a joint research program into security artificial intelligence. South Korea is also working on a GPS alternative to hedge against DPRK jamming of the navigation service.

Europol will soon receive expanded authority to fight ISIS online.

Craig Wright has again outed himself as Bitcoin creator Satoshi Nakamoto. The reporters who are buying his story note that the evidence Wright offers in support of his claim “sounds convincing” but is “hard to follow.” One is reluctantly moved to continuing skepticism.

Notes.

Today's issue includes events affecting Armenia, Belgium, Cayman Islands, China, European Union, France, Georgia, Japan, Jordan, Democratic Peoples Republic of Korea, Republic of Korea, Panama, Philippines, Qatar, Russia, Turkey, United Kingdom, United States.

Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we'll hear from the University of Maryland's Ben Yelin on how Snowden's leaks prompted changes in US surveillance policy, and we'll talk with Bob Hansmann of Forcepoint (formerly Raytheon|Websense) on his company's 2016 Global Threat report.

Cyber Security Summit (Dallas, Texas, USA, May 3, 2016) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security. Register with promo code cyberwire50 for half off your admission (Regular price $250)

Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 25 - 26, 2016) Experienced government officials, general counsels, and cybersecurity practitioners offer insight into governance, preparedness, and resilience. Register Today, CyberWire readers receive a $100 DISCOUNT using code WIRE16.

Cyber Attacks, Threats, and Vulnerabilities

Tick Cyber-Espionage Group Targets Japanese Companies with Daserf Backdoors (Softpedia) A secret cyber-espionage group is using compromised websites along with spear-phishing emails to deliver a backdoor trojan to organizations in Japan for the purpose of stealing sensitive information and private technologies

Toy maker’s website pushed growing CryptXXX ransomware threat (CSO) Attackers are aggressively pushing a new file-encrypting ransomware program called CryptXXX by compromising websites, the latest victim being U.S. toy maker Maisto. Fortunately, there's a tool that can help users decrypt CryptXXX affected files for free

What kind of data do ransomware hackers hold hostage? (Chicago Tribune) Hackers who use ransomware are after money, and they prey on victims’ emotions to get it

Massive security flaw found in Microsoft Office 365 leaving world's largest companies exposed (Interntional Business Times) Two independent European security researchers have discovered a massive security flaw in Microsoft's Office 365 product that would make it possible for an attacker to gain unrestricted access to almost any business account and access company Outlook Online email accounts, Skype for Business, OneNote and OneDrive online storage

Serious Flaw Exposed Microsoft Office 365 Accounts (SecurityWeek) Researchers discovered a severe cross-domain authentication bypass vulnerability that could have been exploited by malicious actors to gain access to Office 365 accounts, including email and files. Microsoft patched the issue within 7 hours after learning of its existence

Hipster hackers cook up 'artisan' Squiblydoo attack (Register) Native OS tools, living off the land... it's all very crunchy

How the Pwnedlist Got Pwned (KrebsOnSecurity) Last week, I learned about a vulnerability that exposed all 866 million account credentials harvested by pwnedlist.com, a service designed to help companies track public password breaches that may create security problems for their users

IBM Transformation Extender Hypervisor Edition Samba Multiple Vulnerabilities (Secunia) Multiple vulnerabilities have been reported in IBM Transformation Extender, which can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a vulnerable system

Audiophile torrent site What.CD fully pwnable thanks to wrecked RNG (Register) Use of mt_rand means there's free .flac for those who crack

Dramatic Rise in ATM Skimming Attacks (KrebsOnSecurity) Skimming attacks on ATMs increased at an alarming rate last year for both American and European banks and their customers, according to recent stats collected by fraud trackers. The trend appears to be continuing into 2016, with outbreaks of skimming activity visiting a much broader swath of the United States than in years past

Ghost Squad DDoS Black Lives Matter Website Because ‘All Lives Matter’ (HackRead) Ghost Squad hacktivists have conducted a series of some powerful DDoS attacks on the official website of Black Lives Matter movement forcing it to go offline for the visitors. In the first phase of the attack which was conducted yesterday GS DDoSed the blacklivesmatter.com and blacklifematters.org

Botnets getting bigger and stronger, says Kaspersky (SC Magazine) Botnets are getting bigger and DDoS attacks more frequent according to Kaspersky

New Android Malware RuMMS Targeting Users through Smishing (Hack Read) FireEye security firms’ researchers have identified a new Android family malware that is currently targeting Russian users. The malware is distributed via a series of infected subdomains that are actually registered with an authentic domain name, which is owned by a popular shared hosting service provider based in Russia

Thousands of taxpayers affected by W-2 Phishing attacks this year (CSO) Criminals show no signs of slowing when it comes to targeting W-2 information

Canadian Gold-Mining Company Hacked, 14.8 GB Data Stolen (HackRead) Goldcorp, a renowned gold-mining firm in Canada has been “badly hacked.” The gold-mining firm’s headquarters is based in Vancouver, British Columbia. Hackers have also leaked a massive amount of the company’s employees’ data online. The hackers provided sample data by posting a document on a public Pastebin site, which was followed by a URL address to a full torrent download that was around 14.8 GB after uncompressing

Qatar National Bank Accepts Data Breach while Hackers Release Inside Video (HackRead) Last week HackRead exclusively reported on Qatar National Bank (QNB) security breach. Now, the QNB has acknowledged a third-party access to their servers but claim the customers’ data is fully secured. That’s not all while the bank has accepted the breach, the hackers, on the other hand, have released a video revealing how they leaked personal information of alleged MI5’s agents

Qatar National Bank says systems ‘secure’ after cyber attack (ARY NEWS) Qatar National Bank said on Sunday that its systems were “fully secure” following a cyber attack which potentially exposed the names and passwords of tens of thousands of customers

Qatar National Bank claims customer data released by hackers is authentic (ITWorld) The bank, however, said the hack would have no financial impact on customers

South Korea Revives GPS Backup After Cyber Attack (Reuters via Maritime Executive) South Korea has revived a project to build a backup ship navigation system that would be difficult to hack after a recent wave of GPS signal jamming attacks it blamed on North Korea disrupted fishing vessel operations, officials say

Cayman under cyber-attack, says ICTA (Cayman News Service) As local telecommunications provider Flow issued another alert about phishing scams impacting its customers, the managing director of the Information & Communications Technology Authority warned that Cayman is being targeted by cyber criminals

Viewers of the NFL Draft watched a cyber attack unfold on live TV. (New Republic) Laremy Tunsil was one of the most coveted players heading into Thursday’s draft

Security Patches, Mitigations, and Software Updates

Microsoft was flaming fast in fire-fighting a major Office 365 flaw (Tech Radar) Vulnerability was patched the same day it was reported

Slack Plugs Token Security Hole (Threatpost) Popular collaboration and communication firm Slack rushed to plugged a security hole in its platform Thursday that was leaking some of its users’ private chats and files for anyone to access

Valve Fixes Steam Crypto Bug That Exposed Passwords in Plaintext (Softpedia) Valve updated the Steam gaming client to fix a severe security issue in the application's crypto package that under certain conditions would have allowed an attacker to view a user's password in plaintext if observing network traffic when the user was authenticating on the platform

Security Bulletin: Steps you should take to fix a Java SE security risk on your computer (We Live Secruity) Welcome to a very unusual cybersecurity article! Why is it unusual? The title of this Security Bulletin and most of its content was provided by Oracle, the maker of the Java computer programming language. In fact, ESET is publishing this information on We Live Security at the request of Oracle. And Oracle made the request because it was ordered to do so by the US Federal Trade Commission (FTC)

Cyber Trends

Expert Comments on Verizon’s 2016 Data Breach Investigations Report (Information Security Buzz) “The Verizon report echoes similar findings to those just released in Proofpoint’s Human Factor report – everybody clicks, and attackers know this. This is one of the reasons why phishing is so successful and why in 2015 attackers overwhelmingly infected computers by tricking people into doing it themselves instead of using automated exploits"

Marketplace

Cybersecurity Venture Capital: What Investors Can Learn from the Industry’s Top Venture Capitalists (Cybersecurity Investing News) The Investing News Network sat down with industry veteran and Seculert CEO Richard Greene to learn what venture capitalists are looking for in the cybersecurity market, and what DIY investors can learn from them

Security startup confessions: Choosing a tech partner (Help Net Security) My name is Kai Roer and I am a co-founder of a European security startup, and these are my confessions. I hope you will learn from my struggles, and appreciate the choices startups make when security matters. I will share experiences from my own startups (my first was in 1994), and things I have learned by watching and advising numerous other startups around the world

IBM: The Story Is The Business, Not The Stock Price (Seeking Alpha) IBM is still one of the most valuable Fortune 50 companies, employing some of the finest researchers and computer scientists in the world. However, deteriorating revenues and cash flow, including some questionable management decisions, have the bears on the prowl. To restore investor confidence, the company needs to complete its restructuring efforts, ensure corporate governance remains a top priority, and demonstrate the true market power of IBM's Cloud. Watson, Cloud, and Blockchain developments look extremely promising as game-changing technologies, and investors who stick with the company will be rewarded in the end

Symantec CEO Brown’s Exit Highlights Company’s Continuing Struggles (Dark Reading) For the third time since 2012, Symantec is looking for a new CEO to help turn around the business

Symantec Partners Hope New CEO Will Kick-Start Next Phase Of Transformation (CRN) Symantec has been through an operational and strategic transformation, and now partners say it's time for a new CEO to bring the stability and passion back to the Mountain View, Calif.-based vendor

Rip-And-Refresh Battle Pits Cisco, Palo Alto, Fortinet, Check Point (Investor's Business Daily) As Sony Pictures prepared to release actor/director Seth Rogen’s film The Interview in late 2014, the studio hadn’t thought through its defenses. The dubious comedy, a send up of North Korean politics and leadership, engendered ill will with the real McCoy. North Korean hackers easily found their way through the Swiss-cheese firewall protecting the company’s network

Better Buy: Palo Alto Networks Inc vs. Check Point Software Technologies Ltd? (Fox Business) In the world of cybersecurity, big hitters like IBM may be the first providers that come to mind

EclecticIQ Raises 5.5 Million Euro for Enterprise-Ready Cyber Threat Intelligence (CTI) Platform (EclecticIQ) Among the largest European Series A investments in cyber security technology. EclecticIQ supports cyber threat intelligence (CTI) practices in sectors including financial services, government and organizations active within the critical infrastructure. Founder & CEO Joep Gommers is former intelligence operations executive at iSIGHT Partners

Security Entrepreneur Nico Sell: 'Apple Helps the Government All the Time' (Inc.) The creator of Wickr, a highly-encrypted messaging service, says that corporations should never hack their own systems to deliver information to the U.S. government

Pentagon Bug Bountry Program Attracks Strong Hacker Interest (eWeek) The Pentagon is at the midpoint of a crowdsourcing initiative that has attracted about 500 researchers to sign up for the opportunity to search for bugs in the agency's Websites

SANS, NinjaJobs partner to grow cyber talent pipeline (Homeland Preparedness News) The SANS Institute and NinjaJobs entered into a partnership this week to help companies find vetted, experienced cybersecurity professionals

More than 200 cyber security jobs available in Orlando (Orlando Business Journal) If a hacker really wants to get into a company, they'll do all they can to do so, but that doesn't mean you have to make it easy for them

Silicon Valley's most secretive startup is scooping up Palo Alto offices (San Jose Mercury News) Silicon Valley's most secretive startup is quietly taking over downtown Palo Alto

Products, Services, and Solutions

Zscaler Uses the Cloud to Create a VPN Alternative (eWeek) A new Private Access service takes a different approach to enabling secure remote connectivity

Malware Analysis Appliance — A1000: Cyber Security Threat Analysis Platform (Reversing Labs) The A1000 Malware Analysis Appliance is a powerful, integrated, plug-and-play solution for individual analysts or small teams of analysts that makes threat detection, deep analysis and collaboration more effective and productive. This solution is offered as an on-premises hardware appliance, a VM appliance or as a cloud-based service

Radware Cloud Security Service Awarded Best Managed Security Service for 2016 by SC Magazine (Nasdaq) Radware® (NASDAQ:RDWR), a leading provider of cyber security and application delivery solutions ensuring optimal service level for applications in virtual, cloud, and software-defined data centers, was awarded Best Managed Security Service for 2016 by SC Magazine

Technologies, Techniques, and Standards

How To Succeed At Third-Party Cyber Risk Management: 10 Steps (Dark Reading) Organizations are failing -- and badly -- assessing the risk of attacks and data breaches from vendors and supply chains, according to a recent Ponemon Institute study. The solution starts at the top

Cyber Warfare - Who are you going to call? (SC Magazine) If your organization is connected to the Internet, you are very likely engaged in cyber warfare whether you like it or not

When It Comes to Adopting the Cloud, You've Got to Secure Company Data (Entrepreneur) Whether you’re starting a new business, or you have an established small- to medium-sized business, entrepreneurs today have a unique challenge as well as an opportunity when it comes to adopting the cloud. Before there was a wide array of cloud providers serving almost every business need, organizations regardless of size had to maintain IT departments or consultants and extensive physical infrastructure to run their businesses

Living in a password free world in the modern enterprise (Help Net Security) The era of password security in the modern enterprise is over. Passwords are dead

6 Steps for Responding to a Disruptive Attack (Dark Reading) Today's threat landscape dictates that companies must have a workable incident response plan

Fight Hackers With Cyber Hygiene, Symantec Says (MeriTalk) Cyber hygiene is essential for combating the modern, professional hacker, according to Symantec Security Response director of project management Kevin Haley

Stop Building Silos. Security Is Everyone’s Problem (Dark Reading) Yes, it's true that the speed of DevOps has made security more difficult. But that doesn't mean accelerated release cycles and secure applications have to be mutually exclusive

Cyber threat hunting: How this vulnerability detection strategy gives analysts an edge (Tech Republic) Forensic experts indicate cyber threat hunting is an improvement over what currently exists for detecting security threats. Find out what makes cyber threat hunting unique

Defending Advanced Persistent Threats - Be Better Prepared to Face the Worst (Infosecurity Magazine) We often hear news about emerging cyber security threats and attacks impacting every industry. With advanced malwares, zero day exploits and persistent threats, cyber-attacks are now becoming very sophisticated in nature

Design and Innovation

IBM Defines Security Standards For Running Blockchain In The Cloud (Forbes) As companies in financial services and other industries race to take advantage of so-called “blockchain” technology — named after the technical structure that powers Bitcoin — one issue slowing them down is the need to stay within relevant data security and other regulations

$81 Million Cyberheist Underscores Need for Blockchain Security (CryptoCoinNews) The hacking heist of $81 million from the Bangladesh central bank demonstrates the vulnerability of many banks’ existing financial security platforms that cry for blockchain-based security

Craig Wright revealed as Bitcoin creator Satoshi Nakamoto (BBC) Australian entrepreneur Craig Wright has publicly identified himself as Bitcoin creator Satoshi Nakamoto. His admission ends years of speculation about who came up with the original ideas underlying the digital cash system

Craig Wright Claims He Is Bitcoin Inventor ‘Satoshi Nakamoto’ (Wall Street Journal) Australian computer scientist says he is the virtual currency’s pseudonymous creator

Craig Wright outs himself as bitcoin creator Satoshi Nakamoto—and some people believe him (Quartz) Craig Steven Wright, a computer scientist with a doctorate in theology from Queensland, Australia, claimed today (May 2) to be the inventor of bitcoin, the controversial digital currency with the mysterious backstory

Research and Development

Korea, U.S. in joint initiative for AI-based cybersecurity (Korea Herald) South Korea and the United States have teamed up to develop advanced technology using artificial intelligence to counter cyber threats, a ministry said Monday

Microsoft Is Experimenting With DNA as a Way to Store Data (Tech Worm) Given the massive amount of data it generates, Microsoft is looking into dabbling in DNA to store data

Academia

Computer Science Teachers Association (CSTA) Equips Educators to Teach Cybersecurity (EIN News) CSTA launches "Cyber Teacher" certificate program to address the nation's STEM skills gap

Univ. of Central Florida wins college cyber defense competition (USA Today) As technologies rapidly advance, so do threats to our cyber security. The work force, however, isn’t keeping up with the need for more cyber-security professionals. In fact, in 2014 there was a shortage of approximately 1 million such employees, according to the Cisco 2014 Annual Security Report

Cybersecurity contests at colleges aren't just games (Orlando Sentinel) Some might consider Jonathan Singer something of a cybersecurity blanket

Cyber Security legend to teach at USD (San Diego Union Trbune) Roger Schell, an engineer who helped revolutionize the way the U.S. government protects sensitive information on computers, has been named a distinguished fellow at the University of San Diego

CSU-Pueblo a cyberdefense hub (Pueblo Chieftain) National designation may lead to expanded programming

Legislation, Policy, and Regulation

Europol to get new powers to disrupt terrorists’ online presence (Help Net Security) The EU police agency Europol is expected to gain new powers that will help it fight terrorism and cybercrime, thanks to new governance rules endorsed by Civil Liberties Committee MEPs on Thursday

Cyber security in Belgium will gain prominence after terror attacks (ComputerWeekly) Belgium’s physical security has been branded inadequate, so how does the country’s cyber security measure up?

US companies need to gear up for new EU data privacy regulations (Help Net Security) Thousands of American companies that do business in Europe directly or online with European customers will need to start reckoning with new EU data privacy regulations that are due to go into full effect in just two years, according to the International Association of Information Technology Asset Managers (IAITAM)

The Jury's Still Out: Can America Ever Match Russian Cyber Innovation? (Modern Diplomacy) In February 2015, James Clapper, the Director of National Intelligence in the United States, announced that the appraisal of Russian cyber capability and intention had been elevated, pushing Russia to the number one spot on the list of countries which pose a major cyber-threat to the United States

US senators move security act to counter China (Domain-B) Four American senators, including three members of the Senate Foreign Relations Committee (SFRC), have proposed a maritime security act to increase support to Asia-Pacific allies to cope with Beijing's assertive moves in the South China Sea

Snowden: Without encryption, everything stops (The Hill) Edward Snowden defended the importance of encryption, calling it the "backbone of computer security"

The Cyber Implications Of Acquisition Speed (SIGNAL) Acquisition reform has been a topic of discussion among individuals in government, industry and academia for several decades

New Jersey Takes Consolidated, Fusion Center-Style Approach to Cybersecurity (Government Technology) New Jersey is perhaps best known for the “Parkway” and former presidential hopeful Gov. Chris Christie. But some might argue that it should be getting attention for its novel fusion center approach to cybersecurity

Litigation, Investigation, and Law Enforcement

Is This Frenchman Running ISIS Terror Networks in the West? (Daily Beast) Known as Abu Suleyman, this former manager of gyms in France is now said to be managing the Islamic State’s murder incorporated in Europe

Supreme Court OKs expanded hacking power for FBI (FCW) The Supreme Court approved a controversial rule on April 28 that would allow U.S. judges to issue search warrants for computers outside their jurisdictions, a move critics say would significantly expand the FBI's hacking powers

U.S. spy court rejected zero surveillance orders in 2015: memo (KFGO) The secretive U.S. Foreign Surveillance Intelligence Court did not deny a single government request in 2015 for electronic surveillance orders granted for foreign intelligence purposes, continuing a longstanding trend, a Justice Department document showed

The government wants your fingerprint to unlock your phone. Should that be allowed? (Los Angeles Times) As the world watched the FBI spar with Apple this winter in an attempt to hack into a San Bernardino shooter's iPhone, federal officials were quietly waging a different encryption battle in a Los Angeles courtroom

Systems Integrator Arrested for Philippine Election Hack (Infosecurity Magazine) Philippine police have arrested a second man in connection with the major breach of election commission Comelec which exposed the personal details of all the voters in the country

Panama Papers: US launches criminal inquiry into tax avoidance claims (Guardian) US attorney for Manhattan says Department of Justice has opened investigation related to revelations exposed in massive leak of documents

Learning from the Panama Papers Leak (Red Owl Analytics) A single moment of cyber indiscretion can dissolve an entire business

'Do not pay any ransom' - Criminal gangs are threatening business with cyber attacks (Journal) The PSNI says that a number of business in Northern Ireland have been targeted

U.S. Steel Giant Charges That Chinese Government Stole Company Secrets (Washington Free Beacon) U.S. Steel Corp accused the Chinese government of hacking into a company computer to steal the blueprints for new lightweight steel technology so that Beijing-based auto producers could expand their reach into America

Accused Navy officer innocent of espionage: Attorney (Navy Times) The attorney for a U.S. Navy officer accused of espionage is vowing to fight charges that his client spied for a foreign government and lied to investigators

Family launches site to defend Navy officer accused of spying (Navy Times) The family of accused spy Lt. Cmdr. Edward Lin is fighting back against the government’s charges, saying Lin is not a spy and alleges his constitutional rights were violated when he was imprisoned in September

Here’s what the Fairfax County fire chief didn’t say during his cyber-bullying press conference (Statter 911) The owner of the website where the cyber-bullying of Nicole Mittendoff and other Fairfax County firefighters occurred is critical of the comments made by Chief Richie Bowers (video above) during a press conference yesterday (Friday)

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

CISO United States (Chicago, Illinois, USA, May 1 - 3, 2016) The CISO Summit will bring together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda...

SANS Security West 2016 (San Diego, California, USA, May 1 - 6, 2016) With cyber-attacks and data breaches on the rise, attacks becoming more frequent, sophisticated and costlier, the gap in the ability to defend has become wider and more time sensitive. Now is the perfect ...

CEBIT (Sydney, New South Wales, Australia, May 2 - 4, 2016) With the Australian Federal Government officially announcing its national cyber security policy, ahead of CeBit Australia’s business technology event, CeBIT is ultra strong on cyber security, too. CeBIT’s...

Cyber Investing Summit 2016 (New York, New York, USA, May 3, 2016) The Cyber Investing Summit is an all-day conference focusing on the investment opportunities, trends and strategies available in the $100+ billion cyber security sector. Network with investment professionals,...

SecureWorld Kansas City (Overland Park, Kansas, USA , May 4, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry...

National Oceanic Atmospheric Administration (NOAA) IT Security Conference (Silver Spring, Maryland, USA, May 4, 2016) The purpose of this event is to provide training and to educate NOAA and Department of Commerce personnel about various topics relating to Cyber Security. Attendance is open to NOAA and Department of Commerce...

SecureWorld Kansas City (Overland Park, Kansas, USA, May 4, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry...

2016 Cybersecurity Summit (Scottsdale, Arizona, USA, May 5, 2016) The Arizona Technology Council (AZTC), Arizona Commerce Authority (ACA) and Arizona Cyber threat Response Alliance (ACTRA)/Arizona InfraGard present the third annual Cybersecurity Summit on Thursday, May...

2016 Cybersecurity Summit (Scottsdale, Arizona, USA, May 5, 2016) The Arizona Technology Council (AZTC), Arizona Commerce Authority (ACA) and Arizona Cyber threat Response Alliance (ACTRA)/Arizona InfraGard present the third annual Cybersecurity Summit on Thursday, May...

Cyber Security Summit 2016 (Aukland, New Zealand, May 5, 2016) New Zealand’s first Cyber Security Summit will be held in Auckland on 5 May 2016. The theme is “Keeping New Zealand’s Economy Cyber Secure”. Hosted by the Minister for Communications Hon Amy Adams, the...

MCRCon 2016: Some Assembly Required (Ypsilanti, Michigan, USA, May 10, 2016) The annual conference focuses on hacking prevention, incident handling, forensics and post-event public relations, with presentations delivered by nationally-recognized experts, cybersecurity skills competitions,...

CISO UK (London, England, UK, May 10, 2016) We're in an historic transition — one marked by challenges, but filled with possibility. Preparing for the upturn and making the right decisions in times of change can better position your enterprise...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.