skip navigation

More signal. Less noise.

Daily briefing.

ISIS and other terrorist organizations concentrate on using legitimate, consumer technology for coordination. ISIS inspiration appears to be suffering from limited returns even as it grows in cruelty and brutality: the Caliphate isn’t built to endure setbacks; its endgame, sadly, will probably be bloody.

The venerable threat group Pawn Storm, lately attending to Germany’s CDU, is now generally regarded as a Russian state operation. Its modus operandi and target selection may be circumstantial evidence, but that evidence has convinced most observers.

Another SWIFT-based raid is reported, this one an attempt on an unnamed Vietnamese commercial bank. Investigation of the earlier Bangladesh Bank hack continues. FireEye, engaged to look into the theft, says it’s found evidence of three groups: a Pakistani organization, one from North Korea, and a third, as yet unidentified actor. It’s the third one that actually pulled off the heist. The Pakistani and North Korea groups are thought to be state-sponsored. BAE sees commonalities in code used against the banks in Bangladesh and Vietnam with that used in the Sony hack.

Two other banking issues have surfaced. OpIcarus has expanded to targets in Montenegro, Monaco, Jordan, and South Korea. And the US Federal Deposit Insurance Corporation discloses that it’s suffered “five major breaches” since October—individual banking consumer data are affected.

Adobe has patched the latest Flash zero-day as promised.

7-Zip flaws are said to affect security products; users are advised to update.

The FBI’s “fingerprint-unlock warrant” in California didn’t work, even after they tried all ten fingers.


Today's issue includes events affecting Bangladesh, China, European Union, Germany, Iraq, Jordan, Democratic Peoples Republic of Korea, Republic of Korea, Monaco, Montenegro, Pakistan, Philippines, Russia, South Africa, Sri Lanka, Syria, United Kingdom, United States, and Vietnam.

Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. (And if you like what you hear, consider giving it an iTunes review . If you don't like it, well, then, no worries; don't go to any trouble.)

Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 25 - 26, 2016) Experienced government officials, general counsels, and cybersecurity practitioners offer insight into governance, preparedness, and resilience. Register Today, CyberWire readers receive a $100 DISCOUNT using code WIRE16.

Cyber Attacks, Threats, and Vulnerabilities

Terrorists opt for consumer tools (CSO) Although cybercriminals have been turning out specialized hacking and attack tools at a rapid pace, terrorists are often using legitimate, consumer-focused technologies

ISIS Membership Drops Amid Reports Of Increased Brutality (Western Journalism) ISIS outdid itself in its barbarism

Pawn Storm APT targets members of Angela Merkel’s party (Help Net Security) Pawn Storm, one of the oldest APTs engaging in cyber espionage, has been spotted targeting members of the German Christian Democratic Union (CDU), the political party of German Chancellor Angela Merkel

Second bank cyber-attack detected by Swift after Bangladesh raid (BBC News) A cyber-attack, similar to one that saw $81m (£56m) stolen from Bangladesh's central bank, has hit a second bank

Second SWIFT Attack Hits Vietnam Bank Showing Links to Sony Hack (SecurityWeek) At a financial conference in Frankfurt, Thursday, SWIFT's chief executive Gottfried Leibbrandt told the audience that the $81 million theft from the Bangladesh central bank's New York account "was from our perspective a customer fraud." He added, "I don’t think it was the first, I don’t think it will be the last"

Bangladesh Bank Heist Probe Said to Find Three Hacker Groups (Bloomberg Technology) Investigators examining the theft of $81 million from Bangladesh’s central bank have uncovered evidence of three hacking groups -- including two nation states -- inside the bank’s network but say it was the third, unidentified group that pulled off the heist, according to two people briefed on the progress of the bank’s internal investigation

OpIcarus: Anonymous Shut Down 4 More Banking Websites (Hack Read) After a short break, Anonymous, BannedOffline and Ghost Squad are back in action — Their latest targets to face the fury are banking websites in Jordan, South Korea, Monegasque and Montenegro. All attacks were conducted under the banner of operation OpIcarus

Parrot Copter and Viking Jump apps hide malware in Google Play (Naked Security) Security researchers at Check Point blogged earlier this week about an Android malware family they dubbed the Viking Horde

Older Android devices vulnerable to malware: Kaspersky Labs (Digit) Researchers at Kaspersky Labs have found that devices running Android v4.1.x or lower are susceptible to being targeted by malicious scripts on infected websites

Double trouble for Android (ITWeb) Check Point and Kaspersky Lab unearthed major vulnerabilities in the Android OS. Android, the most dominant operating system, faces more security challenges, with two global security companies discovering major flaws in a week

Anti-virus products, security devices affected by 7-Zip flaws (Graham Cluley) Users should update their vulnerable versions ASAP

Dangerous 7-Zip flaws put many other software products at risk (CSO) The flaws could allow arbitrary code execution when the 7-Zip library processes specially crafted files

Microsoft Windows zero-day exposes companies to credit card data theft (ZDNet) The boom in PoS systems in the US has its drawbacks

KnowBe4 Alert: Cyber Criminals Switch to Malicious HTML Attachments (PR Rocket) While ransomware attacks and new strains explode, organizations are reminded to be aware of new forms of social engineering that leave them open to attack

Carding Sites Turn to the ‘Dark Cloud’ (KrebsOnSecurity) Crooks who peddle stolen credit cards on the Internet face a constant challenge: Keeping their shops online and reachable in the face of meddling from law enforcement officials, security firms, researchers and vigilantes. In this post, we’ll examine a large collection of hacked computers around the world that currently serves as a criminal cloud hosting environment for a variety of cybercrime operations, from sending spam to hosting malicious software and stolen credit card shops

Most Popular Business Apps Fail to Protect Personally Identifiable Information (Information Security Buzz) Wandera, the leader in mobile data security and management, today announced the findings of its comprehensive security assessment of the most popular business apps used on corporate liable devices by enterprise customers across North America, UK, Europe and Asia

Max Yamabiko: Arming against the F1 cyber war (Crash) Max Yamabiko discusses the increasing threat of 'cyber warfare' in both F1 and the car industry, and how companies like Kaspersky are arming against it

Pirates find rich pickings in shipping computer files (Standard) Pirates have become more sophisticated and can now hack into the management systems of shipping companies targeting various vessels, cybersecurity consulting firm Verizon Asia Pacific said in a report issued yesterday

FDIC reports five ‘major incidents’ of cybersecurity breaches since fall (Washington Post) The Federal Deposit Insurance Corp. (FDIC) on Monday retroactively reported to Congress that five additional “major incidents” of data breaches have occurred since Oct. 30. FDIC also is launching “a new initiative to enhance security"

Google Hit by Insider Data Breach (Infosecurity Magazine) Google has suffered an embarrassing insider data breach after an employee at a third-party vendor mistakenly sent personal information on an unspecified number of Mountain View employees to another company

Security Patches, Mitigations, and Software Updates

Emergency Flash Update Patches Public Zero Day (Threatpost) As promised earlier this week, Adobe today released an updated version of Flash Player that includes a patch for a zero-day vulnerability

Adobe Flash zero-day patch is out…for the third month in a row (Naked Security) At the risk of sounding like a gramophone record that is stuck in a groove...for the third month in a row, Adobe has pushed out a Flash update that patches a zero-day hole

Critical patches target privilege escalation (SC Magazine) Half of the sixteen Microsoft bulletins in this month's Patch Tuesday (16 May) are rated “critical” importance and the other half “important”

Cyber Trends

Criminals continue to target healthcare data – Ponemon study finds (id experts) The Sixth Annual Benchmark Study on Privacy and Security of Healthcare Data by the Ponemon Institute, finds that criminal attacks are the leading cause of half of all data breaches in healthcare. Employee mistakes, third-party snafus, and stolen computer devices—are the root cause of the other half of data breaches. The study also found that while most healthcare organizations believe they are vulnerable to a data breach, they are unprepared to address new threats and lack the resources to protect patient data

Almost half of companies don't teach staff data security (CloudPro) Businesses are failing to take company-wide security seriously, Egnyte research shows

Sextortion as Cybersecurity: Defining Cyber Risk Too Narrowly (Lawfare) When we think of cybersecurity, we don't think of sexual violence. Sexual assault, rape, and child molestation are problems of intimate contact between individuals in close proximity to one another. By contrast, we tend think of cybersecurity as a problem of remote attacks that affect governments, major corporations, and—at an individual level—people with credit card numbers or identities to steal


Wall Street Doesn’t Care About Breaches (Digital Guardian) Wendy’s says that only 5% of its stores were hacked. But does it matter?

Why M&A activity leaves companies vulnerable to cyber criminals (City A.M.) Global merger and acquisitions (M&A) activity reached record-breaking deal values in 2015 at over $5 trillion. Whilst these vast sums excite shareholders, they also attract cyber criminals who sense an opportunity via inherent weaknesses in the M&A process

Is FireEye Finished? (GuruFocus) I have been bullish on FireEye (FEYE) for quite some time. I recommended buying FireEye multiple times over the last few months and the stock, on average, was up —…% until I recently suggested investors to sell it and book profits

Are Investors Wrong to Ditch FireEye? (GuruFocus) Company changed leadership and is positioned for growth

Palo Alto Networks Is a Screaming Buy (Investor Guide) Palo Alto Networks (PANW) announced second quarter ended January 31, 2016 total revenue of $334.7 million, up 54 percent year-over-year from $217.7 million of total revenue during the same period last year. Going forward, the company estimates third quarter of 2016 total revenue in the $335 to $339 million range, illustrating 43 percent to 45 percent of year-over-year growth

Mimecast Lockup Expiration Could Bring Risky Declines: Consider Shorting Today (Seeking Alpha) May 17, 2016 concludes the 180-day lockup period on MIME, which offers cloud-based risk management and security services

Finjan Holdings (FNJN) Enters $10.2M Series A Preferred Private Placement (StreetInsider) Finjan Holdings, Inc. (Nasdaq: FNJN) announced that it has secured a $10.2 million Series A Preferred Stock financing in a private placement transaction led by Halcyon Long Duration Recoveries Investments I LLC ("Halcyon LDRII"), an affiliate of both funds managed by Halcyon Long Duration Recoveries Management LP and its affiliates ("Halcyon") and Soryn IP Group, LLC ("Soryn")

How 102-year-old Booz Allen tackles new cybersecurity marketplace (Washington Business Journal) McLean-based Booz Allen Hamilton Inc. has been busy reinventing itself

Infoblox (BLOX) Stock Skyrockets, Receives Takeover Offer From Thoma Bravo (The Street) Infoblox (BLOX - Get Report) shares are soaring 18.81% to $18.19 on Thursday morning after the company received a buyout approach from technology-focused private equity firm Thoma Bravo, valuing the deal at around $886 million, Bloomberg reports

Optiv Security Acquires Substantially All Assets of Evantix to Build Industry’s First Holistic, Cloud-Based Third-Party Risk Solution (BusinessWire) Optiv Security, a market-leading provider of end-to-end cyber security solutions, today announced that it has completed the purchase of substantially all assets of Evantix GRC, LLC, a Calif.-based provider of a Software as a Service (SaaS) application for managing third-party risk

Check Point Software Co-Founder Launches Simple Network Security In The Cloud (Forbes) Shlomo Kramer, who co-founded Check Point Software alongside Gil Schwed and Marius Nacht in 1993, raised $20 million in a series A funding round for Cato Networks late last year, a startup venture aimed at redefining how enterprises secure their networks and mobile devices. His elevator pitch: “Network security is simple again.” Now Kramer is up and running in the cloud

ZENEDGE Announces Record Quarter with Growing Momentum to Displace On-Premise and Legacy WAF and DDoS Solutions (PRNewswire) Hardened DDoS mitigation centers, new artificial intelligence web application firewall, key customer wins contribute to triple-digit growth

Quick Heal enhances security software revenue in Q1 (Infotechlead) Quick Heal Technologies, a IT security software products and solutions provider, said its revenues grew 26 percent to Rs 1,314.4 million in Q4 fiscal 2016 and 18 percent to Rs 3,380.7 million in FY 2016

Sophos in MSP push (ChannelWeb) Security vendor has launched a new partner programme aimed at MSPs

Gartner Names Morphisec as a 2016 "Cool Vendor" (PRNewswire) Endpoint security company Morphisec selected for Gartner's annual list of innovative vendors

Deep Instinct Named a Cool Vendor in Digital Workplace Security by Gartner (Marketwired) Leading analyst firm recognizes Deep Instinct in its annual selection of innovative, interesting, and impactful vendors

Fireglass Named a 'Cool Vendor' by Gartner (PRNewswire) Fireglass' Web Isolation technology recognized by Gartner as innovative, impactful and intriguing

Fortscale Named a 2016 “Cool Vendor” (PR Rocket) Company recognized in identity and access management and fraud for its groundbreaking User and Entity Behavior Analytics (UEBA) solution

illusive networks Wins 2016 Cybersecurity Excellence Award (PRNewswire) Deception technology innovator recognized as Best Cybersecurity Startup Under 100 Employees

This Cambridge security startup now has a billionaire, an ex-MI5 chief and an ex-CIA tech leader on its board (Business Insider) British cybersecurity startup Darktrace has appointed former Central Intelligence Agency (CIA) official Alan Wade to its advisory board

Products, Services, and Solutions

Microsoft's Shielded VMs Designed To Add Security Against Rogue Admins (Redmond Magazine) Microsoft this week talked more about its Shielded Virtual Machines datacenter security technology

Twistlock Releases New Security Platform for Container Environments (App Developer Magazine) Twistlock has announced the release of Twistlock Runtime, a set of automated capabilities that defend against active threats targeting container environments

IBM Security to safeguard CIBIL data against cyberattacks (Times of India) Credit Information Bureau India Limited (CIBIL) has partnered with IBM Security to secure its critical business systems against cyberattacks

Brandwatch Partners with Proofpoint, Conversocial, Domo, and Binary Fountain (PRNewswire) Reveals product roadmap at Now You Know Conference

RiskIQ Partners With Fishtech Labs To Accelerate Adoption Of The RiskIQ External Threat Management Platform (PRNewswire) RiskIQ, the leader in External Threat Management, today announced that it has partnered with Fishtech Labs to expedite the adoption of cutting edge, next-generation security and networking solutions in the market

Which Porn Sites are Trustworthy? (Check and Secure) Porn – it’s what the internet was made for, according to the musical Avenue Q. Website popularity listings like Alexa seem to support with this, showing that U.S. pornsite XVideo is more popular than

Technologies, Techniques, and Standards

What the C-Suite Should Know about the Rise of Ransomware (Palo Alto Networks) With ransomware on the rise, executives have many questions on their minds. What do I need to know about ransomware? To what extent is ransomware covered by cyber insurance? And most importantly, what can be done to prevent these attacks from happening in the first place?

Tips to Use Penetration Testing to Protect Your Business From Cyber Attacks (App Developer Magazine) Forty-seven percent of all breaches were caused by malicious or criminal attacks according to the most recent global data breach study released by the Ponemon Institute. Resolving an attack cost businesses an average of $170 per record, translating to an average total cost of $3.79 million for a data breach

Enterprises Must Consider Privacy Concern For Biometrics (Dark Reading) On-server storage and processing of biometric authentication presents a host of regulatory and corporate responsibility issues

Bridging the security automation gap (Help Net Security) Security management has gotten out of hand, according to our recent State of Automation in Security Report. 48% of survey respondents had an application outage as a result of a misconfigured security device, 42% experienced a network outage, while 20% suffered a security breach. And on average, these issues took up to three hours to fix, while 20% of organizations needed a day or more to fix the problem

Design and Innovation

MIRACL and NTT announce open source cryptography for the cloud (Fatacenter Dynamics) British distributed cryptography specialist MIRACL and the research subsidiary of NTT have developed a security framework for cloud computing, contributed to open source as Apache Milagro

Milagro: A distributed cryptosystem for the cloud (Help Net Security) A new open source project within the Apache Incubator aims to create an alternative to outdated and problematic monolithic trust hierarchies such as commercial certificate authorities

Apache incubating project promises new Internet security framework (CIO via CSO) The newly announced Apache Milagro (incubating) project seeks to end to centralized certificates and passwords in a world that has shifted from client-server to cloud, IoT and containerized applications

Verizon DBIR Puzzler Solved With Meghan Trainor And ‘Cyber Pathogens’ (Dark Reading) All about that puzzler's paradise that is the 2016 Annual Verizon Data Breach Investigations Report cover contest

The Dark Web Has Its Own Lit Magazine (Wired) When most people think about the dark web, they envision the Silk Road, terrorist networks, pornography, and other sinister threats. They certainly don’t imagine finding poetry. Or short stories. Or creative nonfiction. That’s a preconception the founders of The Torist, the first literary magazine on the encrypted network Tor, hope to correct

Research and Development

DARPA’s Plan X Gives Military Operators a Place to Wage Cyber Warfare (DoD News) Since 2013, the Defense Advanced Research Projects Agency’s Plan X cyber warfare program engineers have done the foundational work they knew it would take to create for the first time a common operating picture for warriors in cyberspace

IBM Watson Will Help Battle Cyberattacks (Dark Reading) IBM and leading universities will train IBM Watson to discover hidden patterns and cyber threats

Lie back and think of cybersecurity: IBM lets students loose on Watson (Register) Elementary

IBM Researcher: Fears Over Artificial Intelligence Are ‘Overblown’ (Time) "If we don't use AI technologies, we're going to be losing out"


New Certificate Program Prepares Students for Homeland Security Careers (Montclair State University) Fully online post-BA program meets needs of a growing field

Legislation, Policy, and Regulation

European Central Bank creates cyber attack real-time alert system (Financial Times) Eurozone banks will be obliged to inform regulators of “significant” cyber attacks, under a pioneering real-time alert service by the European Central Bank to tackle the growing threat of digital theft

From hacking to cyber espionage: US and China discuss security in the digital age (International Business Times) Officials from the US and Chinese governments have met for the first since an agreement was established last year in an attempt to curb the rising threat of cyber espionage and hacking between the two nations

US Focusing Intently on China's Cyber Commitments (Voice of America) U.S. officials say they are watching closely to ensure that China abides by its cybersecurity commitments, following the first meeting between the two sides since they struck an anti-hacking agreement in September

Pentagon chief sees problems with cybersecurity (National Defense via Bloomberg Government) The private sector in the United States is underinvesting in network protection and hindering the growth of the cybersecurity market, Secretary of Defense Ashton Carter told reporters on May 11

Cyber attacks on Islamic State use tools others also have, says US defense chief (First Post) Cyber attack techniques used by the U.S.-led coalition against Islamic State could also be used by other countries, U.S. Defense Secretary Ashton Carter said on Wednesday

Cyberspace - the world’s largest crime zone - why it is essential for South Africa to establish and implement cybersecurity measures and legislation (Lexology) The rapid evolution and widespread deployment of information and communication technologies (ICTs) has tremendously increased accessibility to the internet in developing nations where cyber security laws are either non-existent or still in their infancy. Rights such as freedom of expression, freedom of trade and access to information apply equally in cyberspace and need to be both recognised and protected

Litigation, Investigation, and Law Enforcement

Lawmakers probe large data breaches at US bank insurance agency (IDG via CSO) The FDIC saw about 160,000 personal bank records leave the agency on removable media in recent months

How Steel City Became the Front Line in America’s Cyberwar (Foreign Policy) Blending gumshoe investigations with high-tech research, Pittsburgh has become a hotbed of the Justice Department’s fight against international hackers

FBI wasn't able to unlock iPhone, even with a 'fingerprint unlock warrant' (CNN Money) A judge recently took the controversial step of letting the FBI force a woman to unlock an iPhone with her fingerprints. But it didn't work

Motion Filed Asking FBI To Disclose Tor Browser Zero Day (Threatpost) Mozilla on Wednesday filed a motion with the U.S. District Court in Tacoma, Wa., asking the government to disclose a vulnerability it exploited in the Tor Browser and Firefox. The FBI used the zero-day to hack a child pornography site and de-anonymize users visiting the site using the Tor Browser

Cisco Told to Pay $23.5 Million Over Hacker-Security Patents (Bloomberg Technology) Jury found Cisco infringed patents held by SRI International. Technology tracks intrusions into computer networks by hackers

In on-going litigation, startup now sues prominent VCs and angel investors for aiding and abetting a fraud, trade secret misappropriation and other wrongdoing. (PRNewswire) Tech entrepreneurs Jason Hullinger and Benjamin de Bont, as well as start-up Agora Systems LLC, filed a lawsuit this week in a Los Angeles federal court against prominent venture capital firms U.S. Venture Partners and Karlin Ventures, tech incubator Launchpad LA, angel investors Michael Stern, Adam Lilling and Sam Teller, famed technologist Dan Kaminsky and others. The lawsuit supplements original claims against Defendants Kunal Anand, Julien Bellanger and their security tech start-up Prevoty, Inc., seeking compensatory and punitive damages for fraud, breach of fiduciary duties and trade secret misappropriation, among other wrongdoing

Call Centers In The Bullseye (Dark Reading) Cheap set-ups, economic recession, and the US rollout of chip-and-PIN technology, all contribute to dramatic increase in call center fraud

6 Shocking Intellectual Property Breaches (Dark Reading) Not all breaches involve lost customer data. Sometimes the most damaging losses come when intellectual property is pilfered

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

International Conference on Business and Cyber Security (ICBCS) (London, England, UK, May 12 - 13, 2016) To date the vast majority of businesses have viewed cyber security as a peripheral issue that is the primary concern of the IT Department. Whilst this mind set is unlikely to change radically any time...

Telegraph Cyber Security (London, England, UK, May 17, 2016) The Telegraph Cyber Security conference will provide the key components to create a cutting-edge cyber security plan, regardless of your organisation’s size or sphere of activity

DCOI 2016 (Washington, DC, USA, May 18 - 19, 2016) DCOI 2016 is a concerted effort of the state of Israel and the Institute for National Security Studies (INSS) of Tel-Aviv University, a non-profit organization that aims towards enhancing collaboration...

ISSA LA Eighth Annual Information Security Summit (Universal City, California, USA, May 19 - 20, 2016) The ISSA-LA Information Security Summit is the only educational forum in the great Los Angeles area specifically designed to attract an audience from all over Southern California as a means to encourage...

HITBSecConf2016 Amsterdam (Amsterdam, the Netherlands, May 23 - 27, 2016) The event kicks off with all new 2 and for the first time, 3-day training sessions held on the 23rd, 24th and 25th. Courses include all new IPv6 material by Marc 'van Hauser' Heuse of, an in-depth...

Enfuse 2016 (Las Vegas, Nevada, USA, May 23 - 26, 2016) Enfuse is a three-day security and digital investigations conference where specialists, executives, and experts break new ground for the year ahead. It's a global event. It's a community. It's where problems...

Cybersecurity Law Institute (Washington, DC, USA, May 25 - 26, 2016) Those lawyers who ignore cyber threats are risking millions of dollars for their companies or their clients. Recent reports by Cisco and the World Economic Forum both highlight the paramount importance...

4th Annual Cybersecurity Law Institute (Washington, DC, USA, May 25 - 26, 2016) At our 4th annual Institute, in the capital where cybersecurity regulations and enforcement decisions are made, you will be able to receive pragmatic advice from the most knowledgeable legal cybersecurity...

SecureWorld Atlanta (Atlanta, Georgia, USA , June 1 - 2, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

C³ Voluntary Program Regional Workshop: Understanding and Managing Cyber Risk in the Water and Energy Sectors (Indianapolis, Indiana, USA, June 1, 2016) The Department of Homeland Security's Critical Infrastructure Cyber Community (C3) Voluntary Program and the Indiana Utility Regulatory Commission (IURC) will host a free cybersecurity risk management...

Innovations in Cybersecurity Education Workshop 2016 (Halethorpe, Maryland, USA, June 3, 2016) Innovations in Cybersecurity Education is a free regional workshop on cybersecurity education from high school through post-graduate. It is intended primarily for educators who are teaching cybersecurity...

ISS World Europe (Prague, Czech Republic, June 7 - 9, 2016) ISS World Europe is the world's largest gathering of regional law enforcement, intelligence and homeland security analysts as well as telecom operators responsible for lawful interception, hi-tech electronic...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.