skip navigation

More signal. Less noise.

Daily briefing.

ISIS territory continues to shrink, and its opponents turn to information operations against the Caliphate's coming diaspora. Various Anonymous affiliated hackers have been after ISIS for some time; it's unclear, says Motherboard, with what effect.

Analysts have now sifted through the Shadow Brokers' trickortreat data dump and find it mostly old news—the servers listed apparently weren't in Equation Group use after 2010. The Shadow Brokers are still grumping about the wealthy elites, US elections, and people not bidding on the exploits being auctioned.

Microsoft says the Windows zero-day Google publicly disclosed this week is being actively exploited by APT28, the Russian threat actor also known as Fancy Bear, a GRU operation best known for recent incursions into US political organizations. (Britain's MI5 is also raising an alarm about Russian intelligence services' growing activity in cyberspace.) Microsoft is upset with Google over the disclosure, which Redmond says has needlessly exposed Windows users to attack. A patch won't be available until next week at the earliest.

Terbium has a report on the sinister-sounding dark web, which became famous in the popular mind during the Silk Road prosecutions. But while there's certainly bad stuff going on there, most of the activity on the dark web is perfectly innocent, or at the very least legal: it's just the Tor accessibility that makes the dark web dark.

A bogus Android Flash player is a vector for an unusually capable banking Trojan.

NIST has released CyberSeek, an online tool showing where the sector's jobs are.

Notes.

Today's issue includes events affecting Bosnia, China, Iran, Iraq, Japan, Republic of Korea, Netherlands, Russia, Syria, United Kingdom, United States.

A note to our readers: We'll be in Washington today and tomorrow covering the SINET Showcase 2016. Watch for full coverage in upcoming issues.

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today our partners at Ben-Gurion University are represented by Ran Yahalom who'll talk about how you go about hiding data in USB devices. Our guest, Jerry Thompson from Identity Guard, will discuss innovations in identity protection. As always, if you enjoy the podcast, please consider giving it an iTunes review.

TECHEXPO Cyber Security Hiring Event (McLean, VA, USA, November 2, 2016) Our professional hiring events have benefited nearly a million attendees since 1993. We look forward to helping you advance your career and saving you time in your job search by providing you the opportunity to meet face to face with the nation's leading companies.

Malware Detection: How to Spot Infections Early with AlienVault USM (Live Webcast, November 3, 2016) While malware has been a thorn in the side of IT pros for years, some of the recent variants observed by the AlienVault Labs security research team, like CoreBot, have the ability to modify themselves on the fly, making them nearly impossible to detect with traditional preventative security measures. Join us for a live demo to learn about the most common types of malware, and how you can detect infections quickly with AlienVault USM.

Dateline SINET Showcase 2106

SINET Showcase (SINET) We believe that effective Cybersecurity is required to facilitate economic growth, protect critical infrastructure and maintain political stability. To accomplish this objective, SINET is dedicated to building a cohesive, worldwide Cybersecurity community with the goal of accelerating innovation through collaboration. SINET is a catalyst that connects senior level private and government security professionals with solution providers, buyers, researchers and investors

SINET 16 Innovator Award Overview (SINET) Each year, SINET evaluates the technologies and products of hundreds of emerging Cybersecurity companies from all over the world, and selects the 16 most innovative and compelling companies. These 16 companies, known as the SINET 16 Innovators, are invited to present their products and solutions on stage in Washington D.C. at our annual SINET Showcase

Cyber Attacks, Threats, and Vulnerabilities

How Anonymous and Other Hacktivists Fight ISIS Online (Motherboard) Anonymous and several offshoot hacktivists groups have been waging war on ISIS in cyberspace, but have they made any difference?

Felling ISIS and Facing Reality About Terrorism (National Interest) The so-called Islamic State or ISIS is on the decline, and its “caliphate” on the ground in Iraq and Syria is shrinking to extinction

ShadowBrokers dump Equation group hacked servers in publicity push (ZDNet) Anyone interested in buying the full NSA exploit dump? Anyone?

Russian Hacks Show Cybersecurity Limits (Wall Street Journal) The suspected attempts by the Kremlin to influence the U.S. election highlight the risks of mundane attacks and information warfare

Microsoft says Russia-linked hackers exploiting Windows flaw (Reuters) Microsoft Corp (MSFT.O) said on Tuesday that a hacking group previously linked to the Russian government is behind recent cyber attacks that exploit a newly discovered flaw in its Windows operating system

Windows zero-day exploited by same group behind DNC hack (Ars Technica) Microsoft threat teams tied use of bug to APT28, aka "Fancy Bear"

Google discloses Windows zero-day, Microsoft argues disclosure ethics (CSO) Disclosure, it's the fight that never ends

Microsoft hits roof as Google points out glaring Windows security flaw (Tech Radar) Software giant claims that Google didn’t give it nearly enough time to patch

Is Russia to blame for increasingly sophisticated cyberattacks? (Sky News) With MI5 pointing the finger at the Kremlin over the rise in cyber crime, Sky's John Sparks looks at the threat to the UK

MI5 chief not alone in voicing fears about Russian cyber-threat (Guardian) The Kremlin has dismissed Andrew Parker’s claim but others have raised concern about Russia’s online activities

New IoT Botnet Malware Borrows From Mirai (Threatpost) Researchers have thrown back the covers on more malware infecting IoT devices for the purposes of building a botnet that carries out DDoS attacks

Switching to IoT Botnets Took Businesses Offline, Reveals Nexusguard DDoS Research (BusinessWire) Analysts anticipate businesses will overhaul signature-based detection to spot and mitigate attacks

'Good' anti-Mirai worm is pulled from Github following backlash (Graham Cluley) Good virus? Not a good idea

Ransomware Disguised as Windows Update Causing Havoc among Users (HackRead) After Samba ransomware that encrypts victims’ hard drives and CryPy ransomware known for encrypting each file individually here comes Fantom, a ransomware that uses full-screen Windows updates progress UI to get users to wait while it encrypts their files

Critical vulnerabilities pose a serious threat to Joomla sites (Naked Security) Joomla, the world’s second most popular web content management system (CMS), has been under sustained attack for several days, thanks to a nasty pair of vulnerabilities disclosed last week

Google Adwords Malvertising Campaign Targets Apple Macs (Dark Reading) Cheeky attackers make their lure an ad for Google Chrome

Phony Android Flash Player Installs Banking Malware (Threatpost) Security researchers warn that a bogus Flash Player app aimed at Android mobile devices has surfaced and is luring victims to download and install banking malware that steals credit card information and can defeat two-factor identification schemes

Beware! This Android banking trojan intercepts SMS messages and bypasses 2SV (Graham Cluley) It may be targeting your bank already

Remove the Fake Hallmark eCard Tech Support Scam (Bleeping Computer) The Hallmark eCard Tech Support Scam is a Trojan from the Trojan.Tech-Support-Scam family that displays a fake Windows alert that states Windows has a system failure and then tries to scare you into calling a listed remote tech support number

The dark web isn’t quite the criminal haven you may think it is (CyberScoop) It turn out the dark web isn’t as scary, lewd or dangerous as you may have thought, according to a newly released research report from intelligence firm Terbium Labs

The Truth About the Dark Web (Terbium Labs) For most, the term dark web immediately conjures thoughts of illegal drug sales, pornography, weapons of mass destruction, fraud and other criminal acts

Data Revelations: Nominum Data Science Security Report (Nominium) October 21, 2016 was a day many security professionals will remember. Internet users around the world couldn’t access their favorite sites like Twitter, Paypal, The New York Times, Box, Netflix and Spotify, to name a few. The culprit: a massive DDoS attack against a managed Domain Name System (DNS) provider not well-known outside technology circles. We were quickly reminded how critical the DNS is to the internet as well as its vulnerability. Many theorize that this attack was merely a Proof of Concept, with far bigger attacks to come

2016 Cyber Threat Study (eSentire) A comprehensive analysis of two years of cybersecurity threat data detailing security threats to small and medium sized business

Security Patches, Mitigations, and Software Updates

Preventing Microsoft's Authenticode from spreading stealth malware (TechTarget) A Microsoft Authenticode vulnerability allowed malicious code to sneak through without invalidating a file's digital signature. Expert Nick Lewis explains how to address this flaw

Microsoft says you'll have to wait another week for Windows zero-day patch (Graham Cluley) Says Russian-linked Fancy Bear hacking group is exploiting flaw in targeted attacks

Cyber Trends

Observations and Implications from the 2016 ICS Cyber Security Conference (Control) The 2016 ICS Cyber Security Conference was held October 24-27, 2016 at Georgia Tech in Atlanta

Most employees violate policies designed to prevent data breaches (Help Net Security) Companies are increasing technology investments to protect against external data breaches, but employees pose a bigger threat than hackers, according to CEB. To mitigate the rising costs of breaches, organizations need to reduce the burden of complying with privacy policies

New Era of Complex Military Operations Brings Cyber Concerns to Forefront (SIGNAL) The future of warfighting is smaller and lighter—technology that will let troops conduct battles from a smartphone or tablet, said Lt. Gen. Alan Lynn, USA, director of the Defense Information Systems Agency, or DISA.

Majority of IT security teams experiencing 'threat overload,' neglect to share security data (Healthcare IT News) Security departments within organizations aren't prepared to share threat intelligence, and even more don't use threat data to combat malicious activities, according to a Ponemon report released today

Marketplace

Consolidation in the security market: how workplace trends are shaking up cyber security (Information Age) In the past year, the Internet security market has seen several high-profile mergers and acquisitions

Cisco says it'll make IoT safe because it owns the network (Network World) The company plans to certify IoT products to take advantage of network security capabilities

​SonicWall splits from Dell to become independent security vendor (ZDNet) Dell Technologies has officially spun out its software group after the EMC acquisition left a $67 billion dent in its purse

CounterTack Announces $10M Round of Funding (BusinessWire) Financing round closed to accelerate global expansion in APAC and Federal business

Falanx Group cyber revenue grows more than 1000pc (Digital Look) Global intelligence, security and cyber defence provider Falanx Group announced its interim results for the six months to 30 September on Tuesday, with the board claiming significantly increased cyber revenue to £0.3m

Pentagon awards $114M cyber contract (C4ISRNET) CSRA has won a $114 million task to develop a cyber defense strategy for various offices within the Pentagon

Forcepoint™ Announces Executive Leadership Appointment (PRNewswire) Kristin Machacek Leary joins as Vice President and Chief Human Resources Officer

Bitglass Appoints SVP Worldwide Field Operations Amid Growing Demand for Cloud-Access Security Broker Solutions (Marketwired) Former Proofpoint and Aerohive executive Dean Hickman-Smith to expand Bitglass sales into new domestic, international markets

Rapid7 Appoints Former SanDisk CFO, Judy Bruner, to its Board of Directors (GlobeNewswire) Appointment brings high-tech industry experience and expertise in driving business growth and scale

CrowdStrike Fills Two Leadership Positions (Defense Daily) CrowdStrike has appointed Jerry Dixon as chief information security officer (CISO) and Rod Murchison as vice president of product management, the company said Wednesday.The cybersecurity-focused company delivers cloud-based endpoint protection

Products, Services, and Solutions

NIST Announces CyberSeek, An Interactive Resource for Cybersecurity Career Information (NIST) The U.S. Commerce Department’s National Institute of Standards and Technology (NIST) today introduced CyberSeek (link is external), an interactive online tool designed to make it easier for cybersecurity job seekers to find openings and for employers to identify the skilled workers they need

Hack the Gap: Close the cybersecurity talent gap with interactive tools and data (CyberSeek) Cybersecurity workers protect our most important and private information, from bank accounts to sensitive military communications. However, there is a dangerous shortage of cybersecurity workers in the United States that puts our digital privacy and infrastructure at risk

LightCyber Increases Precision of Behavioral Attack Detection with Added User Behavior Visibility and VPN Granularity (LightCyber) New release uncovers malicious insider or targeted attacker faster and with even higher accuracy

NSS Labs Tests Leading Web Browsers for Secure End User Experience (MarketWired) Ransomware, socially engineered malware, and phishing increasingly used by attackers

Savvius Raises Bar for Network Forensics Software with Omnipeek 10 (Yahoo! Finance) Savvius™, Inc., leader in network analytics for performance diagnostics and security investigations, today announced a major upgrade to Omnipeek®, its best-in-class software for network performance diagnostics and troubleshooting, and now with version 10, security investigations. Omnipeek 10 dramatically streamlines network troubleshooting and security investigations using powerful packet data analytics and visualizations that can be adapted to any workflow

Tychon Formally Launches; Introduces Integrated Systems Management and Security Optimization Solution (BusinessWire) Tychon delivers comprehensive, automated, endpoint security solution to eliminate the classic “IT vs Security” separation

Webroot Introduces Unity API (PRNewswire) Unity empowers MSPs by enhancing automation and productivity, improving services and reducing security management costs

Carbon Black's Cb Defense is the First Next-Generation Antivirus (NGAV) to Prove Complete Antivirus (AV) Efficacy to Meet PCI DSS Requirement 5 (GlobeNewswire) Results from Coalfire Systems' attestation report provide evidence that Cb Defense has stronger AV efficacy than previously published reports from CrowdStrike and Cylance

Rapid7 Aims to Stop IoT Devices from Becoming Pawns in Future Cyber Attacks (Bostinno) A little over a week ago, the East Coast suffered a major cyber attack that prevented users from accessing dozens of major websites, including Twitter, Amazon, Netflix, AirBnb and Reddit. The reason the internet essentially blew up for people on the Eastern seaboard is a major distributed denial of service, or DDoS, attack had been unleashed on Dyn, a New Hampshire-based DNS service provider that resolves domain names into IP addresses

Google Security Engineer Claims Android Is Now As Secure as the iPhone (Motherboard) If you’re paranoid, Android will protect you just as well as the iPhone, according to Google’s director of security for Android

Owl Computing Technologies Announces Elite Owl Data Diode Technology Now Available at Market Entry Pricing (PRNewswire) New robust OPDS-5D cybersecurity product features lowest total cost of ownership available

Symantec launches endpoint protection solution based on artificial intelligence (ZDNet) The company's new endpoint security system uses machine learning for multi-layered defense

Symantec creates world’s largest GIN (ITWire) Symantec has combined its threat intelligence and Blue Coat Threat Intelligence into its Global Intelligence Network (GIN). This creates the security industry’s largest and most diverse set of threat data combining threat data results in 500,000 additional attacks being blocked for Symantec customers every day

Retail Industry Cyber Security Pain Points Addressed by Tailored Training Program from Wombat Security (PRNewswire) A mix of email security, social engineering, data protection and PCI DSS training modules are prescribed to address retail's biggest security awareness challenges

Hillstone CloudEdge is Microsoft Azure Certified and Available in Azure Marketplace (BusinessWire) Hillstone’s virtual network security solution is now more accessible to enterprises of all sizes in public cloud

Zscaler and Carahsoft Join Forces to Bring Leading Cloud Security Solution to the Public Sector via GSA Schedule (Yahoo!) Carahsoft Technology Corp., the trusted government IT solutions provider, today extends its existing partnership with Zscaler®, the leading cloud security platform, to bring simple, scalable cloud security as a service to organizations in the public sector

Cryptzone beefs up Software Defined Perimeter (Enterprise Times) Security vendor Cryptzone has beefed up its AppGate Software Defined Perimeter (SDP) solution. Companies are moving to a hybrid IT mix of on-premises, cloud-based and mobile computing

TrapX Ship's World's First Deception-Based Security Solution To Protect SWIFT Financial Networks (HostReview) Latest update to DeceptionGrid includes both traps and tokens targeted directly against malicious SWIFT cyber attackers

CRN Exclusive: Avnet, SentinelOne Team Up To Provide Next-Gen Endpoint Protection (CRN) The crowded security market and increased security threats make it an especially good time to see vendor partnerships that provide a clear channel benefit

Technologies, Techniques, and Standards

The DevOps Model is Not Helping to Safeguard Applications: Report (Nearshore Americas) A shortage in IT security professionals and a lack of interaction between security professionals and DevOps teams are the chief culprits

How businesses can prevent point-of-sale attacks (Computerworld) Point-of-sale malware has been targeting retailers to steal credit card data

Why Enterprise Security Teams Must Grow Their Mac Skills (Dark Reading) From coffee shops to corporate boardrooms, Apple devices are everywhere. So why are organizations so doggedly focused on Windows-only machines?

Security All Saints: security is for life, not just for Halloween (Naked Security) Yesterday, we wrote a slightly satirical Zombie Myths piece for Halloween

Centrify Reveals Seven Tips To Reduce Risks Of Data Breaches (Information Security Buzz) As National Cybersecurity Awareness Month ends today, Centrify reminds businesses to implement cybersecurity best practices

Design and Innovation

7 Security Lessons The Video Game Industry Can Teach IoT Manufacturers (Dark Reading) The Internet of Things has alarming holes in security. The industry should look to video games for some answers

The New MacBook Pros Mark the End of Upgradeable Apple Computers (Motherboard) All Apple laptops are now un-upgradeable and are therefore disposable

Anonymous Speech Is More Important Than Ever. TED Proves It (Wired) TED is of course most famous for its TED Talks, which usually host accomplished speakers such as Bill Gates, Billy Graham, or Nobel Prize winners from various fields

Disruptive by Design: Cyber Should Take a Page From Infantry's Playbook (SIGNAL) The burgeoning cyber domain as a battlefront has done more than shift the front lines for warfighters—it has virtually erased them. At the same time, traditional armies continue to threaten U.S. national security both at home and abroad. Given the scope of cyber and conventional warfare, how does the U.S. military balance its competing needs?

Q&A: Why information security data analysis is so complex (TechTarget) Worried about bad statistics? Marcus Ranum asks the former lead analyst of the 'Verizon Data Breach Investigations Report' about storytelling with data

The NSA Chief Has A Phone For Top-Secret Messaging. Here’s How It Works (DefenseOne) The Boeing device is less a phone and more a locked-down portal to a faraway server

Autonomy out of necessity — not because it's cool (C4ISRNET) The military is moving toward greater autonomy — not because it's cool or trendy, but because it must, according to a roboticist with the Naval Research Laboratory

Research and Development

Researchers Claim AI Can Identify Gang Members on Twitter (Motherboard) But the AI may only entrench existing prejudices

Academia

New White Paper On Role Of Cybersecurity Competitions In Workforce Development (PRNewswire) Groundbreaking discussion among thought leaders calls for increased collaboration and investment to expand reach and impact of cyber games

NKU hosts national cyber security symposium, encourages awareness of hackers (Soapbox Media) On Oct. 21, Northern Kentucky University hosted a Cyber Security Symposium. It was the ninth annual event, and featured national and local experts in the field of cyber security

Thomas Jefferson High School seniors headed to national cyber security contest (Trib Live) When Thomas Jefferson High School seniors Brett Barkley and Jonan Seeley compete in Capture the Flag, they prefer to use a computer and put their knowledge of binary and web exploitation to the test

Legislation, Policy, and Regulation

“Cybervandalism” or “Digital act of war”? America’s muddled approach to cyber incidents won’t deter more crises (Lwfire) If experts say a malicious cyber code has “similar effects” to a “physical bomb,” and that code actually causes “a stunning breach of global internet stability,” is it really accurate to call that event merely an instance of “cybervandalism”?

Industry reactions: UK government cyber security strategy (Help Net Security) Yesterday, the UK government announced a new £1.9bn cyber security strategy, which includes an increase in automated defences to combat malware and spam emails, investment to recruit 50 specialists to work on cybercrime at the NCA, the creation of a Cyber Security Research Institute, and an “innovation fund” for cyber security start-ups

It’s Finally Legal To Hack Your Own Devices (Even Your Car) (Wired) You may have thought that if you owned your digital devices, you were allowed to do whatever you like with them. In truth, even for possessions as personal as your car, PC, or insulin pump, you risked a lawsuit every time you reverse-engineered their software guts to dig up their security vulnerabilities—until now

The Pentagon's New Chief Innovation Officer Should Tread Lightly (War on the Rocks) Unlike most government boards, the Defense Innovation Advisory Board is a particularly eclectic assembly that includes astrophysicist Neil deGrasse Tyson, Amazon CEO Jeff Bezos, and Instagram Chief Operating Officer Marne Levin

The Cyber Implications of Acquisition Speed: Part VII (SIGNAL) Shrinking the pool of prospective bidders increases acquisition agility

Ohio taps National Guard to defend election system from hackers (CNN) Ohio is calling upon the National Guard to help defend the state's election system from hackers

Litigation, Investigation, and Law Enforcement

The Clinton emails – from humble iMac to data center (Naked Security) It seems astonishing that in 2016, it’s technology that’s nearly half a century old that is dominating the discourse around a presidential election. While presidential candidates use the latest social media platforms and analytics to judge which way the electoral wind is blowing, it’s the humble email that has been the subject of so much attention

Russia, Comey, and Hillary’s Praetorian Guard (American Thinker) The re-opening of the investigation into Hillary’s unsecured email server and associated corruption has produced some interesting counter-attacks from the Clinton camp

Hillary Clinton’s cyber-security credibility takes another hit (Pasadena Star News) For years, it has been clear that one damaging legacy of the Obama administration is its record on cybersecurity. Damaging leaks, hacks and simple carelessness have afflicted everyone from the National Security Agency to the General Services Administration to the Central Intelligence Agency

Cybersecurity firm fails to find links between Donald Trump and Russian bank (Guardian) Investigators hired by Alfa Bank say server logs show no sign of secretive contact after online report sparks debate between internet security experts

Dark web departure: fake train tickets go on sale alongside AK-47s (Guardian) Forged rail tickets are now being sold as well as drugs and passports, in an explosion of goods on offer from dark web retail services

Palantir wins court battle, gets second chance at six-figure government contract (Silicon Beat) Big-data startup Palantir will get a second chance at a coveted government contract thanks to a judge’s ruling that the company was illegally excluded from the bidding process

NullCrew member sentenced to 45 months in prison (Help Net Security) A Tennessee man has been sentenced to nearly four years in federal prison for launching cyber attacks on corporations, universities and governmental entities throughout the world

Dutch 'prince of spam' blames British teenager for worldwide 2013 cyber attack (Guardian) Defence for Sven Olaf Kamphuis says hacker called ‘Narco’ – already sentenced in UK – was behind attack

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Commercial Cyber Forum: Insider Threat (Odenton, Maryland, USA, November 15, 2016) Please join us for a panelist discussion with insider threat experts on upcoming Federal rules, key elements of an insider threat program and privacy, due process, and human resource requirements.

Upcoming Events

Inside Dark Web (Washington, DC, USA, November 1 - 2, 2016) Individuals, organizations, corporations, and governments use the Dark Web to protect themselves and their users, employees, customers, and citizens seeking a more accessible and secure Internet experience.

National Institute for Cybersecurity Education 2016 Conference and Expo (Kansas City, Missouri, USA, November 1 - 2, 2016) Cybersecurity has emerged as one of the leading creators of jobs and opportunity for all economic sectors. The demand for cybersecurity positions in both the public and private sector is large and growing,...

GTEC (Ottawa, Ontario, Canada, November 1 - 3, 2016) For the public sector and business, count on GTEC to help you keep up with the changing landscape of technology and service delivery in Canada. With our nationally recognized awards program and annual...

Black Hat Europe 2016 (London, England, UK, November 1 - 4, 2016) Black Hat is returning to Europe again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days--two days...

TECHEXPO Cyber Security Hiring Event (Tysons Corner, Virgina, USA, June 30, 2016) Cyber security professionals are invited to interview face-to-face with employers including The CIA, Deloitte, Intel Security, Northrop Grumman, Lockheed Martin, Deloitte, Vencore and many more. Hundreds...

ISSA International Conference (Orlando, Florida, USA, October 22 - 23, 2014) Join us for solution oriented, proactive and innovative sessions focused on security as a vital part of the business.

SINET Showcase 2016: Highlighting and Advancing Innovation (Washington, DC, USA, November 2 - 3, 2016) SINET Showcase provides a platform to identify and highlight “best-of-class" security companies that are addressing industry and government’s most pressing needs and requirements. The chosen SINET 16 Innovators...

3rd Annual Journal of Law and Cyber Warfare Conference (New York, New York, USA, November 3, 2016) The 2016 Journal of Law and Cyber Warfare symposium speakers represent an unparalleled group of cyber security experts with a wide variety of industry expertise and knowledge. Attendees will hear from ...

Security of Things World USA (San Diego, California, USA, November 3 - 4, 2016) Security. Privacy. Connected Devices. Exploring Security and the Internet of Things. A world class event focused on the next information security revolution. Be part of Security of Things World USA in...

2nd Annual Summit: Global Cyber Security Leaders (Berlin, Germany, November 7 - 8, 2016) The Global Cyber Security Leaders 2016 is designed to provide unrivaled access to peers from across the globe, and encourage participants to discuss the current challenges and explore the ideas shaping...

IAPP Europe Data Protection Congress 2016 (Brussels, Belgium, November 7 - 10, 2016) The GDPR is finalised, the Data Protection Congress is returning to Brussels and you have a great deal of work ahead. Begin at the Congress, where you’ll find thought leadership, a thriving professional...

SANS Miami 2016 (Coconut Grove, Florida, USA, November 7 - 12, 2016) Attend our new SANS Miami 2016 event, November 7-12 and choose from five hands-on, immersion-style cybersecurity training courses taught by real-world practitioners. Attackers are targeting you with increasing...

Federal IT Security Conference (Columbia, Maryland, USA, November 8, 2016) The Federal IT Security Institute in partnership with PhoenixTS in Columbia, MD is hosting the first annual Federal IT Security Conference. Speakers from NIST, DHS, the Defense Department as well as private...

11th Annual API Cybersecurity Conference & Expo (Houston, Texas, USA, November 9 - 10, 2016) Join us at the 11th Annual API Cybersecurity Conference & Expo and discover methods for thwarting the bad guys, what the scene looks like over the horizon and how the latest technologies can help you counter...

SecureWorld Seattle (Bellevue, Washington, USA, November 9 - 10, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

Institute for Critical Infrastructure Technology Annual Gala and Benefit (Washington, DC, USA, November 10, 2016) The Annual ICIT Gala and Benefit is the year’s most prestigious gathering of legislative, agency and private sector leaders committed to protecting our Nation’s critical infrastructures. This intimate...

Israel HLS and Cyber 2016 (Tel Aviv, Israel, November 14 - 17, 2016) Where physical and cyber security meet. Topics include intelligence, cyber crime, and counter-terrorism, defending critical infrastructures, a smart global world, mass events--the integrative approach,...

SANS Healthcare CyberSecurity Summit & Training 2016 (Houston, Texas, USA, November 14 - 21, 2016) SANS will be hosting its 4th Annual Healthcare Cybersecurity Summit. Join us and hear top security experts from leading healthcare companies discuss proven approaches for securing and succeeding in the...

Infosec 2016 (Dublin, Ireland, November 15, 2016) Infosec 2016 conference addresses the critically important issues that threaten businesses in the information age By any measure, the digital threats that businesses and organisations of all sizes face...

Kaspersky Academy Talent Lab (Online, then Prague, Czech Republic, November 15, 2016) Kaspersky Academy Talent Lab is an international cyber-world competition for young researchers and professionals aged 18-30 who are interested in the cybersecurity challenges facing the world. 50 finalists...

CISO Charlotte (Charlotte, North Carolina, USA, November 15, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions ...

Pharma Blockchain Bootcamp (Edison, New Jersey, USA, November 16, 2016) Blockchain technology has gained recognition as one of the most disruptive technologies in the industrial world with the potential of redefining how businesses operate similarly the internet changed it...

Cybercon 2016 (Washington, DC, USA, November 16, 2016) The forum for dialogue on strategy and innovation to secure defense and government networks, as well as private-sector networks that hold their sensitive data.

Versus 16 (San Francisco, California, USA, November 17, 2016) Versus is not an ordinary event. Versus is not about pitching products or preaching to the choir. Versus is about challenging what you think you know about cybersecurity, about technology, about doing...

Focusing On The Future: Prioritizing Security in the Digital Economy (Washington, DC, USA, November 18, 2016) In today's digital economy, developing and prioritizing a cyber strategy is critical to address diverse and evolving threats, foster trust in the technology we use, and define a path forward where security...

Data Breach & Fraud Prevention Summit Asia (Mumbai, India, June 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the ...

SCSC Cyber Security Conclave 2.0 Conference and Exhibition (Hyderabad, India, November 22 - 23, 2016) India’s leading two-day cyber security event is returning in November 2016, once again bringing together over hundreds of cyber security experts, senior officials and policy-makers from across the public...

4th Ethiopia Banking & ICT Summit (Addis Ababa, Ethiopia, November 25, 2016) The 4th Ethiopia Banking & ICT Summit is the ONLY event in Horn of Africa that focuses on technology innovations and trends in the Banking and ICT sectors. This annual summit brings together Financial...

Internet of Things (IoT) (Elkridge, Maryland, USA, November 29, 2016) This cybergamut Technical Tuesday features Dr. Susan Cole, currently the Cybersecurity Lead for a Federal Information Systems Controls Audit Management (FISCAM) preparation team and also provides consulting...

CIFI Security Summit (Toronto, Ontario, Canada, November 30 - December 1, 2016) The Annual CIFI Security Summit takes place all over the world, Asia, Europe, Australia & North America. These summits are essential 2 day conferences and exhibitions bringing together leading security...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.