skip navigation

More signal. Less noise.

Daily briefing.

As the US elections proceed, the Government is simultaneously said to have "all hands on deck" against hacking, and to not really be that worried about it. Most observers see the principal threat as (Russian) information operations directed toward eroding public trust and confidence in the vote, with "data deception and denial" following in their train. Direct widespread hacking of voting machinery is thought less likely, although as Cylance and Symantec have shown, such hacks are clearly locally possible.

Both Democratic and Republican presidential campaign sites sustained Mirai-driven distributed denial-of-service campaigns yesterday, but with little effect. Flashpoint researchers say this is because Mirai's widespread availability has caused its botnets to "fracture"—essentially there are more controllers now, and there aren't enough bots to go around.

Tor's duality is on display this week. Internet users in Turkey are moving heavily to Tor as they seek to circumvent the government's blocking of social media services and its implementation of stronger online censorship. On the other hand, Operation Hyperion, a multinational police takedown of Tor-enabled black markets, has shown the less savory uses to which the anonymizing network may be put.

China's citizens (and international companies doing business in China) try to come to grips with their exposure to recently promulgated laws tightening state control of online activity.

Tesco fraud remains under investigation. Continued access to paycards and ATMs suggests the fraud may have been an inside job. Estimates of Tesco's exposure to litigation and regulatory penalties run as high as £1.9 billion.

Notes.

Today's issue includes events affecting Australia, Canada, China, European Union, Finland, France, Germany, India, Ireland, Italy, Libya, Malawi, Mali, New Zealand, Netherlands, Romania, Russia, South Africa, Spain, Sweden, Switzerland, Turkey, Ukraine, United Kingdom, United States.

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we hear from Rick Howard from our partners over at Palo Alto Networks' Unit 42, who'll give us the latest skinny on that Nigerian prince; you know, the one whose widow might have approached you with an investment opportunity... And, in an early contribution to the upcoming predictions-for-next-year season, our guest, Dan Larson from the influential threat intelligence shop Crowdstrike, will offer a look at what we can expect in 2017 from the threat actors Crowdstrike is tracking. If you enjoy the podcast, please consider giving it an iTunes review.)

Cyber Attacks, Threats, and Vulnerabilities

Salted Hash Live Blog – Election Day 2016 (CSO) Election news and coverage with a security twist

Ukrainian hackers ‘snatch huge email cache from Kremlin’ (Naked Security) Two Ukrainians calling themselves hacktivists have given the BBC access to what they say are thousands of emails they claim to have pried out of the Kremlin

Turks Are Flocking to Tor After Government Orders Block of Anti-Censorship Tools (Motherboard) Turkish internet users are flocking to Tor, the anonymizing and censorship-circumvention tool, after Turkey’s government blocked Twitter, Facebook, and YouTube

Hackers Leak Crucial Data From 7 Indian Missions (HackRead) The data belongs to Indian missions in Africa and Europe — hackers claim they leaked the data because site admins didn’t respond to security alerts

America’s extraordinary cyber threat against Russia (News.com) The United States government promised retaliation against Russia for hacking into the e-mails of Democratic Party officials in an apparent bid to influence the presidential election. And according to one US military figure they have followed through with that threat — in a very big way

Hacking concern on Election Day: The companies that bring you the news (McClatchy) Experts have been warning for months that hackers could try to disrupt Tuesday’s election by penetrating local voting systems. But another target could prove easier to hack: U.S. media outlets offering election night results

Election Day in U.S. faces specter of cyberattacks (PCWorld) Hackers might use DDoS attacks and high-profile leaks to influence Tuesday's election

The Real Hacker Threat to Election Day? Data Deception and Denial (Wired) Hacks, data leaks, and disinformation have all added to the chaos of one of the most contentious elections in history. US intelligence agencies have even accused Russia of perpetrating some portion of the digital meddling. And now reports indicate that officials are preparing for worst-case cybersecurity scenarios on November 8. But what might those election day digital threats realistically look like?

Your Government Isn’t That Worried About An Election Day Cyberattack (Wired) Over the past few months, an escalating series of attacks on computer networks—many of them inflicted by something called the Mirai botnet, which uses a web of infected DVRs, webcams, and other “smart” devices to drown targeted websites in traffic—have wrought unprecedented havoc all over the world

Homeland Security says they remain vigilant against Election Day cyberattacks (CBS News) Department of Homeland Security officials told CBS News that they are equipped to counter a possible cyberattack on Election Day, hoping to quell some voter anxiety surrounding this year’s presidential election

'All Hands on Deck' to Protect Election From Hack, Say Officials (NBC News) The U.S. government is gearing up for an unprecedented effort to protect Tuesday's presidential election from cyber attack, U.S. officials told NBC News

Old voting machine vulnerability sparks new round of outrage (CyberScoop) With just four days separating the American public from Election Day, rising Irvine, Calif.-based cybersecurity company Cylance published an eyebrow-raising vulnerability disclosure report, complete with a video showing researchers hacking into a voting machine used in the United States

US e-voting machines are (still) woefully antiquated and subject to fraud (Ars Technica) Swaying an election would be hard for hackers, but eroding confidence is doable

How hackers eroded Americans' trust in democratic process (Christian Science Monitor Passcode) Even if hackers don't strike on Election Day, the drumbeat of cyberattacks and leaks this campaign cycle has affected the way citizens view the electoral process

From substations to voting stations, cyberthreats plague 2016 (EnergyWire) As Americans head to the polls tomorrow, they'll entrust their votes to a complex, at times vulnerable computer network spanning hundreds of thousands of devices across all 50 states and U.S. territories

Russia’s notorious hacking community mainly puts profits before patriotism (South China Morning Post) Just as the scandal over alleged Russian hacking of the US Democratic Party erupted in June, police in Russia were rounding up a group known as Lurk

Flashpoint Monitoring of Mirai Shows Attempted DDoS of Trump and Clinton Websites (Flashpoint) Between 16:20:43 UTC on November 6, 2016 and 8:19 UTC on November 7, 2016, Flashpoint observed four 30-second HTTP Layer 7 attacks targeting the campaign websites of presidential candidates Donald Trump and Hillary Clinton. There were no observed or reported outages for either of the sites

Mirai Fractures as DDoS Attempts Against Clinton and Trump Fail (Infosecurity Magazine) Security experts are claiming that the notorious Mirai botnet has now fractured into smaller competing entities after the attempts of one offshoot to DDoS the websites of both presidential candidates failed

Researchers' Belkin Home Automation Hacks Show IoT Risks (Data Breach Today) Numerous flaws trace to IoT software stacks that aren't secure by design

How Malicious Bots Can Target IoT Devices and Impact eCommerce Businesses (ShieldSquare) The Internet of Things (IoT) is a collection of billions of electronic devices, ranging from smart fridges to wireless wearable products. Since 2010, the number of devices connected to the internet has doubled from 12.5 billion devices to 25 billion. IoT, simply put, is the virtual avatar of a physical device. These devices communicate over the internet, and are controlled by their users

Recent DDoS attacks shine light on sub-standard vendors, says DarkMatter (CPI Financial) On 4 November 2016 a large-scale distributed denial of service (DDoS) attack took out web access across Liberia. This followed a 21 October attack on Dynamic Network Services Inc., (Dyn), a New Hampshire-based Domain Name Server (DNS), which DarkMatter called the largest cyberattack in history

Apocalypse now: The IoT DDoS threat (Help Net Security) One of the things you learn about humanity, if you’re paying attention, is that “gold rushes” bring out the worse in us. When there are no constraints and there is a greed motivator, people will literally trample anyone or anything to get to the goods

4G Cellular Networks At Risk Of DoS Attacks (Dark Reading) Black Hat Europe researcher shows how hackers can conduct denial-of-service attacks on 4G cellular devices around the world

Fix for critical Android rooting bug is a no-show in November patch release (Ars Technica) Linux users already got a fix for "Dirty Cow." Android users aren't so fortunate

OAuth2.0 implementation flaw allows attackers to pop Android users’ accounts (Help Net Security) Incorrect OAuth2.0 implementation by third party mobile app developers has opened users of those apps to account compromise, three researchers from the Chinese University of Hong Kong have discovered

Hancitor Maldoc Bypasses Application Whitelisting (SANS ISC Infosec Forum) For about two months I've seen malicious documents dropping Hancitor malware with the following method: VBA code injects shellcode in the Word process, this shellcode extracts an embedded EXE from the Word document to disk, and executes it

LinkedIn Scam Pretends to Care About Your Security (Infosecurity Magazine) Oh the irony: A new approach to LinkedIn scamming has been spotted making the rounds, looking to steal confidential information from unsuspecting users by pretending to worry about their cyber-safety

ThreatSTOP Releases New Ransomware Targets (Information Security Buzz) The following ransomware targets have been introduced by the ThreatSTOP Security Team. It is important to update policies to include these targets for immediate increased protection from the growing number of ransomware attacks

Tesco Bank attack: What do we know? (BBC) Supermarket giant Tesco has suspended some parts of its online banking system after it detected attempts to steal cash from customers' accounts

Was Theft Of Money From 20,000 Tesco Bank Customers An Inside Job? (Dark Reading) UK bank confirms attack, but so far has not used the word 'hack'

Worried about the Tesco Bank attack? Here’s our advice (Naked Security) Thousands of holders of current accounts with the UK’s Tesco Bank were unable to access online banking on Monday after some accounts were subjected to “online criminal activity” and money was stolen from some accounts

Tesco Bank attack: How can you protect your account? (BBC) In the first half of 2016, criminals managed to steal £400m from UK bank accounts - a 25% increase in just a year

Some SuperPAC Websites Are Not Super-Secure (Dark Reading) Researchers find weaknesses in public websites that could expose personal information of donors and other sensitive data

Tech support scammers use old bug to freeze browsers (Help Net Security) Tech support scammers are exploiting a bug that maxes out users’ CPU and memory capability and effectively freezes the browser and possibly the computer, in an attempt to convince users that they have been hit with malware

Inside the Cerber Ransomware-as-a-Service Operation (InfoRisk Today) Ransomware is displacing banking Trojans, warns Check Point's Gadi Naveh

India's Largest Card Compromise: Has The Dust Settled? (InfoRisk Today) A hot potato a week ago, the industry seems to have moved on

That Nigerian Prince Has Evolved His Game (Palo Alto Networks Unit 42) Today Unit 42 published its latest paper focused on Nigerian cybercrime. Applying advanced analytics to a dataset of 8,400 malware samples resulted in the attribution of over 500 domains supporting malware activity linked to roughly 100 unique actors or groups. The breadth and depth of this research has enabled a modern, comprehensive assessment focused on the collective threat rather than individual actors

Espionage: Is the defense and intelligence community compromised? (C4ISRNET) Insights into a late draft of a report by the U.S.-China Economic and Security Review Commission were leaked last week, and the information is quite concerning

Security Patches, Mitigations, and Software Updates

Verizon Is Pushing The Nov. Security Patch To Pixel Phones (Android Headlines) Verizon Wireless is beginning to push out a software update for the Pixel and the Pixel XL that contain the November security patch among a few other changes

Microsoft Tears off the Band-Aid with EMET (Threatpost) Microsoft last week extended the end-of-life expiration date to July 2018 on its exploit mitigation add-on, the Enhanced Mitigation Experience Toolkit (EMET). But for some time, the once-useful tool has been well on its way out to pasture

Cyber Trends

Blackhat EU: Breaking Big Data (SC Magazine) Former intelligence officer David Venable gave a crowd at Blackhat EU 2016, a rundown of what big data, and bad data in the private sector could mean for your privacy

Retailers overconfident in endpoint security (Help Net Security) A new study conducted by Dimensional Research evaluated the confidence of IT professionals regarding the efficacy of seven key security controls, which must be in place to quickly detect a cyber attack in progress. Study respondents included 763 IT professionals from various industries, including 100 participants from the retail sector

Marketplace

C5 Capital buys cyber security group ITC for £24m (Financial Times) Fourth acquisition made by London-based fund manager in the sector

Vista Equity Partners Successfully Completes Cash Tender Offer for Shares of Infoblox (BusinessWire) Infoblox Inc. (NYSE:BLOX) (“Infoblox” or the “Company”) and Vista Equity Partners (“Vista”) today announced the successful completion of the tender offer (the “Offer”) by India Merger Sub, Inc. (“Merger Sub”), a wholly owned subsidiary of Delta Holdco, LLC (“Parent”) and an affiliate of Vista, for all of the outstanding shares of common stock of the Company at a price of $26.50 per share, net to the seller in cash without interest and less any applicable withholding taxes or deductions required by applicable law, if any

ACTIVECYBER Launches After Acquisition of CTC-CYBER (BusinessWire) Firm expands services to deliver superior cybersecurity insights to organizational stakeholders

How Palo Alto Networks Is Building Next-Generation Security Innovators (Palo Alto Research Center) The rate of change driven by today’s technology is unlike anything we have ever experienced. New business models and ways of doing business are being created every day. Industries that have been stagnant for years are being disrupted. Look at what Uber did to transportation, what Airbnb has done to hospitality and what Palo Alto Networks is doing together with its channel partners in cybersecurity

Nuix Appoints Ethan Treese as CEO--Americas to Navigate Through Exciting Period of Business Growth (KTIV) Global technology company Nuix has appointed former Dun & Bradstreet executive Ethan Treese as its Chief Executive Officer-Americas. Treese's appointment will allow long-serving executive Dr. Jim Kent to focus on his role as Global Head of Security & Intelligence

Forcepoint™ Announces Executive Leadership Appointment (PRNewswire) Timothy A. McDonough joins as Chief Marketing Officer

Products, Services, and Solutions

WatchGuard Simplifies and Automates Security-as-a-Service for MSSPs with ConnectWise Integration (PRNewswire) Integration makes managing security easier with automated reporting, service ticketing, and enhanced visibility

Distil Networks to fingerprint bots (Enterprise Times) Distil Networks has launched a hi-def fingerprinting solution to tackle the problem of bots. It intends to start: “actively pulling additional data from the browser to identify devices with precision.” This raises questions over Personally Identifiable Information (PII) especially when the EU GDPR comes into force

Intel Security Innovation Alliance to focus on providing security against sophisticated cyber attacks (First Post) Intel Security announced that industry-leading companies like Check Point, Huawei, HP Enterprise, Aruba and MobileIron had joined its partner ecosystem. Intel Security has been working on providing an extensive ecosystem of its partners as part of the Intel Security Innovation Alliance.

Tenable Network Security joins the Intel Security Innovation Alliance (Networks Asia) Tenable Network Security, Inc. announced it has joined the Intel Security Innovation Alliance and completed a new technology integration that will provide McAfee ePolicy Orchestrator (ePO) customers with continuous visibility across their existing McAfee environment

Skybox Security Joins CyberX to Help Firms Tackle Cyber Attacks (News 18) Global security analytics leader Skybox Security on November 7, 2016 announced a partnership with software security startup CyberX to provide enhanced security to enterprises in the country

Experian is recognized as a leading security solution provider (PRNewswire) Providing the best fraud solutions is always the end goal

Microsoft Edge Browser is the Most Effective Protection Against SEM (Virus Guides) According to the latest report of NSS Labs, Microsoft Edge is the web browser which blocks the highest percentage of socially engineered malware (SEM) and phishing attacks when compared to Google Chrome and Mozilla Firefox

Technologies, Techniques, and Standards

New Free Mirai Scanner Tools Spot Infected, Vulnerable IoT Devices (Dark Reading) Imperva and Rapid7 have built scanners to discover IoT devices vulnerable or infected with Mirai malware

Changing IoT Passwords Won't Stop Attacks. Here's What Will. (Dark Reading) The solution will take an industry-wide effort, it won't happen overnight, and the problem is not the users' fault!

Securing Black Friday sales: Is your business ready? (Help Net Security) Black Friday is the day following Thanksgiving Day in the US, well-known for a variety of promotional sales. These are dependent on Internet connections working, servers coping with demand, in-store bandwidth holding up for transaction processing, and more. Both in-store and online, Black Friday sales are dependent on technology

Tips and Best Practices for Securing your Cloud Initiative (Data Center Knowledge) As organizational IT data centers move to adopt cloud technologies they’ve immediately begun to see benefits in this type of distributed computing. Users are now able to access their applications or corporate desktops from any device, anytime and anywhere. But it’s not just about apps and desktops. New types of cloud services are revolutionizing user experiences and rich content delivery

Why a Reactive Security Strategy Costs Companies Millions Each Year (CTOVision) The Internet is both a blessing and a curse for businesses. While it opens up new markets that would have simply been unavailable decades ago, it also brings threats that, if not countered, can cost those companies millions, or even billions, of dollars

Army Wargames Hone Battlefield Cyber Teams (Breaking Defense) The Army is reinforcing its combat brigades with cyber soldiers. In 18 months of wargames with a wide range of units — tanks, Strykers, infantry, Airborne, Rangers — Army Cyber Command troops have brought hacking and jamming to bear on the (simulated) battlefield alongside guns and bombs

Classified vs. controlled unclassified information: what you should know (Federal News Radio) Classified documents usually get all the attention, but a new rule is addressing the way controlled information is marked and disseminated in non-classified documents

Design and Innovation

The Most Militarily Decisive Use of Autonomy You Won’t See (Defense One) Drones and robots get the headlines, but autonomous cyber weapons will be key to future warfare

What’s Next For IoT Security? (Semiconductor Engineering) The recent cyberattacks highlighted the security lacking in many IoT devices. Solutions are on the way

Software verification: the first step towards safe and resilient systems (Information Age) ‘Cyber security’ is misunderstood by many companies, and it is actually software security and software verification that are the first (and often missed) steps to a safe and resilient system

Submissions are open for RSA Conference Innovation Sandbox Contest 2017 (Help Net Security) The 12th annual Innovation Sandbox Contest at RSA Conference is now accepting submissions to name the “RSAC Most Innovative Startup 2017.” Past winners include successful companies such as Sourcefire, Imperva, Waratek, and most recently Phantom

Research and Development

China research team smashes quantum cryptography record (Silicon Republic) A team of researchers from China – with assistance from a lab in the US – has smashed the current quantum cryptography record, by sending a message across a distance of 404km that is impossible to eavesdrop on

Factoring Quantum Mechanics into Encryption (Physics Central) Recent cyber-attacks have left many people convinced that there is no real way to keep anything secret, at least not anything connected to the grid. You can strengthen your passwords and antivirus protection, but if the systems that send and receive your data are vulnerable, so are you. And the reality is, no one actually knows just how secure our encryption systems are

Legislation, Policy, and Regulation

China formalises existing restraints with new cybersecurity law (ZDNet) China's top legislative body this week passed a cybersecurity law that elevates the formally 'low-level regulations' applied across the nation in areas such as security, online speech, and citizen rights

Will China’s cyber security law restrict online freedom? (Infotechlead) The Chinese government on Monday passed a new cyber security law, as part of heightening Beijing’s control on the Internet

China's vague cybersecurity law has foreign businesses guessing (CSO) China has approved a cybersecurity law that many foreign companies have opposed

Investigation Offers New Glimpse Into Russian Military’s Hacking, Recruitment Efforts (Radio Free Europe/Radio Liberty) The captions asks those who have “successfully graduated from college” and are experts in "technical science" to apply to join a new entity called the Research Squadron of the Russian Federation

New boot camp for cyberspies announced (Misco) In a move that brings us ever closer to living in the plot of a James Bond film, last week the government released news of its new boot camp for cyberspies

Litigation, Investigation, and Law Enforcement

Regulators could fine Tesco Bank over cyber attack (Telegraph) Tesco could be potentially be hit with a multi-million pound fine by City regulators in the wake of an unprecedented attack on its banking arm that saw money taken from about 20,000 current accounts

Tesco would face fines of up to £1.9bn under GDPR for Tesco Bank breach (Computing) Entire Tesco group would be in the firing line – with demands for more payouts on top from class-action lawsuits

Security Controls 'Working' Despite NSA Theft: US Official (NBC 10) National security breaches have changed in recent years from unearthing moles working for foreign governments to stopping intelligence workers before they leak or share documents with journalists

Clinton Email Investigation: A Forensics Perspective (BankInfo Security) Investigator Rob Lee explains the process to find classified emails

Clinton email case handling brings tumultuous time for FBI (Federal Times) The FBI's handling of the Hillary Clinton email investigation has created more turmoil for the bureau than any other matter in recent history, exposing internal tensions within the Justice Department and stirring concerns the famously apolitical organization unnecessarily injected itself into the campaign

Tor marketplaces shut down by Operation Hyperion (Naked Security) Tor, the conduit for below-the-radar browsing, and drugs, weapons and other illegal activities, has been under the microscope by law enforcement in the past two years. In the past months alone, we saw Brian Richard Farrell, who helped run Silk Road 2.0, sentenced to eight years in jail for his work in the dark market. His arrest was part of Operation Onymous, which aimed to take out illegal marketplaces on Tor, back in 2014

Dutch police takes over darknet market, posts warning (Help Net Security) As law enforcement agencies around the world continue taking down online markets on the Dark Web, the Dutch National Police and the nation’s Public Prosecution Service are trying out a new strategy for deterring sellers and buyers of illegal goods

Unsealed Court Docs Show FBI Used Malware Like ‘A Grenade’ (Motherboard) In 2013, the FBI received permission to hack over 300 specific users of dark web email service TorMail. But now, after the warrants and their applications have finally been unsealed, experts say the agency illegally went further, and hacked perfectly legitimate users of the privacy-focused service

14 arrested for laundering millions stolen with malware (Help Net Security) The UK National Crime Agency (NCA) has arrested fourteen individuals suspected of laundering more than £11 million stolen through the use of malware

Those Suing Anthem Seek Security Audit Documents (HealthcareInfo Security) Lawyers in breach-related suit argue OPM audit findings are relevant

New challenges surface for VW, including a possible new defeat device in Audis [updated] (Ars Technica) And in the US, VW given until the end of November to find a fix for 3.0L diesel cars

Oil exec accused of impersonating Elon Musk in an email sues Tesla over Twitter hack (Naked Security) In September, Tesla sued an oil pipeline services company exec, claiming that he tried to impersonate Musk in an email message that sought to glean financial information about the company

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

The Risks and Benefits of Artificial Intelligence and Robotics (Cambridge, England, UK, February 6 - 7, 2017) The Risks and Benefits of Artificial Intelligence and Robotics Workshop aims to provide media and security professionals with an in-depth understanding of the implications that the rapid advancement of...

Upcoming Events

2nd Annual Summit: Global Cyber Security Leaders (Berlin, Germany, November 7 - 8, 2016) The Global Cyber Security Leaders 2016 is designed to provide unrivaled access to peers from across the globe, and encourage participants to discuss the current challenges and explore the ideas shaping...

IAPP Europe Data Protection Congress 2016 (Brussels, Belgium, November 7 - 10, 2016) The GDPR is finalised, the Data Protection Congress is returning to Brussels and you have a great deal of work ahead. Begin at the Congress, where you’ll find thought leadership, a thriving professional...

SANS Miami 2016 (Coconut Grove, Florida, USA, November 7 - 12, 2016) Attend our new SANS Miami 2016 event, November 7-12 and choose from five hands-on, immersion-style cybersecurity training courses taught by real-world practitioners. Attackers are targeting you with increasing...

Federal IT Security Conference (Columbia, Maryland, USA, November 8, 2016) The Federal IT Security Institute in partnership with PhoenixTS in Columbia, MD is hosting the first annual Federal IT Security Conference. Speakers from NIST, DHS, the Defense Department as well as private...

11th Annual API Cybersecurity Conference & Expo (Houston, Texas, USA, November 9 - 10, 2016) Join us at the 11th Annual API Cybersecurity Conference & Expo and discover methods for thwarting the bad guys, what the scene looks like over the horizon and how the latest technologies can help you counter...

SecureWorld Seattle (Bellevue, Washington, USA, November 9 - 10, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

Institute for Critical Infrastructure Technology Annual Gala and Benefit (Washington, DC, USA, November 10, 2016) The Annual ICIT Gala and Benefit is the year’s most prestigious gathering of legislative, agency and private sector leaders committed to protecting our Nation’s critical infrastructures. This intimate...

Israel HLS and Cyber 2016 (Tel Aviv, Israel, November 14 - 17, 2016) Where physical and cyber security meet. Topics include intelligence, cyber crime, and counter-terrorism, defending critical infrastructures, a smart global world, mass events--the integrative approach,...

SANS Healthcare CyberSecurity Summit & Training 2016 (Houston, Texas, USA, November 14 - 21, 2016) SANS will be hosting its 4th Annual Healthcare Cybersecurity Summit. Join us and hear top security experts from leading healthcare companies discuss proven approaches for securing and succeeding in the...

Infosec 2016 (Dublin, Ireland, November 15, 2016) Infosec 2016 conference addresses the critically important issues that threaten businesses in the information age By any measure, the digital threats that businesses and organisations of all sizes face...

Commercial Cyber Forum: Insider Threat (Odenton, Maryland, USA, November 15, 2016) Please join us for a panelist discussion with insider threat experts on upcoming Federal rules, key elements of an insider threat program and privacy, due process, and human resource requirements.

Kaspersky Academy Talent Lab (Online, then Prague, Czech Republic, November 15, 2016) Kaspersky Academy Talent Lab is an international cyber-world competition for young researchers and professionals aged 18-30 who are interested in the cybersecurity challenges facing the world. 50 finalists...

CISO Charlotte (Charlotte, North Carolina, USA, November 15, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions ...

Pharma Blockchain Bootcamp (Edison, New Jersey, USA, November 16, 2016) Blockchain technology has gained recognition as one of the most disruptive technologies in the industrial world with the potential of redefining how businesses operate similarly the internet changed it...

CyberCon 2016 (Washington, DC, USA, November 16, 2016) CyberCon 2016 is the forum for dialogue on strategy and innovation to secure civilian and defense networks, as well as private-sector networks that hold their sensitive data. Cybersecurity will be the...

Versus 16 (San Francisco, California, USA, November 17, 2016) Versus is not an ordinary event. Versus is not about pitching products or preaching to the choir. Versus is about challenging what you think you know about cybersecurity, about technology, about doing...

Focusing On The Future: Prioritizing Security in the Digital Economy (Washington, DC, USA, November 18, 2016) In today's digital economy, developing and prioritizing a cyber strategy is critical to address diverse and evolving threats, foster trust in the technology we use, and define a path forward where security...

Data Breach & Fraud Prevention Summit Asia (Mumbai, India, June 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the ...

SCSC Cyber Security Conclave 2.0 Conference and Exhibition (Hyderabad, India, November 22 - 23, 2016) India’s leading two-day cyber security event is returning in November 2016, once again bringing together over hundreds of cyber security experts, senior officials and policy-makers from across the public...

4th Ethiopia Banking & ICT Summit (Addis Ababa, Ethiopia, November 25, 2016) The 4th Ethiopia Banking & ICT Summit is the ONLY event in Horn of Africa that focuses on technology innovations and trends in the Banking and ICT sectors. This annual summit brings together Financial...

Internet of Things (IoT) (Elkridge, Maryland, USA, November 29, 2016) This cybergamut Technical Tuesday features Dr. Susan Cole, currently the Cybersecurity Lead for a Federal Information Systems Controls Audit Management (FISCAM) preparation team and also provides consulting...

CIFI Security Summit (Toronto, Ontario, Canada, November 30 - December 1, 2016) The Annual CIFI Security Summit takes place all over the world, Asia, Europe, Australia & North America. These summits are essential 2 day conferences and exhibitions bringing together leading security...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.