skip navigation

More signal. Less noise.

Daily briefing.

US Presidential candidate Clinton's campaign chairman Podesta's Twitter account was hijacked Wednesday to announce (obviously falsely) that Podesta had jumped ship to Team Trump. Apparently Podesta's iCloud account was also hacked (and wiped), this also occurring Wednesday night about twelve hours after Podesta's password appeared in the latest WikiLeaks email dump.

The FBI is said to be investigating the compromise of Podesta's accounts, with Russian intelligence services as the prime suspects. Russian President Putin shrugs a denial, but says the whodunnit's not important—he thinks people should worry more about the dumped emails' content. Concerning that content, Wired draws attention to a 2006 essay in which WikiLeak's Assange explained the hacktivist determination to impose a "secrecy tax" on organizations.

How the US will respond to Russian hacking remains up in the air, but more foreign policy experts and defense intellectuals call for that response to err on the side of toughness.

Al Qaeda is receiving much the same military pressure as ISIS, and it's also turning to a similar campaign of online inspiration in the hopes of recouping its Millennial jihadist mindshare.

New Android vulnerabilities include "Pork Explosion," a Foxconn factory de-bugger left behind in shipped devices—it can serve as a backdoor. The Nine app, used to access Microsoft Exchange resources, is found vulnerable to man-in-the-middle exploitation. And a bogus video app promises great selfies but actually delivers identity theft.

Verizon finds the Yahoo! breach "material," hinting that it will affect its planned acquisition of the troubled company's assets.

Notes.

Today's issue includes events affecting Afghanistan, Australia, Bangladesh, Brazil, China, European Union, India, Iraq, Israel, Libya, Myanmar, Pakistan, Russia, Syria, United Kingdom, United States.

A note to our readers: On Monday we'll be back at Jailbreak in Laurel, Maryland, for a seminar on blockchain technology hosted by Novetta. We'll have a report, of course, later in the week.

And, as the second week of National Cyber Security Awareness Month winds down, remember this week's theme, one more time: "From the Break Room to the Boardroom: Creating a Culture of Cybersecurity in the Workplace."

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today our partner from the Johns Hopkins University, Joe Carrigan, answers a question from a listener about Amazon's recent password resets. Our guest, Corero's Dave Larson, explains the IoT botnets that have been inflicting DDoS attacks against high-profile targets. If you enjoy the podcast, please consider giving it an iTunes review.

Tech Talk: Blockchain & Bitcoin (Laurel, Maryland, USA, October 17, 2016) Join Novetta and Chainanalysis at Jailbreak Brewery to learn about Bitcoin, a digital currency, and Blockchain, the technology that makes it all work. Rub elbows with like-minded techies and enjoy ice cold beer - Don’t miss out.

Cyber Security Summit (Los Angeles, California, USA, October 20, 2016) Senior-level executives are invited to learn about the latest threats and solutions in cyber security from experts from the U.S. Dept. of Justice, Darktrace, IBM and more. Use promo code cyberwire50 for a 50% off (Regular price $250).

Cyber Attacks, Threats, and Vulnerabilities

Clinton campaign chief’s Twitter, iCloud accounts hijacked (Help Net Security) Some 12 hours after WikiLeaks published emails stolen from the email account of Hillary Clinton campaign Chairman John Podesta, someone has hijacked the man’s Twitter account and tweeted out “I’ve switched teams. Vote Trump 2016. Hi pol”

Clinton campaign chief’s iPhone was hacked and wiped, photos suggest (Ars Technica) Podesta's iPhone reportedly wiped within hours of his Twitter account being hacked

Intelligence Analyst: Russian Cyberattacks Could Roil US Elections (Voice of America) Malcolm Nance is extremely worried about what might happen as U.S. votes are tallied on Nov. 8, election night

Want to Know Julian Assange’s Endgame? He Told You A Decade Ago (Wired) Amid a seemingly incessant deluge of leaks and hacks, Washington, DC staffers have learned to imagine how even the most benign email would look a week later on the homepage of a secret-spilling outfit like WikiLeaks or DCLeaks. In many cases, they’ve stopped emailing altogether, deleted accounts, and reconsidered dumbphones. Julian Assange—or at least, a ten-years-younger and more innocent Assange—would say he’s already won

Elections at Risk in Cyberspace, Part III: Vote Database Security Ultimately Could Determine an Election Result (SIGNAL) It would take a nation-state with advanced cyber capabilities to alter U.S. election; those adversaries exist today

7 Ways Electronic Voting Systems Can Be Attacked (Dark Reading) Pre-election integrity tests and post-election audits and checks should help spot discrepancies and errors, but risks remain

Pro-Trump Hackers Deface Clinton Wikipedia Page (Infosecurity Magazine) Hackers purporting to support presidential hopeful Donald Trump have defaced Hillary Clinton’s Wikipedia page with pornographic images

'Join the Revolution': Al-Qaeda Makes Populist Pitch to Millennials (PJ Media) Al-Qaeda is appealing to millennials with a cocktail of populism and Islam and directives to not admire grown "kids" in professional sports but "men... with their AK aimed at the enemy" -- and to follow the latter into jihad

Algerian forces kill commander of Islamic State affiliate behind French murder: source (Reuters) Algerian soldiers have killed two Islamist militants including one who security sources said was a senior commander with an Islamic State-allied group that kidnapped and beheaded a French tourist two years ago

How Hackers Plant False Flags to Hide Their Real Identities (Motherboard) During the first half of 2015, a mysterious hacking group allegedly started attacking military and government organizations in Peru in what looked like a routine—even run-of-the-mill—espionage campaign

Popular Android App Leaks Microsoft Exchange User Credentials (Threatpost) A popular Android app used to access corporate email, calendar and contacts via Microsoft Exchange servers is vulnerable to leaking user credentials to attackers

Backdoor dubbed Pork Explosion lets attackers go hog wild on Android phones (CSO) A backdoor in Android firmware provided by manufacturer Foxconn allows attackers to root devices to which they have physical access, according to a security researcher and barbecue enthusiast who dubbed the vulnerability Pork Explosion

Leftover Factory Debugger Doubles as Android Backdoor (Threatpost) A leftover factory debugger in Android firmware made by Taiwanese electronics manufacturer Foxconn can be flipped into a backdoor by an attacker with physical access to a device

Enjoy taking selfies? That plays right into the hands of this identity-stealing malware... (Graham Cluley) Fake video app asks victims for selfie, alongside a large amount of other personal info

Odinaff trojan targets SWIFT users, financial organisations (Graham Cluley) Malware takes cues from Carbanak, and comes equipped with lots of hacking tools

Akamai Finds Longtime Security Flaw in 2 Million Devices (Wired) It's well known that the Internet of Things is woefully insecure, but the most shameful and frustrating part is that some of the vulnerabilities that are currently being exploited could have been eradicated years ago. Now evidence of how these bugs are being used in attacks is calling attention to security holes that are long overdue to be plugged

Akamai Says Hackers Use ’Smart’ Devices to Test Stolen Usernames, Passwords (Wall Street Journal) Evidence shows hackers were able to manipulate as many as two million ‘smart’ devices

Old SSH Vulnerability at Center of Credential-Stuffing Attacks (Threatpost) Connected devices aren’t just for DDoS attacks anymore

Symantec warns Swift users about an upcoming cyber-attack (The USB Port) On Tuesday, American cyber security giant Symantec reported a second hacker group, dubbed Odinaff, was likely to perpetuate SWIFT attacks against financial institutions, mirroring the heist that occurred earlier this year, in February, at the Bangladesh Bank

Evony Gaming Company Website Hacked; 33M Gamer Accounts Stolen (HackRead) Evony gaming company had its website and forum breached and as a result 33 million of its gamers had their accounts stolen

South American Based Indetectables Member Shares RAT (Wapack Labs) Current Wapack Labs research revealed a Spanish language forum, Indetectables.net Forum, which highlights a member selling a popular remote access tool (RAT). This information is being supplied for your situational awareness and protection

There Are 5,761 Online Stores Currently Infected with Card-Data-Stealing Malware (Softpedia) Online skimming malware is about to become a big problem

Phishing scam hits Australian inboxes (CSO) The latest phishing scam impersonates energy company AGL

GlobalSign security certificate foul-up knocks out secure websites (ZDNet) A security certificate mix-up has frozen hundreds of thousands of websites

UN Atomic agency admits a cyber-attack 'disrupted' a nuclear power plant (SC Magazine) A senior UN official has told press that a nuclear power plant was disrupted several years ago by a cyber-attack

Security Patches, Mitigations, and Software Updates

Tor Project and Mozilla Making It Harder for Malware to Unmask Users (Motherboard) Generally, the Tor network provides a high level of protection and anonymity for its users. So much so that law enforcement agencies, instead of attacking the network itself, have opted to hack individual users’ computers, or end-points. This way, investigators have learned Tor users’ IP addresses

Cisco patches critical authentication flaw in conferencing servers (CSO) Hackers could exploit the issue to masquerade as legitimate users

Google Plugs 21 Security Holes in Chrome (Threatpost) Google on Wednesday patched 21 security vulnerabilities in Chrome, including a half dozen rated high severity that were reported by external researchers and were eligible for a bounty

Android Fragmentation Sinks Patching Gains (Threatpost) It’s been 13 months since Google began releasing Android security bulletins and software patches on a scheduled, monthly basis. So far, the benefits of the new strategy to shore up Android’s defenses are mixed at best. Compared to Apple’s patching track record, Google’s is significantly lacking

Cyber Trends

1 in 5 executives take risks with sensitive data to meet regulatory demands (Help Net Security) The Anti-Money Laundering Directive (AML), the EU-US Privacy Shield and the Market Abuse Directive (MAD) and Regulation (MAR) are the three biggest regulatory pressures across EMEA, according to a survey conducted by Vanson Bourne

SecureAuth: It’s The Beginning of The End of The Password (Find Biometrics) It’s the beginning of the end of the password, suggests survey data from SecureAuth

80% Of IT Pros Say Users Set Up Unapproved Cloud Services (Dark Reading) Shadow IT is a growing risk concern among IT pros, with most reporting users have gone behind their backs to set up unapproved cloud services

Alarming cloud encryption misconceptions revealed (Help Net Security) Businesses have a high level of concern about the exposure of sensitive and regulated data in the cloud to security threats. Yet despite this, the majority of data owners outsource responsibility for data protection, even though they still bear full legal liability if there is a breach

Cyber threats to U.S. presidential election helps boost interest in cybersecurity careers among millennials (PRNewswire) Raytheon-NCSA global survey finds growing awareness of cybersecurity careers, but gender gap widens

Most Small Businesses Lack Response Plan For Hacks (Dark Reading) Half of small business owners have experienced malware, phishing, Trojans, hacking, and unauthorized access to customer data, according to Nationwide survey

Marketplace

Information Security Spending Will Top $101 Billion By 2020 (Dark Reading) Spending on security services will drive much of the growth, IDC says in new forecast

Verizon says Yahoo hack 'material,' could affect deal (Reuters) Verizon Communications Inc (VZ.N) said on Thursday it has a "reasonable basis" to believe Yahoo Inc's (YHOO.O) massive data breach of email accounts represents a material impact that could allow Verizon to withdraw from its $4.83 billion deal to buy the technology company

Verizon's Yahoo Breach Question: What's 'Material'? (BankInfo Security) Don't expect world's largest data breach to derail Verizon's Yahoo buy

Verizon signals Yahoo data breach may affect acquisition (CSO) Yahoo says its still confident in the company's value

Digital privacy campaign urges users to 'Dump Yahoo' (Christian Science Monitor Passcode) The tech advocacy group Fight for the Future is calling on Yahoo users to delete accounts after reports alleged the company let US officials scan millions of emails

HP Inc to cut up to 4000 jobs (CRN) HP Inc plans to cut up to 4,000 jobs across multiple divisions in the next three years as part of a restructuring plan, the company disclosed in a filing on Thursday

Accenture acquires Defense Point Security, US-based cyber consultant (Consultancy) Cybercrime is becoming increasingly problematic for companies and governments globally, as a range of digital avenues and developing adversaries tap into systems to extract a range of value. As costs grow, companies are turning to consultancy firms for advice. In a bid to meet demand, as well as access relevant certifications, Accenture recently acquired US-based Defense Point Security for an undisclosed sum

Cybersecurity Stocks & ETFs Fall on Fortinet's View Cut (Nasdaq) Shares of almost every anti-hacking company took a hit yesterday after Fortinet Inc. FTNT lowered its third-quarter 2016 revenue and earnings guidance, raising investors' concerns over increasing price competition across the industry

7 Cyber Security Stocks Cashing In On The Hacking Epidemic (Seeking Alpha) The threat of being hacked will have companies and governments has sent cyber security spending soaring in the last five years. This tidal wave of spending is creating a great investment opportunity: it has never been a better time to be a cyber security company. Investors can profit from buying shares in a cyber security ETF or individual industry leaders with strong financial positions and high growth prospects

Qualys: A Fast-Growing Cyber Security Provider (Seeking Alpha) Revenues growing at a compound annual growth rate of 21.1%. Has met earnings expectations since going public. Cyber security industry is expected to grow at a CAGR of 9.8%

Increase in Cyber Threats Makes This Stock a Raging Buy Right Now (The Street) Incidents of hacking are growing daily. Here is a great way for investors to play the trend

Symantec CEO Takes Aim At Cylance, Other Next-Gen Security Vendors As Blue Coat Integration Gets Under Way (CRN) Symantec is charging back into the market after its acquisition of Blue Coat Systems earlier this year, CEO Greg Clark said, and he didn’t mince words about what that means for the security vendor’s competition

IBM gets in retaliation before VMware flips to AWS (Channel Biz) Big Blue moves to step on new hybrid cloud romance between Amazon Web Services and VMware

LookingGlass is a Champion of National Cyber Security Awareness Month (BusinessWire) Cybersecurity leader emphasizes importance of educating organizations on effective phishing protection

Products, Services, and Solutions

Terbium Labs and Skry Team Up to Enhance Detection of Bitcoin Fraud (Finance Magnates) The integration aims to minimize the damage of blockchain fraud by reducing the delay time between compromise and detection

‘Bitcoin Unlimited’ Hopes to Save Bitcoin from Itself (Motherboard) For over a year, bitcoin has been embroiled in a circular debate about a code change that would allow the virtual currency to handle many more transactions. But this week finally saw a major shake-up that could change the course of bitcoin as we know it

Top SIEM Vendors and Other Buying Advice (eSecurity Planet) Security incident and event management (SIEM) products are no longer just for large enterprises. This article will help determine if SIEM is for you

Thycotic Releases Privilege Manager for Windows (eWeek) Privilege Manager for Windows lets IT admins implement an array of security policies and controls that best match their needs, such as deny-first whitelisting

Sophos bundles cybersecurity technology under one solution (Interaksyon) It’s the underlying philosophy that has catapulted Sophos to the forefront of the industry. Using big data analytics, the global security leader gains a deep a deep understanding of the threat landscape, recognizing malicious patterns, attack vectors and criminal motivations

Technologies, Techniques, and Standards

What is MANRS and does your network have it? (CSO) The Internet Society's Mutually Agreed Norms for Routing Security (MANRS) initiative is designed to provide measures to improve the resilience and security of the internet's routing infrastructure to keep it safe for businesses and consumers

Internet Routing Security Effort Gains Momentum (Dark Reading) More than 40 network operators agree to filter routing information, prevent IP address-spoofing, and to work together to thwart Internet traffic abuse and problems

Infragard: Helping the Nation's IT Security Professionals (In Homeland Security) On August 25, Infragard Las Vegas had an interesting event where they discussed a report about current threats to information technology. Infragard is an organization that serves the security community

101 Ways I Screwed Up Making a Fake Identity (Hacks4Pancakes) As most of you know, my professional area of expertise in security is incident response, with an emphasis on system / malware forensics and OSINT. I’m fortunate enough in my position in the security education and con community to sometimes get pulled into other directions of blue teaming and the occasional traditional penetration testing. However, the rarest of those little fun excursions are into the physical pen testing and social engineering realm. In the breaking into buildings and pretending to be a printer tech realm, I’m merely a hobbyist

An Information Security Survival Guide (Infosecurity Magazine) Information security is viewed in some organizations as a function owned by a few individuals or one department. However, with human error continuing to remain the most prominent cause of data breaches, it is important to create a corporate culture that views information security as a shared responsibility among all employees

That connected device already knows your mom’s maiden name (ReadWrite) Since it’s National Cyber Security Awareness Month, and with the increasing amount of connected homes, systems and trendy devices, consumers need to stay informed about the best security practices, and precautions to take in order to stay safe and keep their information secure

How Sophos helps our own employees to stay safe (Sophos) Sophos is the same as any other business – we need to keep our employees (and the company) safe, while at the same time we need to give people the freedom to do their jobs

Why You Need a Cybersecurity Crisis Management Plan (InfoRisk Today) A CISO offers insights based on real-world experience

Design and Innovation

The AI disruption wave (TechCrunch) Information technology evolves through disruption waves. First the computer, then the web and eventually social networks and smartphones all had the power to revolutionize how people live and how businesses operate. They destroyed companies that weren’t able to adapt, while creating new winners in growing markets

How identity and access management is critical in the digital transformation process (Help Net Security) Digital transformation is a top priority and source of anxiety for enterprises, but the majority of IT decision makers have not completed technology deployments to address the initiatives that are critical to making the shift, according to Ping Identity

Research and Development

BAE Systems to Develop Cyber Attack Prediction Capability for IARPA (BusinessWire) The U.S. Intelligence Advanced Research Projects Activity (IARPA) has selected BAE Systems to develop technology that will help the U.S. military and intelligence agencies forecast and detect cyber-attacks significantly earlier than existing methods allow. The approximate lifetime value of the contract is $11.4 million

Academia

University IT employees fighting for jobs question security (CSO) Data security is a simmering issue in offshore outsourcing. The offshore workers who staff help desks, call centers and manage systems are accessing data in the U.S. The University of California IT employees, who will soon lose their jobs to overseas workers, are trying point this out

University of Maryland University College Renews Support of AFA's CyberPatriot (Yahoo!) The Air Force Association today announced that the University of Maryland University College (UMUC) renewed its support for CyberPatriot, the National Youth Cyber Education Program, as a Cyber Silver sponsor. For the fourth consecutive year, UMUC has sponsored CyberPatriot in its mission to stimulate youth interest in STEM and educate students on the importance of cybersecurity

Legislation, Policy, and Regulation

America’s dilemma over Russian cyber attacks (Financial Times) Washington walks a difficult line in defining an acceptable response

State Dept. Official Urges ‘Strong’ U.S. Response to Election Hacking By Russia (Foreign Policy) A State Department official called for a “strong” U.S. response to Russian hacking of Democratic Party organizations on Thursday and urged the administration to name names and clearly convey that manipulating U.S. elections won’t go unpunished

Russia, US move past Cold War to unpredictable confrontation (CNN) It's not a new Cold War. It's not even a deep chill. It's an outright conflict

America’s Russia Policy Has Failed (Foreign Policy) Here are seven things the next U.S. president should do to put Washington back in the driver’s seat

Cybersecurity: Time to Move from Talk to Action (InfoRisk Today) India needs a comprehensive, pragmatic plan

Athens Conference Plans Europe's Shielf Against Cyber Attacks (Euronews) What would happen if Europe were targeted by a large-scale cyber attack?

How Will the Next President Approach Cybersecurity? (GovInfo Security) The similarities, differences in Clinton, Trump platforms

Letter to next president on cybersecurity (Federal Times) Like Kennedy’s moonshot, the next president will need to think boldly, not incrementally. There is no better place for the next president to start than with his or her own house

Online First: U.S. Special Operations Forces in Cyberspace (Cyber Defense Review) Cyberspace is a human space, as dynamic and uncertain as human nature. No longer simply a technical abstraction or manmade domain unto itself, cyberspace is a growing facet of every-day life that increasingly cuts across all aspects of Special Operations

Marines adopt acquisition approach to work at cyber speed (C4ISRNET) Marine Corps Systems Command (MCSC) has announced a new process for rapidly fielding cyber capabilities to its personnel

As self-driving cars hit the road, cybersecurity takes a back seat (Christian Science Monitor Passcode) While consumers and industry experts worry about cybersecurity in autonomous vehicles, government regulators are still struggling to respond to digital risks in driverless cars

New York State Moves Towards Cyber Attack Regulations (Reg Blog) In the days of Bonnie and Clyde, bank robbers used masks to conceal their identities while robbing the local bank. Today, with the advent of cyber attacks, the mask is a computer screen, and the attacks pose systemic risks to major financial institutions

Kentucky Leaders Update Cyber Attack Preparedness (WKU) Kentucky cyber security leaders are compiling information from a simulated cyber attack in order to update plans in the event that a power grid goes down or sensitive data is stolen from businesses or state agencies

Litigation, Investigation, and Law Enforcement

UK Police Bought Privacy Invading Phone Snooping Tech – Report (Infosecurity Magazine) Rights groups are up in arms after it emerged several UK police forces have purchased controversial mobile phone snooping technology notorious for enabling indiscriminate surveillance

Twitter, Facebook revoke access to social media surveillance software used by cops (Help Net Security) Geofeedia, a US-based company that offers its social media aggregation platform “to a broad range of private and public sector clients”, also numbers among its clients over 500 law enforcement and public safety agencies across the country

Google Handles Record Number of Government Requests for Data (Threatpost) Google fielded a record number of government requests for user data during the first half of 2016, according to its updated Transparency Report

More Congressional Scrutiny of FTC's LabMD Case (HealthcareInfo Security) Senators question whether FTC provided lab with 'due process'

Feds Investigate Email Hack of Clinton Campaign Boss (Infosecurity Magazine) Hillary Clinton’s campaign chairman has claimed the FBI is investigating whether Russian hackers were behind a cyber-attack on his private email

FBI: Russia likely hacked Florida election contractor and Clinton campaign chairman (SC Magazine) U.S. intelligence officials' concerns of a Russian hacking operation against political targets continues to escalate, as FBI officials now believe Russian intelligence agencies likely orchestrated the hacks of emails belonging to a contractor for Florida's election system and Hillary Clinton's campaign chairman John Podesta, according to a report in The Wall Street Journal

Retailer Vera Bradley: Payments System Hacked (DataBreach Today) FBI warning triggers discovery of July breach involving malware

The Video Defense About Her Emails Hillary Clinton Never Gave (NPR) At 10:33 p.m. on Aug. 21, 2015, Hillary Clinton's lead speechwriter sent around an email with the subject line "Script." In it is a draft of a video address to supporters where Clinton would try to explain the private email system she used while secretary of state "directly, in one place, at one time, as best as I can"

Did the FBI chief lie to Congress about the Hillary email probe? (New York Post) Congressional leaders investigating the FBI’s suspiciously inept investigation of ex-Secretary of State Hillary Clinton’s emails are turning their attention to FBI chief James Comey’s truthfulness. Did he mislead them? Did he perjure himself?

The OPM breach report: A long time coming (CSO) The catastrophic breach of the federal Office of Personnel Management, which exposed the personal information of more than 22 million current and former employees, became public in mid-2015. It took another 15 months for Congress to complete a report on it

'Snowden': A cinematic snow job? (GCN) It’s well understood that even the most historically accurate films may take some dramatic license in their depiction of actual events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Pharma Blockchain Bootcamp (Edison, New Jersey, USA, November 16, 2016) Blockchain technology has gained recognition as one of the most disruptive technologies in the industrial world with the potential of redefining how businesses operate similarly the internet changed it...

Upcoming Events

AppSecUSA 2016 (Washington, DC, USA, October 11 - 14, 2016) OWASP’s 13th Annual AppSecUSA Security Conference is the premier application security conference for developers and security experts. Come hear an amazing group of inspirational speakers—including YouTube’s...

Cyber Security Summit 2016 (Aukland, New Zealand, May 5, 2016) New Zealand’s first Cyber Security Summit will be held in Auckland on 5 May 2016. The theme is “Keeping New Zealand’s Economy Cyber Secure”. Hosted by the Minister for Communications Hon Amy Adams, the...

Tech Talk: Blockchain & Bitcoin (Laurel, Maryland, USA, October 17, 2016) Join Novetta and Chainanalysis at Jailbreak Brewery to learn about Bitcoin, a digital currency, and Blockchain, the technology that makes it all work. Rub elbows with like-minded techies and enjoy ice...

Insider Threat Program Development Training for NISPOM CC 2 (Warrington, Pennsylvania, USA, October 17 - 18, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (NISPOM Conforming Change 2). PA. For a limited time the training is being offered at a discounted rate of...

Cyber Ready 2016 (McDill Air Force Base, Florida, USA, October 18, 2016) We invite you to join us for our first annual Cyber ReadyTM 2016 conference observing National Cyber Security Awareness Month: The Impact of Cyber Crime. The National Cyber Partnership, joined by the MITRE MITRE National Capture the Flag (CTF) Competition Cyber Challenge Awards Ceremony.

EDGE2016 Security Conference (Knoxville, Tennessee, USA, October 18 - 19, 2016) The EDGE2016 conference is where true collaboration between business and technology professionals happens. Combining engaging keynotes from world-renowned visionaries, recognized technology industry leaders,...

SecureWorld St. Louis (St. Louis, Missouri, USA, October 18 - 19, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

CyberTini at CyberMaryland (Baltimore, Maryland, USA, October 19, 2016) The bwtech@UMBC Cyber Incubator will be hosting a CyberTini as the official opening event of the CyberMaryland Conference on the evening of October 19, 2016 at the Columbus Center in Baltimore’s Inner...

Los Angeles Cyber Security Summit (Los Angeles, California, USA, October 28, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers...

Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, August 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered...

CyberMaryland 2016 (Baltimore, Maryland, USA, October 20 - 21, 2016) The CyberMaryland Conference is an annual two-day event presented jointly by The National Cyber Security Hall of Fame and Federal Business Council (FBC) in conjunction with academia, government and private...

CyCon US: International Conference on Cyber Conflict (Washington, DC, USA, October 21 - 23, 2016) The inaugural U.S. based International Conference on Cyber Conflict will take place 21-23 October 2016 in Washington D.C. Focusing on a theme of Protecting the Future. CyCon U.S. seeks to create greater...

SANS San Diego 2016 (San Diego, California, USA , October 23 - 28, 2016) Cyber security training in San Diego, CA from SANS Institute, the global leader in information security training. Choose from nine hands-on, immersion-style training courses for security professionals...

18th Annual AT&T Cybersecurity Conference (New York, New York, USA, October 24 - 25, 2016) Countless cyberthreats circle your organization every second of every day. While your organization utilizes more mobile, IoT and emerging technologies, attackers simply focus on more ways to exploit them.

Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, August 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered...

2016 ICS Cyber Security Conference (Atlanta, Georgia, USA, October 24 - 27, 2016) As the largest and longest-running cyber security-focused conference for the industrial control systems sector, the event caters to the energy, utility, chemical, transportation, manufacturing, and other...

14th Annual EWF National Conference (Scottsdale, Arizona, USA, October 25 - 27, 2016) Balancing risk and opportunity: transforming cybersecuity; risk and privacy beyond the enterprise. The Executive Women's Forum (EWF) Annual Conference provides an exclusive opportunity to personally interact...

SecureWorld Bay Area (San Jose, California, USA, October 27, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry...

Security By Design (McLean, Virginia, USA, October 28, 2016) The essential security conference for all who desire to build trustworthy software. Developers, DevOps Engineers, Software Architects, Security Software Engineers, Designers and more.

Regional Cyber Security Summit (Sharm El-Sheikh, Egypt, October 30 - November 1, 2016) The Regional Cyber Security Summit comes this year with the theme of “Boundless Collaboration, Boundless Protection”. It focuses on the cooperation in cybersecurity as one of key pillars to tackle the...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.