skip navigation

More signal. Less noise.

Daily briefing.

US elections aren't the only ones being targeted in advance of voting: FireEye says that APT 3, the Chinese cyber espionage group, has spearphished its way into at least two Hong Kong agencies involved with Sunday's elections.

Apple patched iOS against Trident vulnerabilities last week. Yesterday it pushed out similar patches for OS X. Users are urged to apply them at their earliest opportunity. The Trident zero-days are those Lookout and Citizen Lab found on a UAE activist's phone early in August.

Motherboard says it's obtained a window into the government hacking market through a catalogue from Indian firm Aglaya offering "weaponized information." Some of the services on offer (manipulation of search results, for example) have an information-operational dimension. Aglaya says the brochure was an offer to one specific customer.

Some bellicose talk about cyberwarfare comes from North America late this week. A former head of Canada's Communications Security Establishment says Ottawa would be "negligent" were it to forego development of offensive cyber capabilities. US Presidential candidate Clinton promised that, if elected, she would respond militarily to cyberattacks.

Concerns about cybercrime continue to focus on ransomware—familiar variants and vectors continue to work damage.

LeakedSources is circulating cracked passwords from a Last.fm breach disclosed back in 2012. (They promise more "megabreaches" soon.) This, along with the Dropbox breach, prompt many to repent of password reuse.

In an industry rumor, Hewlett Packard Enterprise is said to be hawking its software business to Thoma Bravo for between eight and ten billion dollars.

Notes.

Today's issue includes events affecting Australia, China, Denmark, France, Gambia, Germany, Iran, Iraq, Democratic Peoples Republic of Korea, Russia, Syria, United Arab Emirates, United Kingdom, United States.

A note to our readers: we'll be observing Labor Day this coming Monday, and so taking a day off from publishing. We'll be back as usual on Tuesday, September 6, 2016. A happy Labor Day to all of you. (We'll need the break to recover from following Youngstown State's 45-10 win over Duquesne last night.)

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today Dale Drew from our partners at Level 3 will share some creative ways of handling staffing challenges (a preview: they hire musicians). Our guest is Gene Stevens, CTO and co-founder of ProtectWise, who explains how innovative user interface design is good for the user and good for sales, too. As always, if you enjoy the podcast, please consider giving it an iTunes review.

​3rd Annual Senior Executive Cyber Security Conference: Navigating Today’s Cyber Security Terrain​ (Baltimore, MD, USA, September 21, 2016) Hear from industry leaders on cyber security best practices and trends that will help you better secure your organization’s data. This year’s agenda examines the current cyber security landscape, threats, and challenges ahead for organizations and how senior leaders can work towards “shifting their data to being safe and secure.”

Cyber Attacks, Threats, and Vulnerabilities

Hong Kong Government Hacked by Chinese Cyberspies, FireEye Says (BloombergMarkets) Two government agencies targeted ahead of legislative election. Motive ‘certainly’ political, based on the targets, group says

Are Harris County's voting machines vulnerable to hackers? (KHOU) Just days after the FBI issued warnings to state election officials about cyberattacks, a Rice University professor is raising serious concerns about the security of computerized voting systems in Harris County and around the country

This Leaked Catalog Offers ‘Weaponized Information’ That Can Flood the Web (Motherboard) In the summer of 2014, a little known boutique contractor from New Delhi, India, was trying to crack into the lucrative $5 billion a year market of outsourced government surveillance and hacking services

BAE Systems' Danish Subsidiary Sells Spyware To UAE (Defense World) BAE Systems' Danish subsidiary has sold surveillance equipment to United Arab Emirates, a country which recently tried hacking smartphone belonging to activist Amed Mansoor

TorrentLocker: Crypto-ransomware still active, using same tactics (We Live Security) In December 2014, ESET released a white paper about TorrentLocker, a crypto-ransomware family spreading, via spam, email messages that impersonated local postal service, energy or telecom companies. The paper described its distribution scheme, its core functionalities, its network protocol and exposed some similarities with the Hesperbot banking trojan

New Elknot/Billgates Variant with XOR like C2 Configuration Encryption Scheme (NetLab 360 (h/t Recorded Future)) Elknot is a notorious DDoS botnet family which runs on both Linux and Windows platforms [1] [2] [3] [4]. Multiple variants have been found since its first appearance, while the most infamous variant is called BillGates by many researchers because of its characteristic use of Bill and Gates modules [5]

Betabot steals passwords, downloads ransomware (Help Net Security) The infamous and ever-changing Betabot information-stealing Trojan is back again, and has been observed downloading another well-known threat – the Cerber ransomware

Web site offline? New server-focused FAIRWARE Ransomware could be why (Trend Micro: Simply Security) In a time of non-stop news stories about ransomware, a new variant called FAIRWARE is attacking Linux-based servers running web sites

Insecure Redis Instances at Core of Attacks Against Linux Servers (Threatpost) A recent run of attacks against Linux servers called Fairware has been traced to insecure internet-facing Redis installations that hackers have abused to delete web folders and, in some cases, install malicious code

Thousands of security threats happen every five minutes: Trend Micro VP (ZDNet) The pace at which businesses now find themselves operating has allowed for the files on a network to be encrypted and beyond an organisation's reach in just five minutes

Only Half of Firms Say IT Security Rules Are Being Followed (Information Management) At a time when ransomware and other attack methods that exploit insider negligence are becoming rampant, only 39% of end users think they take all appropriate actions to protect corporate data accessed and used in the course of their jobs, according to a new survey by the Ponemon Institute

The Hackable Human – 6 Psychological Biases that Make Us Vulnerable (Heimdal Security) There’s a red thread that you can follow in each story about cyber attacks. If you pay attention, you’ll see how human nature is deeply rooted in the mechanics of successful cyber compromise

Malvertising Campaign Pushing Neutrino Exploit Kit Shut Down (Threatpost) A global malvertising campaign exposing potentially one million users to the risk of being infected with CrypMIC ransomware delivered via the Neutrino Exploit Kit has been shut down, according to researchers

Inteno Router Flaw Could Give Remote Hackers Full Access (Infosecurity Magazine) Security experts are warning of a critical new router vulnerability which could allow remote attackers to replace the firmware on a device to take complete control over it, and monitor all internet traffic flowing in and out

Last.fm breach from 2012 affected 43 million users (CSO) Stolen passwords from old data breaches have recently been circulating on the internet

Dropbox breach shows how impactful password reuse can be (Computerworld) Not a good look for the file sharing powerhouse, and a cautionary tale for us all

Dell exposes Federal Agencies outdated tech (USB Port) Federal Agencies might need to improve their tech to prevent breaches. According to new research from Dell, several government institutions are currently using outdated software and hardware. The computer company revealed this information as a part of its annual ‘State of IT trends’ study in July

Scammers using social media brands to launch phishing, fraud and malware attacks, study says (International Business Times) Proofpoint security researchers say 600 new fraudulent social media accounts crop up every month

Researchers Uncover Car Infotainment Vulnerability (Dark Reading) Should an automobile manufacturer have to release a patch for a feature that they never deployed? A newly discovered vulnerability in MirrorLink's infotainment software may force an answer

Mr. Chow’s website serves up ransomware (Malwarebytes) The website for popular fine Chinese cuisine “Mr Chow” restaurants has been hacked and is redirecting visitors to ransomware. This is not the first high profile culinary personality that has been involved in a security incident. Before Michael Chow, British Chef Jamie Oliver experienced several cases of website compromises himself

Devastating attacks to public infrastructure 'a matter of when' in the US (ZDNet) Cybercriminals are focusing on public infrastructure to disrupt services and cause mayhem as new targets are emerging and expanding throughout the world

Cybercrime and cyberwar: A spotter's guide to the groups that are out to get you (ZDNet) Security threats can come from a variety of different individuals and groups. Here's a field guide to the major players

Security Patches, Mitigations, and Software Updates

Apple Slips out Trident Patches for Mac Users (Infosecurity Magazine) Apple has issued patches for OS X and Safari to fix the three major ‘Trident’ vulnerabilities associated with a recent state-sponsored attempt to spy on a rights activist

Apple Patches OS X and Safari Zero-Days Related to NSO Group Spyware (Softpedia) Apple patches two new zero-days in OS X and Safari

Apple Patches OS X and Safari Zero-Days Related to NSO Group Spyware (Information Security Newspaper) Apple patches two new zero-days in OS X and Safari.Apple released today two security bulletins for OS X and Safari aimed to fix three vulnerabilities related to the now infamous Pegasus surveillance kit (spyware) created and sold by NSO Group

Cyber Trends

Cybersecurity defence costs will exceed $1 trillion over the next five years (PCR) The cost of cybercrime defence will exceed $1 trillion cumulatively from 2017 to 2021

The security ratings game grades third-party vendors (TechTarget) Can security ratings services patterned on consumer credit scores offer insight into the security postures of third parties and other business partners?

Tripwire Survey: Security Professionals Lack Confidence in Ransomware Recovery (Yahoo! Finance) Tripwire, Inc., a leading global provider of endpoint detection and response, security and compliance solutions, today announced the results of a survey of over 220 information security professionals who attended Black Hat USA 2016. The conference took place July 30-August 4, 2016, at the Mandalay Bay Convention Center in Las Vegas, Nevada

Tripwire Black Hat 2016 Survey: Ransomware & Phishing (Tripwire) Over 220 information security professionals attending Black Hat USA 2016 participated in Tripwire’s survey

Wombat Security Cyber Security Awareness Report reveals knowledge gaps (Security InfoWatch) Wombat Security Technologies (Wombat), a leading provider of cyber security awareness and training, has announced the release of its Beyond the Phish Report, an analysis of nearly 20 million questions and answers indicating how well end users are able to identify and manage security threats within an enterprise

Top 10 Internet Security Myths Debunked [Updated] (Heimdal Security) What do we know about security?

Marketplace

Cyber Insurance – only if you don’t need it (ITWire) By the time you take out insurance against cyber threats, hacks, data leaks, breaches, etc., you probably have advanced capabilities in security and incident readiness and understand the risk profile

Hewlett Packard Enterprise is in talks to sell its software business to a private equity firm for $8B to $10B (Business Insider) Hewlett Packard Enterprise is in talks with buyout firm Thoma Bravo to sell its software division, hoping it can fetch between $8 billion and $10 billion, according to people familiar with the matter

LMI buys Herndon intelligence contractor (Washington Business Journal) Tysons-based not-for-profit government consultant LMI announced Thursday that it bought Herndon-based FourWinds Limited Co., strengthening its position with intelligence community customers

Distil Networks Takes Aim at Bot Scraping (eWeek) Rami Essaid, co-founder and CEO of Distil Networks, discusses where his company came from and where it is headed

Avast extends its tender offer (BusinessWire) Avast Software B.V. today announced that it has extended its previously announced tender offer to purchase all of the outstanding ordinary shares of AVG Technologies N.V. (NYSE: AVG) for $25.00 in cash to 11:59 p.m., New York City time, on September 15, 2016, unless earlier terminated or further extended. All other terms and conditions of the tender offer remain unchanged

Proofpoint To Grow To $1 Billion In Revenue By 2020: How Realistic? (Seeking Alpha) Management announced a plan to grow revenue to $1B at the last analyst and investor day. Proofpoint’s ability to gain market share from competitors has propelled the stock in 2016. The email security market has been projected to experience a flat growth rate. The low hanging market share will not remain until 2020. Threat from competitors will force management to take on more leverage; this will have a negative effect on FCF

Ignore FireEye, Inc.: Here Are 2 Better Stocks (Motley Fool) The wildly unprofitable cybersecurity company is no longer growing very fast. Investors would be wise to look elsewhere

Why Palo Alto’s Stock Fell after It Posted Its 4Q16 Results (Market Realist) Earlier in the series, we discussed Palo Alto Networks’ (PANW) performance in its recently announced fiscal 4Q16 results. Even though its fiscal 4Q16 revenues and billings exceeded analysts’ expectations, its stock fell 3% on August 30, 2016, in after-hours trading

The Dropbox hack puts cybersecurity ETFs squarely in focus (MarketWatch) ‘Until we don’t see any more breaches, this will be an area that grows’, says Andrew Chanin, CEO PureFunds

To Find Cyber Flaws in Weapon Systems, DoD Will Move Millions (Defense News) Amid a growing focus on the Pentagon’s cyber vulnerabilities, it plans to reprogram $100 million toward uncovering such flaws in major weapon systems, according to budget documents posted this week

By ‘Secure’, We Didn’t Mean... (The Context Blog) During a response to a security incident at a financial institution, I came across a very bad situation: a managed security service provider (MSSP) that had managed to put their sensors in the wrong place, ensuring that the customer got neither security or service. Now, anyone can misplace a box. What was surprising to me was the period of time it took to discover the misplacement

How IT Departments Can Manage The Security Skills Shortage (Dark Reading) A lack of skilled cybersecurity talent is putting organizations at risk. Which skills are in highest demand, and how can IT managers secure the right people to protect their information?

G DATA unterstützt Projekthilfe Gambia e.V. (PresseBox) Gesundheitsstation und Kindergarten erhalten einen Euro von jeder im Online-Shop verkauften G DATA Sicherheitslösung

Kudelski Security Expands Global Advisory Services With Appointments of John Hellickson and Darrell Switzer (PRNewswire) Addition of senior leaders with deep experience in cybersecurity strategy, governance and incident response expands Kudelski Security's global consulting services

FinalCode Opens European Office in London (Yahoo! Finance) FinalCode, Inc., the innovator in persistent file security, today announced the opening of a new regional headquarters to be based in London. Following the continued expansion of FinalCode, the company also announced the appointment of Jo Below to the role of managing director, Europe

Products, Services, and Solutions

Palo Alto Networks CEO: Traps Endpoint Security Offering At 'Inflection' Point With Partners (CRN) The market for endpoint security is booming, particularly in the startup space, and Palo Alto Networks CEO Mark McLaughlin said he is confident the network security vendor will pull ahead of the pack with its Traps endpoint security solution

M1 bolsters cyberattack defenses as it forges alliances with cybersecurity firms (Yahoo! Finance) M1 bolsters cyberattack defenses as it forges alliances with cybersecurity firms

Okta receives rare endorsement from Google cloud chief (CRN) Google has in the past abstained from recognising its cloud technology partners with any preferential designations, but Tuesday, Okta, an identity management vendor, secured an endorsement directly from the internet giant's cloud chief

Raytheon unveils cyber battle management system (C4ISRNET) Raytheon has unveiled its Cyber and Electromagnetic Battle Management (CEMBM) tool

Dispersive Technologies To Reveal SCADA Transmission Improvements At California ISO Symposium (PRNewswire) Dispersive Technologies will unveil significant advances in SCADA data transmission at the California ISO Stakeholder Symposium September 7-8 in Sacramento

Samsung confirms it is recalling the Galaxy Note 7 after reports of explosions (TechCrunch) Samsung has confirmed that it is recalling the Galaxy Note 7, its newest smartphone, following reports that some devices exploded

Technologies, Techniques, and Standards

In wake of voter database hack, U.S. election commission turns to NIST for cybersecurity talk (FedScoop) A cohort of voting municipalities across the U.S. relies on either digital voting systems or online data collection tools that may be susceptible to digital intrusion

Iris scans as ID grow in use (CSO) Smartphones, ATMs and autos envisioned as prime candidates for iris scan tech as ID verification

How a security researcher is tackling IoT security testing (Help Net Security) “A common misconception people in the industry have regarding my work as a security researcher is that I am sharing information that puts businesses at risk. And also, that I spend all day playing,” says Deral Heiland, Research Lead at Rapid7

3 Golden Rules For Managing Third-Party Security Risk (Dark Reading) Rule 1: know where your data sets are, which vendors have access to the data, and what privacy and security measures are in place

What is access governance? A brief deep dive (Help Net Security) Access governance is the evolution, the next great step if you will, in the identity and access management world. Access governance is a more robust, holistic approach to managing user access, network shares, permissions, and allows organizations to peer easily into the entire goings on of an organization. Access governance is like king of the hill, where the view is long and clear and there’s little that can knock it down

Col. Paul Craft: A peek inside DISA’s cyber command center (Federal News Radio) Scott Air Force Base in Illinois is home to a brand new building with 164,000 square feet devoted to cybersecurity. It's the Global Operations Command of the Defense Information Systems Agency. Col. Paul Craft, the commander, described the new center in an interview with Federal News Radio's Jared Serbu on Federal Drive with Tom Temin

Design and Innovation

“Foghorn” takes users out of phish-fighting with DNS “greylisting” (Ars Technica) Prototype security tool stops clicks on bad links, blocking DNS lookup for 24 hours

Research and Development

DHS asks for help designing the cyber testbed of the future (FedScoop) DHS says it wants says it wants input "from industry, academia and other interested stakeholders"

Academia

Dimension Data and Deakin University join forces in Cyber Security Incubator (CSO) New funding from the Victorian Government to spark regional cyber security skills hub

Colorado adds academic spokes to existing cybersecurity hub (Denver Post) Colorado universities considered Centers of Academic Excellence by the National Security Agency

Legislation, Policy, and Regulation

Staunch secularist entrusted to quell France’s row over Islam (Financial Times) Compromise has never been Jean-Pierre Chevènement’s forte: over four decades in French politics he resigned from three different ministerial jobs after disagreeing with the government’s line. Still, president François Hollande has entrusted the 77-year-old politician with a highly delicate mission: to quell France’s unsettling row over Islam, the country’s second-largest religion

How to Stop a Martyr (Foreign Policy) France is rolling out an experimental center to deradicalize homegrown extremists. The problem is no one really knows how to stop a terrorist before he picks up a gun

Going After the ISIS Propaganda Mastermind (Foregin Policy) Killing the Islamic State’s propaganda chief marks a rare success for a U.S.-led campaign that has struggled to counter the group’s far-reaching media jihad

Former electronic spy chief urges Ottawa to prepare for ‘cyber war’ (Toronto Star) As Canada reviews its defence policy, the former chief of Communications Security Establishment says it would be negligent not to develop offensive cyber weapons

Clinton: US should use 'military response' to fight cyberattacks from Russia and China (International Business Times) Clinton said the US should 'lead the world in setting the rules in cyberspace'

Cyber guidelines are 'required reading' for transition teams (FCW) A forthcoming set of guidelines on cyberthreat information sharing between the private sector and the government will be required reading for presidential transition teams, according to a top White House adviser

Cybersecurity 'baked in' as Va. transforms its IT, state tech chief says (StateScoop) Right now, Northrop Grumman manages Virginia's IT. But as that agreement draws to a close in 2019, the state is working to centralize its services, Virginia’s director of technology services told StateScoop TV

Litigation, Investigation, and Law Enforcement

German spy agency systematically broke the law: report (Deutsche Welle) German spies systematically and regularly violated basic civil rights by siphoning up people's telecommunication data for years, according to a secret report by the country's ombudswoman for data protection

Romanian hacker who targeted Bush family and Colin Powell sentenced (Guardian) Marcel Lazar, better known as ‘Guccifer’, given a four-year prison sentence

AT&T’s throttling victory may hinder FTC’s power to protect consumers (Ars Technica) Ruling raises questions about FTC ability to regulate Google, Verizon

Yahoo email privacy lawsuit settled (Naked Security) By this point, we’ve seen plenty of class-action lawsuits over internet giants pawing through our email to either snoop on us or target us with advertising

FBI Denies Making Dark Web Child Porn Site Run Faster (Motherboard) Last week, a defense lawyer argued that the FBI drastically improved the performance of a dark web child pornography site in the process of investigating it. On Thursday, the Department of Justice responded, denying those claims

Programmer arrested for hacking Linux Kernel Organization (Help Net Security) A South Florida-based computer programmer made an appearance in the Southern District of Florida yesterday after being arrested Sunday on charges of hacking into computers operated by the Linux Kernel Organization and the Linux Foundation

Arizona man charged for cyber-attack on city of Madison websites (Wisconsin State Journal) Prosecutors have filed federal charges against an Arizona man they say "crippled" the city of Madison's communication systems and website in the days after the March 2015 shooting of Tony Robinson

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

cybergamut Technical Tuesday: Quantifying Cyber Attacks: To Optimize and Assess your Defense by Jason Syversen of Siege Technologies (Elkridge, Maryland, USA, September 6, 2016) cybergamut Technical Tuesday is for cyber professionals to exchange innovative ideas and discuss technical issues of mutual interest. We’ll have a Technical Tuesday event on 6 September 2016 (1600 – 1730...

2016 Intelligence & National Security Summit (Washington, DC, USA, September 7 - 8, 2016) Third annual unclassified summit hosted by AFCEA International and the Intelligence and National Security Alliance (INSA). There are five plenary sessions and nine breakout sessions related to cybersecurity,...

Annual Privacy Forum 2016 (Frankfurt, Hesse, Germany, September 7 - 8, 2016) In the light of the upcoming data protection regulation and the European digital agenda, DG CONNECT, ENISA and, Goethe University Frankfurt is organizing APF 2016. In the light of the upcoming data protection...

Innoexcell Annual Symposium 2016 (Singapore, September 8, 2016) The Innoxcell Annual Symposium (IAS) is largest and most comprehensive international legal and regulatory compliance conference in Hong Kong, Beijing, Shanghai, Singapore, Australia and United States.This...

SecureWorld Cincinnati (Sharonville, Ohio, USA, September 8, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry...

Borderless Cyber Europe (Brussels, Belgium, September 8 - 9, 2016) Join CIOs, CISOs and cyber threat intelligence experts from industry, government and CSIRTs worldwide to share experiences, strategies, tactics and practices that will improve your state of preparedness...

SANS Network Security 2016 (Las Vegas, Nevada, USA , September 10 - 16, 2016) We are pleased to invite you and your colleagues to attend SANS Network Security 2016 at the magnificent Caesars Palace, Las Vegas, on September 10-19. SANS Network Security is your annual networking opportunity!...

Business Insurance Cyber Risk Summit 2016 (San Francisco, California, USA, September 11 - 12, 2016) The Business Insurance Cyber Risk Summit provides risk management professionals and chief information security officers with the practical information and tools needed to combat the latest cyber risks...

Hacker Halted 2016 (Atlanta, Georgia, USA, September 11 - 16, 2016) This ​year, ​Hacker ​H​alted’s theme​ is​ the Cyber Butterfl​​y Effect​:​ When ​S​mall ​M​istakes ​L​ead to ​B​ig ​D​isasters​. The goal of the conference is to bring the IT security community together...

(ISC)² Security Congress (Orlando, Florida, USA, September 12 - 15, 2016) (ISC)² Security Congress offers attendees over 90 education sessions, designed to transcend all industry sectors, focus on current and emerging issues, best practices, and challenges facing cybersecurity...

7th Annual Billington Cybersecurity Summit (Washington, DC, USA, September 13, 2016) Join over 600 senior-level attendees, more than 50 distinguished speakers, and over 40 prestigious sponsors and exhibitors at the 7th Annual Billington CyberSecurity Summit, the leading Fall forum on cybersecurity...

Privacy. Security. Risk. 2016 (San Jose, California, USA, September 13 - 16, 2016) Innovative since Day 1, P.S.R. brings together two related fields—privacy and security—helping you see beyond your role in order to excel in your role. Because perspective is everything. Delivering the...

CISO GAS (Frankfurt, Hessen, Germany, September 13, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. CISOs and IT security executives...

ISS World Americas (Washington, DC, USA, September 13 - 15, 2016) ISS World America is the world's largest gathering of North American Law Enforcement, Intelligence and Homeland Security Analysts as well as Telecom Operators responsible for Lawful Interception, Hi-Tech...

Tarleton State University Cyber Security Summit 2016 (Dallas, Texas, USA, September 13, 2016) Cyber Security for the Board and the C-Suite: "What You Need to Know." Cyber Security experts will discuss corporate cyber-attacks and legal practitioners will discuss strategies to help companies comply...

Insider Threat Program Development Training For NISPOM CC 2 with Legal Guidance (Germantown, Maryland, USA, September 14 - 15, 2016) Insider Threat Program Development Training for NISPOM CC 2 (Germantown, Maryland, September 14 - 15, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development...

SecureWorld Detroit (Dearborn, Michigan, USA , September 14 - 15, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

Insider Threat Program Development Training for NISPOM CC 2 (Milwaukee, Wisconsin, USA, September 19 - 20, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795...

4th ETSI/IQC Workshop on Quantum-Safe Cryptography (Toronto, Ontario, Canada, September 19 - 21, 2016) This three-day workshop brings together diverse players in the quantum-safe cybersecurity community to facilitate the knowledge exchange and collaboration required to transition cyber infrastructures and...

Cyber Physical Systems Summit (Newport News, Virginia, USA, September 20 - 22, 2016) On September 20-22, 2016 the Commonwealth will be hosting a Cyber and Physical Systems Summit. The three day event will consist of roundtable discussions, plenary and panel presentations across the intersection...

hardwear.io Security Conference (The Hague, the Netherlands, September 20 - 23, 2016) hardwear.io Security Conference is a platform for hardware and security community where researchers showcase and discuss their innovative research on attacking and defending hardware. The objective of...

3rd Annual Senior Executive Cyber Security Conference: Navigating Today's Cyber Security Terrain (Baltimore, Maryland, USA, September 21, 2016) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 3rd Annual Senior Executive Cyber Security Conference on Wednesday, September 21, from 8:30 a.m. –...

New York Cyber Security Summit (New York, New York, USA, September 21, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers...

Gigaom Change 2016 Leader's Summit (Austin, Texas, USA, September 21 - 23, 2016) Over an immersive 2.5 days, we will explore the current state-of-the-art technologies, how these are transforming industry, and why this all matters. You’ll emerge with a greater understanding of the exponential...

NYIT Annual Cybersecurity Conference (New York, New York, USA, September 22, 2016) Presented by NYIT School of Engineering and Computing Sciences, this conference brings together cyber experts from academia, business, and government to address: Cyber Defense Against Attacks–How Industry...

GDPR Comprehensive 2016 (London, England, UK, September 22 - 23, 2016) The GDPR is now a reality. Are you prepared? We had an incredible response to the IAPP GDPR Comprehensive in Brussels and New York, where we prepared hundreds of privacy and data protection professionals...

Cyber Security: How to Identify Risk and Act (Frankenmuth, Michigan, USA, September 26, 2016) Join us on 9/26/2016 for the PMI-MTC's annual project management PDD focusing on "Cyber Security: How to Identify Risk and Act." Earn 7 PDUs during the interactive sessions with well-known information ...

CYBERSEC (Kraków, Poland, September 26 - 27, 2016) The CYBERSEC forum is the first of its kind in Poland and one of just a few regular public policy conferences in Europe devoted to the strategic issues of cyberspace and cybersecurity.The goal of the CYBERSEC...

Third Annual Women in Cyber Security Reception (Baltimore, Maryland, USA, September 27, 2016) The CyberWire is pleased to present the 3rd Annual Women in Cyber Security Reception in cooperation with our partner the Cybersecurity Association of Maryland (CAMI) on Tuesday, September 27, 2016, in...

IP EXPO Nordic 2016 (Stockholm, Sweden, September 27 - 28, 2016) IP EXPO Nordic is part of Europe’s number ONE enterprise IT event series, designed for those looking to find out how the latest IT innovations can drive business growth and competitiveness. The event showcases...

SecureWorld Dallas (Plano, Texas, USA , September 27 - 28, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.