skip navigation

More signal. Less noise.

Daily briefing.

Observers looking into the sale of iOS surveillance tools by NSO Group to users in the United Arab Emirates find that middlemen make it difficult to identify those end users.

Other observers draw lessons from other recent incidents. The threat of the recently disclosed MySQL flaws, CSO writes, affords an object lesson in the importance of permission management. The large number of private keys exposed on publicly accessible web servers (up by more than a million from the number reported in last year's study by SEC Consult) indicates, says Naked Security, that those who develop firmware for embedded devices shouldn't (1) share or reuse private keys, (2) enable remote administration by default, or (3) let users activate new devices until they've set the necessary passwords.

Symantec releases its August security trends report. It finds a rise in malware variants (up to 45.5 million worldwide, as Symantec counts variants) but a drop in attacks as major malware toolkit activity is disrupted and declines.

Today is Patch Tuesday; the latest updates will be available from Redmond later in the day. Microsoft is revamping its patch distribution policy in October—this is the last Patch Tuesday but one to follow the old policies.

In industry news, the US General Services Administration has expanded the availability of cyber security purchases under Schedule 70.

Russia's Defense Minister takes a shot at remarks last week by the US Defense Secretary, charging Russia with dangerous destabilization of the international order. Russia says not us. Also tu quoque.

Notes.

Today's issue includes events affecting Australia, Canada, France, Germany, Iraq, Israel, Syria, United Kingdom, United States.

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we'll welcome Emily Wilson from our new partners at Terbium Labs. We'll also hear from Tony Dahbura, of the Johns Hopkins University, who'll describe their upcoming Senior Executive Cyber Security Conference. And as always, if you enjoy the podcast, please consider giving it an iTunes review.

New York Cyber Security Summit (New York, NY, USA, September 21, 2016) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security. Meet & Learn from the Former Director of the CIA as well as experts from the FBI, Arbor Networks, IBM and more. Register with promo code cyberwire50 for half off your admission (regular price $250).

Tech Expo Job Fair (Arlington, VA, USA, September 28 - 29, 2016) Software Engineering Institute at Carnegie Mellon University Invitational Hiring Event. This is an invitation-only event. Submit your resume for review by September 27. SEI staff will be interviewing at their offices in Arlington, VA to fill local positions immediately.

CyberMaryland 2016 (Baltimore, MD, USA, October 20 - 21, 2016) This year's theme, “Leading the Cyber Generation,” captures the event’s intent to provide unparalleled information sharing and networking opportunities for development of cyber assets on both the human and technological side.

NICE Conference and Expo 2016 (Kansas City, MO, USA, November 1 - 2, 2016) The NICE 2016 Conference and Expo will feature timely, topical, and thought-provoking presentations, bringing together cybersecurity workforce, training, and educational leaders from academia, business, and government for two days of focused discussions.

Dateline Billington Cybersecurity Summit

7th Annual Billington CyberSecurity Summit (Billington CyberSecurity) Over 600 senior-level attendees, more than 50 distinguished speakers, and over 40 prestigious sponsors and exhibitors [are attending] the 7th Annual Billington CyberSecurity Summit, the leading Fall forum on cybersecurity in the Nation’s Capital, on September 13 in Washington, D.C. at the Ronald Reagan Building and International Trade Center. Keynotes include NSA Director Admiral Michael Rogers and top U.K. and Israeli cyber leaders

Overnight Cybersecurity: House looking into election hacks | FTC seeks input on data safeguards (The Hill) ...At tomorrow's Billington Cybersecurity Summit in Washington D.C., Ryan Gillis, Palo Alto Network's vice president of cybersecurity strategy and global policy, will suggest a novel concept in information security: Successfully implementing cybersecurity policies in government and business might be less about technology or cost and more about being able to understand what other people are saying

Titan IC licenses Its Helios RegEx Processor to LookingGlass for Network-Based Threat Mitigation. (Design & Reuse) Titan IC Systems (Titan IC) today announces that LookingGlass Cyber Solutions (“LookingGlass”) has signed a multi-year strategic partnership to further advance the state of the art network based threat mitigation with the Titan IC Helios regular expression (RegEx) processor

Cyber Attacks, Threats, and Vulnerabilities

Surveillance Middlemen Make it Harder to Track Who's Responsible For Hacks (Motherboard) In August, researchers revealed they had found malware from secretive Israeli hacking company NSO Group on the phone of United Arab Emirates political dissident Ahmed Mansoor. The prime suspect behind the attack was the UAE government

Recent MySQL vulnerability a lesson in privilege assignments (CSO) SQLi makes it a remote issue, but the real problem is permissions

How “Fileless” Ransomware Works (CrowdStrike) As ransomware becomes an increasingly lucrative business, organized crime groups are expanding their operations to reach more victims and extract more ransoms

Hack Brief: Beware the Spammy Pokemon Go Apps Being Pushed to Millions of iPhones (Wired) There comes a time in everyone’s life when they consider, for better or for worse, downloading Pokémon Go. Now it seems scammers are ready for that impulsive moment to arrive, and they’re just waiting to redirect unsuspecting players to an app store where they may catch more than Pikachus

4.5 million web servers have private keys that are publicly known! (Naked Security) Late in 2015, we wrote about a survey by a European security consultancy called SEC Consult that looked at the cryptographic safety of the average web server

Thousands of infected FTP servers net attackers $88k in cryptocurrency (Ars Technica) Targets foot hardware and electricity costs of mining Monero coins

Don’t click the link: NAB customers targeted by sophisticated phishing scam (News.com.au) Customers who bank with NAB need to be aware of a sophisticated new phishing scam targeting those using online banking

Symantec's August malware stats show rise in malware but drop in attacks (Security Brief) Symantec's latest Monthly Intelligence Report has revealed that new malware variants are on the rise across the globe, reaching 45.5 million, the highest since the same time last year. Phishing attacks have dropped but email malware is also on the rise, suggesting a rollercoaster mix of threat types

Augusta University employees fall prey to cyber attack (WRDW) Augusta University targeted in a cyber attack and sending out an alert to faculty, students, and staff

Security Patches, Mitigations, and Software Updates

New Windows Patch Policy At Odds With Acceptable Risk (Threatpost) With Microsoft’s Patch Tuesday release tomorrow, the countdown begins for application developers to button down code ahead of Microsoft’s new servicing model starting in October that could present vulnerability issues for some businesses

Pokémon Go update blocks jailbroken devices; workaround already found (Ars Technica) Adds Pokémon Go Plus and Buddy Pokémon support along with numerous bug fixes

Cyber Trends

Our Connected World and the Unseen Legacies of 9/11 (Wired) Tom Drake arrived at work on his first day as a full-time employee of the National Security Agency before sunrise on a cool, clear morning: September 11, 2001

Emerging technologies are poking holes in security (CSO) Change management will never be the same

Talk Talk, Ashley Madison and now Apple show no company is immune from cyber attack (Guardian) Tackling hacking is a $75bn-a-year industry that companies cannot ignore for fear of consumer backlash

Convergence makes broadcasters vulnerable to cyber attack (TVBEurope) Cyber security has been a hot subject at IBC. In announcing a supplier security checklist, a beginner’s guide and a longer user guide, DPP MD Mark Harrison said: “Collectively I cannot think of a more important subject than cyber security”

Why so many security strategies will fail (IT Online) While 66% of CEOs will have digital transformation at the heart of their corporate strategy, 70% of siloed digital transformation initiatives will fail by 2018 due to insufficient collaboration, integration, sourcing or project management – and security initiatives are no different

Marketplace

GSA retools Schedule 70 for cyber (FCW) Federal technology buyers who use the General Services Administration's Schedule 70 will soon have new options for acquiring cybersecurity services

Making Sense of the Leidos-Lockheed IT Merger (Defense News) Leidos CEO Roger Krone discusses his company’s recent merger with Lockheed Martin’s IT division and the effect on its balance sheet.

Security-Software Picks for the Rest of 2016 (Barron's) CyberArk Software, Fortinet, Palo Alto and Proofpoint are rated at Outperform

Palo Alto - State Of The Union (Seeking Alpha) The cybersecurity industry is experiencing a paradigm shift. Palo Alto might not be perfectly positioned to withstand these shifts. Competition in the industry will make it hard for slow adopters to catch up with the new trends. Palo Alto’s current valuation might not be justified if it does not act fast

Cato Networks Secures $30M to Accelerate Customer Adoption of Networking and Security in the Cloud (MarketWired) Announces general availability of the world's first software-defined and cloud-based secure enterprise network

CensorNet sets sights on enterprise space (ChannelWeb) Vendor launches new partner programme following acquisition of SMS Passcode

Trend Micro Offers $250K to Hack iPhone in Pwn2Own Contest (eWeek) A new iteration of the P2wn2Own mobile hacking contest takes aim at iOS and Android

Products, Services, and Solutions

SentinelOne to Stay Out of VirusTotal (BankInfo Security) Anti-malware firm sees inadequate return on investment, for now

Dataguise Powers Data Warehouse Security and Compliance at 2016 Teradata PARTNERS Conference (MarketWired) Company features sensitive data detection and masking as keys to driving greater value from Teradata Unified Data Architecture

ITelagen® Launches Online HIPAA Security Risk Analysis for Medical Practices Nationwide (Press Release Rocket) Simple and automated online SRA offered by ITelagen and powered by HIPAA One®

Vectra Networks Takes On Backdoors in Data Center Firewalls Planted by Advanced Adversaries (MarketWired) These attack vectors are aimed at blind spots in all network and server infrastructure

Wipro and Vectra Networks Partner to Deliver Automated ‘Threat Hunting as- a- Service’ (BusinesWire) Enables real-time attack visibility to prevent cyber attack

IBM Announces Spectrum Protect Version 7.1.7 (Storage Review) Today IBM announced the latest version of its data protection software, Spectrum Protect version 7.1.7

Forcepoint launches new security tool to stop 'risky' behaviour in its tracks (Security Brief) Forcepoint is taking on the cybersecurity scene in Australia, and the company has announced its SureView Insider Threat tool to help organisations battle the neverending war aganst cyber threats

Technologies, Techniques, and Standards

PCI Security Update Targets PIN System Vendors (Dark Reading) New requirements cover physical and logical security control

If an Infosec policy falls in the forest (CSO) When you are building an Information Security practice you need a solid governance structure in place. For those of you who might not be familiar we can look at it a more accessible way. If you are building a house you need a solid foundation otherwise the thing will collapse

Five ways to respond to the ransomware threat (Help Net Security) The ransomware threat has taken a sharp upturn this year. In fact, a recent industry study found that nearly half of all U.S. businesses have experienced at least one ransomware attack in the past year alone. While organizations wrestle with the ever-pressing issue of whether to pay or not to pay if they’re victimized, Logicalis US suggests CXOs focus first on how to protect, thwart and recover from a potential attack

6 questions CISOs need to ask about containers (CSO) With the cloud being a big part of most companies, containers take on an important role in the network

Is your security awareness training program working? (CSO) An hour long lecture once a year doesn't do much for security awareness training

Moving toward an intelligent hybrid security model (Help Net Security) Cyber attacks aren’t slowing down – in fact, 76 percent of organizations have experienced a breach within the last two years. Enterprises of all sizes, across every industry, are challenged to respond to increasingly complex and severe attacks – often only learning about the size, severity, and type of incident they’re dealing with as their security teams work to stop them

Securing the human operating system: How to stop people being the weakest link in enterprise security (ZDNet) Protect your systems all you like but the biggest threat to security is still the worker sitting at a desk

DoD is 'rebranding' endpoint security (C4ISRNET) The Defense Department is making changes to the tools that provide endpoint security to its network. In a news release, DISA said the Host Based Security System (HBSS) — a tool to enable DoD to detect and counter known threats in the network — will be folded into several other tools as to provide an “evolved, holistic approach to cybersecurity network defense

Research and Development

Generic OS X Malware Detection Method Explained (Threatpost) When it comes to detecting OS X malware, the future may not be rooted in machine learning algorithms, but patterns and heatmap visualization, a researcher posits

Artificial intelligence in cybersecurity: Snake oil or salvation? (Help Net Security) So what is machine learning? Machine learning in an integral part of the “umbrella term” artificial intelligence. Put simply, it is the science of enabling computers to learn and take action without being explicitly programmed. This is achieved through complex algorithmic models applied to data. From this are derived data-driven predictions or decision

Academia

AU’s Kogod Cybersecurity Governance Center Hosting U.S. Cybersecurity Commission's September Hearing (Newswise) The U.S. Commission on Enhancing National Cybersecurity will hold its September 2016 field hearing at the American University Washington College of Law, hosted by the Kogod Cybersecurity Governance Center (KCGC)

Top 10 Cyber-Security Challenge UK talents chosen for European finals (SC Magazine) The final 10 candidates who will represent the Cyber-Security Challenge UK in the European Cyber-Security Challenge (ECSC) 2016 have been chosen

CSM National Security Agency (NSA) Internship Program (Southern Maryand Online) NSA educational co-op program is available to College of Southern Maryland’s students. The program provides paid employment during alternate semesters, tuition reimbursement and one class pre-paid during the accepted student’s “off” semesters

2 universities to discuss national security partnership (Washington Post) Two Maryland universities are scheduled to announce a national security partnership to pool resources and collaborate on counterterrorism research

Legislation, Policy, and Regulation

Russian Defense Minister Lashes Back at His US Counterpart (AP via ABC News) Russia's defense minister has lashed out at his U.S. counterpart, who has accused Moscow of sowing seeds of global instability

How the US responds to cyber incidents (C4ISRNET) The U.S. and its political parties have repeatedly fallen victim to cyber intruders in recent years. The most recent being the intrusion into a number of networks and accounts affiliated with the Democratic National Committee as well as state election systems, sowing some concern and distrust in American institutions

U.S.and UK enter into cyber partnership (C4ISRNET) During his overseas trip last week, U.S. Secretary of Defense Ash Carter and his UK counterpart, Michael Fallon, announced a partnership for greater information sharing in cyberspace

MoJ Struggling To Attract ‘Cooler’ Cyber Security Staff (TechWeek Europe) Government is losing top talent because ethical hackers don’t want to work for it, writes a senior recruiter

Obama administration takes battle against Islamic State into cyberspace (Washington Times) The Obama administration has launched the first cyberwar against the Islamic State, a war that, coupled with real, not virtual, fighting, is producing one of the most encouraging on-the-ground successes in the conflict — sharply cutting into the number of foreign fighters sneaking into Syria to join the group’s terrorist army and its so-called Islamic caliphate

New push for encryption backdoors faces first big test on Capitol Hill (Daily Dot) The newest phase in Washington's fight over encryption and cybersecurity is scheduled to begin on Capitol Hill on Tuesday as both interwoven issues shoot back toward center stage in a Senate hearing that will help set the tone for the next year of debate

Bipartisan campaign on Rule 41 gains steam? (Politico) A bipartisan cadre of senators are trying to kill a controversial change to the federal rules governing legal hacking

Will NSA and CyberCom Split? (NextGov) Talk of separating the National Security Agency and U.S. Cyber Command continues to pop up, as officials discuss the best path forward for agencies with different but related missions

Does the NSA have a duty to disclose zero-day exploits? (Network World) The NSA should disclose all zero-day exploits. But it doesn't

Nation's first CISO brings vision, strategy to cybersecurity mission (Federal Times) Last week, retired Air Force Gen. Gregory Touhill was appointed as the first federal chief information security officer. The appointment was well received throughout industry and the public sector as he brings technical expertise, leadership, accessibility and inclusion to the cybersecurity mission. He is viewed as a consummate cybersecurity professional who is well liked on both sides of the political aisle and by our global allies

The IRS isn’t alone with its struggle with the EINSTEIN cyber program (Federal News Radio) Agencies are looking at a deadline of less than four months to implement the cybersecurity program known as EINSTEIN 3-Accelerated (E3A)

New Book Traces Obama Strategy To Protect America From Hackers, Terrorists & Nation States (Dark Reading) A review of Charlie Mitchell's 'Hacked: The Inside Story of America's Struggle to Secure Cyberspace'

Litigation, Investigation, and Law Enforcement

Officials: 1 IS recruiter links attackers, jihadis in France (Fox News) A single French Islamic State jihadi has emerged as the link among at least four plots to attack France since June, three people with knowledge of the investigation said

3 Syrians arrested in Germany, believed sent by IS (AP) Three Syrian men believed to have been sent to Germany last year by the Islamic State group were arrested in raids on Tuesday, part of efforts to root out extremists sent to Europe amid the migrant influx, authorities said

Former Clinton email tech aide won’t testify at congressional hearing Tuesday (Washington Post) Lawyers for a former State Department staffer who worked on Hillary Clinton’s private email system have notified a House committee that their client will not testify Tuesday morning, saying that he previously invoked his constitutional right against self-incrimination before another Republican-led panel of Congress

Lawmaker issues subpoena to FBI for Clinton probe records (Fox News) A senior House Republican on Monday escalated the GOP's battle with the FBI over its decision not to recommend criminal charges against Hillary Clinton for her use of a private email system, serving a top FBI official with a subpoena for the investigation's full case file

Grassley blasts FBI over Clinton probe release (The Hill) Sen. Chuck Grassley is doubling down on his demand that the FBI publicly release unclassified information from its investigation into Hillary Clinton's private email server

Edward Snowden: ACLU and Amnesty seek presidential pardon (BBC) Two of the most prominent human rights organisations in the United States are about to launch a campaign for the presidential pardon of Edward Snowden

Edward Snowden should return to US, face charges: White House (Indian Express) White House officials said that Snowden would be offered due process of law on return, while adding that President Obama continues to believe that he has done harm to the national security interest of the US

Edward Snowden's 40 days in a Russian airport – by the woman who helped him escape (Register) Sarah Harrison on Ed's exile, Assange’s future – and the privacy fight ahead

The NSA whistleblowers who vetted Oliver Stone's 'Snowden' biopic (Christian Science Monitor Passcode) Former National Security Agency executives Bill Binney and Thomas Drake, who blew the whistle on US government surveillance programs more than a decade ago, served as advisers on the Edward Snowden film that opens nationwide Friday

Snowden May Help Explain Your Job To Your Family (Dark Reading) Hacking Oliver Stone's new film about whistleblower Edward Snowden

FDA, DHS Investigating St. Jude Device Vulnerabilities (Threatpost) The U.S. government has entered into the St. Jude-MedSec-Muddy Waters fray with an investigation into claims St. Jude medical devices are vulnerable to cyberattacks

vDOS hack: Attack on DDoS-for-hire service leads to two arrests (Inquirer) Serves them right

Man hacked, blackmailed gold bullion trading firm (Help Net Security) 25-year-old Adam Penny hacked the systems of an unnamed gold bullion trading firm, and used the stolen information about gold deliveries to intercept them before they are delivered to the rightful owners

Montreal cops hunting data thieves (CSO) When I was a kid growing up I was always enamored with the old cops and robbers movies. I was always amazed a the criminals terrible OPSEC even at a young age

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

SANS Network Security 2016 (Las Vegas, Nevada, USA , September 10 - 16, 2016) We are pleased to invite you and your colleagues to attend SANS Network Security 2016 at the magnificent Caesars Palace, Las Vegas, on September 10-19. SANS Network Security is your annual networking opportunity!...

Hacker Halted 2016 (Atlanta, Georgia, USA, September 11 - 16, 2016) This ​year, ​Hacker ​H​alted’s theme​ is​ the Cyber Butterfl​​y Effect​:​ When ​S​mall ​M​istakes ​L​ead to ​B​ig ​D​isasters​. The goal of the conference is to bring the IT security community together...

(ISC)² Security Congress (Orlando, Florida, USA, September 12 - 15, 2016) (ISC)² Security Congress offers attendees over 90 education sessions, designed to transcend all industry sectors, focus on current and emerging issues, best practices, and challenges facing cybersecurity...

7th Annual Billington Cybersecurity Summit (Washington, DC, USA, September 13, 2016) Join over 600 senior-level attendees, more than 50 distinguished speakers, and over 40 prestigious sponsors and exhibitors at the 7th Annual Billington CyberSecurity Summit, the leading Fall forum on cybersecurity...

Privacy. Security. Risk. 2016 (San Jose, California, USA, September 13 - 16, 2016) Innovative since Day 1, P.S.R. brings together two related fields—privacy and security—helping you see beyond your role in order to excel in your role. Because perspective is everything. Delivering the...

CISO GAS (Frankfurt, Hessen, Germany, September 13, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. CISOs and IT security executives...

ISS World Americas (Washington, DC, USA, September 13 - 15, 2016) ISS World America is the world's largest gathering of North American Law Enforcement, Intelligence and Homeland Security Analysts as well as Telecom Operators responsible for Lawful Interception, Hi-Tech...

Tarleton State University Cyber Security Summit 2016 (Dallas, Texas, USA, September 13, 2016) Cyber Security for the Board and the C-Suite: "What You Need to Know." Cyber Security experts will discuss corporate cyber-attacks and legal practitioners will discuss strategies to help companies comply...

Insider Threat Program Development Training For NISPOM CC 2 with Legal Guidance (Germantown, Maryland, USA, September 14 - 15, 2016) Insider Threat Program Development Training for NISPOM CC 2 (Germantown, Maryland, September 14 - 15, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development...

SecureWorld Detroit (Dearborn, Michigan, USA , September 14 - 15, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

Insider Threat Program Development Training for NISPOM CC 2 (Milwaukee, Wisconsin, USA, September 19 - 20, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795...

4th ETSI/IQC Workshop on Quantum-Safe Cryptography (Toronto, Ontario, Canada, September 19 - 21, 2016) This three-day workshop brings together diverse players in the quantum-safe cybersecurity community to facilitate the knowledge exchange and collaboration required to transition cyber infrastructures and...

Cyber Physical Systems Summit (Newport News, Virginia, USA, September 20 - 22, 2016) On September 20-22, 2016 the Commonwealth will be hosting a Cyber and Physical Systems Summit. The three day event will consist of roundtable discussions, plenary and panel presentations across the intersection...

hardwear.io Security Conference (The Hague, the Netherlands, September 20 - 23, 2016) hardwear.io Security Conference is a platform for hardware and security community where researchers showcase and discuss their innovative research on attacking and defending hardware. The objective of...

3rd Annual Senior Executive Cyber Security Conference: Navigating Today's Cyber Security Terrain (Baltimore, Maryland, USA, September 21, 2016) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 3rd Annual Senior Executive Cyber Security Conference on Wednesday, September 21, from 8:30 a.m. –...

New York Cyber Security Summit (New York, New York, USA, September 21, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers...

Gigaom Change 2016 Leader's Summit (Austin, Texas, USA, September 21 - 23, 2016) Over an immersive 2.5 days, we will explore the current state-of-the-art technologies, how these are transforming industry, and why this all matters. You’ll emerge with a greater understanding of the exponential...

NYIT Annual Cybersecurity Conference (New York, New York, USA, September 22, 2016) Presented by NYIT School of Engineering and Computing Sciences, this conference brings together cyber experts from academia, business, and government to address: Cyber Defense Against Attacks–How Industry...

GDPR Comprehensive 2016 (London, England, UK, September 22 - 23, 2016) The GDPR is now a reality. Are you prepared? We had an incredible response to the IAPP GDPR Comprehensive in Brussels and New York, where we prepared hundreds of privacy and data protection professionals...

Cyber Security: How to Identify Risk and Act (Frankenmuth, Michigan, USA, September 26, 2016) Join us on 9/26/2016 for the PMI-MTC's annual project management PDD focusing on "Cyber Security: How to Identify Risk and Act." Earn 7 PDUs during the interactive sessions with well-known information ...

CYBERSEC (Kraków, Poland, September 26 - 27, 2016) The CYBERSEC forum is the first of its kind in Poland and one of just a few regular public policy conferences in Europe devoted to the strategic issues of cyberspace and cybersecurity.The goal of the CYBERSEC...

Third Annual Women in Cyber Security Reception (Baltimore, Maryland, USA, September 27, 2016) The CyberWire is pleased to present the 3rd Annual Women in Cyber Security Reception in cooperation with our partner the Cybersecurity Association of Maryland (CAMI) on Tuesday, September 27, 2016, in...

IP EXPO Nordic 2016 (Stockholm, Sweden, September 27 - 28, 2016) IP EXPO Nordic is part of Europe’s number ONE enterprise IT event series, designed for those looking to find out how the latest IT innovations can drive business growth and competitiveness. The event showcases...

SecureWorld Dallas (Plano, Texas, USA , September 27 - 28, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

escar Asia 2016 (Tokyon, Japan, September 28 - 30, 2016) Founded in 2003, escar has established itself as the premier forum for the discussion and exchange of ideas to identify and minimize threats to data and vehicles. Held in Europe, the US and now for the third time in Asia, escar provides a forum for collaboration among industry, academia and governments for in-vehicle cyber security.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.