skip navigation

More signal. Less noise.

Daily briefing.

More documents taken from the US Democratic National Committee are released. Nothing newly scabrous, but Russia Today continues to waggle the Guccifer 2.0 sockpuppet to misdirect all from the hackers who doxed the DNC. ABC News says those hackers call themselves "Fancy Bear," which isn't quite accurate: that's what CrowdStrike calls them. Fancy Bear actually calls itself "Гла́вное разве́дывательное управле́ние" (over here people usually say "GRU").

US officials continue to worry about election hacking, and appear to have settled on a policy of offering help to state and local authorities without designating voting "critical infrastructure" or Federalizing elections.

Fancy Bear is also said to be behind the doxing of the World Anti-Doping Authority (WADA), exposing non-Russian Olympians' medical records in a spirit of tu quoque about performance-enhancing substances. (Again, the hacking, not the records, is the shock.)

Ransomware crime continues to pay. One malware author is, incredibly, reported by McAfee Labs to have netted some $94 million ($121 million gross).

KrebsOnSecurity says the US Secret Service is warning of a new ATM threat, "periscope skimming," in which a specialized "probe" connects to the machine's circuit board to access card data.

In the US, Congress is again taking up surveillance legislation. The Intelligence Community (including the NSA Director) this week testified in favor of strong encryption.

Senator McCain (R-Arizona) vows to block any attempt to separate NSA and US Cyber Command. Secretary of Defense Carter muses that NSA might do better as an independent agency.

Snowden says he deserves a pardon.

Notes.

Today's issue includes events affecting Ireland, Israel, Russia, St. Kitts and Nevis, United Kingdom, United States.

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today Ben Yelin from our partners at the University of Maryland's Center for Health and Homeland Security will give us an update on the legal ins-and-outs of stingray cell phone interception. Our guest, Acalvio’s Chief Software Architect Raj Gopalakrishna, will talk about machine learning. As always, if you enjoy the podcast, please consider giving it an iTunes review.

New York Cyber Security Summit (New York, NY, USA, September 21, 2016) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security. Meet & Learn from the Former Director of the CIA as well as experts from the FBI, Arbor Networks, IBM and more. Register with promo code cyberwire50 for half off your admission (regular price $250).

Tech Expo Job Fair (Arlington, VA, USA, September 28 - 29, 2016) Software Engineering Institute at Carnegie Mellon University Invitational Hiring Event. This is an invitation-only event. Submit your resume for review by September 27. SEI staff will be interviewing at their offices in Arlington, VA to fill local positions immediately.

CyberMaryland 2016 (Baltimore, MD, USA, October 20 - 21, 2016) This year's theme, “Leading the Cyber Generation,” captures the event’s intent to provide unparalleled information sharing and networking opportunities for development of cyber assets on both the human and technological side.

NICE Conference and Expo 2016 (Kansas City, MO, USA, November 1 - 2, 2016) The NICE 2016 Conference and Expo will feature timely, topical, and thought-provoking presentations, bringing together cybersecurity workforce, training, and educational leaders from academia, business, and government for two days of focused discussions.

Dateline Billington Cybersecurity Summit

Upgrading Technology, Organization, and Funding (The CyberWire) Tony Scott, the US Federal CIO, addressed the Billington CyberSecurity Summit with the aim of outlining what he sees at the path forward with respect to information technology for the United States Government. In doing so he paid particular attention to the implications of that path for cyber security

Cyber commission will weigh powers of White House policy czar (FedScoop) The commission will hear testimony from a wide variety of Washington players with different approaches to the issue

DHS won't define election systems as critical before November (FedScoop) “This is not something we're looking to in the near future. This is a conversation we’re having in the long term with state and local government, who are responsible for voting infrastructure"

Cyber threat sharing is now a two way street between industry and government (Federal News Radio) One of the more controversial laws passed last year just hit a major milestone. Companies are now officially sharing their cyber threat data with the government

Mandia: Phishing numbers show better U.S. cyber hygiene (FedScoop) If attackers have to phish your employees, it means they can't get at your servers

Israel cyber head: US-backed cyber norms too broad (The Hill) The head of the of the Israeli National Cyber Directorate on Tuesday criticized the State Department's strategy for developing international cybersecurity norms, calling the plans overly broad

Ciaran Martin: UK is moving towards more active defence in cyberspace (French Tribune) During the course of a speech at the Billington Cyber Security Summit in Washington, Ciaran Martin – the CEO of the UK’s new National Cyber Security Centre (NCSC) – said that the UK is moving towards more active defence in cyberspace

GCHQ cyber boss plans British firewall to block hackers (Guardian) Businesses could use surveillance agency’s expertise to protect them from malicious attacks, says director general of cyber Ciaran Martin

UK’s national cyber security unit working on automated defenses (TechCrunch) The CEO of the UK’s new National Cyber Security Centre wants industry and government to work more closely together to combat cyber crime

UK must plan for major 'hostile cyber attack' (Sky News) The boss of the new cyber security centre warns British infrastructure will only be safe when all outdated software is replaced

CREST Signs Cyber Security Incident Response Agreement With NSA (PRNewswire) New CREST USA Chapter opens offices in New York

Cyber Attacks, Threats, and Vulnerabilities

Guccifer 2.0 drops more DNC documents (The Hill) The hacker known as Guccifer 2.0 on Tuesday released a new trove of documents purportedly stolen from the Democratic National Committee (DNC)

Guccifer 2.0: More hacked DNC documents revealed at cyber conference (RT) Another round of hacked Democratic National Committee documents have been released. Provided by an anonymous representative of a hacker, Guccifer, the 500 megabytes detail the DNC’s information technology infrastructure and internal reports on donors

Possible Russian Meddling with US Elections Worries Key Defense Officials (Voice of America) Top U.S. defense officials insist they are not turning a blind eye to fears that Russian hackers are trying to hijack upcoming U.S. presidential and local elections

The DualToy Windows Trojan Uses USB Connection to Infect Androids and iOS Smartphones (Virus Guides) A Windows Trojan, named by Palo Alto Networks “DualToy”, used USB connection to load malicious apps on Android and iOS devices, connected to the infected computer

A single ransomware network has pulled in $121 million (CSO) A ransomware author was able to collect $121 million in ransomware payments

Armada Collective DDoS Extortion Group Now Threatens Ransomware Infections (Extreme Hacking) A group going by the name of Armada Collective is still sending extortion emails to website owners around the globe, one year after this type of attack became widely known

Ransomware usage explodes, as app, browser and plug-in vulnerabilities increase (Help Net Security) Bromium conducted research on cyber attacks and threats affecting enterprise security over the last six months. The good news is while the number of vulnerabilities is steadily increasing, not all exploitable vulnerabilities are actually exploited. The bad news is, criminals are working harder to get protected data. As a result, there’s been an uptick in recent high-profile data breaches and ransomware attacks

NTP reflection attacks hit record high (CSO) Distributed denial of service attacks that take advantage of misconfigured NTP servers were up 276 percent last quarter compared to the same time last year, reaching a new record high, according to a new report

Attackers Launch DDoS Attacks And the Kitchen Sink (CSO) First off, full disclosure, I work for Akamai as my day job. I don’t want any illusion on the point as I discuss the latest State of the Internet report that I was fortunate enough to be a part of creating

Business still ill-prepared to handle modern DDoS attacks (Help Net Security) In September 1996, New York City’s original ISP, Panix, was hit by a SYN flood denial of service attack that took them offline for several days. At a time when only 20 million Americans were online, this was one of the first high profile examples of the growing importance of network and service availability

Wada cyber attack: Williams sisters and Simone Biles targeted by Russian group (Guardian) ‘Fancy Bear’ accessed confidential medical data including TUEs. Serena Williams, Simone Biles, Elena Delle Donne targeted by group

Cyber 'Smear': Hackers Publish Olympians' Medical Records (ABC News) In what a U.S. official said was a "smear" attack on American Olympians, hackers have posted online medical and drug testing records for top athletes including gymnast Simone Biles, tennis players Serena and Venus Williams and basketball player Elena Delle Donne

Facebook Post Tagging Scam Steals Your Login Credentials (HackRead) Latest Facebook scam is spreading like wildfire and it uses a chrome app to steal login credentials — so watch out

6.6 million ClixSense users exposed in wake of site, company hack (Help Net Security) If you’ve ever registered with ClixSense – and millions have – you can consider all your personal information shared with the service compromised

Hacker Steals Passwords for Science Site EurekAlert!, Leaks Embargoed News (Motherboard) Popular science website EurekAlert!, which handles embargoed reports on health, medicine, and technology, has been hacked, according to an announcement on the site published Tuesday

Hackers found 47 new vulnerabilities in 23 IoT devices at DEF CON (CSO) The results from this year's IoT hacking contest are in and it's not a pretty picture

Don't Trust That Trust Mechanism: Vulnerabilities In Digital Certificates (Dark Reading) Tom Nipravsky, security researcher at Deep Instinct, visits the Dark Reading News Desk at Black Hat to explain how to tell the difference between a digital certificate that's worth your trust and one that isn't

Secret Service Warns of ‘Periscope’ Skimmers (KrebsOnSecurity) The U.S. Secret Service is warning banks and ATM owners about a new technological advance in cash machine skimming known as “periscope skimming,” which involves a specialized skimming probe that connects directly to the ATM’s internal circuit board to steal card data

Security Patches, Mitigations, and Software Updates

Using a thing made by Microsoft, Apple or Adobe? It probably needs a patch today (Register) Windows, Win Server, Office, Edge, IE, Silverlight, Flash, iOS, watchOS

Patch Tuesday: Microsoft rolls out 14 bulletins, prepares new updating system for October (SC Magazine) Microsoft's September Patch Tuesday offering, which included 14 bulletins covering 60 vulnerabilities or almost twice as many as were issued in August, is the last to be delivered under this update system with the company moving to a “monthly rollup” delivery mechanism starting in October

Microsoft Patch Tuesday Analysis (SANS Internet Storm Center) The Microsoft Patch Tuesday updates are out, our analysis is here

Microsoft ends Tuesday patches (Help Net Security) Yesterday was a big day for Patch Tuesday. It was the last traditional Windows Patch Tuesday as Microsoft is moving to a new patching release model. In the future, patches will be bundled together and users will no longer be able to pick and choose which updates to install. Furthermore, these new ‘monthly update packs’ will be combined, so for instance, the November update will include all the patches from October as well

Apple iOS 10 and 10.0.1 Released (SANS Internet Storm Center) On top of today being Patch Tuesday, Apple has released IOS 10 sometime today as well. They also released 10.0.1, with not a lot of detail behind that release (maybe something was missed?)

iOS 10 Security Updates Move to HTTPS (Threatpost) Update Apple has finally moved its iOS security update mechanism to HTTPS with today’s release of iOS 10

iPhones 'bricked' as Apple releases iOS 10 (and then rapidly fixes the problem) (Graham Cluley) Some iPhones and iPads busted by Apple’s buggy update

Adobe Back With New Flash Player Security Update (Threatpost) After a month free of Flash Player fixes and emergency patches, Adobe today resumed its monthly ritual of releasing a security update for the maligned software

Bad news: MySQL can dish out root access to cunning miscreants (Register) Good news: Oracle sneaked some patches out

Cyber Trends

Centrify’s Survey Finds Consumers More Concerned with Financial Data Getting Hacked than Private Information about Their Families Being Exposed (BusinessWire) Survey also reveals consumers more likely to hear about data breaches from the news or social media—not from companies holding their data

Securing information in the age of external collaboration (Help Net Security) A new Enterprise Strategy Group (ESG) research study, which was completed by 200 senior IT and security professionals with influence over purchasing decisions, highlights the need for organizations to have the necessary technologies in place to ensure policies travel with sensitive data wherever and however it is shared

GDPR: Are you prepared? (Help Net Security) Many European and US businesses are ill-prepared for the recently agreed EU General Data Protection Regulation (GDPR) and are at risk of falling foul of its rules around the use and control of personal data, according to a study conducted by Vanson Bourne

After all this time, enterprises are still doing cybersecurity wrong (ITProPortal) The main reason why so many organisations are suffering breaches and other forms of cyber-attacks is because they're not proactive, but reactive, says NSFOCUS

Insider Incidents Cost Companies $4.3 Million Per Year On Average (Dark Reading) Breaches caused by external attackers posing as insiders are the most financially damaging, Ponemon Institute survey finds

Deloitte executive says Latin America and Caribbean highly vulnerable to cyber- attacks (SKNVibes) Deloitte’s Global Chief Information Officer, Larry Quinlan, said that despite increased improvements in technology in the Caribbean and Latin America, the regions remain highly vulnerable to cyber-attacks

UAE companies ‘wide open’ to cyber attacks due to lack of staff training (National) Companies are failing to provide their employees with basic cyber security awareness training, leaving their systems "wide open" to attacks

Marketplace

Microsoft, Huawei Join in Cybersecurity Message (Wall Street Journal) Each feeling the heat from the other’s government, the two titans have jointly produced a tech ‘buyers guide’

U.S. spies think China wants to read your email (Bloomberg View via the Chicago Tribune) For more than a decade, the U.S. military and intelligence community has quietly warned that the world's largest telecom equipment manufacturer, Huawei, is an arm of the People's Liberation Army and that its phones, circuits and routers are instruments of Chinese eavesdropping

How Symantec's New COO Measures Security Success (eSecurity Planet) Mike Fey, president and COO of Symantec, talks about how he will bring the former Blue Coat and Symantec teams together

The Mariner Group is Now a Wholly Owned Subsidiary of ARES Security Corporation (PRNewswire) The Mariner Group has recently been fully acquired by ARES Security Corporation (ASC), who has held a majority ownership in The Mariner Group since 2013

Verizon to acquire IoT startup Sensity and aid smart city services (Techseen) Sensity Systems has agreed to the deal for an undisclosed amount and will aid Verizon's ThingSpace IoT platfrom with its LED light systems

FireEye: A Closer Look At Mandiant (Seeking Alpha) FireEye bought Mandiant for synergistic reasons. Mandiant is yet to live up to expectation due to dwindling high profile attacks. Separating Mandiant can potentially unlock more value for FireEye

Intel’s Spinout of McAfee Sparks Further Interest in Cyber Security (Guru Focus) You and the data associated with your network are now at risk…maybe

Startup Focuses On Real-Time Security Monitoring Of Plant Networks (Dark Reading) With $32 million in venture capital funding and co-founders from Siemens and Israeli Defense Force research teams, Claroty emerges from stealth

Israeli cyber security startup Cato Networks raises $30 million led by Greylock Partners (Geektime) This is the second round over $20 million in the last 15 months for Cato

GSA in a 'sprint' to offer new cybersecurity contracts (FedScoop) Agencies will be able to buy specialized cybersecurity tools and services in the areas of incident response, penetration testing, cyber hunt, and risk and vulnerability assessments beginning Oct. 1

Google offers $200K for top prize in new Android hack challenge (CSO) Launches limited-time 'bug chain' contest to root out security vulnerabilities

Portrait Of A Bug Bounty Hacker (Dark Reading) Bounty programs attract young, self-taught hackers who primarily depend on it as a lucrative side gig

Ntrepid Reveals Technical Advisory Board for Passages (BusinessWire) Diverse group of industry security experts and leading academia tapped to drive innovation

ICF International Awarded $34 Million Contract to Support the Defense Critical Infrastructure Program by Conducting Infrastructure Risk Assessments Worldwide (BusinessWire) ICF International (NASDAQ:ICFI), a leading provider of professional services and technology-based solutions to government and commercial clients, has been awarded a new $34 million contract to strengthen the resilience of U.S. Department of Defense (DOD) assets and assess the potential vulnerability of critical infrastructure at installations around the world

Kaspersky Lab opens R&D office in Ireland (Telecompaper) Kaspersky Lab opened its first European research and development (R&D) centre, in Dublin, Ireland. The location was selected on account of Dublin’s growing reputation as a major European tech hub, providing access to a highly skilled IT talent pool and a strong network of innovative technology companies

Global Cyber Leaders set to convene at 6th Annual CyberMaryland Summit (PRNewswire) Annual conference, industry showcase, job fair and National Cyber Security Hall of Fame Induction Ceremony to be held during National Cybersecurity Awareness Month in October

CrowdStrike Co-Founder and CTO Dmitri Alperovitch Named to Politico 50 List (Broadway World) CrowdStrike Co-Founder and CTO Dmitri Alperovitch Named to Politico 50 List CrowdStrike, the leader in cloud-delivered next-generation endpoint protection, today announced that Dmitri Alperovitch, CrowdStrike’s co-founder and chief technology officer, has been named into the Politico 50 list for 2016

Proofpoint CEO Gary Steele Joins Malwarebytes Board of Directors (Digital Journal) Malwarebytes™, the leading advanced malware prevention and remediation solution, today announced the appointment of Gary Steele, CEO at Proofpoint, to the Malwarebytes Board of Directors

Products, Services, and Solutions

The ‘Automated Public/Private Intel Sharing System’ That Enables CISA (Motherboard) At the end of 2015, with the United States facing the potential of a government shutdown, a widely derided and unpopular cybersecurity bill formerly known as CISPA and CISA was unceremoniously snuck into a 2000-page, must-pass budget bill

Tenable adds security to Google Cloud Platform (CloudPro) Vendor claims this will give customers complete cloud security view

Wipro partners with IntSights to deliver ‘Threat Intelligence as a Service’ (IIFL) The company announced a partnership with Israel-based IntSights Cyber Intelligence to bolster and expand its 'Threat Intelligence as- a- Service offering'

5 ways Cisco could become an iPhone's best friend (PCWorld) Apple devices get some special capabilities on Cisco networks starting with iOS 10

DDoS downtime calculator based on real-world information (Help Net Security) Are you wondering how you can assess the risks associated with a DDoS attack? Incapsula’s free DDoS Downtime Calculator offers case-specific information adjusted to the realities of your organization

Keeper Password Manager Available on Continuum for Windows 10 Phone Users (PRNewswire) App seamlessly syncs Microsoft's signature feature

Myki rolls out a password manager that locks all your info away on your phone (TechCrunch) Everything is getting hacked to the point that it’s getting kind of ridiculous — and everyone needs to have secure passwords

Duo Security Helps Protect Healthcare Organizations from Ransomware Attacks in a Single Step (PRNewswire) Certification organization EPCS compliance for two-factor authentication

Technologies, Techniques, and Standards

EU Group Canvas Aims to Put Ethics Back in Security (Infosecurity Magazine) A new EU-backed consortium created to help align cybersecurity with European ethics and values held its first meeting in Zurich this week

Biometrics: the New Frontier in Security, but Why Aren’t We There Yet? (Infosecurity Magazine) Biometrics is often considered to be the cutting-edge technology that the security industry needs to adopt to help drive innovation in the digital age

The Dos And Don'ts Of Running Security Honeypots In Your Organisation (Life Hacker) In the context of IT security, a honeypot is a computer system that serves as a decoy or as a trap so organisations can gather information on attackers that break into their corporate networks

9 biases killing your security program (CSO) I see what I want to see

Design and Innovation

Why The Security UI Could Help With Hiring (Dark Reading) The incoming generation of security analysts has specific expectations for the user interface of security software, and businesses should pay attention

Research and Development

Galois and Guardtime Federal Awarded $1.8M DARPA Contract to Formally Verify Blockchain-Based Integrity Monitoring System (PRWeb) Project aims to verify ability of keyless integrity monitoring systems to detect Advanced Persistent Threats (APTs) as they work to remain hidden in networks

Special Issue on Entropy-Based Applied Cryptography and Enhanced Security for Ubiquitous Computing (Entropy) Entropy is a basic and important concept in information theory. It is also often used as a measure of the unpredictability of a cryptographic key in cryptography research areas

Legislation, Policy, and Regulation

Cybersecurity In The Obama Era (Dark Reading) Our roundup of the Obama administration's major initiatives, executive orders and actions over the past seven and a half years. How would you grade the president's cybersecurity achievements?

White House’s DJ Patil wants to disrupt the criminal justice system with data (TechCrunch) At TechCrunch Disrupt SF 2016 today, I had a chance to chat with DJ Patil, the nation’s deputy chief technology officer for data policy and chief data scientist. We talked about what he’s been up to at the White House lately, the criminal justice system and a recently-launched data justice initiative

Encryption-focused lawmakers remain at loggerheads (Politico) Hacks won't force action on encryption

With national privacy debate unsettled, US intelligence officials back encryption (Christian Science Monitor Passcode) Lawmakers may still consider measures to force tech companies to decrypt communications, but at a Senate hearing Tuesday two top intelligence officials supported strong digital privacy protections

Senior Officials: DoD Supports Strong Encryption for Defense, Commercial Security (DoD News) The Defense Department supports strong encryption to protect military capabilities and commercial encryption technology that is critical to U.S. economic security, senior DoD officials said here today

Tor Slams Mass Hacking Amendments (Infosecurity Magazine) The Tor Project has slammed proposed US legislation that would allow the FBI greater capabilities to hack computers and conduct surveillance on electronic media that is “concealed through technological means"

The Defense Department Wants to Spin Off the NSA (PC Magazine) An independent NSA could free up DOD resources for more cyberattacks, assuming they can find enough programmers

McCain vows to block breakup of NSA leadership (The Hill) Sen. John McCain (R-Ariz.) on Tuesday vowed to oppose a reported proposal that would split up the leadership of the National Security Agency (NSA) and the U.S Cyber Command in a preview of what could be a brutal fight later this year

Army wants cyber capability everywhere (FCW) The Army's new cyber director said the service is still struggling to make cyber, electronic warfare and information operations tangible to warfighters

Litigation, Investigation, and Law Enforcement

Former Clinton adviser unsure of security protections on server (The Hill) Former senior Clinton adviser Justin Cooper repeatedly professed that he could not provide specific details about the security protections in place on Hillary Clinton’s private email server during a Tuesday congressional hearing

Edward Snowden says he deserves presidential pardon over NSA leaks (Washington Times) Edward Snowden on Monday said he should be pardoned, not prosecuted, for leaking government secrets, and he described his decision to disclose national security documents as being “necessary” to affect change to the country’s surveillance programs

Edward Snowden’s former boss speaks out: ‘I would have hired him again’ — but not now (GeekWire via Yahoo! Tech) The cybersecurity expert who hired Edward Snowden for his last job is laying out his lessons learned – but admits it would have been hard to stop the man who spilled some of the National Security Agency’s most closely held secrets

Edward Snowden Really Needs Oliver Stone’s Hero Movie Right Now (Wired) Director Oliver Stone’s Snowden takes about 90 minutes to bleach out the last shades of grey in its black-and-white biopic of the NSA’s most well-known whistleblower

NY Cracks Down on Mattel and Hasbro For Tracking Kids Online (Wired) Most Americans have long ago given up fighting the notion that their behavior is tracked by advertisers as they move around the web

2 million fake accounts later, Wells Fargo drops sales quotas for its employees (Ars Technica) Bank has not promised it will stop cross-selling products entirely, despite a temporary hold

Man accused of necrophilia and sexual assault prevails in privacy case (Ars Technica) “Cell phones are intrinsically private,” Arizona Supreme Court finds

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Cyber National Security – The Law of Cyberspace Confrontation (Hanover, Maryland, and Fort Meade, October 3 - 6, 2016) US Cyber Command will host the fourth annual COCOM-Interagency Cyber Law Conference from 3 through 6 October 2016, Cyber National Security – The Law of Cyberspace Confrontation. This year the conference...

Upcoming Events

SANS Network Security 2016 (Las Vegas, Nevada, USA , September 10 - 16, 2016) We are pleased to invite you and your colleagues to attend SANS Network Security 2016 at the magnificent Caesars Palace, Las Vegas, on September 10-19. SANS Network Security is your annual networking opportunity!...

Hacker Halted 2016 (Atlanta, Georgia, USA, September 11 - 16, 2016) This ​year, ​Hacker ​H​alted’s theme​ is​ the Cyber Butterfl​​y Effect​:​ When ​S​mall ​M​istakes ​L​ead to ​B​ig ​D​isasters​. The goal of the conference is to bring the IT security community together...

(ISC)² Security Congress (Orlando, Florida, USA, September 12 - 15, 2016) (ISC)² Security Congress offers attendees over 90 education sessions, designed to transcend all industry sectors, focus on current and emerging issues, best practices, and challenges facing cybersecurity...

Privacy. Security. Risk. 2016 (San Jose, California, USA, September 13 - 16, 2016) Innovative since Day 1, P.S.R. brings together two related fields—privacy and security—helping you see beyond your role in order to excel in your role. Because perspective is everything. Delivering the...

ISS World Americas (Washington, DC, USA, September 13 - 15, 2016) ISS World America is the world's largest gathering of North American Law Enforcement, Intelligence and Homeland Security Analysts as well as Telecom Operators responsible for Lawful Interception, Hi-Tech...

Insider Threat Program Development Training For NISPOM CC 2 with Legal Guidance (Germantown, Maryland, USA, September 14 - 15, 2016) Insider Threat Program Development Training for NISPOM CC 2 (Germantown, Maryland, September 14 - 15, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development...

SecureWorld Detroit (Dearborn, Michigan, USA , September 14 - 15, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

Insider Threat Program Development Training for NISPOM CC 2 (Milwaukee, Wisconsin, USA, September 19 - 20, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795...

4th ETSI/IQC Workshop on Quantum-Safe Cryptography (Toronto, Ontario, Canada, September 19 - 21, 2016) This three-day workshop brings together diverse players in the quantum-safe cybersecurity community to facilitate the knowledge exchange and collaboration required to transition cyber infrastructures and...

Cyber Physical Systems Summit (Newport News, Virginia, USA, September 20 - 22, 2016) On September 20-22, 2016 the Commonwealth will be hosting a Cyber and Physical Systems Summit. The three day event will consist of roundtable discussions, plenary and panel presentations across the intersection...

hardwear.io Security Conference (The Hague, the Netherlands, September 20 - 23, 2016) hardwear.io Security Conference is a platform for hardware and security community where researchers showcase and discuss their innovative research on attacking and defending hardware. The objective of...

3rd Annual Senior Executive Cyber Security Conference: Navigating Today's Cyber Security Terrain (Baltimore, Maryland, USA, September 21, 2016) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 3rd Annual Senior Executive Cyber Security Conference on Wednesday, September 21, from 8:30 a.m. –...

New York Cyber Security Summit (New York, New York, USA, September 21, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers...

Gigaom Change 2016 Leader's Summit (Austin, Texas, USA, September 21 - 23, 2016) Over an immersive 2.5 days, we will explore the current state-of-the-art technologies, how these are transforming industry, and why this all matters. You’ll emerge with a greater understanding of the exponential...

NYIT Annual Cybersecurity Conference (New York, New York, USA, September 22, 2016) Presented by NYIT School of Engineering and Computing Sciences, this conference brings together cyber experts from academia, business, and government to address: Cyber Defense Against Attacks–How Industry...

GDPR Comprehensive 2016 (London, England, UK, September 22 - 23, 2016) The GDPR is now a reality. Are you prepared? We had an incredible response to the IAPP GDPR Comprehensive in Brussels and New York, where we prepared hundreds of privacy and data protection professionals...

Cyber Security: How to Identify Risk and Act (Frankenmuth, Michigan, USA, September 26, 2016) Join us on 9/26/2016 for the PMI-MTC's annual project management PDD focusing on "Cyber Security: How to Identify Risk and Act." Earn 7 PDUs during the interactive sessions with well-known information ...

CYBERSEC (Kraków, Poland, September 26 - 27, 2016) The CYBERSEC forum is the first of its kind in Poland and one of just a few regular public policy conferences in Europe devoted to the strategic issues of cyberspace and cybersecurity.The goal of the CYBERSEC...

Third Annual Women in Cyber Security Reception (Baltimore, Maryland, USA, September 27, 2016) The CyberWire is pleased to present the 3rd Annual Women in Cyber Security Reception in cooperation with our partner the Cybersecurity Association of Maryland (CAMI) on Tuesday, September 27, 2016, in...

IP EXPO Nordic 2016 (Stockholm, Sweden, September 27 - 28, 2016) IP EXPO Nordic is part of Europe’s number ONE enterprise IT event series, designed for those looking to find out how the latest IT innovations can drive business growth and competitiveness. The event showcases...

SecureWorld Dallas (Plano, Texas, USA , September 27 - 28, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

escar Asia 2016 (Tokyon, Japan, September 28 - 30, 2016) Founded in 2003, escar has established itself as the premier forum for the discussion and exchange of ideas to identify and minimize threats to data and vehicles. Held in Europe, the US and now for the third time in Asia, escar provides a forum for collaboration among industry, academia and governments for in-vehicle cyber security.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.