skip navigation

More signal. Less noise.

Daily briefing.

The tally of states experiencing "hacking attempts" in the US is now up to twenty. For the most part the attempts as reported amount to reconnaissance, or sometimes theft of not-particularly-highly-sensitive (and sometimes publicly available anyway) voter data. There's growing awareness that one need not corrupt an election's data nationwide to affect its outcome. Carbon Black thinks attending selectively to Pennsylvania precincts could do the trick.

The IoT botnets used against OVH and KrebsOnSecurity should, a Los Angeles Times op-ed says, "terrify you." "Terrify" may be breathless, but the incidents represent a dramatic increase in criminal capability. Many devices herded into the botnets were security cameras. (A short primer on how security cameras are hackable may be found here.)

InfoArmor's study of the Yahoo! breach maintains those responsible weren't "state-sponsored," but rather criminals who subsequently sold their take to a nation-state. Some observers point out that in some parts of the world there's often very little daylight between criminals and security services.

The Tofsee botnet is newly active and "aggressive," reports Talos. Tofsee is spamming phishbait consisting of what's euphemistically called "adult dating" opportunities.

Flashpoint continues to keep an eye on the unfolding attempt by thedarkoverlord to extort money from a Californian investment company thedarkoverlord doxed.

Zerodium has upped its bounty for an iOS 10 remote jailbreak to $1.5 million. (This is not a conventional bug bounty—Zerodium is a zero-day broker.)

The European Union is shifting its cyber security export rules: more permissive with encryption, more restrictive on surveillance.

Notes.

Today's issue includes events affecting Australia, China, European Union, India, Iran, Netherlands, Nigeria, Palestine/Gaza, Russia, Ukraine, United Kingdom, United States.

A note to our readers: Next week we'll be attending the 2016 annual meeting of the Association of the United States Army. We'll be providing tweets and full coverage from the cyber-relevant portions of the three-day event. We'll also be spending some time with our colleagues from the Military Cyber Professionals Association.

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we hear from Markus Rauschecker, of our partners at the University of Maryland's Center for Health and Homeland Security. He'll discuss proposed cyber regulations being considered by New York State. Our guest, Eli David from Deep Instinct, will talk to us about deep learning. If you enjoy the podcast, please consider giving it an iTunes review.

Maryland Cyber Day (Rockville, MD, USA, October 5, 2016) Highlighting and celebrating Maryland’s cybersecurity entrepreneurs, innovators and companies and connecting them with two vital tools for growth and success – investment capital and customers – from Maryland and beyond.

CyberMaryland Job Fair (Baltimore, MD, USA, October 20, 2016) Top companies looking for cyber security professional, cleared and non-cleared opportunities.

Cyber Attacks, Threats, and Vulnerabilities

Hackers Target Election Systems in 20 States (NBC News) There have been hacking attempts on election systems in more than 20 states — far more than had been previously acknowledged — a senior Department of Homeland Security official told NBC News on Thursday

Symantec Shows How Easy It Is To Hack An Election (CRN) Here’s a scary idea: someone casting his or her vote for president, but in your name. Or how about: someone gains entry to an electronic voting booth and prints out false results, and hands them into officials. Unfortunately, according to Symantec, these idea could easily become reality

Cybersecurity expert: One battleground state most vulnerable to voting hacks (CBS News) The battleground state of Pennsylvania might as well have a target on its back as Election Day nears, the cybersecurity company Carbon Black warned in a new report released Thursday

County Voter Info Part of Statewide Cyber Attack (Republic-Times) The records of more than 3,000 registered voters in Monroe County may have been viewed during a summer cyber attack on the state election database in Springfield

Russian hackers likely targeted journalists investigating Flight MH17 (Graham Cluely) Attack consistent with Fancy Bear hacker group’s techniques

Army of webcams used in net attacks (BBC) One of the biggest ever web attacks - in which more than one terabit of data was fired at a website to knock it offline - has been reported

Record Cybercrime Assault Using Hacked Cameras (Sputnik) The website of prominent security blogger Brian Krebs, was overwhelmed by what's being called one of the biggest ever distributed denial of service (DDoS) attacks in Internet history. Krebs warns that the takedown of his site shows how powerful today's cybercriminals have become

Cybersecurity expert Brian Krebs was silenced by a huge hacker attack. That should terrify you. (Los Angeles Times) About a week ago, the website of journalist and cybersecurity expert Brian Krebs was hit with a crippling hacker assault known as a “distributed denial of service,” or DDoS, which knocked him off the Internet for several days

Yahoo! Mobile Mail Wide Open Even After Password Reset (Infosecurity Magazine) In the aftermath of Yahoo! announcing the breach of 500 million user accounts, Trend Micro Zero Day Initiative (ZDI) researchers are warning that a password reset still leaves mobile mail wide open to criminals

Researchers Shoot Down Yahoo Claim Of Nation-State Hack (Dark Reading) InfoArmor says the attackers who stole a half-billion Yahoo user accounts were seasoned cybercriminals who later sold the booty to an Eastern European nation-state

Yahoo Challenged on Claims Breach Was State-Sponsored Attack (Threatpost) As challenges mount against Yahoo’s attribution of a massive 2014 data breach to state-sponsored hackers, CISO Bob Lord yesterday confirmed that a cache of 200 million Yahoo accounts marketed this summer in an underground forum is unrelated to the breach

Turns Out Consumers Stay Loyal to Companies After Hacks (Wired) The digital theft of just under 100 million records stolen from both the Office of Personnel Management and Anthem pales compared to the revelation that at least 500 million Yahoo accounts have been compromised—though one might argue that the impact is just as significant

SIMS Game Custom Content Site Hacked; 118K Accounts Leaked (HackRead) The targeted site is called Newseasims and provides custom content for SIMS2 and SIMS3 video games

Apple Users Targeted with iCloud Phishing Scam (HackRead) Lately, Apple users including celebrities have been targeted by cybercriminals with malware and phishing scams — this phishing scam is also after iCloud accounts

Tofsee Botnet Gets Aggressive with Russian Dating (Infosecurity Magazine) A marked increase in the volume and velocity of spam email campaigns containing malicious attachments is spreading the Tofsee malware and botnet at unprecedented aggression levels

“thedarkoverlord” Targets Finance in Next Wave of Extortion Attacks (Flashpoint) On September 25, 2016, “thedarkoverlord,” a notorious threat actor behind the recent extortion attempts of several healthcare organizations, gained access to highly-sensitive information from WestPark Capital investment firm. The CEO of WestPark Capital refused the actor’s blackmail demands, and as a result, partial information was released to the public by thedarkoverlord

The Rise and Fall of Encryptor RaaS (TrendLabs Security Intelligence) Back in July 2015, a new ransomware as a service named “Encryptor RaaS” (detected by Trend Micro as RANSOM_CRYPRAAS.SM) entered the threat scene, rivaling or at least expecting to succeed the likes of similar get-rich-quick schemes from Tox and ORX Locker

Europol: Crypto-ransomware Now Biggest Malware Threat (Infosecurity Magazine) Crypto-ransomware is now the biggest malware threat facing law enforcers, according to the latest annual Europol report on the threat landscape

Ransomware Threat Highlighted During Cyber Security Summit (Georgia Tech News Center) As part of the 14th Annual Georgia Tech Cyber Security Summit held Wednesday, College of Computing Ph.D. student Evan Downing, alongside GTRI Cyber Technology and Information Security lab division chief Chris Smoak, presented a seminar on ransomware

These ransomware tricks fool the most hardened security pro (CSO) Cybercriminals use these methods to pull the wool over unsuspecting victims

Another Day, Another Malicious Behaviour (SANS Internet Storm Center) Every day, we are spammed with thousands of malicious emails and attackers always try to find new ways to bypass the security controls. Yesterday, I detected a suspicious HTTP GET request

Decrypting The Dark Web: Patterns Inside Hacker Forum Activity (Dark Reading) Data analysis to be presented at Black Hat Europe highlights trends in communication between bad actors who gather in underground forums across the Dark Web

This Cybersecurity Firm Maps Hackers' Lives by the Clues They Leave Online (Motherboard) The digital underground, populated by hackers, drug dealers, and other criminals, is a vast space. The sheer number of forums, cybercriminal handles, and backroom dealings can be overwhelming to researchers or journalists

5 Things You Should Know About Nigerian "Digital Check Washing" Rings (Inc.) Wired B2B payments are all too common--and easy money for con artists expert at diverting cash transfers

How A Pair Of Cybercriminals Scales Its Carder Business (Dark Reading) 'Vendetta Brothers' cybercrime duo runs site that offers cards stolen from over 600 banks in 41 countries, FireEye says

‘Money Mule’ Gangs Turn to Bitcoin ATMs (KrebsOnSecurity) Fraudsters who hack corporate bank accounts typically launder stolen funds by making deposits from the hacked company into accounts owned by “money mules,” willing or unwitting dupes recruited through work-at-home job scams

Fingerprint tech makes ATMs super secure, say banks. Crims: Bring it on, suckers (Register) All those unchangeable PINs, up for easy swiping

NHS Cloud App Blind Spot Could Put Data at Risk (Infosecurity Magazine) A Freedom of Information request has revealed that nearly half (47%) of NHS Trusts don’t monitor all cloud app use, potentially exposing them to data security and compliance risks

Security Patches, Mitigations, and Software Updates

Cisco Warns of Critical Flaw in Email Security Appliances (Threatpost) Cisco Systems released a critical security bulletin for a vulnerability that allows remote unauthenticated users to gain complete control of its email security appliances. The vulnerability is tied to Cisco’s IronPort AsyncOS operating system

Backdoored D-Link Router Should be Trashed, Researcher Says (Threatpost) A researcher who found a slew of vulnerabilities in a popular router said it’s so hopelessly broken that consumers who own them should throw them away

Cyber Trends

83% of Companies Have Released Applications They Know Are Unsafe (Infosecurity Magazine) Bug bounties have been on the rise and are widely regarded as a smart way to scale the testing of your security code. But a new survey shows that businesses may be over-reliant on them

How the new age of antivirus software will protect your PC (PCWorld) New threats require new solutions

Boardroom perspectives on cloud implementation (Help Net Security) Although there’s a significant uptick in cloud adoption at the enterprise level, companies are missing the full benefit of their cloud adoptions by not factoring their IT implementations into their overall business strategy, according to Accenture

1 in 3 organizations have experienced an insider attack in the last year (Help Net Security) A new Bitglass report on insider threats in the enterprise found that, in a third of organizations surveyed, careless or malicious user behavior resulted in data leakage, up slightly from a year ago. 56 percent of respondents believe insider leaks have become more frequent in the last year

Marketplace

The Tailwinds Expected To Boost Cybersecurity In 2017 (Stockhouse) Goldman Sachs said in a research note published Thursday it viewed the increased government spending on cybersecurity to serve as a catalyst for cybersecurity stocks such as FireEye Inc (NASDAQ: FEYE), Cyberark Software Ltd (NASDAQ: CYBR) and Palo Alto Networks Inc (NYSE: PANW)

Security appliance market shows positive growth (Help Net Security) The total security appliance market showed positive year-over-year growth in both vendor revenue and unit shipments for the second quarter of 2016, according to IDC. Worldwide vendor revenues in the second quarter increased 5.8% year over year to $2.75 billion, and shipments grew 15.2% year over year for a total of 659,305 units

The New Battleground: Cyber Warfare (Guru Focus) Is opportunity presenting itself to investors?

Getting cyber insurance is a complex process, experts warn (Property Casualty 360) Applying for any kind of insurance coverage requires answering the carrier’s questions or filling out an application form

Examining the costs and causes of cyber incidents (Oxford Journals) In 2013, the US President signed an executive order designed to help secure the nation’s critical infrastructure from cyberattacks. As part of that order, he directed the National Institute for Standards and Technology (NIST) to develop a framework that would become an authoritative source for information security best practices. Because adoption of the framework is voluntary, it faces the challenge of incentivizing firms to follow along. Will frameworks such as that proposed by NIST really induce firms to adopt better security controls? And if not, why? This research seeks to examine the composition and costs of cyber events, and attempts to address whether or not there exist incentives for firms to improve their security practices and reduce the risk of attack

Zerodium Triples its iOS 10 Bounty to $1.5 Million (Threatpost) Zerodium has tripled the bounty it offers for an Apple iOS 10 remote jailbreak, boosting the reward today to $1.5 million USD, founder Chaouki Bekrar said

MACH37 Adds MITRE to Network as Member (Benzinga) MACH37 expands growing network with the addition of MITRE

Avast CEO on why it’s just spent $1.4BN to absorb security rival AVG (TechCrunch) Security firm Avast has today confirmed the completion of a $1.4 billion acquisition of fellow Czech-based antivirus company AVG. The deal will see Avast’s customer base nearly double — swelling from 230 million to more than 400 million in total, 160M of whom are mobile users

NCC Group buys US cyber security firm for up to $18.75m (Digital Look) Cyber security firm NCC Group has bought US cyber security and payment consultancy Payment Software Company for up to $18.75m in cash

IBM Is Buying One of the Most Influential Firms on Wall Street (Fortune) IBM is getting into the business of advising Wall Street—using artificial intelligence

Splunk ups the machine-learning ante (Computerworld) Last week a competitor decided to poke the bear. This week Splunk comes out swinging

Symantec Is Not a Safe Bet (Real Money) This year, shares of cybersecurity outfit Symantec (SYMC) are up almost 19%. Is this stock safe to go higher?

WISeKey International Holding Signs MOU with Indian Investors to Establish a Joint Venture (WISeKey India) to Expand IoT and Cybersecurity in the Indian Market (Broadway World) WISeKey International Holding Ltd (WIHN.SW) (“WISeKey”) and a group of successful entrepreneurs having built and sold multiple companies in India and US announced today that they have signed a Memorandum of Understanding (“MoU”) to establish a Joint Venture to deploy WISeKey IoT and Cybersecurity Platform to the Indian Market

FireMon boss looks to streamline channel for enterprise push (Channelnomics) Kurt Mills to identify top resellers to help company move 'upstream'

Creating Connections at the 3rd Annual Women in Cyber Security Reception (Delta Risk) The CyberWire and the Cybersecurity Association of Maryland Inc. (CAMI) hosted their annual Women in Cyber Security reception on September 27 to celebrate and bring awareness to the success of women in the cyber security industry

Cylance CEO Stuart McClure Wins NetEvents Innovation Idol Award, Honoring Creative Entrepreneurship (BusinessWire) Company also honored with Hot Start-Up IoT Award at 2016 NetEvents Innovation Awards

Former US Cyber Command Deputy Director Lieutenant General Robert Schmidle Jr. Joins Endgame Advisory Board (PRNewswire) U.S. Cyber Command Deputy Director brings battle-tested experience to leading threat hunting platform

Products, Services, and Solutions

Virtustream Approved as G-Cloud 8 Supplier for UK Government's Latest Framework (PRNewswire) Virtustream helps public sector organisations take control of their clouds

Cypherpath Launches Infrastructure as a File (IaaF) Solution for the Enterprise (Yahoo! Finance) Cypherpath, the leader in on-demand containerized infrastructure solutions, today announced that its Cypherpath Infrastructure Container System is now available for enterprise-level infrastructure deployments

Dome9 Launches Compliance Engine, Slashing Time-to-Compliance for the Public Cloud (Sys-Con Media) New offering simplifies the IaaS compliance lifecycle across any public cloud, from aggregation and analysis to remediation and continuous enforcement

Fiber Nederland offers security from Kaspersky (Telecompaper) Dutch ISP Fiber Nederland has launched a security package based on software from Kaspersky Lab

Technologies, Techniques, and Standards

EMV: The Anniversary Of One Deadline, The Eve of Another (Dark Reading) How merchants and criminals responded since the EMV liability shift for point-of-sale devices one year ago. And what changes can we expect after the liability shift for ATMs, which is just days away?

UK Gov Boost Security with HTTPS and DMARC (Infosecurity Magazine) The UK government is mandating the use of the Domain-based Message Authentication, Reporting & Conformance (DMARC) protocol as well as HSTS and HTTPS as of Saturday in a major boost to its cybersecurity credentials

Guide to Getting the Right Single Sign-on Solution (eSecurity Planet) Single sign-on solutions help users cope with password pressures by enabling a single authentication event to offer access to multiple applications

Protect Your Enterprise by Balancing WordPress Plugins (Infosecurity Magazine) Data breaches are becoming more prevalent – and expensive. According to the March Beazley Breach Insights 2016 report, the Beazley response unit responded to 60% more data breaches in 2015 over 2014. Still more shocking, the proportion of breaches involving third-party vendors more than tripled over that same time period, rising from 6% of breaches in 2014 to 18% in 2015

Clear and present danger: Combating the email threat landscape (Help Net Security) Like it or loathe it, email is here to stay

Why your employees are still a huge security risk (CSO) Is security awareness training doing the job of protecting organizations from employee negligence? Michael Bruemmer of Experian Data Breach Resolution tells us where awareness is falling short, and what companies can do to improve

SnoopWall Launches Free Cyber Security Tips in Advance of National Cyber Security Awareness Month 2016 (PRNewswire) October 2016 is National Cyber Security Awareness Month - SnoopWall and Miss Teen USA 2013 agree it is time we all become #CyberAware

The Definition of Quantum Everything (Nanalyze) In an earlier article we talked about 10 companies working on quantum computing and promised our lovely readers a follow up article on companies working on “quantum cryptography” and/or “quantum encryption”

Design and Innovation

Meet Apache Spot, a new open source project for cybersecurity (CSO) The effort taps big data analytics and machine learning for advanced threat detection

Securing industrial IoT: Spotlight on DMZ and segmentation (Tech Target) Industrial IoT is ushering the era of IT and OT convergence. However, making traditional OT assets smarter with IT technologies also means a larger cyber threat surface and, hence, more exposure to cyberattacks which are growing smarter as well

Academia

Many 'Phish' in the Sea (Athens Post) Ohio University fends off phishing scams and viruses through its OIT Security Department

UTSA Receives $3 Million From Homeland Security For Cybersecurity Training Courses (Texas Public Radio) UTSA’s Center for Infrastructure Assurance and Security has received $3 million from the Department of Homeland Security. The money will be used to support cybersecurity training courses to oppose new and emerging cyber threats

Legislation, Policy, and Regulation

America is Losing the Cyber War (US News and World Report) Russia, China, Iran and North Korea have a tactical edge against U.S. digital restraint

EU clamps down on sale of surveillance tech to despotic regimes (Ars Technica) New export controls would loosen rules on crypto, tighten them on surveillance

Pentagon’s 5,000-Strong Cyber Force Passes Key Operational Step (Bloomberg) Teams will target ‘closest alligators to the boat’: analyst. Force to reach full operating capability by September 2018

New OPM Background Check Bureau Launches October 1 (SIGNAL) While the new agency tackles inherited backlog, DOD moves forward with creating its IT backbone

White House names first director of new security clearance bureau (Federal News Radio) The Obama administration on Thursday named a career personnel security expert to lead the government’s new National Background Investigation Bureau, the semi-independent office that will officially take over responsibility for processing security clearances on Monday

Litigation, Investigation, and Law Enforcement

Comey on Clinton email probe: 'Don't call us weasels' (Politico) The normally stoic FBI chief grew emotional as he rejected claims that the FBI was in the tank for Clinton

FBI probes possible hacks targeting phones of Democratic Party staff (Naked Security) The FBI has approached a handful of Democratic Party officials over concerns that their mobile phones may have been hacked as recently as the past month, unnamed sources have told Reuters

Report: FBI Use of Controversial Surveillance Program Declined After Snowden Revelations (Washington Free Beacon) The FBI has significantly scaled back its collection of Americans’ phone records since Edward Snowden exposed the government’s surveillance program in 2013, according to a new report

WhatsApp’s privacy U-turn on sharing data with Facebook draws more heat in Europe (TechCrunch) A dramatic privacy about-face by messaging app WhatsApp this summer, in which it revealed an update to its T&Cs would for the first time allow the sharing of its user data with parent company Facebook, is getting the pair into hot water in Europe

Aussie Border Police Bust Dark Net Drug Dealer (HackRead) A couple of months ago the Australian police busted a pedophile ring on Tor – now, Australian border force is aiming to track down drug distribution via dark net

Man Arrested Over Cyber Attack At Sandown Bay Academy (Isle of Wight Radio) A man has been arrested in connection with a cyber attack at Sandown Bay Academy

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

escar Asia 2016 (Tokyon, Japan, September 28 - 30, 2016) Founded in 2003, escar has established itself as the premier forum for the discussion and exchange of ideas to identify and minimize threats to data and vehicles. Held in Europe, the US and now for the third time in Asia, escar provides a forum for collaboration among industry, academia and governments for in-vehicle cyber security.

Cyber National Security – The Law of Cyberspace Confrontation (Hanover, Maryland, and Fort Meade, October 3 - 6, 2016) US Cyber Command will host the fourth annual COCOM-Interagency Cyber Law Conference from 3 through 6 October 2016, Cyber National Security – The Law of Cyberspace Confrontation. This year the conference...

Crossroads Regional Cybersecurity Summit (Victoria, Texas, USA, October 4, 2016) Bringing together top experts from both the public and private sectors, the Crossroads Regional Cybersecurity Summit (CRCS) will be an exciting and educational day for local businesses. Through a variety...

Cambridge Cyber Summit (Cambridge, Massachusetts, USA, October 5, 2016) This unique one-day summit will bring together c-suite executives and business owners with public and private-sector leaders in security, technology and defense to discuss ways to combat urgent cyber threats...

IP EXPO Europe (London, England, UK, October 5 - 6, 2016) IP EXPO Europe is Europe's number ONE IT event for those looking to find out how the latest IT innovations can drive their business forwardIP EXPO Europe now includes six co-located events with their own...

RFUN 2016: 5th Annual Threat Intelligence Conference (Washington, DC, USA, October 5 - 6, 2016) The fifth annual RFUN Conference is a two-day event that brings together the diverse and talented community of analysts and operational defenders who apply real-time threat intelligence to out-innovate...

SecureWorld Denver (Denver, Colorado, USA, October 5 - 6, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

VB 2016 (Denver, Colorado, USA, October 5 - 7, 2016) The 26th annual international Virus Bulletin conference meets this October in Denver

Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, August 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered...

TU-Automotive Cyber Security Europe (Munich, Bayern, Germany, October 6 - 7, 2016) The most focussed forum on the ‘here and now’ of automotive cybersecurity. As we are inundated by headlines on cyber-attacks, we go beyond the hype to focus on the current challenges and solutions that...

AppSecUSA 2016 (Washington, DC, USA, October 11 - 14, 2016) OWASP’s 13th Annual AppSecUSA Security Conference is the premier application security conference for developers and security experts. Come hear an amazing group of inspirational speakers—including YouTube’s...

AFCEA CyberSecurity Summit (Washington, DC, USA, October 11 - 12, 2016) AFCEA Washington, DC invites you to attend the 7th Annual Cybersecurity Summit on October 11–12, 2016. This two-day summit will feature keynotes from government leaders, thought-provoking discussion panels,...

Cyber Security Summit 2016 (Aukland, New Zealand, May 5, 2016) New Zealand’s first Cyber Security Summit will be held in Auckland on 5 May 2016. The theme is “Keeping New Zealand’s Economy Cyber Secure”. Hosted by the Minister for Communications Hon Amy Adams, the...

Insider Threat Program Development Training for NISPOM CC 2 (Warrington, Pennsylvania, USA, October 17 - 18, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (NISPOM Conforming Change 2). PA. For a limited time the training is being offered at a discounted rate of...

Cyber Ready 2016 (McDill Air Force Base, Florida, USA, October 18, 2016) We invite you to join us for our first annual Cyber ReadyTM 2016 conference observing National Cyber Security Awareness Month: The Impact of Cyber Crime. The National Cyber Partnership, joined by the MITRE MITRE National Capture the Flag (CTF) Competition Cyber Challenge Awards Ceremony.

EDGE2016 Security Conference (Knoxville, Tennessee, USA, October 18 - 19, 2016) The EDGE2016 conference is where true collaboration between business and technology professionals happens. Combining engaging keynotes from world-renowned visionaries, recognized technology industry leaders,...

SecureWorld St. Louis (St. Louis, Missouri, USA, October 18 - 19, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

Los Angeles Cyber Security Summit (Los Angeles, California, USA, October 28, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers...

Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, August 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered...

CyberMaryland 2016 (Baltimore, Maryland, USA, October 20 - 21, 2016) The CyberMaryland Conference is an annual two-day event presented jointly by The National Cyber Security Hall of Fame and Federal Business Council (FBC) in conjunction with academia, government and private...

CyCon US: International Conference on Cyber Conflict (Washington, DC, USA, October 21 - 23, 2016) The inaugural U.S. based International Conference on Cyber Conflict will take place 21-23 October 2016 in Washington D.C. Focusing on a theme of Protecting the Future. CyCon U.S. seeks to create greater...

SANS San Diego 2016 (San Diego, California, USA , October 23 - 28, 2016) Cyber security training in San Diego, CA from SANS Institute, the global leader in information security training. Choose from nine hands-on, immersion-style training courses for security professionals...

Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, August 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered...

2016 ICS Cyber Security Conference (Atlanta, Georgia, USA, October 24 - 27, 2016) As the largest and longest-running cyber security-focused conference for the industrial control systems sector, the event caters to the energy, utility, chemical, transportation, manufacturing, and other...

SecureWorld Bay Area (San Jose, California, USA, October 27, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry...

Regional Cyber Security Summit (Sharm El-Sheikh, Egypt, October 30 - November 1, 2016) The Regional Cyber Security Summit comes this year with the theme of “Boundless Collaboration, Boundless Protection”. It focuses on the cooperation in cybersecurity as one of key pillars to tackle the...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.