skip navigation

More signal. Less noise.

Daily briefing.

ThreatConnect reviews the circumstantial evidence that Emmanuel Macron's campaign for France's presidency was indeed phished by Fancy Bear (Russia's GRU). The campaign itself has confirmed that it sustained phishing attempts, but says that no data were lost. Observers are watching for leaks timed before the second round of the elections, May 6th and 7th.

The same group is thought responsible, on the strength of similar circumstantial evidence, for phishing attempts directed against think tanks affiliated with the parties in Germany's coalition government: the CDU's Konrad Adenauer Foundation and the SPD's Friedrich Ebert Foundation.

Chinese and Russian criminal organizations continue to pick through ShadowBrokers' recent dump as they look for tools they can exploit in the wild.

Israel's government takes the unusual step of reporting that it sustained and stopped a cyberattack mounted by an unnamed foreign state. The disclosure may be related to ongoing controversy over a proposed cybersecurity law.

Sudan's government is employing a hacking group called "Electronic Jihad" against ISIS; critics see a collateral effect on dissidents in general.

Both Symantec and Verizon have released major threat studies, and they highlight two trends: the growing popularity of ransomware among criminals, and the very significant rise in cyberespionage by nation-states.

RiskIQ describes NoTrove, an ad spammer whose large-scale efforts are the bad money driving the good money from online advertising. Check Point warns of another quiet botnet, "FalseGuide," infesting Android devices—some 600,000 of them, it estimates—with adware.

Webroot yesterday fixed the bug that flagged Windows as malicious.

Notes.

Today's issue includes events affecting France, Germany, Israel, Russia, Sudan, United Kingdom, United States.

A note to our readers: our video coverage of the keynotes at the 2017 Women in CyberSecurity conference is now up and available for viewing.

In today's podcast, we hear from our partners at Palo Alto Networks, as Rick Howard describes Unit 42's research on credential theft. Our guest, Ellison Anne Williams from Enveil, talks about Enveil's innovative homomorphic encryption technology.

Hacker Secrets Revealed: 5 Security Mistakes to Avoid (Webinar, April 27, 2017) Delta Risk research has identified the attack vectors bad actors most commonly use to get initial access to a network and spread across the rest of the organization.

The Cyber Security Summit: Dallas (Dallas, Texas, USA, May 5, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from the U.S. Dept of Justice, Proofpoint, CenturyLink, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350)

Cyber Attacks, Threats, and Vulnerabilities

This Is the Evidence Linking Russian Hackers to the French Election (Motherboard) As France braces for the second round of its election, security researchers try to figure out if Russia was really behind the alleged hacking attempts against frontrunner Emmanuel Macron.

Parlez-vous Fancy? (ThreatConnect) ThreatConnect reviews potential Fancy Bear activity targeting the French election runoff

A cybersecurity group thinks Russia is trying to hack the French election (Vox) It believes the group behind the DNC hacks is going after Macron.

French Macron campaign confirms phishing attempts, says no data stolen (Zawya MENA Edition) French presidential candidate Emmanuel Macron's campaign team confirmed that his party had been target of attempts to steal email credentials.

Cyber spies target German party think-tanks ahead of election (Star Online) Two foundations tied to Germany’s ruling coalition parties were attacked by the same cyber spy group that targeted the campaign of French presidential favourite Emmanuel Macron.

Shadow Brokers Attack Tools Light Up Chinese and Russian Darknet (Infosecurity Magazine) Shadow Brokers Attack Tools Light Up Chinese and Russian Darknet. Hackers keen to exploit this treasure trove of data

Sudan’s Government Is Using A Shady Hacking Group To Hunt ISIS (Motherboard) But the government has been cracking down on freedom of expression and dissent too.

Unusual cyber attack thwarted (Arutz Sheva) Attacker forges security certificates, sends emails to government offices and private citizens.

Israel believes foreign nation directed thwarted cyberattack (Haaretz) Cyberattack was sophisticated and focused on Israeli civilian research and development, which could be of interest to entities around the world, says top authority official

XMR Squad Is Charging German Companies €250 for "DDoS Tests" (BleepingComputer) A group calling itself XMR Squad has spent all last week launching DDoS attacks against German businesses and then contacting the same companies to inform them they had to pay €250 ($275) for "testing their DDoS protection systems."

The Difference between DOS and DDOS attacks (Difference Between) Denial of service (DOS) and distributed denial of service (DDOS) attacks are tools used by hackers to disrupt online services. The implications of these attacks can be wild…

RiskIQ Researchers Identify New Threat Actor NoTrove Delivering Millions of Scam Ads, Threatening Consumers and the Digital Advertising Industry (GlobeNewswire News Room) Earlier this year, RiskIQ, the leader in digital threat management, reported an eight-fold increase in internet scam incidents that deny the $83 billion digital advertising industry millions of dollars. Now, researchers at RiskIQ have identified NoTrove, a newly discovered and major threat actor that is delivering millions of scam ads that threaten consumers and further undermine the digital advertising industry.

NoTrove: The Threat Actor Ruling a Scam Empire (RiskIQ) Understand how to stay ahead of scammers like NoTrove

Android Malware Posing as FIFA, Pokemon Go Guides Infected 600,000 Devices (HackRead) A recently discovered strain of botnet malware has infected over 600,000 Android devices, as stated by the security researchers.

‘World’s Most Secure’ Email Service Is Easily Hackable (Motherboard) A service that claims to be the only way to do email in a secure way is actually riddled with flaws, opening it up to hackers, according to a researcher.

Nomx? No thank you (Graham Cluley) Nomx describes itself as "the only secure email communications device compatible with legacy email systems." But security researcher Scott Helme is less than impressed.

nomx: The world's most secure communications protocol (Scott Helme) With slick marketing, catchy taglines and some pretty bold claims about their security, nomx claim to have cracked email security. Let's see if they have.

A vigilante is putting a huge amount of work into infecting IoT devices (Ars Technica) When it comes to features and robustness, Hajime surpasses its blackhat rivals.

Hackers exploited Word flaw for months while Microsoft investigated (Reuters) To understand why it is so difficult to defend computers from even moderately capable hackers, consider the case of the security flaw officially known as CVE-2017-0199.

Samsung Smart TV Can Be Hacked via Wi-Fi Direct Feature (BleepingComputer) Security researchers from Neseso are sounding the alarm on a vulnerability they've discovered in Samsung smart TVs that Samsung declined to fix.

More LastPass flaws: researcher pokes holes in 2FA (Naked Security) LastPass has been in the news again for another chink in its armour – though it has now been fixed, you’ll be glad to hear

Positive Technologies discovers vulnerabilities in SAP solutions (Positive Technologies) Users of SAP NetWeaver 7.31 advised to install security updates

If there are some unexploited MSSQL Servers With Weak Passwords Left: They got you now (again) (SANS Internet Storm Center) Setting up a Microsoft SQL server with a stupid simple password like "sa" for the "sa" user is hard.

Cybercrime can come in any shape or size, and not always the form you'd expect (Help Net Security) Cyberespionage is the most common type of attack in manufacturing, public sector and education, warns the Verizon 2017 Data Breach Investigations Report.

Cyberespionage, ransomware big gainers in new Verizon breach report (CSO Online) Verizon released its tenth annual breach report this morning, and cyberespionage and ransomware were the big gainers in 2016. Cyberspionage accounted for 21 percent of cases analyzed, up from 13 percent last year, and was the most common type of attack in the manufacturing, public sector, and education

Verizon report finds 50% jump in cyber attacks using ransomware (Financial Times) Malicious software used to target financial services, healthcare and public sector

Cyber Spies Go Mainstream, Accounting for One in Five Breaches (Infosecurity Magazine) Cyber Spies Go Mainstream, Accounting for One in Five Breaches. Verizon report claims phishing has soared in popularity

Cyberattacks Involving Extortion Are on the Up, Verizon Says (Bloomberg) Cyberattacks involving ransomware -- in which criminals use malicious software to encrypt a users’ data and then extort money to unencrypt it -- increased 50 percent in 2016, according to a report from Verizon Communications Inc.

Modern threat landscape: Seismic shifts in motivation and focus (Help Net Security) New sophistication and innovation are the nature of the threat landscape, but this year Symantec has identified seismic shifts in motivation and focus.

Cyber-Attackers Using Legitimate Tools, Symantec Reports (eWEEK) According to Symantec's Internet Security Threat Report, there has been a sharp increase in politically motivated attacks as well as an increase in ransomware payouts.

Zero day exploits are rarer and more expensive than ever, researchers say (Cyberscoop) It’s basic economics: When supply drops but demand keeps rising, price goes up. It’s no different for pieces of information that give cyberattackers big advantages. The number of zero day exploits revealed in the wild fell for a third straight year in 2016, pushing the prices for them skyward and driving attackers to use alternative tactics, according to new research from Symantec.

Cyber attackers reveal new levels of ambition (iTWire) Symantec’s Internet Security Report Volume 22 reveals new levels of ambition and sophistication displayed by cyber attackers – they are we...

Present and future ransomware tactics model the past (CSO Online) The way to understand, and avoid, becoming a victim of ransomware is to be prepared, said LEO Cyber Security CTO Andrew Hay. And part of that preparation is to understand its historical roots.

Ransomware attacks are taking a greater toll on victim's wallets (CSO Online) The hackers spreading ransomware are getting greedier. In 2016, the average fee to free computers hit with the notorious infection rose to $1077, up from $294 the year before, according to security firm Symantec.

Medical devices that could put you at security risk (CSO Online) You remember the talk about former Vice President Dick Cheney's pace maker being susceptible to hackers, but here is a list of some lesser known medical devices that can scare the life out of you.

Hyundai Vehicles Briefly Exposed to Tech-Savvy Thieves via Blue Link App (The Truth About Cars) Software vulnerabilities in the app allowed Blue Link-equipped vehicles to be unlocked and started remotely, making them susceptible to high-tech theft.

ThePirateBay.org is offline AGAIN (HackRead) Don't worry you are not alone ThePirateBay.org is down for many but the good news is that its Dark Web version is still up and running.  This is the third

Security Patches, Mitigations, and Software Updates

Webroot apologizes, says antivirus software error that labeled Windows files as malware now fixed (Denver Post) After two days of battling the aftermath of a technical error that labeled some Microsoft Windows files as malware, Broomfield-based cybersecurity firm Webroot said Wednesday morning that a complete…

Cyber Trends

Spring 2017 Data Science Security Report (Nominium) Cybersecurity has gone mainstream. DDoS attacks, data breaches and ransomware continue to dominate the headlines as new cyberthreats emerge every day, with different methods and attack variants being introduced.

Lack of Security Talent Afflicts Healthcare (Threatpost) At Source Boston, Josh Corman of the Atlantic Council said that healthcare is suffering from a lack of security talent, devices rife with vulnerabilities, and government incentivizing bad behavior.

How secure are mobile banking apps? (Help Net Security) Researchers have performed vulnerability assessments of customer-facing mobile banking apps. Find out more about the state of mobile banking security.

Latest OWASP Top 10 looks at APIs, web apps (CSO Online) The new release of the OWASP Top 10 list is out from the Open Web Application Security Project, and while most of it remains the same there are a couple of new additions, focusing on protections for web applications and APIs

One in 98 UK Emails Are Loaded with Malware (Infosecurity Magazine) One in 98 UK Emails Are Loaded with Malware. Symantec report claims email-borne threats hit a five-year high in 2016

70% of UK Universities Victims of Phishing Attacks (Bdaily Business News) 70% of UK Universities were

Marketplace

87 Percent of Companies Plan to Invest in Security-as-a-Service in the Next 12 Months (eSecurity Planet) 40 percent expect their network security spending to increase by 10 to 20 percent over the next year, a recent survey found.

Fortinet: The Road To Market Dominance Begins (Seeking Alpha) Recent market share gains in the UTM segment point toward more upside. I'm modeling more multiples expansion as Fortinet takes more market share due to its supe

Check Point Wants to Go Deeper Into Cars as Hacking Risks Mount (Bloomberg) The Israeli cybersecurity company that pioneered corporate firewalls is making deeper inroads with the auto industry.

KeyW CEO on why Sotera was the right deal (Washington Technology) KeyW scored a twofer when it bought Sotera Defense. It added significant scale but also increased its presence with its biggest customer set, the intelligence community.

Yahoo-Verizon deal: Marissa Meyer to make $184mn from sale (MENAFN) Yahoo's sale to Verizon will bring its chief Marissa Meyer 184mn- a combination of various payments including

Tenable to Create 100 Jobs for Dublin (Business World) It was announced today that Tenable Network Security will open its new international headquarters in the Dublin Docklands where its plans to create 100 jobs over the next two years.

City Agency Launches Job Placement Program in Cybersecurity (STL.News) City Agency Launches Job Placement Program in Cybersecurity. Read this St. Louis local news story and more at STL News. Please share STL.News.

EY Announces Ken Levine of Digital Guardian Entrepreneur Of The Year® 2017 New England Award Semifinalist (Yahoo! Finance) EY today announced that Ken Levine, president and chief executive officer of Digital Guardian is a semifinalist for the Entrepreneur Of The Year® 2017 Award in the New England region.

Michael Raggo joins 802 Secure as chief security officer (CSO Online) Mobile and Internet of things security expert Mike Raggo will play a key role in product development.

Products, Services, and Solutions

NSA Tools vs. enSilo (enSilo Blog) The Shadow Brokers published stolen data from The Equation Group, associated with NSA. enSilo blocks, in realtime, the tool's attempt to steal data.

Oxygen Forensic Detective 9.3 Extracts from 35+ Cloud Services; Adds Huawei and Windows Phone Clouds plus WhatsApp Decryption via iCloud (PRNewswire) Oxygen Forensics, a worldwide developer and provider of...

Symantec Offers Collaborative Proposal to End Google Spat (Infosecurity Magazine) Symantec Offers Collaborative Proposal to End Google Spat. Range of audits and operational improvements would be less disruptive, it argues

HPE kills off its entire OpenSDN line, pulls plug on customer demos (Register) ISPs told they'll have to find another vendor

Google Is Killing Gchat For Good and We Have Feelings (Motherboard) Go away, Hangouts.

Latest Release of Comodo Dome Shield, a DNS-based Security Service, Offers Increased Efficiency and Profit Potential for Managed Service Providers (Yahoo! Finance) Comodo, a global innovator and developer of cybersecurity solutions and the worldwide leader in digital certificates, today announced a new release of its Comodo Dome Shield DNS-based web security service for the network boundary.

Software algorithms secure embedded designs (Electronics Weekly) Segger has introduced a library of cryptographic algorithms written entirely in C. Called emCrypt, it includes block ciphers, hashes, MACs, and digital sig

Unisys Offering Next-gen Development Tools For Free (Nearshore Americas) The tech firm is offering free tools for companies to develop their own solutions in the areas of artificial intelligence (AI), machine learning, data analytics, and Internet of Things (IoT).

Centrify Warns Password Vaults Alone Not Enough to Stop Data Breaches (Yahoo! Finance) Centrify, the leader in securing hybrid enterprises through the power of identity services, today announced significant enhancements to its best-in-class privileged identity management solution to stop breaches that abuse privilege.

Eastwind Networks Unveils New DNS Service Protections Fueled by Artificial Intelligence (Yahoo! Finance) Eastwind Networks, the cybersecurity solutions and breach analytics cloud platform designed to provide visibility, forensics and incident response cap

Still hunting for that one firewall to keep today’s cyber threats at bay? | Networks Asia (Networks Asia) If you are a small business and thinking that hackers may not be interested in your data, you might want to re-assess that conclusion. If you are a big enterprise – or even a government organization – and thinking that your high investment on security solutions will keep you safe from cyber threats, you might likewise want to re-evaluate your opinion. 

Elcomsoft Cloud eXplorer Gets Ready for Android O, Extracts SMS Text Messages, Enhanced Location Data from Google Account (PRNewswire) ElcomSoft Co. Ltd. updates Elcomsoft Cloud eXplorer, a digital forensic tool...

CyberSN Expanding Cyber Security Staffing Services in the San Francisco Bay Area (Yahoo! Finance) Deidre Diamond, Founder of cyber security staffing firm CyberSN and non-profit #brainbabe, today announced the hiring of Launa Rich as Managing Director, expanding CyberSN's presence in the San Francisco Bay Area and Silicon Valley. Launa Rich, formerly

Microsoft App Aims to Delete the Password (Dark Reading) Microsoft has officially launched its Authenticator app designed to simplify and secure user logins, raising questions about the future of password-free authentication.

Technologies, Techniques, and Standards

Threat Intelligence Is (Still) Broken: A Cautionary Tale from the Past (Dark Reading) There is much to be learned from the striking parallels between counter-terrorism threat analysis before 9-11 and how we handle cyber threat intelligence today.

Know your enemy: Defining the new taxonomy of malicious emails (Help Net Security) Although people will correctly identify common malicious emails as fraudulent, many will fail to correctly identify sophisticated email attacks as unsafe.

How To Sell Endpoint Security Better to Business Leaders (Infosecurity Magazine) Engaging with C-suite to explain and advocate the need to invest and lead the business toward a safer future.

Protecting Data Fast and Cheap in the IIoT (SIGNAL Magazine) If emails are a flashpoint for cyber attacks, be ready to deal with vulnerabilities posed by sensors within the critical infrastructure ecosystem.

6 Steps to Find Your Next Dozen Cloud Security Experts (Dark Reading) There's stiff competition for cloud security experts, but finding yours may actually be easier than you think.

Kali Linux improves penetration testing (ITWeb) Penetration testing is an effective tool for companies of all sizes, across the public and private sector, to assess the security of their critical resources. However, the primary mistake businesses make when it comes to penetration testing, is the assumption that all penetration tests are the same.

House staffers to get training on social media, email security (TheHill) House staffers on Wednesday will receive training on how to protect social media and email accounts, the first of a series of meetings on the topic.

Exercise Cyber Shield 2017 Gets Underway - MilitarySpot.com (MilitarySpot.com) Exercise Cyber Shield 2017 got underway this week at Camp W.G. Williams, Utah.

Research and Development

Facebook’s Race to Link Your Brain to a Computer Might Be Unwinnable (WIRED) Facebook wants to beat the competition to the next big computing platform, including machine-brain interfaces. Never mind they might not work.

Academia

A Tale of 2 Cyber Competitions (WashingtonExec) Experience: one of the most valuable things to have as a cybersecurity professional, and one of the hardest things to get. Hands-on experience—not forma...

Legislation, Policy, and Regulation

In unusual announcement, Israel reveals it thwarted major cyberattack (Haaretz) Announcement about attack aimed at 120 targets just days after harsh criticism of new cyber defense legislation

House cyber chairman wants to bolster workforce (TheHill) Congressional lawmakers await White House agenda on cyber.

Trump’s FCC Chief Ajit Pai Just Launched His Attack Against Net Neutrality (Motherboard) Critics say the former Verizon lawyer is doing the bidding of the broadband industry.

Sen. Schatz on FCC: ‘They have no idea how outraged people are about to be’ (TechCrunch) FCC Chairman Ajit Pai stirred up the hive today with his official declaration of war on the net neutrality rules established in 2015. Reactions have been..

More than 800 startups ask FCC chair to not kill net neutrality (TechCrunch) Today, FCC Chairman Ajit Pai released the broad strokes of his plan to abandon consumer protections to the benefit of large corporate players in the..

Now the Air Force wants to get hacked, too (C4ISRNET) The Air Force is joining the club alongside the Pentagon and Army as it announces the Hack the Air Force bug bounty initiative.

In the Spotlight: The Director of NSA's Office of Civil Liberties and Privacy (NSA | CSS) Rebecca "Becky" Richards has one of the National Security Agency's most important jobs: to ensure that the privacy rights and civil liberties of U.S. persons - a category that includes citizens, green card holders, and U.S.-incorporated companies - are taken into account in all of NSA's activities.

Litigation, Investigation, and Law Enforcement

A former top NSA lawyer is joining the Senate's Trump-Russia probe (Business Insider) April Doss, the former head of intelligence law at the NSA, has been hired to work on the Senate Intelligence Committee's Russia probe.

(OFFICIAL)-Microsoft says no increase in U.S. foreign intelligence surveillance requests (Yahoo! Finance) Microsoft Corp said this week it had wrongly reported that a sharp increase in U.S. government surveillance requests took place during the first half of 2016, revising its official numbers to show the amount remained flat over previous intervals.

Lauri Love Opens Up About His Fight Against Extradition to the US (Motherboard) "Well it means I'm not getting kidnapped," says Love, who can now appeal against his extradition ruling.

HHS Hits CardioNet with $2.5M HIPAA Settlement Fee (Dark Reading) The US Department of Health and Human Services slapped the mobile cardiac monitoring service with fee after breach of customer health data.

Crazy study claims cheat codes and mods push kids towards cyber crime (PC Gamer) Um, no.

Malicious software bought by a London Police Officer can remotely hack users (HackRead) One of the officers of UK's Metropolitan Police Service was caught in possession of a malicious software used for infecting computers and smartphones after

Staffordshire duo plead guilty to TalkTalk cyber attacks (Computing) Pair will be sentence next month

TalkTalk hack attack: Friends admit cyber crime charges (BBC News) Matthew Hanley, 22, and Connor Allsopp, 20, accessed customer's information during the cyber attack.

Marine faces felony charge for allegedly posting intimate pictures of woman online (Marine Corps Times) Master Sgt. Theophilus Thomas, 38, is assigned to Marine Corps Air Station New River in Jacksonville, N.C.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Houston Cyber Summit (Houston, Texas, USA, April 27, 2017) Cyber security strategy is a term most often associated with the operational levels of an organization – firewalls, encryption, internal assessments and so on. But even the best technology and monitoring...

Crimestoppers Conference (Eden Project, Bodelva, St Austell , April 27, 2017) Crimestoppers is organising a major one-day conference designed to help local businesses shore up their online security. A range of expert speakers will pinpoint typical cyber pitfalls to avoid. 80% of...

Atlantic Security Conference (Halifax, Nova Scotia, Canada, April 27 - 28, 2017) Atlantic Canada's non-profit, annual information security conference. AtlSecCon, the first security conference in Eastern Canada focusing on bringing some of the worlds brightest and darkest minds together...

SANS Automotive Cybersecurity Summit 2017 (Detroit, Michigan, USA, May 1 - 8, 2017) SANS will hold its inaugural Automotive Cybersecurity Summit to address the specific issues and challenges around securing automotive organizations and their products. Join us for a comprehensive look...

cybergamut Tech Tuesday: Distributed Responder ARP: Using SDN to Re-Engineer ARP from within the Network (Elkridge, Maryland, USA, and online at various local nodes, May 2, 2017) We present the architecture and initial implementation of distributed responder ARP (DR-ARP), a software defined networking (SDN) enabled enhancement of the standard address resolution protocol (ARP) intended...

Cyber Security Summit in Dallas (Dallas, Texas, USA, May 5, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from Proofpoint, CenturyLink, IBM and more. Register with promo code cyberwire50 for half off...

OWASP Annual AppSec EU Security Conference (Belfast, UK, May 8 - 12, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative...

SANS Security West 2017 (San Diego, California, USA, May 9 - 18, 2017) Cybersecurity skills and knowledge are in high demand. Cyber attacks and data breaches are more frequent and sophisticated, and organizations are grappling with how to best defend themselves. As a result,...

OWASP AppSec EU (Belfast, Northern Ireland, UK, May 12 - 18, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative...

EnergySec Security Education Week (Austin, Texas, USA, May 14 - 19, 2017) The Energy Sector Security Consortium, Inc.'s Security Education Week is designed for early to mid career cybersecurity professionals currently employed at electric utilities in North America. Students...

K(no)w Identity Conference (Washington, DC, USA, May 15 - 17, 2017) To converge identity experts from across all industries in one space, to be at the nexus of ideas and policies that will fundamentally change identity around the world. Provides business leaders, privacy...

Global Cybersecurity Innovation Summit Advancing International Collaboration (London, England, UK, May 16 - 17, 2017) SINET – London creates a forum to build and maintain international relationships required to foster vital information sharing, broad awareness and the adoption of innovative Cybersecurity technologies.

Public Sector Cyber Security Conference: Defending the Public from Cyber-Attacks (Salford, England, UK, May 17, 2017) Join us for the Public Sector Cyber Security Conference where leading experts will explain how to protect the vital services provided by central Government, local councils and the NHS. Learn how to safeguard...

PCI Security Standards Council: 2017Asia-Pacific Community Meeting (Bangkok, Thailand, May 17 - 18, 2017) Two days of networking and one-of-a-kind partnership opportunities await you. Whether you want to learn more about updates in the payment card industry or showcase a new product, you’ll find it all at...

2017 Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 17 - 18, 2017) It is more important than ever that in-house and outside counsel stay abreast of the most current developments and best practices in cybersecurity. At our Institute you will receive insights on the best...

Northsec Applied Security Event (Montreal, Québec, Canada, May 18 - 21, 2017) The conference will feature technical and applied workshops hosted in parallel for the most motivated attendees. Topics include application and infrastructure (pentesting, network security, software and/or...

SANS Northern Virginia - Reston 2017 (Reston, Virginia, USA, May 21 - 26, 2017) This event features comprehensive hands-on technical training from some of the best instructors in the industry and includes courses that will prepare you or your technical staff for DoD 8570 and GIAC...

Enfuse 2017 (Las Vegas, Nevada, USA, May 22 - 25, 2017) Enfuse™ is a three-day security and digital investigations conference where specialists, executives, and experts break new ground for the year ahead. Enfuse offers unsurpassed networking opportunities,...

2017 Cyber Investing Summit (New York, New York, USA, May 23, 2017) The 2nd Annual Cyber Investing Summit is an all-day conference focusing on investing in the $100+ billion dollar cyber security industry. Attendees will explore the financial opportunities, trends, challenges,...

Citrix Synergy (Orlando, Florida, USA, May 23 - 25, 2017) Learn how to solve your IT flexibility, workforce continuity, security and networking challenges—and power your business like never before—with the workspace of the future.

AFCEA/GMU Critical Issues in C4I Symposium (Fairfax, Virginia, USA, May 24 - 25, 2017) The AFCEA/GMU Critical Issues in C4I Symposium brings academia, industry and government together annually to address important issues in C4I technology and systems R&D.

SECON 2017 (Jersey City, New Jersey, USA, May 25, 2017) Social engineering impacts security. (ISC)2 New Jersey Chapter is a 501(c)(3) not-for-profit charitable organization. Our chapter’s mission is to disseminate knowledge, exchange ideas, and encourage community...

SANS Atlanta 2017 (Atlanta, Georgia, USA, May 30 - June 4, 2017) Learn the most effective steps to prevent attacks and detect adversaries with actionable techniques that you can directly apply when you get back to work. Take advantage of tips and tricks from the experts...

Cyber Security Summit: Seattle (Seattle, Washington, USA, June 1, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Seattle. Receive...

Cyber Security Summit: Seattle (Seattle, Washington, USA, June 1, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Seattle. Receive...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.