skip navigation

More signal. Less noise.

Daily briefing.

Ad-free podcasts now available to Patrons

Patrons now receive a streamlined, ad-free, version of the Daily Podcast when they support the CyberWire as Friends of the Show (or at higher levels). See here for details.

Yesterday FireEye confirmed that an Israel-based threat researcher in the company's Mandiant unit had come under a doxing attack. Some of the employee's personal accounts were compromised, apparently by hacktivists or criminals working on "Operation #LeakTheAnalyst." FireEye says the company's own systems are secure. The campaign is worrisome because individual security researchers are being targeted. 

Election security concerns fall into three broad categories: vulnerable electronic voting machines (with demonstration hacks conducted last week at Black Hat), exposure of voter databases (LookingGlass has found some forty-million US records for sale in dark web souks), and influence operations (largely Russian, and finding launching points in other countries, including the Czech Republic). The effect of influence operations, thought by some to be exaggerated, remains the subject of investigation in the US and elsewhere.

Hackers have compromised HBO. They claim to have pilfered 1.5 terabytes of data, and they've leaked a script and an episode of Game of Thrones online. The motive is unclear: it may be extortion; it may be the lulz. The hackers also claim to have obtained unreleased episodes of other shows. The incident is noteworthy in that, unlike earlier Hollywood hacks that exploited lax security at third-party vendors, HBO itself appears to have been breached.

British Home Secretary Amber Rudd is in California, working to convince Silicon Valley's tech industry that "real people" don't need strong encryption. Only terrorists do, she says, making her position in the crypto wars quite clear.

Russia has banned VPNs, and Ed Snowden's not happy. 

Notes.

Today's issue includes events affecting Australia, China, European Union, Malaysia, Netherlands, Qatar, Russia, Saudi Arabia, Solomon Islands, United Kingdom, United States.

Get Smart on the Politics of Cyberspace

The future of an open, secure, and resilient internet is anything but certain. CFR’s Digital and Cyberspace Policy program cuts through the rhetoric to help you understand the politics of cyberspace. Through their “Net Politics” blog, reports, briefings, and interactive tools, the program’s leading cyber experts analyze the emerging global rules of cyberspace. Subscribe to their bimonthly newsletter to get their insights in your inbox.

In today's podcast, we hear from our partners at Lancaster University, as Awais Rashid offers thoughts on developing a security culture. Our guest, Michael Janke from DataTribe, describes his efforts to stand up the National Institute of Digital Security. 

Our special edition on Black Hat is up today, focusing on research and investment. And be sure to give a listen to Recorded Future's Inside Threat Intelligence podcast (produced in partnership with the CyberWire), which offers a recap of Black Hat and DefCon 2017.

The Cyber Security Summit: Chicago & NYC (Chicago, Illinois, USA, August 8, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from the U.S. Dept of Justice, Cybraics, CenturyLink, Alert Logic and more. Register with promo code cyberwire50 for half off your admission (Regular price $350).

Security In the Boardroom (Palo Alto, CA, USA, August 23, 2017) Cybersecurity is a boardroom topic in nearly every organization. For many boards, security has evolved from a technical risk to a top business risk. Cybersecurity is also a growth opportunity. Proper integration of security and privacy concerns can drive far more effective digital transformation efforts. However, the mystique around cybersecurity can prevent board members and management from improving their cyber fluency and driving required improvements. Please join The Chertoff Group for our Security in the Boardroom event where we will demystify cybersecurity technology and policy issues while providing practical tools that board members and management can use to improve their resiliency to cyber risk and drive competitive advantage.

Cyber Security Conference for Executives (Baltimore, MD, USA, September 19, 2017) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 4th Annual Cyber Security Conference for Executives on Tuesday, September, 19. It will be held on the Homewood Campus of Johns Hopkins University. This year’s theme is, “Emerging Global Cyber Threats.” The conference will feature thought leaders across a variety of industries to address current cyber security threats to organizations and how executives can work to better protect their data.

Cyber Attacks, Threats, and Vulnerabilities

Qatar And Saudi Arabia Take Their Feud To The Airwaves, Internet (NPR) Saudi Arabia and Qatar have ramped up their lobbying efforts to gain international support in their 2-month-old feud. That includes TV attack ads, and flooding online media sites with competing messages.

Business booming in Czech fake news industry (EU Observer) Boosted by money and legitimised by the country's president, pro-Russian and conspiracy websites are flourishing in the Czech Republic.

FireEye researcher hacked; firm says no evidence its systems hit (Reuters) Cyber security firm FireEye (FEYE.O) said on Monday one of its researchers based in Israel had several of his online accounts hacked by unknown attackers, but added the breach did not appear to involve any company systems.

Hackers claim credit for alleged hack at Mandiant, publish dox on analyst (CSO Online) Late Sunday evening, someone posted details alleged to have come from a compromised system maintained by Adi Peretz, a Senior Threat Intelligence Analyst at Mandiant. The leaked records expose the analyst from both a personal and professional level, but Sunday’s post also suggested a much larger incident and the possibility of additional Mandiant leaks in the future.

Hackers Compromise Accounts of FireEye Threat Intelligence Analyst (Security Week) A hacker or group of hackers claimed today to have breached FireEye's Mandiant. In a Pastebin post, they claimed, "It was fun to be inside a giant company named 'Mandiant'... 'Mandiant' knows how deep we breached into its infrastructure."

Hackers kick off #leaktheanalyst campaign by dumping data of $1bn security firm (The Next Web) Hackers leaked several internal documents, and tracked a Mandiant researcher through his laptop for over a year.

Data Breach Alert: 40 Million U.S. Voter Records for Sale (LookingGlass Cyber Solutions Inc.) LookingGlass Cyber has tracked in an underground forum, the leak of nearly 40 million U.S. voter records from eight different states.

To Fix Voting Machines, Hackers Tear Them Apart (WIRED) At the DefCon security conference in Las Vegas, the hackers descended on America's vulnerable voting machines.

Hackers breached defences of US voting machines in less than 90 minutes (The Independent) Hackers competed to take control of US voting machines and overcame some of their security defences in less than 90 minutes.

HBO confirms hack that reportedly included script to upcoming GoT episode (Ars Technica) Video for episodes of Ballers and Room 104 also reportedly stolen.

Hack Brief: HBO Shows and a Game of Thrones Script Land Online (WIRED) This hack could go way deeper than Game of Thrones

HBO hacked, attackers leak GoT script and some episodes (Help Net Security) Attackers have hacked HBO's servers, and claim to have syphoned from them 1.5 terabytes of data. They've already leaked episodes and a GoT script.

Hackers steal Game of Thrones episodes, script (San Diego Union Tribune) It's unclear if the hackers are holding the material for ransom

LeakerLocker Mobile Ransomware Threatens to Expose User Information (TrendLabs Security Intelligence Blog) While mobile ransomware such as the recent SLocker focuses on encrypting files on the victim’s devices, a new mobile ransomware named LeakerLocker taps into its victims' worst fears by allegedly threatening to send personal data on a remote server and expose its contents to everyone on their contact lists.

Cyber criminals target mortgage transactions as they phish for a big catch (BetaNews) Buying a house is the biggest purchase most people make, with large amounts of money involved it’s not surprising that these transactions are attractive to cyber criminals.

Android Banking Trojan Svpeng Adds Keylogger (Threatpost) The authors behind the Android banking malware family Svpeng have added a keylogger to a recent strain, giving attackers yet another way to steal sensitive data.

A new era in mobile banking Trojans (Vulners) In mid-July 2017, we found a new modification of the well-known mobile banking malware family Svpeng – Trojan-Banker.AndroidOS.Svpeng.ae. In this modification, the cybercriminals have added new functionality: it now also works as a keylogger, stealing entered text through the use of accessibility services.

‘Ghost Telephonist’ Attack Exploits 4G LTE Flaw to Hijack Phone Numbers (HackRead) According to UnicornTeam, a group of Chinese researchers from country's leading security firm 360 Technology, there is a dangerous vulnerability in 4G LTE

Why Attackers Use Common Exploit Kits (Neek) Ransomware Attackers use Common Exploit kits - tools used by criminals that are designed to identify vulnerabilities on your machine and exploit them

Phishers steal Chrome extension from developer (Help Net Security) An attacker has hijacked a9t9 software's Chrome Web Store account, and has equipped their Copyfish Chrome extension with ad/spam injection capabilities.

Copyfish Browser Extension Hijacked to Spew Spam (Threatpost) Makers of Copyfish OCR software get taken on wild ride after code for its Chrome extension is stolen.

One lousy click: the phishing blunder that sank an entire product (Naked Security) One. Lousy. Click.

The Dark Arts – Remote File Inclusion (Hackaday) In the waning hours of 2010, a hacking group known as Lulzsec ran rampant across the Internet, leaving a path of compromised servers, a trail of defaced home pages, leaked emails, and login information…

Hackers can turn Amazon Echo into a covert listening device (Help Net Security) New research reveals how attackers can hack the Amazon Echo and turn it into a covert listening device, without affecting its overall functionality.

ICS cyber threats are morphing into compromise of plant functionality – do we have the right tools? (Control Global) ICS cyber threats are morphing from malware/insecure-by-design issues that can be found by network monitoring to compromise of system or component functionality which can be very difficult to detect, can cause significant physical damage and injuries, and probably cannot be found by network monitoring.

Coinbase Customers Suffer from Delays as Withdrawal Period Ends (Bitcoin News) Over the past few days the bitcoin platform Coinbase has been experiencing some significant backlog from customers trying to withdraw bitcoins in order to

White House Security Adviser Duped by UK Prankster (Infosecurity Magazine) White House Security Adviser Duped by UK Prankster. Spoof emails raise spear-phishing concerns at the very top

Security Patches, Mitigations, and Software Updates

Microsoft Releases Outlook and Office Click-to-Run Patches (Threatpost) Microsoft patched three new Outlook vulnerabilities and re-released updates from a broken June update.

Verizon pushes July security update for Samsung Galaxy smartphones (Blasting News) The US-based mobile carrier has issued latest updates for Samsung Galaxy Note 5, Galaxy S6 Edge Plus including Galaxy J3 and J7 series.

Cyber Trends

Black Hat and DEF CON 2017 Recap (Recorded Future) In this episode, we look at how the Black Hat and DEF CON conferences help cybersecurity communities mature and focus on emerging challenges.

Nation-states are biggest cyber threat for drug and medical device makers (Help Net Security) Government-sponsored hackers were seen as the biggest threat to cyber security among infosec executives at drug and medical device makers.

The World's Authentication Problem (Infosecurity Magazine) We’re so bad at authentication because we built deeply ingrained habits around the use of shared secrets for authentication.

Small and medium-sized businesses ignoring the risk of cyber attacks (The Independent) Small and medium-sized businesses are not earmarking significant amounts of cash to bolster their cyber-security defences, despite almost one-sixth of all companies suffering an attack within the last year. According to data compiled by insurance company Zurich, 875,000 SMEs across the UK have been affected by a cyber-attack over the last 12 months, with firms in London worst affected.

SMBs exhibit false confidence when it comes to cyber threats (Computing) Whether it is underestimating cyber threats or overestimating employees' ability to cope with an attack, almost all SMBs exhibit more confidence than they should do

44% Malaysians confident with moving to public Cloud, says Barracuda (The Edge Markets) Cloud-connected security and storage solutions provider Barracuda Networks, Inc says some 44% of Malaysians in a survey felt confident that their organisations' move to public cloud was secure.In a statement today, Barracuda said the findings were part of a survey on public cloud commissioned by the company and conducted by Vanson Bourne amongst 450 people in 6 countries in Asia Pacific (APAC), including Malaysia.It said respondents came from different sectors and industries, including manufacturing, technology,

Threat Sketch Publishes White Paper on Cyber Insurance Market (PRNewswire) Threat Sketch, a leading expert in cyber risk assessment, today...

Marketplace

Former Battlefield runner-up UnifyID announces $20M Series A (TechCrunch) TechCrunch Disrupt alum UnifyID has the clear goal of changing the way we think about authentication. Instead of entering a username and password as the only..

Zeneth Technology Partners Announces Merger with PierceMatrix (Sys-Con Media) Merger adds automation and orchestration capability to Zeneth's managed security service offerings

Symantec may Sell their Web Certification Unit (Digital Journal) The world’s largest cyber-security firm Symantec Corp is looking into the possibility of selling their largest venture, their web certification business. Estimates show that the deal could reach a hefty $1 billion in a move believed aimed in quenching Symantec’s feud with Alphabet, Inc.’s Google.

Pentagon Would Ban Contractors That Don't Protect Data (RealClearDefense) U.S. adversaries such as China and Russia could embed “exploits,” or malicious software, into the hardware of chips inside Internet-of-things electronic devices that are widely used in the...

Huawei mum after second rebuff by Australia (iTWire) Chinese telecommunications giant Huawei appears to be adopting a policy of saying nothing about its second rebuff by Australia, this time over an unde...

Q&A: Troy Hunt, haveibeenpwned.com (Infosecurity Magazine) Q&A: Troy Hunt, haveibeenpwned.com

CyberSponse is pleased to announce the addition of Former Chairman of the House Committee on Intelligence & FBI Special Agent Mike Rogers to its Board of Directors (Benzinga) CyberSponse, Inc., the global leader in Security Orchestration Automation & Response, is pleased to announce the addition of former U.S. Representative for Michigan's 8th...

DefenseStorm expands Guardian team, hires Bob Thibodeaux as chief information security officer - CUInsight (CUInsight)  DefenseStorm, a solution that fuses together technology and people to provide co-managed cybersecurity operations for financial institutions, adds to its management team by hiring Bob Thibodeaux as chief information security officer. DefenseStorm has also expanded its team of security experts, known as Guardian, to accommodate the company’s rapid growth. Bringing more than 20 years of …

Products, Services, and Solutions

Frictionless HUMANOBOT Prevents Mobile Fraud in Devices and Applications (SecuredTouch) SecuredTouch's HUMANOBOT technology delivers frictionless security to prevent mobile fraud in devices and applications.

LookingGlass Cyber Solutions Welcomes CenturyLink to Cyber Guardian Network (BusinessWire) LookingGlass™ Cyber Solutions, a leader in threat intelligence-driven security, today announced a powerful agreement with CenturyLink. Together,

Duo Security Partners With VMware to Address Influx of Unmanaged Devices (Duo Security) Duo Security today released its Trusted Endpoints feature for mobile devices to help organizations manage the rapid onset of Bring Your Own Device (BYOD) initiatives in corporate IT.

CloudPassage Announces Project Azul (Marketwired) Automated cloud security provider debuts container security solution in addition to Halo product enhancements

5 Top Notch Password Manager Android Apps to be Safe (Joy of Android) These days we all have multiple accounts and those accounts have multiple passwords. It can get a bit hectic to remember them all but thankfully there are some great Android password vaults to help us out.

National Theatre moves to the cloud to prepare for GDPR (Cloud Pro) It has appointed Forcepoint to help it comply with the new legislation

Microsoft Courts Hollywood with Secure Media Cloud Services (eWEEK) The company shows movie studios and other entertainment companies how to piece together a secure cloud environment.

Bishop Fox Introduces the Hacking AI "DeepHack" at DEF CON 25 (PRNewswire) Bishop Fox, a leading global cybersecurity consulting firm, has created an...

Cato Networks beefs up its platform with new intrusion detection features (SiliconANGLE) Cato Networks beefs up its platform with new intrusion detection features

5 best antivirus for gaming PCs (Windows Report) Running your system without an antivirus program is quite risky even if you are not connected to the Internet. You can still get a virus via Steam, Origin or Uplay exploits. Also, if you download games from suspicious sources, there is a high risk that they come with injected malware. They might cause the addition …

Cybersecurity Behind the Scenes at Wimbledon (Infosecurity Magazine) Cybersecurity Behind the Scenes at Wimbledon

Black Hat Celebrates 20 Years with Record Breaking USA Event (PRNewswire) Black Hat, the world's leading producer of information security events,...

Technologies, Techniques, and Standards

InSecurity: Robb Reck on Security Friction in Business (Cylance) In this episode of our InSecurity Podcast, host Shaun Walsh is joined by special guest Robb Reck as they delve into the subject of security friction within organizations.

Thinking About Cyber Due Diligence (Above the Law) Smart in-house lawyers should start talking about this subject NOW.

The rise of remote risk: Three trends increasing your threat profile (Computerworld) Technology has fundamentally changed the face of our workplaces.

Remove BitPaymer Ransomware | Updated (Virus Guides) I wrote this article to help you remove BitPaymer Ransomware. This BitPaymer Ransomware removal guide works for all Windows versions.

Rooting Out Hosts that Support Older Samba Versions (SANS Internet Storm Center) I've had a number of people ask how they can find services on their network that still support SMBv1.

The importance of security in the cloud (IT Pro Portal) As cloud adoption has increased so to has the need for increased security in the cloud.

Navy applies a layered defense approach in cyberspace (Fifth Domain) This is part five of a series exploring the differences between military cyber forces, capabilities, mission sets and needs.

The fifth domain: Brown on Cyber (InnovationsAus.com) Retired US Navy Rear-Admiral Mike Brown has spent a lot of time grappling with Cyber as the fifth domain of warfare, and as a pioneer in developing only operational capability and helping to define doctrine.

New Weapons in Battle To Dominate Spectrum (SIGNAL Magazine) Recent breakthroughs in multichannel signal analysis deliver a significant boost in electromagnetic spectrum coverage for airborne electronic warfare and intelligence, surveillance and reconnaissance applications.

Seven key areas for your cybersecurity investments (IT Brief) As cyberattacks continue to proliferate prioritising where to focus resources to adequately protect your company is a challenge.

You and I are just as important as bots in the fight against cybercrime (Computing) As hackers get more inventive, we need new and diverse ways of countering their advances. Bots are one part of our defence, but we cannot overlook the importance of people in beating the hackers, argues Laura Flack, Head of Digital Safety at Barclays.

Design and Innovation

ShieldFS Can Detect Ransomware, Recover Files (Threatpost) At Black Hat last week, an add-on Windows driver and filesystem called ShieldFS was unveiled that detects ransomware and recovers files.

Large corporations increasingly considering blockchain deployment (Help Net Security) Systemic change, rather than technological, might be a better and cheaper solution than blockchain, which could potentially cause significant disruption.

Research and Development

Negative mass swing beats the uncertainty principle (Ars Technica) Oscillators give an uncertainty-principle-defeating measurement an advantage.

Academia

WGU Nevada works to prepare the Nevada workforce (Northern Nevada Business Weekly) Employers need a skilled workforce in order to fill the jobs coming to Northern Nevada. Western Governors University (WGU) Nevada is one of the educational institutions working to prepare

CyberPatriot Inspires Middle Schoolers to Consider Cyber Workforce (MeriTalk) Through its series of summer camps and competitions, the Air Force Association’s CyberPatriot program is aiming to expand the cybersecurity workforce for both the public and private sector.

Middle school students learn online safety during UWGB GenCyber Camp (WBAY ABC 2) This week the University of Wisconsin Green Bay is teaming up with the National Science Foundation and the National Security Agency for a GenCyber Camp

Legislation, Policy, and Regulation

Amnesty, Snowden Decry New Russian Internet Restrictions (RadioFreeEurope/RadioLiberty) Amnesty International has denounced a new Russian law banning the use of Internet proxy services -- including virtual private networks, or VPNs -- as a "major blow to Internet freedom" in the country.

Latest Diplomatic Rift Places US, Russia on Edge of ‘Tipping Point’ (Russia Matters) The Russian government’s recent announcement of its decision to eject American diplomats and block access to two diplomatic properties may signal an approaching tipping point in the United States-Russia relationship. Trump administration officials and members of Congress should consider very carefully how to proceed.

Russia’s meddling gets more credit than it deserves (New Eastern Europe) Interview with Mark Galeotti, a senior researcher at UMV, the Institute of International Relations Prague. Interviewer: Agnieszka Pikulicka-Wilczewska.

Home secretary Amber Rudd takes campaign against end-to-end encryption to Silicon Valley (Computing) Google, Facebook, Twitter, Microsoft and especially WhatsApp all in Rudd's anti-encryption firing line

'Real people' do not want secure communications, claims UK Home Secretary Amber Rudd (Graham Cluley) UK Home Secretary Amber Rudd argues that "real people" would be happy with imperfect, breakable security.

Singapore, like the US, says it may regulate some ICOs (TechCrunch) Less than a week after the SEC said that it may regulate certain crypto token sales, better known as ICOs, Singapore has followed suit to say it too will..

FCC says its specific plan to stop DDoS attacks must remain secret (Ars Technica) Revealing technical details would "undermine our system security," FCC says.

Litigation, Investigation, and Law Enforcement

Dutch police share list of identified, active, and arrested Hansa vendors and buyers (HackRead) A couple of weeks ago, AlphaBay and Hansa, two of the most popular dark web marketplaces were busted and seized by European law enforcement authorities. Al

Feds Seize BTC-E exchange website - CoinBase suffers DDoS attacks (HackRead) A couple of days ago it was reported that the 38-year-old Russian citizen Alexander Vinnik, co-owner of one of Internet's largest digital currency exchange

Timeline: Foreign Efforts To Hack State Election Systems And How Officials Responded (NPR) For all the focus in 2016 on the cyberattacks against the Democratic National Committee and Clinton campaign chairman John Podesta, less attention was paid to what was happening in the states.

Seagate to pay millions for forking over employee info to scammers (Help Net Security) A moment of inattention by one of its employees, and Seagate stands to lose tens of millions of dollars due to a proposed tax info theft settlement.

Qatar launches WTO complaint against trade boycott (The Loadstar) As the embargo placed by its neighbours nears the two-month mark, Qatar has filed a “wide-ranging” legal complaint to the World Trade Organization (WTO) to challenge the boycott. Director of the WTO Qatar office Ali Alwaleed al-Thani told Reuters: “We’ve given sufficient time to hear the legal explanations on how these measures are in compliance with their commitments, to no satisfactory result.” As such, Qatar has requested consultations with three ...

Apple can’t end lawsuit over “breaking” FaceTime on iPhone 4, judge rules (Ars Technica) “FaceTime is a ‘feature’ of the iPhone and thus a component of the iPhone’s cost.”

State attorneys general team up to scare you from “content theft sites” (Ars Technica) PSA is titled "Be safe on the Internet to Protect Your Family."

A New York City Education Department Employee Got Caught Mining Bitcoin at Work (Motherboard) It doesn't appear as though he got fired.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Cyber Texas (San Antonio, Texas, USA, August 1 - 2, 2017) CyberTexas was established to provide expanded access to security developments and resources located in Texas; provide an ongoing platform for the education and skill development of cyber professionals...

Cyber Security Summit: Chicago (Chicago, Illinois, USA, August 8, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Chicago Receive...

PCI Security Standards Council: 2017 Latin America Forum (Sao Paulo, Brazil, August 9, 2017) Join your industry colleagues for a full day of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment industry or showcase a new product, you’ll...

2017 DoDIIS Worldwide Conference (St. Louis, Missouri, USA, August 13 - 16, 2017) Hosted annually by the DIA Chief Information Officer, the DoDIIS Worldwide Conference features a distinguished line-up of speakers and an extensive selection of breakout sessions allowing attendees to...

SANS New York City 2017 (New York, New York, USA, August 14 - 19, 2017) Be better prepared for cyber-attacks and data breaches. At SANS New York City 2017 (August 14-19), we offer training with applicable tools and techniques for effective cybersecurity practices. Gain the...

Information Security Summit 2017 (Hong Kong, August 15 - 16, 2017) Effective Use of Analytics and Threat Intelligence to Secure Organizations: The Information Security Summit 2017 is a Regional Event with the aim to give participants from the Asia Pacific region an update...

TechFest (Louisville, Kentucky, USA, August 16 - 17, 2017) TechFest is a biannual summit designed to bring together technology professionals for learning and networking. Attendees will have opportunities to explore economic development avenues for their businesses,...

The Chertoff Group Security Series: Security In The Boardroom (Palo Alto, California, USA, August 23, 2017) The Chertoff Group Security Series will aim to enhance and add to the Security in the Boardroom conversation by applying our insights into technology, threat, and policy to help executives respond to the...

The Chertoff Group Security Series: Security In The Boardroom (Palo Alto, California, USA, August 23, 2017) The Chertoff Group Security Series will aim to enhance and add to the Security in the Boardroom conversation by applying our insights into technology, threat, and policy to help executives respond to the...

U.S. Department of Commerce Cybersecurity Awareness Day (Washington, DC, USA, August 24, 2017) On August 24, 2017, the Department of Commerce headquarters is planning the Cybersecurity Awareness Day event which will host guest speakers from throughout the Cybersecurity community. The 2017 Cybersecurity...

7th Annual Cybersecurity Training and Technology Forum (Colorado Springs, Colorado, USA, August 30 - 31, 2017) CSTTF is designed to further educate Cybersecurity, Information Management, Information Technology, and Communications Professionals by providing a platform to explore and enhance cyber resilience, collaboration,...

SANS Network Security 2017 (Las Vegas, Nevada, USA, September 10 - 17, 2017) SANS is recognized around the world as the best place to develop the deep, hands-on cybersecurity skills most in need right now. SANS Network Security 2017 offers more than 45 information security courses...

Finovate Fall 2017 (New York, New York, USA, September 11 - 14, 2017) FinovateFall 2017 will begin with the traditional short-form, demo-only presentations that more than 20,000 attendees from 3,000+ companies have enjoyed for the past decade. After two days of Finovate’s...

PCI Security Standards Council: 2017 North America Community Meeting (Orlando, Florida, USA, September 12 - 14, 2017) Join your industry colleagues for three days of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment industry or showcase a new product, you’ll...

8th Annual Billington CyberSecurity Summit (Washington, DC, USA, September 13, 2017) The 8th Annual Billington CyberSecurity Summit September 13 in Washington D.C. brings together world-class cybersecurity thought leaders for high-level information sharing, unparalleled networking and...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.