skip navigation

More signal. Less noise.

Daily briefing.

Palo Alto Networks yesterday released an update on Lazarus Group activity against US defense contractors. The threat actor, by consensus a cat's paw for North Korean intelligence services, is distributing espionage tools using malicious Microsoft Office documents. The latest Lazarus Group operations exhibit a shift in targeting—they're now prospecting English as opposed to Korean speakers. The documents are poorly crafted, badly proofread.

After the weekend's riots and homicide in Charlottesville, various (apparently most, including GoDaddy, Google, Zoho, and Discord) hosting providers have booted the Daily Stormer neo-Nazi publication from their services. The Stormer says Anonymous has attacked its sites, but Anonymous officially (insofar as an anarchist collective can have an official voice) denies doing so, and says the Stormer is just putting a brave face on its inability to find anyone to host its material. The providers who've cut the Stormer off are citing terms-of-service violations.

Police in India have made four arrests in connection with the release of a pirated Game of Thrones episode. This case is unrelated to the recent hacking of HBO by "Mr. Smith." That case remains under investigation. HBO is said, now, to be determined to pay "Mr. Smith" nothing.

Google gets good reviews for cleaning the Play store of SonicSpy infestations, but the Android malware is still out and active, infecting users from other sources.

Drone-maker DJI says it's installing a "local mode" for users sensitive about the company's data collection practices (the US Army, no longer a customer, is one such user).

Notes.

Today's issue includes events affecting China, Estonia, Germany, India, Iran, Israel, Democratic Peoples Republic of Korea, Romania, Russia, Saudi Arabia, United Kingdom, United States.

An approach to SIEM that works for resource-constrained organizations.

When it comes to deploying a SIEM, companies of all sizes face challenges such as budget, time and resource constraints which can seriously delay the time it takes to start detecting threats, and thus, return on investment. This new Executive Brief from Frost and Sullivan provides an overview of how AlienVault's unified approach to security addresses these challenges and provides resource-constrained organizations with an integrated solution for effective threat detection, incident response, and compliance.

In today's podcast, we hear from our partners at Accenture, as Justin Harvey discusses prepping for destructive attacks. Our guest Jeff Schumann, CEO of Wiretap, gives an account of the vulnerabilities in messaging technologies like Slack and Yammer.

And you'll also want to catch Recorded Future's latest Inside Threat Intelligence podcast, produced in partnership with the CyberWire. This episode is "Women in Intelligence: Navigating a Male-Dominated Field."

Security In the Boardroom (Palo Alto, CA, USA, August 23, 2017) Cybersecurity is a boardroom topic in nearly every organization. For many boards, security has evolved from a technical risk to a top business risk. Cybersecurity is also a growth opportunity. Proper integration of security and privacy concerns can drive far more effective digital transformation efforts. However, the mystique around cybersecurity can prevent board members and management from improving their cyber fluency and driving required improvements. Please join The Chertoff Group for our Security in the Boardroom event where we will demystify cybersecurity technology and policy issues while providing practical tools that board members and management can use to improve their resiliency to cyber risk and drive competitive advantage.

Cyber Security Conference for Executives (Baltimore, MD, USA, September 19, 2017) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 4th Annual Cyber Security Conference for Executives on Tuesday, September, 19. It will be held on the Homewood Campus of Johns Hopkins University. This year’s theme is, “Emerging Global Cyber Threats.” The conference will feature thought leaders across a variety of industries to address current cyber security threats to organizations and how executives can work to better protect their data.

Cyber Attacks, Threats, and Vulnerabilities

North Korea-Linked Hackers Target U.S. Defense Contractors (Security Week) The North Korea-linked cyber espionage group known as Lazarus is believed to be behind attacks targeting individuals involved with United States defense contractors, Palo Alto Networks reported on Monday.

The Blockbuster Saga Continues (Palo Alto Networks Blog) The Blockbuster saga continues: Unit 42 researchers disclose attack activity targeting individuals involved with U.S. defense contractors.

Hackers Hit Neo-Nazi Website in Charlottesville Wake (Infosecurity Magazine) The Daily Stormer denigrated the civil rights activist who was killed on Saturday, calling her

GoDaddy kicks off Daily Stormer, which then claims Anonymous hacked it (CSO Online) Anonymous called BS on Daily Stormer's claim they hacked it, suggesting the hate-spewing site may be having problems finding a new host.

Google drops domain hosting for infamous neo-Nazi site the Daily Stormer (TechCrunch) After GoDaddy told the Daily Stormer to get lost, the neo-Nazi news site chose Google as a new home for its controversial domain. Now, Google too has given..

Following GoDaddy, the Daily Stormer’s Email Provider Drops It as a Customer (Motherboard) Zoho will no longer allow the neo-Nazi site to use its services.

After Charlottesville, more web service providers ditch The Daily Stormer for TOS violations (TechCrunch) The Daily Stormer, a U.S. white supremacist website which self-bills as "The World's Most Genocidal Republican Website" and includes a discussion board on..

Discord shuts down alt-right server and accounts for ToS violations (TechCrunch) Popular voice chat platform Discord has shut down several servers and accounts associated with the alt-right for violations of the terms of service. The..

Facebook’s Hate Speech Policies Censor Marginalized Users (WIRED) Opinion: Facebook needs to fix its policies to keep the platform open to the LGBTQ community and people of color.

Thousands of Android-spying apps in the wild: what to do about SonicSpy (Naked Security) Google has done a good job of removing infected apps from the Play store, but victims are being hit from other sources

Israeli firm fights off new generation of cyberattacks (The Times of Israel) Remote access attacks are easier and cheaper than ever for hackers to perpetrate – and for victims to defend themselves against

HBO stands firm as hackers release more stolen content (ComputerWeekly) HBO appears to be standing firm and refusing to negotiate with hackers as more stolen television content is released.

Millions of Endpoints Exposed via RDP: Report (Security Week) There are 4.1 million Windows endpoints online that would accept communication via the Remote Desktop Protocol (RDP) in one way or another, a recent Rapid7 report reveals.

Malspam pushing Trickbot banking Trojan (SANS Internet Storm Center) I've been corresponding with @dvk01uk about malicious spam (malspam) pushing the Trickbot banking Trojan.

Researchers Find Phishing Site Encrypted with AES (Threatpost) A phishing site seeking Apple credentials and victim payment card information is encrypted with AES, researchers at Ring 0 Labs said.

Legacy and Fielded Medical Device Risks Pose Greatest Cybersecurity Challenge to Connected Device Ecosystem (PRNewswire) More than one-third (35.6 percent) of surveyed professionals in the Internet...

5 Risks Of Outdated Software, Browsers, & Operating Systems (BitSight) In this article, we’ve outlined five risks associated with outdated and unsupported operating systems on your network.

Anatomy of an Attack: Industrial Control Systems Under Siege (TrapX Security) The 2003 the Northeast Blackout consisted of a series of power outages that stretched across eight states and further into Canada. This outage was so extensive that it took close to two days to restore power to the more than 50 million people impacted. In total, the event contributed to at least 11 deaths and cost over $5+ billion.

Are Data Brokers Actually Secure? (Infosecurity Magazine) If data brokers are going to amass ever-greater collections of user data, it would make sense that this user data is protected adequately.

Court records system has been open to hackers for decades (Naked Security) The easily exploitable and long-standing hole has finally been patched, said the Free Law Project, which set out a series of recommendations to improve the security of the system

Creditseva, KS Enterprises Breaches Highlight Need for Improved Cloud Security (eSecurity Planet) A massive exposure of data in misconfigured Amazon S3 buckets demonstrates the urgent need for companies to adjust their approach to cloud security.

Microsoft and Norton share tips on identifying imposters (Norton doesn’t charge customers a cent!) (The Denver Post) A reader says he paid $300 to a company that called and said his computer had a virus. Here’s how to avoid being taken in.

Blizzard Entertainment Hit With Weekend DDoS Attack (Threatpost) Blizzard Entertainment was hit with a crippling DDoS attack over the weekend that followed similar attacks last week that knocked gamers offline.

Security Patches, Mitigations, and Software Updates

Smart Locks Bricked by Bad Update (Threatpost) LockState CEO says he is “deeply sorry” about an erroneous wireless update that bricked hundreds of smart locks.

DJI adds an offline mode to its drones for clients with ‘sensitive operations’ (TechCrunch) DJI is working on a "local data mode" for its apps that prevents any data from being sent to or received from the internet. The feature will be welcomed by..

Windows Search Bug Worth Watching, and Squashing (Threatpost) Patches are available—and should be applied—that address a critical vulnerability in Windows Search that some are calling the next WannaCry.

Cyber Trends

Alert Logic Releases 2017 Cloud Security Report (GlobeNewswire News Room) On-premises workloads experience 51 percent higher rate of security incidents than applications running on public cloud platforms

Marketplace

Cybersecurity's Ceiling (Dark Reading) Security spending and staffing are rising, but restrained resources are tempering market growth.

Webroot Acquires Securecast, Launches (Webroot) Beta program available immediately to help businesses reduce the risks and costs of cyber threats with end-user education.

Invincea Labs announces corporate name change to Two Six Labs (GlobeNewswire News Room) Invincea Labs announced this month that it has officially changed its company name to Two Six Labs. Formerly a subsidiary of Invincea Inc., the company separated and stood up as an independent company in February of this year.

For More Than 20 Years, Fortinet CEO Ken Xie Has Shaped The Cyber Security Landscape (Forbes) As a gifted athlete who was also six feet and five inches tall, all Fortinet founder and CEO Ken Xie wanted to do was to become a professional volleyball player in his native China when he grew up. His parents who were academics at Tsinghua University had other plans for him: to get a PhD at Stanford University and then to return to China to become an academic like them.

Interos Receives Contract to Analyze Risks in U.S. Federal IT Procurement (Interos) Interos Solutions announced today it has been awarded a contract from the U.S.-China Economic and Security Review Commission to produce a one-time unclassified report on supply chain vulnerabilities from China in U.S. federal information technology (IT) procurement.

Army eyes industry for Wi-Fi solutions (C4ISRNET) The quest for Wi-Fi is at its core a search for a more efficient and effective mechanism, a system that would not only streamline the networks but also make it easier to move the command post as action on the battlefield evolves.

Prevalent Adds Accomplished Engineering, Threat Intel Experts To Senior Team (Marketwired) Market leader In third-party risk management and cyber threat monitoring poised to expand its strategic innovation roadmap, support rapid growth.

Verodin Names Former Symantec Vice President of Sales Robert Potter as Chief Revenue Officer (BusinessWire) Verodin announced today that it appointed former Symantec Vice President of Americas, Robert Potter, as its Chief Revenue Officer (CRO).

Robert O. Work elected to Raytheon Board of Directors (Business Insider) The Board of Directors of Raytheon Company (NYSE: RTN) has elected Robert O. Work as a director, effective immediately. Work, 64, was appointed the 31st Deputy Secretary of Defense by President Barack Obama in 2014, a position he held through July 2017.

Products, Services, and Solutions

Barracuda Expands Its Data Protection Solutions with Public Cloud Replication to AWS (Barracuda) Barracuda Backup now supports replication to Amazon Web Services (AWS) for greater flexibility. This new release offers organizations the ability to further leverage the cloud as a key method for simple and cost-effective offsite storage.

Anomali and NSS Labs Partner to Deliver Targeted Threat Information Through Continuous Security Validation (GlobeNewswire News Room) Anomali ThreatStream and NSS Labs’ CAWS Platform integration increases security effectiveness, drives informed action and mitigates risk

Amazon Tackles Security of Data in S3 Storage (Dark Reading) Amazon Macie is a new security service built to protect AWS S3 data from accidental leaks and breaches.

Security pros choose their top enterprise-class cybersecurity vendors (CSO Online) Cisco, IBM, Symantec and McAfee lead the cybersecurity vendors in mind share, but the race has just begun.

Elementary, My Dear Watson: Identifying and Understanding Malware With Cognitive Security (Security Intelligence) Cognitive security solutions such as IBM Watson for Cyber Security help analysts process overwhelming amounts of threat data during incident investigations

McAfee launches virtual security platform for AWS (BetaNews) Workloads on AWS can be vulnerable to a number of different threats including cross-site scripting, SQL injection and botnets, and if one virtual server is compromised malware has potential to move to a customer's other machines.

Acalvio weaves a web of deception on demand (CSO Online) In cyber security, nothing remains static for very long, and already new contenders are emerging with completely different takes on how deception technology should be successfully deployed. We took ShadowPlex from Acalvio for a spin to see how the product adds artificial intelligence, wizards and the concept of deception on demand into the mix.

Licel Corporation Launches DexProtector Crypto Module Security Platform for Mobile Payment and Wallet Applications (Advfn.com) Licel Corporation, the technology leader in the Android Security and Java Card fields, announces the launch of the DexProtector Crypto Module.

Technologies, Techniques, and Standards

Smart defence from cyber attack (The Telegraph) The boom in Internet connectivity and accessibility to smartphones has brought the world closer, but also left users susceptible to cyber attacks.

How to protect personally identifiable information under GDPR (CSO Online) The EU's General Data Protection Regulation requires companies to protect the privacy of their EU customers. Here's what you need to know.

Cyber security jobs: Job descriptions and career resources (CSO Online) These resources and job descriptions will help cyber security professionals identify the best roles for them and allow employers to better communicate their expectations.

Intellectual property protection: The basics (CSO Online) Your company's intellectual property, whether that's patents, trade secrets or just employee know-how, may be more valuable than its physical assets. This primer covers everything from establishing basic policies and procedures for intellectual property protection.

The ABCs of Identity Management (CSO Online) Identity management tools provide IT managers with tools and technologies for controlling user access to critical information within an organization.

Top 5 container mistakes that cause security problems (CSO Online) As enterprises increase their adoption of containers, they are also increasing the number of security mistakes they make with the technology.

Breaches Are Coming: What Game of Thrones Teaches about Cybersecurity (Dark Reading) Whether you're Lord Commander of the Night's Watch or the CISO of a mainstream business, it's not easy to defend against a constantly evolving threat that is as deadly as an army of White Walkers.

The best enterprise anti-virus protection may not be enough (CSO Online) Ransomware and other threats often get through signature-based anti-virus protection, giving it a bad rap. However, anti-virus tools still play an important role in the enterprise security strategy.

Men: This is how you can be safe using dating apps (Houston Chronicle) The news "should be a little bit of a wakeup call" for people using apps to meet partners, said John Wright, the editor of Houston's OutSmart magazine, which is published for the LGBTQ community. Women almost always are urged to take precautions when meeting men they don't know.

Design and Innovation

Dashboard tracks ‘desire in foreign councils’ to meddle with democracy (Naked Security) Project inspired by Alexander Hamilton’s words is tracking Russian-linked efforts to distort news and narratives

Research and Development

Vectra Issued Five U.S. Patents for Artificial Intelligence that Automates the Hunt for Cyber Attacker Behaviors (PRNewswire) Vectra, the leader in automating the hunt for in-progress cyber...

Why China’s quantum satellites do not herald ‘unhackable’ networks (Naked Security) Don’t believe the hype – it’s a much trickier engineering and physics challenge than the headlines would have you believe

DHS looks to boost cybersecurity of advanced first responder tech (TheHill) DHS awards $750K to a small business to improve security of first responder sensor networks.

Academia

Hacked! ISU intensifies fight against cyber theft (News - Illinois State) Months before graduation, Ben Bradley ’17 already had a cybersecurity job lined up as an analyst searching for threats to his employer’s computer network.

Legislation, Policy, and Regulation

Hey politicians — don’t hate the internet, hate the game (TechCrunch) We must ask ourselves, what aspects of the internet are intrinsic to democracy and are they divisible from those necessary for control? Freedom of speech and..

Tech Companies Have the Tools to Confront White Supremacy (WIRED) After Charlottesville, companies like Facebook, Twitter, and the rest of Silicon Valley should take a firmer stand against white supremacy on their platforms.

US military spies: We'll capture enemy malware, tweak it, lob it right back at our adversaries (Register) Collateral damage in 3, 2, 1…

'Every Country Should Have a Cyber War': What Estonia Learned from Russian Hacking (Defense One) Estonia’s steps have certainly been radical, and other countries can learn lessons from them about how to defend themselves.

Russia re-examines relationship with Iran (Al-Monitor) As the military situation shifts in Syria, so does Tehran’s once-symbiotic status with Moscow.

Building America’s Trust Act would amp up privacy concerns at the border (Ars Technica) Civil libertarians tell Ars they’re worried about “mass surveillance expansion.”

State Department quietly establishes new cybersecurity office (TheHill) New Cyber and Technology Security directorate established under the department's Diplomatic Security Service.

Army to begin transitioning EW personnel to cyber in January (Fifth Domain) Training of mobile training teams will begin in early January to ensure the force will be ready to go on Oct. 1.

Army commander: The service is leading the joint world in cyberspace (Fifth Domain) Maj. Gen. Patricia Frost, who leads the Army’s cyberspace directorate within the G-3/5/7 at the Pentagon, spoke to TechNet Augusta about the Army's leading efforts in defensive and offensive operations.

Cyber key for TRANSCOM, being a global super power (Fifth Domain) “Ignoring cyber is not an option for us,” said Gen. Darren McDew, U.S. Transportation Command’s commander, at DoDIIS 2017 August 14 in St. Louis.

DHS elevates Driggers to senior cyber post (FCW) Rick Driggers is moving to the deputy slot at the Office of Cybersecurity and Communications at DHS.

Litigation, Investigation, and Law Enforcement

Saudi Arabia to indict 'radical' Twitter users (CNN) Saudi Arabia has said it will indict a group of "radical" Twitter users charged with "harming the public order," according to its state news agency.

AQAP publishes guide for derailing trains in the US, Europe (FDD's Long War Journal) The 17th edition of AQAP's Inspire magazine provides a how-to guide for building a train derailment device. Al Qaeda has plotted against trains in the West in the past.

Indian Police Arrest Four Over Game of Thrones Leak (Infosecurity Magazine) Indian Police Arrest Four Over Game of Thrones Leak. Third party insider risk likely to blame for August 4 incident

British cyber researcher pleads not guilty to U.S. hacking charges (Reuters) British cyber security researcher Marcus Hutchins pleaded not guilty on Monday to federal charges he built and sold malicious code used to steal banking credentials.

Lawyer: British Hacking Suspect Will be Vindicated (Security Week) A lawyer for a 23-year-old British computer security researcher accused of creating malware to attack the banking system on Monday called him a "hero" and predicted he would be "fully vindicated."

Guccifer looks to avoid extradition to U.S., claims State Dept. is Guccifer 2.0 (SC Media US) The infamous Guccifer is trying to avoid extradition to the U.S. and told reporters he feels the U.S. State Department is behind the Guccifer 2.0 hacks.

Why the latest theory about the DNC not being hacked is probably wrong (TheHill) “In short, the theory is flawed,” said FireEye’s John Hultquist.

The FBI Was Denied Access to the DNC’s Server. But, Does it Matter? (Political News, Roughly Explained) The FBI's access to the DNC server is a red herring. The FBI already knew Russia was behind the DNC hack.

US Govt demands details of 1.3 million internet users who visited Trump resistance website (Graham Cluley) Visited a website protesting against the current US President? Law enforcement wants to know who you are...

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Information Security Summit 2017 (Hong Kong, August 15 - 16, 2017) Effective Use of Analytics and Threat Intelligence to Secure Organizations: The Information Security Summit 2017 is a Regional Event with the aim to give participants from the Asia Pacific region an update...

TechFest (Louisville, Kentucky, USA, August 16 - 17, 2017) TechFest is a biannual summit designed to bring together technology professionals for learning and networking. Attendees will have opportunities to explore economic development avenues for their businesses,...

The Chertoff Group Security Series: Security In The Boardroom (Palo Alto, California, USA, August 23, 2017) The Chertoff Group Security Series will aim to enhance and add to the Security in the Boardroom conversation by applying our insights into technology, threat, and policy to help executives respond to the...

The Chertoff Group Security Series: Security In The Boardroom (Palo Alto, California, USA, August 23, 2017) The Chertoff Group Security Series will aim to enhance and add to the Security in the Boardroom conversation by applying our insights into technology, threat, and policy to help executives respond to the...

U.S. Department of Commerce Cybersecurity Awareness Day (Washington, DC, USA, August 24, 2017) On August 24, 2017, the Department of Commerce headquarters is planning the Cybersecurity Awareness Day event which will host guest speakers from throughout the Cybersecurity community. The 2017 Cybersecurity...

7th Annual Cybersecurity Training and Technology Forum (Colorado Springs, Colorado, USA, August 30 - 31, 2017) CSTTF is designed to further educate Cybersecurity, Information Management, Information Technology, and Communications Professionals by providing a platform to explore and enhance cyber resilience, collaboration,...

SANS Network Security 2017 (Las Vegas, Nevada, USA, September 10 - 17, 2017) SANS is recognized around the world as the best place to develop the deep, hands-on cybersecurity skills most in need right now. SANS Network Security 2017 offers more than 45 information security courses...

Finovate Fall 2017 (New York, New York, USA, September 11 - 14, 2017) FinovateFall 2017 will begin with the traditional short-form, demo-only presentations that more than 20,000 attendees from 3,000+ companies have enjoyed for the past decade. After two days of Finovate’s...

Insider Threat Program Management With Legal Guidance Training Course (Laurel, Maryland, USA, September 12 - 13, 2017) Insider Threat Defense will hold a two-day training class, Insider Threat Program (ITP) Management With Legal Guidance (National Insider Threat Policy (NITP), NISPOM Conforming Change 2). For a limited...

PCI Security Standards Council: 2017 North America Community Meeting (Orlando, Florida, USA, September 12 - 14, 2017) Join your industry colleagues for three days of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment industry or showcase a new product, you’ll...

8th Annual Billington CyberSecurity Summit (Washington, DC, USA, September 13, 2017) The 8th Annual Billington CyberSecurity Summit September 13 in Washington D.C. brings together world-class cybersecurity thought leaders for high-level information sharing, unparalleled networking and...

Cyber Security Summit: New York (New York, New York, USA, September 15, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: New York. Receive...

Cyber Security Conference for Executives (Baltimore, Maryland, USA, September 19, 2017) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 4th Annual Cyber Security Conference for Executives on Tuesday, September, 19. It will be held on...

4th Annual Industrial Control Cybersecurity Europe (London, England, UK, September 19 - 20, 2017) Against a backdrop of targeted Industrial Control System cyber attacks against energy firms in the Ukraine power industry, the massive attacks against the Norway oil and gas industry, cyber attacks on...

Cyber Everywhere: Collaboration, Integration, Automatio (Washington, DC, USA, September 20, 2017) We’ve seen all of the cyber headlines this year – new policies emerging, old policies evolving, the cyber workforce is multiplying, and rapidly growing connected devices are complicating governance. While...

10th Cyber Defence Summit (Dubai, UAE, September 20, 2017) Naseba’s 10th Cyber Defence Summit will address the importance of protecting critical infrastructure and sensitive information, help companies procure cyber security solutions and services, and create...

2017 Washington, D.C. CISO Executive Leadership Summit (Washington, DC, USA, September 21, 2017) Highly interactive sessions will provide many opportunities for attendees, speakers and panelists to be engaged in both learning and discussion. The objective for the day is to deliver high quality useful...

Connect Security World (Marseille, France, September 25, 2017 - 27, 2014) As IoT solutions are transitioning from hype to real deployments, the “Internet of insecure things” threat is gaining ground. To address unlimited risks, threats and vulnerabilities surrounding IoT, a...

(ISC)2 Security Congress (Austin, Texas, USA, September 25 - 27, 2017) (ISC)² Security Congress cybersecurity conference brings together nearly 1,500 cybersecurity professionals, offers 100+ educational and thought-leadership sessions, and fosters collaboration with forward-thinking...

Connect Security World (Marseille, France, September 25 - 27, 2017) As IoT solutions are transitioning from hype to real deployments, the “Internet of insecure things” threat is gaining ground. To address unlimited risks, threats and vulnerabilities surrounding IoT, a...

SINET61 2017 (Sydney, Australia, September 26 - 27, 2017) Promoting cybersecurity on a global scale. SINET – Sydney provides a venue where international solution providers can engage with leaders of government, business and the investment community to advance...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.