skip navigation

More signal. Less noise.

Daily briefing.

ISIS documents captured in Mosul indicate that the Caliphate is taking an interest in commercial drones as weapons. It's long been noticed that the Internet provides threat actors with a ready-made research, development, and acquisition capability of a calibre formerly accessible only to nation-states. This latest bit of information warrants a look back at a 2008 Naval Research Advisory Committee study that predicted exactly this development, in pretty much exactly this form.

WordPress late last week patched a critical content injection zero-day. It kept the vulnerability under wraps until the patch was ready to avoid tipping off hackers who might have weaponized the exploit.

The venerable Zeus malware continues to successfully infect point-of-sale devices.

The EyePyramid campaign is thought to have been aimed at gaining illicit trading advantages. Such insider information is joining intellectual property as a common criminal goal: reasearchers at RedOwl and IntSights are seeing more cyber criminals attempting to recruit corporate insiders in the dark web. The insider trading racket is lucrative, at least according to the crooks managing the souk: they say their members make more than $5000 a month on illegal trades. Take that with the proverbial grain of salt, but there may be something to is, since the forum managers charge a 1 Bitcoin ($995) cover fee for membership. Companies are advised to look to their insider threat.

In industry news, Visa USA acquires CardinalCommerce (authentication), HPE buys Niara (behavioral analytics), and Radware concludes acquisition of Seculert (automated attack detection).

Russia's FSB purge continues.

Notes.

Today's issue includes events affecting China, Israel, Japan, Netherlands, Russia, Singapore, Syria, United Kingdom, United States.

Today's CyberWire daily podcast features Jonathan Katz from our partners at the University of Maryland. He'll discuss searchable encryption (his paper on the topic, "All Your Queries Are Belong to Us," gives a sense of his take on the matter). Our guest is Vadim Vladimirsky from Nerdio, who talks with us about some of the security implications of IT as-a-service.

We've also got a new special edition of the podcast out. In this one we speak with industry experts and editors covering the cyber beat to get their take on the outlook for 2017 in cyber security.

Atlantic Council Cyber 9/12 Student Challenge (Washington, DC, USA, March 17 - 18, 2017) The Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to allow students from around the world and various academic disciplines to understand the policy challenges associated with a cyber crisis. Register now as a competitor, judge or observer.

Women in Cyber Security (Tucson, AZ, USA, March 31 - April 1, 2017) With support from various industry, government and academic partners, WiCyS has become a continuing effort to recruit, retain and advance women in cybersecurity. It brings together women in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring.

Cyber Attacks, Threats, and Vulnerabilities

The Islamic State Is Pioneering a New Type of Drone Warfare - Motherboard (Motherboard) Documents found in Mosul reveal more information about how the group is turning consumer technology into tools of war.

Come Fly with Me: Securing the Drone (Infosecurity Magazine) New report seeks to aid the safe and secure creation and operation of unmanned aircraft systems

Disruptive Commercial Technologies (Naval Research Advisory Committee) Advanced commercial technologies are widely distributed throughout the world and are generally accessible through the internet. Credible threats to Marine capabilities and gaps can be developed from imaginative combinations of commercial products.

Update: PLA Cyber Actor & Mission (Wapack Labs) A review of academic work by members of the PLA revealed certain units publishing an increasing amount of papers on cyber security. One of ...

WordPress Websites Exposed to Severe Content Injection Vulnerability (HackRead) Wordpress is one of the most used content management system (CMS) in the world. So when there is a security flaw in its system, it affects millions of user

WordPress kept users and hackers in the dark while secretly fixing critical zero-day - Help Net Security (Help Net Security) Last week's WordPress update also secretly fixes a bug that allows unauthenticated users to modify the content of any post or page within a WordPress site.

Ultrasonic cross-device tracking (Infosecurity Magazine) The Risk Avengers take a look at the issue of ultrasonic cross-device tracking

Zeus-Derived Malware Continues to Pwn POS Devices (Data Breach Today) Offspring of the Zeus banking Trojan continue to spring to life. Functionally, however, security experts say most POS-infecting banking malware remains almost identical. So why aren't more organizations putting well-known defenses in place?

Hackers are seeking out company insiders on the black market (CSO Online) If you’re the CEO of a company, here’s another threat you need to worry about: hackers trying to recruit your employees for insider-related theft.

Monetizing the Insider: The Growing Symbiosis of Insiders and the Dark Web (Red Owl, Intsights) Organizations face asymmetric and unprecedented risks from insiders — employees and contractors who have valid access to enterprise networks. Insider risk is on the rise in part due to the growing influence of the dark web, a portion of the internet that enables anonymity. The dark web is being increasingly used by cybercriminals for recruiting insiders to help steal data, make illegal trades or otherwise profit.

EyePyramid clears the way for future malware attacks - Help Net Security (Help Net Security) EyePyramid victims can be victimized by other attackers more easily, as the malware lowers the security posture of affected Windows machines.

Ransomware Turns to Big Targets—With Even Bigger Fallout (WIRED) A new generation of ransomware is wreaking havoc, whether you're directly infected or not.

Phishing test results in a barely-passing grade for users (CSO Online) Diligent recently surveyed 2,000 people to see who got caught hook, line and sinker for the phishing scam.

SANS Internet Storm Center (SANS Internet Storm Center) Researchers from University Alliance Ruhr have announced that they have discovered vulnerabilities in popular laser printers including models from HP, Lexmark, Dell, Brother, Konica and Samsung. The announced vulnerabilities have a range of effects, but could permit the contents of print jobs to be captured, permit delivery of buffer overflow exploits, password disclosure or even damage to the printer.

Spirent Security Experts Predict Greater Risk to Civil and Military Global Navigation Applications In 2017 (Yahoo! Finance) Spirent Communications plc , the leading provider of mobile network, application, services, and device-test solutions, today warned of the increased likelihood of disruptions this year to a wide variety of civil and military applications relying on global navigation satellite systems – GPS, GLONASS,

The NHS says Google mistook its 1.2 million employees for a huge cyberattack and blocked it (Business Insider) The search giant is 'intermittently' blocking Britain's doctors and nurses.

Facebook Warning That Homeland Security Is Sending Standing Rock Protesters Info To FBI Is A Hoax (Business 2 Community) Facebook pop-up windows are warning that the Department of Homeland Security is passing along entire Facebook histories of Standing Rock protesters to the Federal Bureau of Investigation. However, th…

Reddit bans r/altright over doxing (TechCrunch) Reddit has banned the r/altright subreddit for "the proliferation of personal and confidential information." That's a rather clinical way of describing what's..

Come Fly with Me: Securing the Drone (Infosecurity Magazine) New report seeks to aid the safe and secure creation and operation of unmanned aircraft systems

GitLab down after it deletes wrong directory and backups stumble (Graham Cluley) GitLab, which provides a source code version control repository for software developers, has come a cropper after an employee accidentally deleted a directory on the wrong server.

Security Patches, Mitigations, and Software Updates

WordPress patches dangerous XSS, SQL injection bugs | ZDNet (ZDNet) The security release fixes three flaws in the content management system.

Ignorance is Bliss? An Enormous WordPress Zero-Day has Been Secretly Fixed (The State of Security) A severe zero-day vulnerability has been fixed in WordPress, which could allow an attacker to modify the content of any post or page on a WordPress site.

​WordPress: Why we didn't tell you about a big zero-day we fixed last week | ZDNet (ZDNet) WordPress has revealed a serious flaw that it secretly fixed in last week's security update.

Netgear Addresses Password Bypass Vulns In 31 Router Models (Dark Reading) Company has made patches, workarounds available to mitigate password bypass threat that potentially impacted 1 million devices, Trustwave says.

Latest Ubuntu Update Includes OpenSSL Fixes (Threatpost | The first stop for security news) Ubuntu users are encouraged to update their operating systems to the latest OpenSSL package versions to address a collection of vulnerabilities.

Cyber Trends

Why 2017 will be the worst year ever for security (CSO Online) High-profile breaches are just the tip of the iceberg. Many have never been detected or disclosed--and without a major infrastructure changes it's only going to get worse

State of Cybersecurity from the Eye of the Storm (SecureWorks) Our experts dive into the fundamental security challenges organizations face in an ever-evolving threat landscape.

Threat Intelligence by the Numbers (Infographic) (Recorded Future) We’ve organized some intriguing statistics about the cyber landscape to help show why organizations must build an effective threat intelligence capability.

The problem with threat intelligence [Infographic] (CSO Online) 78% of security pros say threat intelligence is essential to their organization’s security, but just 27% say their organizations effectively use threat data. Why the disconnect?

AppSec teams facing resourcing issues that are making them vulnerable - Help Net Security (Help Net Security) A study of one hundred CISOs revealed that 94% are concerned about breaches in their publicly facing assets in the next 12 months.

Only 3% of the Apps on Your Company iPhones are Secure (Panda Security Mediacenter) A recent study has revealed that only 3% of the 200 most downloaded apps for iOS have implemented Apple's latest security protocols.

What would cybercrime figures look like if we reported attacks. (Infosecurity Magazine) Imagine what cybercrime figures would look like if we all reported attacks.

Spam Accounts for Two-Thirds of All Email Volume, and It's Still Going Up (BleepingComputer) Reports released by different security vendors highlight that spam campaigns grew tremendously in 2016, as exploit kit activity fell after the three major players went down.

'Malvertising' Increase 132 Percent in 2016, RiskIQ Study Finds (eWeek) Of the nearly 2 billion pages that RiskIQ scanned, researchers found 7.6 million fraudulent or malicious advertisements.

Machine Learning to Ward off Cyber Threats (ReadITQuik) ABI Research forecasts that spending on big data, analytics and intelligence would touch $96 billion by boosting the adoption of machine learning in cyber security

Does the health data industry prioritize profits or patients? (The Christian Science Monitor Passcode) In his new book about medical privacy, Adam Tanner argues patients are in the dark about a multibillion dollar industry that profits from their medical records.

Tampa, Orlando, and St. Louis had the Highest 2016 Malware Infection Rates in the United States (Enigma Software) Computers in Tampa, Orlando, and St. Louis are more likely than computers in any other city to be infected with malware. That's according to data released today by ESG, makers of the SpyHunter anti-spyware program.

Marketplace

Security Everywhere (Visa USA) Visa completes acquisition of CardinalCommerce

HPE acquires behavioral security analytics firm Niara | ZDNet (ZDNet) Niara's behavior analytics software will be integrated with HPE Aruba's ClearPass network security portfolio.

Radware buys Seculert, adding automated attack detection platform (Infosecurity Magazine) Radware acquires Seculert, adds SaaS automated attack detection platform

​In security, should Symantec, Cisco, IBM, Check Point and Intel be worried? (ARN) Incumbents set to be challenged as mid-size vendors come into play.

Symantec CEO Predicts Upcoming Shakeout In Endpoint Security Market (CRN) There's no standing room left in the market for endpoint security, according to Symantec CEO Greg Clark. The ever-acquisitive security giant's CEO says he sees some legacy and startup players getting left behind.

FireEye’s Value Proposition in the Cybersecurity Space (Market Realist) Previously in this series, we discussed FireEye’s (FEYE) recent offerings and the company’s focus on SaaS (software-as-a-service) to generate revenue growth. In this part, we’ll look at FireEye’s value proposition among select US cybersecurity companies.

Browser Isolation Pioneer Light Point Security Posts Over 450% Year-Over-Year Revenue Growth (PRNewswire) Light Point Security, creators of the Light Point Web Full Isolation...

RedSeal Reaches Profitability in 2016 with Strong Year-Over-Year Growth (Yahoo! Finance) RedSeal , the leader in network modeling and cyber risk scoring, today announced its 2016 bookings were up 45 percent compared to the previous year, and the company was cash flow positive nearly $5 million...

Fixing the Nation's Cybersecurity Talent Shortage (Transmosis) Almost weekly, we hear of encroachments into big data systems in government, the military, finance, health, hospitality and retail – to name just some of the affected industry sectors. As awareness of our vulnerability has increased, demand for cybersecurity specialists has risen dramatically.

Rise of the 'accidental' cybersecurity professional - TechRepublic (TechRepublic) To fill cybersecurity job shortages, a number of people, especially women, are entering the field from other careers. Here's why they might be able to help your company.

INSA Announces Recipients of 2017 Achievement Awards | WashingtonExec (WashingtonExec) The Intelligence and National Security Alliance (INSA) announced Jan. 25 the recipients of the 2017 INSA Achievement Awards. The awards recognize outstandi

Products, Services, and Solutions

Webroot Expands Threat Intelligence (Webroot) New products detect and mitigate advanced threats with deep visibility into network and Web

LightCyber Introduces New Tools for Corporate Security Assurance (BusinessWire) New reporting assures boards and executives that networks are free from attackers, and new efficiency metrics confirm operational expense benefits of Magna Platform.

ServiceNow Resolves Real Security Threats Fast (ServiceNow) ServiceNow (NYSE: NOW), the enterprise cloud company, today announced integrations from leading cybersecurity companies into ServiceNow Security Operations solution.

TechDemocracy Introduces Intellicta – the First Platform to Offer Enterprises Holistic Assessment of Compliance, Security, Risk and Governance Tools (GlobeNewswire News Room) Standards-based, framework-driven platform helps companies maximize value from their technology investments

DarkLight Announces Strategic Alliance with Agile Defense, Inc. (GlobeNewswire News Room) Enables integration of next-generation security analytics platform to arsenal of proven IT capabilities

IRONSCALES Launches First Anti-Spoofing Email Security Tool to Combat Phishing Threats in Real-Time at RSA 2017 (PRWeb) Anti-impersonation Outlook plugin, known as IronShield, will serve as a virtual security analyst for employees, inspecting & analyzing all emails at the mailbox level using deep scans & machine learning

Tenable Unveils SaaS Platform that Redefines Vulnerability Management for Today’s Elastic IT Environments (BusinessWire) New Tenable.io cloud platform debuts asset-based licensing, introduces container security and web application scanning

Model N Deploys Egnyte Connect to Build a Secure Digital Workplace for Global Collaboration (IT Business Net) Egnyte, the leading cloud provider of smart content collaboration and governance for the enterprise, today announced Model N, a leader in revenue management solutions, has deployed Egnyte Connect as their company-wide solution for global content collaboration and management.

Calctopia Announces Launch of The Secure Spreadsheet™ (Yahoo! Finance) Calctopia announces the launch of The Secure Spreadsheet™, the first computer program for cryptographic secure computation aimed at a general public: now two parties, empowered by the latest advancements in cryptography research, will be able to keep their data private.

Fortinet FortiGate Enterprise Firewalls Approved by Defense Department’s Top Cybersecurity Authority as a Solution for Classified Networks (Yahoo! Finance) Philip Quade, chief information security officer, Fortinet“ US Federal customers require the industry’ s most advanced commercial technologies to deliver the best security...

Are you often the victim? (iTWire) Sophos has released an online Phish Threat Tester – security awareness testing and training for end users whose behaviour is responsible for ove...

Imperva Incapsula Now Available in the Microsoft Azure Marketplace (Yahoo! Finance) Imperva, Inc., committed to protecting business-critical data and applications in the cloud and on-premises, announced that the Imperva Incapsula solution is available...

Waverley Labs Announces Software Defined Perimeter (SDP) for Distributed Denial of Service (DDoS) Attacks (Marketwired) Waverley Labs, a pioneer in software defined perimeters (SDP) and digital risk reduction solutions, today announced availability of a Software Defined Perimeter (SDP) engineered to eliminate distributed denial of service (DDoS) attacks. A demo of the SDP for DDoS can be seen here

Farsight Security Joins New ThreatQuotient Partner Integration Program (WebWire) Today Farsight Security, Inc., the world’s largest provider of real-time and historical DNS intelligence, announced that the company has joined the new ThreatQuotient Partner Integration Program and successfully integrated the Farsight DNSDB solution into the ThreatQ threat intelligence platform.

Technologies, Techniques, and Standards

Why GDPR may inhibit privacy and security-enhancing technologies (Computing) By sticking rigidly to 1970s definitions of 'processors' and 'controllers', GDPR may hinder the growth of decentralised peer-to-peer alternatives.

Is America Prepared for Meme Warfare? - Motherboard (Motherboard) Memes function like IEDs.

Is Wi-Fi secure enough for the federal government? (FederalNewsRadio.com) Jon Green, chief technology officer for Aruba Government Solutions, explores why mobility and Wi-Fi access in the federal government is not a security risk.

DDoS Protection: 14 Unique Ways to Protect Yourself from DDoS Attacks | Rivalhost (RivalHost) DDoS attacks have increased by 250% over the past 3 years. Learn how to keep your business protected today!

Don't Speak Wookiee to the Board (RiskLens) Discover what two beloved Star Wars heroes can teach us about our communication of cyber risk to the business and the board.

MDM technologies 'misunderstood' - Malwarebytes (Channelnomics) Channel should focus on security training, exec tells Channelnomics

What’s an adaptive security architecture and why do you need it? (Vectra) Network-based malware detection addresses increasing complexity of malware ecosystem but doesn’t make attribution a key priority.

Surviving a cloud-based disaster recovery plan (Ars Technica) Getting data offsite is easier today, but what happens when the Internet isn’t there?

10 Essential Elements For Your Incident-Response Plan (Dark Reading) The middle of a DDoS attack or ransomware infection is hardly the time to start talking about divisions of labor, or who should do what when.

How to keep children safe on Facebook and other online dangers (CSO Online) Keeping children safe online presents a real challenge for parents today. Whether you're worried about what they might see on YouTube or who they might speak to on Facebook, we have the best tips for security settings as well as ground rules that can help you protect kids from the nasty side of the internet.

Design and Innovation

Ignorance is not bliss: Why security must never be an afterthought for our smart cities (Security Brief) APAC nations take note: Our smart cities may be more efficient, but they could also be crippled by a cyber attacks.

Research and Development

NTU Singapore, BGU Israel team up on cyber project (The Times of Israel) Singapore’s NTU and Ben-Gurion University seek to fight complex cyberthreats by using the human body as a model

2017 Japan Prize Honors Trailblazers in Life Science and Cryptography (PRNewswire) Central to its deep commitment to honor the most innovative and meaningful...

Academia

Law school starts cybersecurity project as field's popularity grows (The GW Hatchet) Faculty working with the program said it will bring law scholars, students and the public together for discussion about the intersection of law and technology.

Legislation, Policy, and Regulation

Influencers: US should hit Russia harder for political hacks (The Christian Science Monitor Passcode) The US should retaliate more strongly against Russia for its digital attacks on American political organizations, more than three-quarters of Passcode’s Influencers said.

Cyber-spying, leaking to meddle in foreign politics is the New Normal (Register) Ah, kids today! Nope, nope, this is governments we're talking about

Trump and Putin's Game Theory (Foreign Affairs) A rational Trump could never believe that Putin will stick to his word, just as a rational Putin could not believe that Trump would stick to his.

House Passes 17 Sweeping Bipartisan Bills To Enhance Homeland Security (Homeland Security Today) Assuring that the “House Committee on Homeland Security continues its efforts to shield the homeland and protect Americans right out of the gate in the 115th Congress,” committee chairman Michael McCaul’s (R-TX) office said Tuesday “the House passed 17 Committee bills that touch on a wide array of homeland security issues—from the security of our border, transportation and cyber networks, to counterterrorism, first responder capabilities and ensuring the Department of Homeland Security [DHS] runs efficiently.

The private sector is the key to success for the Department of Homeland Security (CSO Online) Infrastructure protection is a shared responsibility that cannot be met by government alone.

Van Hollen, former NSA director discuss government, private sector collaboration (Capital Gazette) U.S. Sen. Chris Van Hollen and the former director of the NSA talked Wednesday in Linthicum about the importance of the government working with the private sector to improve the country's cyber security.

Battle Staffs Need More Cyber Training, Leaders Say (GovTechWorks) Military cyber operations capabilities are developing faster than planners and commanders can use them on the battlefield. This reality prompted a fresh look at classification and training to ensure battle staffs know how and when to employ cyber effects.

Netherlands Opts For Manual Vote-Count Amid Cyberattack Fears (Dark Reading) Ballots will be counted by hand in the March 15 election after doubts surface over the safety and security of electronic system.

Litigation, Investigation, and Law Enforcement

Фигурирующий в деле о госизмене сотрудник ФСБ в прошлом был хакером (РБК) Третий фигурант дела о госизмене, по которому проходят сотрудник «Лаборатории Касперского» и офицер ФСБ, оперативник Дмитрий Докучаев, ранее был хакером. По этой причине его завербовали в ФСБ, говорят источники РБК

In treason case, Russia alleges security experts aided US (CSO Online) Two officers of the Russian Federal Security Service, the FSB, and a cybercrime investigator from Kaspersky Lab have reportedly been charged with treason for allegedly helping U.S. intelligence services.

Russian spy purge after suspected leaks to U.S. intelligence (CNN via Gant Daily) There’s a purge of spies underway in Moscow, where two high-ranking Russian security service agents, a cybersecurity expert and a fourth man have been charged with treason for passing along secrets to American intelligence, according to a lawyer defending one of the men.

Treason Through the FSB Looking Glass (Moscow Times) Why 'espionage' arrests at the heart of Russia’s security services are not all that they seem

FBI Continues To Demand Far More Info Than It's Supposed To With Its National Security Letters (Techdirt.) Mike covered Twitter's release of two FBI NSLs it had received in the last few years -- more evidence that the USA Freedom Act, if nothing else, has made review of NSL gag orders more timely and the orders themselves more easily...

Cops May Get Location Data Without Warrants. That Has to End (WIRED) Opinion: Lawmakers should craft privacy regulations to ensure protection of citizens’ Constitutional rights.

Conflicting Reports Suggest Phineas Fisher (HackBack) Arrested in Spain (HackRead) Spanish police have arrested three suspects for their alleged involvement in data breach against Catalan police Mossos D’Esquadra server in 2016. Germany-b

Hacker Phineas Fisher arrested in Spain? - Help Net Security (Help Net Security) Has Phineas Fisher, the person (or group) behind the Gamma International and Hacking Team breaches and data leaks, been arrested?

Brit arrested after hacking into US CCTV days before Donald Trump's inauguration (The Sun) A Brit was arrested after a crippling attack on Washington DC’s CCTV network just days before Donald Trump’s inauguration. Cops swooped on a South London address after computer criminals disabled...

Spoofed Grindr Accounts Turned One Man’s Life Into a ‘Living Hell’ (WIRED) When someone started making fake Grindr profiles for Matthew Herrick, more than 700 men came to his home and work.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Second Annual International Security Conference (Riyadh, Saudi Arabia, February 27 - 28, 2017) The conference will facilitate national, regional and international collaboration between government, industry and critical infrastructure organizations. It will also feature investors who want to diversify...

Upcoming Events

Southern Virginia - Cyber Security Lunch & Learn (Norfolk, Virginia, USA, February 2, 2017) Cyber security experts discuss security incident response. Dealing with cyber security risk is an exercise in managing daily chaos. Organizations know they need to improve their posture but common roadblocks...

Insider Threat Program Development Training For NISPOM CC 2 (Toms River, NJ, USA, February 6 - 7, 2017) Insider Threat Defense announced it will hold a 2 day training class on Insider Threat Program Development (NISPOM Conforming Change 2) on Feb. 6-7, 2017, in Toms River, NJ. For a limited time the training...

The Risks and Benefits of Artificial Intelligence and Robotics (Cambridge, England, UK, February 6 - 7, 2017) The Risks and Benefits of Artificial Intelligence and Robotics Workshop aims to provide media and security professionals with an in-depth understanding of the implications that the rapid advancement of...

SANS Southern California - Anaheim 2017 (Anaheim, California, USA, February 6 - 11, 2017) Learn practical, relevant tips and techniques from industry leaders. Join us for SANS Southern California - Anaheim 2017, and choose from eight courses on cyber defense, penetration testing, incident response,...

Cyber Protect Conference (Nottingham, England, UK, February 9, 2017) Business owners have been invited to attend Nottinghamshire's first-ever cybercrime conference to learn how to better protect their data. The Cyber Protect Conference is being jointly hosted by the county's...

Workplace Violence & Response To Active Shooter Events Meeting (Laurel, Maryland, USA, February 9, 2017) The National Insider Threat Special Interest Group (NITSIG) will be hosting a meeting on February 9, 2017, at the Johns Hopkins University Applied Physics Laboratory, Laurel, MD. The meeting will be exclusively ...

RSA Conference 2017 (San Francisco, California, USA, February 13 - 17, 2017) The current state of cybersecurity means there are many opportunities for the industry as a whole to collaborate on new innovations. Discovering the next great opportunity will require everyone to embrace...

Using STIX/TAXII to share automated cyber threat data (San Francisco, California, USA, February 15, 2017) Cybersecurity experts representing the financial sector, healthcare, utilities, software providers, government, academia and nonprofits continue to define/develop the STIX/TAXII specifications as the solid...

Insider Threat Program Development Training For NISPOM CC 2 (Simi Valley, CA, USA, February 22 - 23, 2017) Insider Threat Defense announced it will hold a 2 day training class on Insider Threat Program Development (NISPOM Conforming Change 2) on Feb. 22-23, 2017, in Simi Valley, CA. For a limited time the training...

Maritime & Port Security ISAO: Operationalizing Cyber Resilience (Cape Canaveral, Florida, USA, February 22 - 24, 2017) The Maritime & Port Security Information Sharing & Analysis Organization (MPS-ISAO) convenes its inaugural conference “Maritime & Port Cyber Resilience - Adding a New Layer of Cybersecurity” February 22-24,...

Risky Business (London, England, UK, February 23, 2017) How are you tackling Cyber Crime in the Property Transaction? Join our panel of expert speakers at the IET in London to find out more about cyber crime in the property transaction and the steps you can...

The 2nd China Automotive Cyber Security Summit 2017 (Shanghai, China, February 24, 2017) CACSS2017 will Provide a platform for Automotive OEMs, Tier 1 suppliers, Automotive security solution/ technology/products developers,Automotive electronics companies, IT companies, Mobile data suppliers,...

SANS Dallas 2017 (Dallas, Texas, USA, February 27 - March 4, 2017) We are pleased to invite you to attend SANS Dallas 2017, on February 27- March 4 at The Westin Dallas Downtown, located in the heart of the city. We have selected several of our top information security...

Autonomous Vehicles Silicon Valley (Santa Clara, California, USA, February 28 - March 2, 2017) The road to autonomy: Regulation. Consumer Acceptance. Safety & Security. Explore the latest technologies and hottest issues for the autonomous vehicles industry.

The Cyber Security Summit: Denver (Denver, Colorado, USA, March 1, 2017) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts.

International Cyber Risk Management Conference (ICRMC) (Toronto, Ontario, Canada, March 2 - 3, 2017) The third annual International Cyber Risk Management Conference (ICRMC) brings together a world class roster of experts with cross-sector, global and multidisciplinary expertise to share knowledge, lessons ...

SANS San Jose 2017 (Milpitas, California, USA, March 6 - 11, 2017) Securing and defending your network has never been more important as attacks and breaches make the news daily. Gain the skills and tools you need to win the battle against the wide range of cyber adversaries...

15th annual e-Crime & Cybersecurity Congress (London, England, UK, March 7 - 8, 2017) Europe's largest and most sophisticated gathering of senior cybersecurity professionals from international business, governments, law enforcement and intelligence agencies.

Investing in America’s Security: Cybersecurity Issues (Jersey City, New Jersey, USA, March 10, 2017) Please join us for the 5th Annual Northeast Regional Security Education Symposium hosted by the Professional Security Studies Department at New Jersey City University. The Symposium’s keynote address will...

IAPP Europe Data Protection Intensive 2017 (London, Englan, UK, March 13 - 16, 2017) Set in London, the Data Protection Intensive delivers innovative solutions to today’s top privacy and data protection challenges. Known for its exceptional programming, the Intensive has come into its...

Rail Cyber Security Summit (London, England, UK, March 14 - 15, 2017) Now in its second year, the event will take place at the Copthorne Tara Kensington hotel in London between March 14th and 15th 2017 and will feature a range of experts from the rail transport industry,...

CyberUK 2017 (Liverpool, England, USA, March 14 - 16, 2017) Announcing the UK government's flagship IA and cyber security event, for 2017. This is a three day event that will bring together cyber security leaders and professionals from across the UK’s information...

Cybersecurity: The Leadership Imperative (New York, New York, USA, March 16 - 17, 2017) Cyber risk impacts every element of your organization – and even the most brilliant information security expertise must be supported by a cross-functional cybersecurity structure and culture to succeed.

BSides Canberra (Canberra, Australia, March 17 - 18, 2017) BSidesCbr is a conference designed to advance the body of Information Security knowledge, by providing an annual, two day, open forum for discussion and debate for security engineers and their affiliates.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.