skip navigation

More signal. Less noise.

Daily briefing.

As US investigation of Russian influence operations proceeds, France warns Moscow to stay out of upcoming French elections.

Kaspersky Lab researchers are tracking an evolved Windows-based botnet that's spreading Mirai malware. The emerging Mirai variant under examination also seems able to migrate to Linux systems.

KrebsOnSecurity reviews a low-key, ambiguous vulnerability disclosure of a supply-chain exploitation attack RSA calls "Kingslayer." The software affected is EVlog, by Altair Technologies. Altair has, since the KrebsOnSecurity post, released more information about the issue. RSA's report on the attack discerns similarities between this exploit and work by threat actors Shell_Crew and Codoso. Codoso has also been investigated by Palo Alto and ProofPoint.

Researchers report unpatched FTP protocol injection vulnerabilities in Java and Python.

Bleeping Computer offers notes on Internet Explorer 11's susceptibility to an "unstoppable" JavaScript attack that enables ad fraud, tech support scams, and vulnerability to various zero-days. The good news is that the problem seems confined to IE 11; the bad news is that IE 11 retains significant browser market share: 10.46%, according to Bleeping Computer.

Gamers were distressed by an outage affecting Battlefield 1 servers. It's unclear whether the outages were due to attacks or bugs.

The Intercept has a long piece on Palantir's aspirations to become a primary contractor serving the US Intelligence Community, and the progress it made toward that goal over the last few years. Here's a short version: Peter Thiel is Féanor; James Clapper Saruman. (We're just spitballing here, but we're pretty sure about that Féanor attribution.)

Notes.

Today's issue includes events affecting France, Iraq, Philippines, Russia, United Arab Emirates, United Kingdom, United States.

Today's podcast features our partners at the Johns Hopkins University: Joe Carrigan will talk us through privacy tools being recommended by the Electronic Frontier Foundation. Our guest is Endgame's Mark Dufresne, who discusses in-memory fileless exploits.

Give the special prognostication edition of our podcast a listen: industry experts and editors covering the cyber beat give their take on cyber in 2017.

Hacking The Home (Fulton, MD, USA, February 26, 2017) DataTribe, a startup crucible for entrepreneurs, is sponsoring a February 2017 Hacking the Home contest. Teams will be competing to develop new product functionality, integrations, skills, and/or exploits around the growing ecosystem of home automation devices.

The Cyber Security Summit: Denver (Denver, Colorado, USA, March 1, 2017) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts.

How to Invest Your 2017 Cyber Security Training Budget for Maximum ROI (Webinar, March 2, 2017) When it comes to securing an organization’s network, most stakeholders understand that cyber security education and training are not a luxury – they're a necessity. In this webinar we will discuss how best to spend those precious training dollars to get a solid return on investment.

2nd Annual Billington International CyberSecurity Summit (Washington, DC, USA, March 30, 2017) The 2nd Annual Billington International Cybersecurity Summit on March 30, 2017 at the National Press Club in Washington, DC will feature over 300 world class cybersecurity decision-makers from allied nations and the US in an intensive day of knowledge exchange and relationship building.

Dateline RSA 2017

RSA Conference 2017 Closes With Record Attendance (RSA Conference) RSA Conference, the world’s leading information security conferences and expositions, today concluded its 26th annual event in San Francisco. A record number of more than 43,000 attendees experienced keynotes, peer-to-peer sessions, track sessions, tutorials and seminars.

RSA Wrap-Up: Top Stories From the 2017 RSA Conference (Security Intelligence) For our RSA wrap-up, we summarized some key points and takeaways about emerging trends such as the IoT, security analytics and the IT skills shortage.

RSAC 2017 Roundup: Smart & IoT Security Dominate (ABIresearch) The RSA Conference is one of the largest conferences globally for the cybersecurity industry (if not the largest), and I attended this year’s event with interest once more.

2017 Is a Transformative Year for Security (Tenable Network Security) For organizations around the globe, security is evolving from a technology issue to a business issue.

Where Do Venture Capitalists See Security Opportunities? (eSecurity Planet) VCs from Trident Capital Cybersecurity, Elephant, Glasswing Ventures and Ten Eleven Ventures discuss where they see the opportunity to profit.

How a dynamic range of authentication can open doors for trusted customers (Help Net Security) Michael Thelander, Director of Product Marketing at iovation, talks about lessons learned from bringing authentication technology out to customers.

RSA Trend: Cloud, IoT Cybersecurity Skills Gap Drives Security Services Demand (Channel Partners) The cybersecurity trends that stood out this year were cloud and container security, machine learning, securing the Internet of things, rugged DevOps and

The Cyber Threat Alliance is a real “Thing” now (LinkedIn) As many of you know, a small group of security vendors have been working on building the first real security vendor sharing organization similar to the ISAC or ISAO model.

NTT Security: Delivering cyber resilience (Help Net Security) Garry Sidaway, SVP of Security Strategy & Alliances for NTT Security, talks about the formation of NTT Security and how they deliver cyber resilience.

Cyber Attacks, Threats, and Vulnerabilities

France Warns Russia To Stay Out Of Its Presidential Election (NPR) The French government warned the Kremlin not to interfere in its presidential vote after signs of a disinformation and hacking campaign against a rising candidate who is not sympathetic to Russia.

Donald Trump Website Hacked by Iraqi Hacker (HackRead) An Iraqi hacker going by the online handle of Pro_Mast3r ~ hacked and defaced a server associated with presidential campaign fundraising for Donald Trump.

Advanced Windows botnet spreads Mirai malware (Help Net Security) Experts are analyzing the first Windows-based spreader for the Mirai malware as part of a concerted effort to close down Mirai botnets in the wild.

Windows Botnet Spreading Mirai Variant (Threatpost) A Windows-based botnet is spreading a Mirai variant that is also capable of spreading to Linux systems under certain conditions, Kaspersky Lab researchers said.

How to Bury a Major Breach Notification (KrebsOnSecurity) Amid the hustle and bustle of the RSA Security Conference in San Francisco last week, researchers at RSA released a startling report that received very little press coverage relative to its overall importance. The report detailed a malware campaign that piggybacked on a popular piece of software used by system administrators at some of the nation’s largest companies. Incredibly, the report did not name the affected software, and the vendor in question has apparently chosen to bury its breach disclosure. This post is an attempt to remedy that.

Kingslayer - A Supply Chain Attack (RSA) RSA Research investigated the source of suspicious, observed beaconing thought to be associated with targeted malware.

Java and Python Contain Security Flaws That Allow Attackers to Bypass Firewalls (BleepingComputer) Both Java and Python contain similar security flaws that allow an attacker to bypass firewalls by injecting malicious commands inside FTP URLs.

Unstoppable JavaScript Attack Helps Ad Fraud, Tech Support Scams, 0-Day Attacks (BleepingComputer) Argentinian security expert Manuel Caballero has published new research that shows how a website owner could show a constant stream of popups, even after the user has left his site, or even worse, execute his very own persistent JavaScript code while the user is on other domains.

Security Alert: TeamSpy Malware Spammers Turn TeamViewer into Spying Tool in Targeted Attacks (Heimdal Security Blog) This infection compromises your TeamViewer application to gain full control of your system and steal your private data. Here are the details:

RAMNIT: The Comeback Story of 2016 (TrendLabs Security Intelligence Blog) Earlier this year, Action Fraud, the UK’s fraud and cybercrime reporting center, issued a warning that cyber criminals were taking advantage of generous individuals by sending phishing emails purportedly from Migrant Helpline, a charity organization dedicated to assisting migrants across the country.

Flipping Bits and Opening Doors: Reverse Engineering the Linear Wireless Security DX Protocol (The Duo Security Bulletin) A security researcher on the Duo Labs team details how he found several vulnerabilities in a wireless physical security system.

Firefox Users Fingerprinted via Cached Intermediate HTTPS Certificates (BleepingComputer) The way in which Firefox caches intermediate CA certificates allows a third-party to deduce various details about website visitors and also link advertising profiles to private browsing sessions.

Anatomy of a cyber attack explained at HIMSS17 (Health Data Management) Children’s hospitals cannot assume they are immune from hackers, Daniel Nigrin says.

Big Blue's big blunder: IBM accidentally hands over root access to its data science servers (Register) Private Docker Swarm keys leak into public containers

Do Software-Defined Data Centers Pose Security Concerns? (Dark Reading) SDDC adoption is likely to trigger widespread data security governance programs, with 20 percent of organizations considering them necessary to prevent data breaches.

Ransomware attacks growing rapidly, organizations are struggling (Help Net Security) The percentage of ransomware attacks increased from 5.5%, to 10.5% of all recognized malware attacks from July to December 2016, according to Check Point.

Social Media Impersonators Drive Security Risk (Dark Reading) A new pool of research digs into the fraudulent social media accounts, a growing threat to individuals and businesses.

EA Servers Go Down; Battlefield 1 Servers Facing Outage (HackRead) If you are wondering what is going on with Battlefield 1 then you are not alone, EA servers are down impacting Battlefield 1’s players in the United States

U.S. Homeland Security employees locked out of computer networks: sources (Reuters) Some U.S. Department of Homeland Security employees in the Washington area and Philadelphia were unable to access some agency computer networks on Tuesday, according to three sources familiar with the matter.

Malware Lets a Drone Steal Data by Watching a Computer’s Blinking LED (WIRED) Israeli researchers show that innocent LED indicator on your computer can leak your deepest secrets.

Security Patches, Mitigations, and Software Updates

Microsoft pushes out patches for critical Flash Player vulnerabilities (Help Net Security) Microsoft skipped its February 2017 Patch Tuesday, but there are security holes in Adobe Flash Player that must be plugged now.

Microsoft issues critical security patch, but leaves zero-day flaws at risk (ZDNet) Windows users will have to wait another three weeks to patch two serious vulnerabilities with exploit code when Microsoft's regular patching schedule resumes.

Cyber Trends

Threat of Cyber Attack Is Biggest Fear for Businesses (Bloomberg.com) The threat of cyber attacks and political instability resulting from rising populism are among the biggest worries for businesses around the world, according to a study of companies in 79 countries.

Hacks, lean IT teams push SMEs towards next-gen cybersecurity tools (Channel NewsAsia) Phoon Huat, a homegrown baking supplies company, was hit by ransomware last August, which prompted the SME to deploy a cybersecurity tool with machine learning built into it. 

PH among Top 10 countries under malware threats -- report (InterAksyon) Of the top five locations across the globe most at risk of infection by malicious software, two are located in Southeast Asia

Medical device security reaches a tipping point (Healthcare IT News) Hospitals have recognized the need to fix flaws in connected devices but solutions will require a sustained effort.

Is healthcare industry's security spending focused on the wrong technologies? (Help Net Security) Global healthcare IT pros are confronting a changing, challenging landscape, with 66% experiencing a data breach and 88% feeling vulnerable as a result.

Marketplace

Trend Micro: Why Most Cybersecurity Startups Won't Survive (BankInfoSecurity) The honeymoon period for smaller players in cybersecurity is nearing an end, predicts Trend Micro CTO Raimund Genes. Achieving profitability has proven to be

Cyber attack remains top business continuity concern, preparedness for all threats urged: Horizon Scan Report (Canadian Underwriter) Cyber attack, data breach and unplanned IT and telecom outages are the greatest concerns among business continuity professionals, concludes the sixth annual Horizon Scan Report, released Tuesday.

Healthcare Cybersecurity Increasingly Key Issue in C-Suite (HealthITSecurity) KLAS Research and CHIME showed in a survey that healthcare cybersecurity is an increasingly hot topic at the board level and in the C-suite.

Why Verizon is still buying Yahoo on sale, despite that epic security breach (Washington Post) The two companies agreed to a $350 million discount on the price.

How Peter Thiel’s Palantir Helped the NSA Spy on the Whole World (The Intercept) Documents provided by NSA whistleblower Edward Snowden reveal Palantir’s role in creating the U.S. government’s international spy machine.

Apple buys Israeli firm RealFace for facial-recognition tech (Computing) Could be added to iPhone 8

Microsoft CEO says artificial intelligence is the 'ultimate breakthrough' (Mashable) Nothing beats the understanding of natural language.

Malwarebytes to enter 'next wave' of expansion as it gears up for partner programme launch (Channelnomics) Nordic and southern Europe office openings earmarked for the end of this year,Security,Vendor ,Southern Europe,The Nordics,Malwarebytes,vendor,security

Harris wins big to build battle management system for UAE (Defense News) Harris has won a $189 million contract to provide an integrated battle management system to the United Arab Emirates armed forces, the company announced Monday.

Blue Cedar Continues to Fuel Growth Momentum With New Executive Hires (Yahoo! Finance) Blue Cedar, the leader in enterprise mobile app data security, today continued its growth momentum with a trio of new hires. Chris Ford came aboard as chief product officer, Jeanne Angelo-Pardo joined as chief financial officer and Pam Brodt enlisted as vice president of global sales.

Veteran Software and Cybersecurity Executive, Ed Hammersla, Joins Utilidata as CEO (Yahoo! Finance) Utilidata, Inc. announced today that Ed Hammersla, a software and cyber security executive with over 40 years of experience, has joined the company as Chief Executive Officer.

Products, Services, and Solutions

Connected cars: Rohde & Schwarz Cybersecurity now provides dedicated security solutions for IoT automotive telematics (ipoque) Building a secure automotive telematics platform to achieve a profitable business model for automakers and ecosystem partners is a challenging task for mobile network operators. As the platforms lack detailed security specifications and a standardized framework, they become an attractive target for cybercriminals.

Zentera Systems Announces CenturyLink as First Telecom Integration for Its Cloud over IP Platform (Crossroads Today) Zentera Systems, Inc., the leader in multicloud security and networking, today announced that its infrastructure security solution for the multicloud ecosystem now integrates with telecommunications industry cloud service providers, delivering defense-in-depth that secures production workloads across managed service datacenters, as well as multiple clouds, without requiring changes to existing infrastructure.

AlgoSec Launches New App for Cisco ACI to Monitor and Assess Risk and Compliance Across the Enterprise Network (Marketwired) First security policy management app on the newly launched Cisco ACI App Center, app complements AlgoSec's full-scale integrated sSolution for Cisco ACI

Oxygen Forensic® Detective 9.2 Offers Mobile Forensics Experts Ability to Organize WebKit Data on iOS and Android Devices (Oxygen Forensics) Oxygen Forensics, a worldwide developer and provider of advanced forensic data examination tools for mobile devices and cloud services, announced today that its flagship product, Oxygen Forensic® Detective 9.2, now features the ability to organize WebKit data from iOS and Android devices, saving critical time in accessing webmail and the content of visited pages.

Focal Point Launches ForceID Audit to Measure IAM Maturity (Focal Point) ForceID draws on Focal Point’s unmatched identity and access management experience to deliver secure identity controls as agile as today’s businesses.

LockPath Included in Gartner’s Market Guide for Audit Management Solutions (LockPath.com) LockPath has been included as a Representative Vendor in Gartner Inc.’s February 3, 2017 Market Guide for Audit Management Solutions

Viptela Receives NFV Certification on ADVA Ensemble Orchestrator (BusinessWire) Viptela SD-WAN platform has been certified with ADVA Ensemble Orchestrator for network functions virtualization.

illusive networks Adds Kill Switch Capabilities to its Deceptions Everywhere Cybersecurity Platform with Integration of Cisco pxGrid (PRNewswire) illusive networks, the leader in Deceptions Everywhere®...

Gemalto and Microsoft join forces to provide seamless connectivity for Windows 10 devices (Yahoo! Finance) Gemalto (Euronext NL0000400653 GTO), the world leader in digital security, is presenting the newest release of its On Demand Connectivity and eSIM technology for Windows...

IBM joins government’s secure cloud list (Computerworld) Infrastructure as a service and platform as a service offerings from IBM have been added to the government’s Certified Cloud Services List (CCSL), which is maintained by the Australian Signals Directorate.

VMware, Intel collaborate on healthcare security (iTWire) Virtualisation company VMware is collaborating with Intel Health and Life Sciences in an initiative it says is designed to help global healthcare orga...

Mullvad delivers faster VPN connectivity with regional expansion (News Powered by Cision) Mullvad has expanded its offering of region-based VPN

AdaptiveMobile launches Open Platform Initiative (Telecompaper) AdaptiveMobile launched its Open Platform Initiative to provide availability to its Network Protection Platform (NPP) converged carrier security platform to cloud communication companies and OTT messaging applications.

Dashlane Banks on Smartling to Translate its Secure Password Management into 15 Languages (Yahoo! Finance) As today's connected consumers continue to create more and more online accounts, many are finding it difficult to balance security with simplicity when protecting their personal information. Smartling, ...

Russian security company to compete with Microsoft via new OS (TechRadar) Kaspersky’s OS is built from scratch for top-notch IoT security

Kaspersky: No whiff of Linux in our OS because we need new start to secure IoT | ZDNet (ZDNet) While Linux might be on millions of IoT devices, Kaspersky says there's no trace of it on its new secure OS.

Core Security Continues to Lead Identity Management Innovation with Introduction of New Toolkit (Yahoo! Finance) Core Security ®, a leader in Identity and Access Management, Vulnerability, and Network Detection and Response, today announced the release of Core Connector API, ...

Lattice Engines Improves SaaS Security and Compliance Reporting with Tenable Network Security (BusinessWire) Tenable announced today that Lattice Engines, a leading provider of predictive analytic solutions, has simplified reporting and reduced cyberthreats w

Wombat Security Technologies Expands Healthcare Security Awareness Training Program, Launching at HIMSS17 in Orlando (Yahoo! Finance) As news of data breaches and phishing scams circulate, healthcare professionals may be more aware of cybercrime, but cyber attackers are becoming equally savvy. ...

ESET looks to deepen enterprise penetration with new threat intelligence service - ChannelBuzz.ca (ChannelBuzz) ESET is taking the intelligence grid that it uses internally in its cloud protection system, and making it available to customers as a service.

RedOwl Enters Agreement with immixGroup to Reduce Insider Threat Risks for Government (Yahoo! Finance) RedOwl, the leading provider of insider risk solutions, today announced an agreement with immixGroup, an Arrow company that helps technology companies do business with the government. Through immixGroup ...

Waratek Offers $10,000 No False Positive Guarantee (Yahoo! Finance) Waratek, a pioneer in the next generation of application security solutions, has announced a new false positive guarantee tied to the Waratek Application Security Platform. For every instance of a false positive generated for the Open Web Application

Technologies, Techniques, and Standards

Detecting PLC malware in industrial control systems (Help Net Security) How can attackers load programmable logic controllers (PLC) with destructive malware, and how can the operators of industrial control systems detect it?

DHS offering GPS resiliency tests for critical infrastructure devices (TheHill) Tests will check if GPS devices can withstand jamming and fake signals, called spoofing.

How to leverage intelligent deception to detect cyber attacks (Help Net Security) Yoel Knoll, VP of Marketing for TopSpin Security, talks about how you can leverage intelligent deception in order to detect cyber attacks.

The value of sharing threat intelligence (Information Age) Sharing threat intelligence is not common practice, but it can serve as a valuable asset in the fight against malicious cyber attacks

How to leverage intelligent deception to detect cyber attacks (Help Net Security) Yoel Knoll, VP of Marketing for TopSpin Security, talks about how you can leverage intelligent deception in order to detect cyber attacks.

PHP Becomes First Programming Language to Add Modern Cryptography Library in Its Core (BleepingComputer) The PHP team has unanimously voted to integrate the Libsodium library in the PHP core, and by doing so, becoming the first programming language to support a modern cryptography library by default.

Border Digital Safety for Journalists (Errata Security) The CPJ, the "Committee to Protect Journalists", offers some horrible advice [ * ] on Digital Security, especially when crossing the border....

Design and Innovation

Google and Bing plan to bury pirated content (Naked Security) From 1 June 2017 Google and Bing will to de-prioritise unlawful sharing sites

Homeland Security Wants To End The Scourge Of DDoS Attacks (Forbes) In 2017, Homeland Security has as much to do with securing digital borders as it does geographical ones. One push the DHS is leading to make cyberspace safe for Americans is the DDoSD project.

Research and Development

Forcepoint™ Research Shows Understanding People’s Behaviors and Intent Critical to Future of Cybersecurity – But Significant Gaps Exist (Forcepoint) Nearly 80 percent of cyber professionals say enterprises must understand behaviors and intent as people interact with critical data and IP; today, less than a third are able to do so effectively.

What chess players can teach us about intelligence and expertise (Phys.org) Are experts more intelligent than non-experts or do they just work harder? And why do some people reach high levels of expertise, while others just remain amateurs? These are some of the questions that cognitive scientists have tried to answer for more than a century. Now our new research on chess players has started untangling the problem.

Academia

These college students invent things for the Pentagon, and maybe find a business (Washington Post) Defense Dept. scales up its Hacking for Defense program at more than a dozen universities.

APSU offering undergrad and grad programs in cybersecurity | ClarksvilleNow.com (ClarksvilleNow.com) Recent survey shows 64 percent of Americans have personally experienced a major data breach.

Legislation, Policy, and Regulation

India's cyberspace intelligence agency to be functional from June (The Economic Times) Sector specific computer emergency response teams (CERT) for industries such as power, communications etc, will also be created, Ravi Shankar Prasad, Union Minister for Electronics and IT said.

Government Needs Tougher Cyber Defence, Warn MPs - Acumin (Acumin) A new Public Accounts Committee report suggests that there has been a lack of cyber defense strategy coordination in the public sector.

Defense chief asks for plan on cyber reform (TheHill) New memo highlights organizational reforms

Mattis mulls consolidation in IT, cyber (FCW) In a Feb. 17 memo, Defense Secretary Jim Mattis told senior leadership to establish teams to look for duplication across the armed services in business operations, including in IT and cybersecurity.

The future of U.S. Cyber Command (Government Matters) Michèle Flournoy, CEO at the Center for a New American Security and former under secretary of defense for policy. They discussed the future of U.S. Cyber Command, cyber rules of engagement, and the cyber human capital pipeline.

Information Warfare: HVIs Wanted Dead Or Alive (Strategy Page) The U.S. Air Force recently revealed that during 2016 its component of U.S. Cyber Command (USCYBERCOM) conducted 4,000 Cyber War operations to obtain useful information (often about location) on more than 100,000 targets.

For the Navy, cyber defense has effects well beyond cyberspace (C4ISRNET) Cyber defense is more important than offensive action, according to the commander of Fleet Cyber, as it affords commanders trust in their data and decision making.

Navy Cyber Chief: Network Protection, Data Assurance Top Priorities (USNI News) The military services must deliver information and data to warfighters, from fleet commanders to pilots, that's timely, accurate, secure and not compromised by the growing threats from network intruders and attacks, the Navy's top cyber official told a San Diego defense conference.

Trump national security adviser will face Senate vote (Defense News) The president’s national security adviser doesn’t need Senate confirmation, but for President Trump’s pick, Lt. Gen. H.R. McMaster, it will be different.

The warrior-thinker Trump picked for national security adviser (Defense News) President Donald Trump named Lt. Gen. H.R. McMaster — considered to be one of the smartest strategists in the military today — as his national security adviser.

Obama officials: There's hope for cybersecurity under Trump (The Christian Science Monitor Passcode) At the Beat the Breach event during the RSA Conference in San Francisco this week, current and former US government officials expressed optimism about the state of cybersecurity under President Trump.

Federal Officials Should Disclose Vulnerabilities for Security’s Sake (FedTech) When feds discover a loophole, they need to weigh whether to share that information — or exploit it for intelligence on the perpetrator behind the threat.

Cybersecurity Requirements for Financial Services Companies (New York State Department of Financial Services) I, Maria T. Vullo, Superintendent of Financial Services, pursuant to the authority granted by sections 102, 201, 202, 301, 302 and 408 of the Financial Services Law, do hereby promulgate Part 500 of Title 23 of the Official Compilation of Codes, Rules and Regulations of the State of New York, to take effect March 1, 2017, to read as follows...

Litigation, Investigation, and Law Enforcement

Trump administration expands social media checks to cover Chinese visitors (South China Morning Post) US Department of Homeland Security proposes asking Chinese 10-year visa applicants for details of social media presence

Facebook fails in bid to get lawsuit over 'stolen' data centre designs thrown out (Computing) Facebook alleged to have stolen data centre intellectual property - and given it away to the Open Compute Project

Microsoft's Windows 10 privacy policies questioned by EU Article 29 Working Party (Computing) Microsoft asked to explain how private data from Windows 10 users is processed

Prison for former sysadmin who hacked industrial facility and... (HOTforSecurity) Are you a sysadmin who left your last job under a cloud? My advice is don't try and seek revenge by hacking into the company that fired you. You might end up with a lengthy prison sentence.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Cybersecurity: Defense Sector Summit (Troy, Michigan, USA, March 7 - 8, 2017) Don’t miss out on the opportunity to be a part of the conversation regarding how cybersecurity is impacting not only ground vehicles, but air and maritime platforms. What are the synergies amony Army,...

21st Colloquium, Cyber Security Education Innovation for the 21st Century (Las Vegas, Nevada, USA, June 12 - 14, 2017) The Colloquium for Information Systems Security Education (CISSE) provides a forum for dialogue among academia, industry and government. Protection of the information and infrastructure used to create,...

Upcoming Events

Insider Threat Program Development Training For NISPOM CC 2 (Simi Valley, CA, USA, February 22 - 23, 2017) Insider Threat Defense announced it will hold a 2 day training class on Insider Threat Program Development (NISPOM Conforming Change 2) on Feb. 22-23, 2017, in Simi Valley, CA. For a limited time the training...

Maritime & Port Security ISAO: Operationalizing Cyber Resilience (Cape Canaveral, Florida, USA, February 22 - 24, 2017) The Maritime & Port Security Information Sharing & Analysis Organization (MPS-ISAO) convenes its inaugural conference “Maritime & Port Cyber Resilience - Adding a New Layer of Cybersecurity” February 22-24,...

Risky Business (London, England, UK, February 23, 2017) How are you tackling Cyber Crime in the Property Transaction? Join our panel of expert speakers at the IET in London to find out more about cyber crime in the property transaction and the steps you can...

The 2nd China Automotive Cyber Security Summit 2017 (Shanghai, China, February 24, 2017) CACSS2017 will Provide a platform for Automotive OEMs, Tier 1 suppliers, Automotive security solution/ technology/products developers,Automotive electronics companies, IT companies, Mobile data suppliers,...

Second Annual International Security Conference (Riyadh, Saudi Arabia, February 27 - 28, 2017) The conference will facilitate national, regional and international collaboration between government, industry and critical infrastructure organizations. It will also feature investors who want to diversify...

SANS Dallas 2017 (Dallas, Texas, USA, February 27 - March 4, 2017) We are pleased to invite you to attend SANS Dallas 2017, on February 27- March 4 at The Westin Dallas Downtown, located in the heart of the city. We have selected several of our top information security...

Autonomous Vehicles Silicon Valley (Santa Clara, California, USA, February 28 - March 2, 2017) The road to autonomy: Regulation. Consumer Acceptance. Safety & Security. Explore the latest technologies and hottest issues for the autonomous vehicles industry.

The Cyber Security Summit: Denver (Denver, Colorado, USA, March 1, 2017) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts.

International Cyber Risk Management Conference (ICRMC) (Toronto, Ontario, Canada, March 2 - 3, 2017) The third annual International Cyber Risk Management Conference (ICRMC) brings together a world class roster of experts with cross-sector, global and multidisciplinary expertise to share knowledge, lessons ...

SANS San Jose 2017 (Milpitas, California, USA, March 6 - 11, 2017) Securing and defending your network has never been more important as attacks and breaches make the news daily. Gain the skills and tools you need to win the battle against the wide range of cyber adversaries...

15th annual e-Crime & Cybersecurity Congress (London, England, UK, March 7 - 8, 2017) Europe's largest and most sophisticated gathering of senior cybersecurity professionals from international business, governments, law enforcement and intelligence agencies.

ISSA Mid Atlantic Security Conference (Rockville, Maryland, USA, March 10, 2017) Join us for a full day of training by industry leaders discussing some of the latest topics in tactics and techniques for preparing for cyber-attacks. This conference will feature a variety of presentations...

Investing in America’s Security: Cybersecurity Issues (Jersey City, New Jersey, USA, March 10, 2017) Please join us for the 5th Annual Northeast Regional Security Education Symposium hosted by the Professional Security Studies Department at New Jersey City University. The Symposium’s keynote address will...

IAPP Europe Data Protection Intensive 2017 (London, Englan, UK, March 13 - 16, 2017) Set in London, the Data Protection Intensive delivers innovative solutions to today’s top privacy and data protection challenges. Known for its exceptional programming, the Intensive has come into its...

Rail Cyber Security Summit (London, England, UK, March 14 - 15, 2017) Now in its second year, the event will take place at the Copthorne Tara Kensington hotel in London between March 14th and 15th 2017 and will feature a range of experts from the rail transport industry,...

CyberUK 2017 (Liverpool, England, USA, March 14 - 16, 2017) Announcing the UK government's flagship IA and cyber security event, for 2017. This is a three day event that will bring together cyber security leaders and professionals from across the UK’s information...

Cybersecurity: The Leadership Imperative (New York, New York, USA, March 16 - 17, 2017) Cyber risk impacts every element of your organization – and even the most brilliant information security expertise must be supported by a cross-functional cybersecurity structure and culture to succeed.

BSides Canberra (Canberra, Australia, March 17 - 18, 2017) BSidesCbr is a conference designed to advance the body of Information Security knowledge, by providing an annual, two day, open forum for discussion and debate for security engineers and their affiliates.

Cyber Resilience Summit: Securing Systems inside the Perimeter (Reston, Virginia, USA, March 21, 2017) As the journey to secure our nation’s IT cyber infrastructure gains momentum, it is important to apply proven standards and methodologies that reduce risk and help us meet objectives for acquiring, developing...

European Smart Grid Cyber Security (London, England, UK, March 21 - 22, 2017) European Smart Grid Cyber Security 2017 offers a unique opportunity to network with senior experts in cyber security from government, utilities, TSOs, regulators, solution providers, security consultants,...

Maryland Cybersecurity Awards Celebration (Baltimore, Maryland, USA, March 22, 2017) Help us celebrate the best and brightest of the Maryland cyberscurity community as we honor the companies, organizations, and individuals that have protected businesses and government agencies with their...

SANS Pen Test Austin 2017 (Austin, Texas, USA, March 27 - April 1, 2017) Every organization needs skilled people who know how to find vulnerabilities, understand risk, and help prioritize resources based on mitigating potential real-world attacks. That's what SANS Pen Test...

IT Security Entrepreneurs' Forum Bridging the Gap Between Silicon Valley & the Beltway (Mountain View, California, USA, March 28 - 29, 2017) SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment community in an open, collaborative environment focused...

Insider Threat 2017 Summit (Monterey, California, USA, March 29 - 30, 2017) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical...

2nd Annual Billington International Cybersecurity Summit (Washington, DC, USA, March 30, 2017) The 2nd Annual Billington International Cybersecurity Summit on March 30, 2017 at the National Press Club in Washington, DC will feature over 300 world class cybersecurity decision-makers from allied nations...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.