skip navigation

More signal. Less noise.

Daily briefing.

Late yesterday afternoon Apple released new versions of iOS and macOS Sierra that close significant code execution vulnerabilities the operating systems share. In addition to these major releases, Cupertino also released a set of significant patches for Safari, iCloud for Windows, and watchOS. Users are being encouraged to update quickly.

Check Point's disclosure, to Google, that a new HummingBad variant, HummingWhale (so called because it's a bigger deal), was infesting the Google Play Store has prompted a purge of compromised apps from that store. HummingWhale essentially serves a fake referrer scam. It represents an advance in stealth over its predecessors.

Since there's proverbially no honor among thieves, thieves are themselves on guard against their own kind. A new service has appeared in the hacker souk that aims to enable criminals to gauge the reliability of their co-conspirators: Ripper dot cc, which Motherboard characterizes as "the Yelp for cybercrime." Hoods are invited to share information on rippers, that is, criminals who fail to deliver the goods they promise.

The UK's GCHQ is looking for a new director, as Robert Hannigan tenders his resignation.

In industry news, Yahoo! says that it will delay Verizon's planned acquisition of Yahoo!'s core assets until the second quarter of 2017. The future of the deal, says Yahoo! still "looks bright." The SEC has undertaken fresh investigations of Yahoo!'s two major breaches. Elsewhere, IBM is buying Agile 3 Solutions for an undisclosed sum. Landesk and Heat Software, having merged, become Ivanti, and Microsoft Ventures backs Illusive Networks.

Notes.

Today's issue includes events affecting Australia, Canada, China, European Union, Iran, Russia, Saudi Arabia, United Kingdom, United States.

A note to our readers: when you subscribe to the CyberWire, don't forget to complete your registration by confirming it when you receive your email invitation to do so.

In today's CyberWire podcast we hear from our partners at the Ben Gurion University of the Negev, as Yisroel Mirsky takes up the vulnerabilities to which 3D printers are susceptible.

A special edition of our Podcast is still up and available. It covers buying cyber security. Every day there seems to be a new security product on the market, with many of them claiming to provide something that you simply can’t live without. Companies appear and disappear, and businesses are faced with difficult, confusing, and often expensive choices. In this CyberWire special edition, we explore how businesses are navigating the process of choosing products and technologies in a crowded marketplace. We talk to some key stakeholders to find out what drives their purchasing decisions, and what they wished their vendors knew before they came knocking on their doors.

Top 10 Cyber Incident Pain Points: Are You Prepared? (Webinar, January 26, 2017) In a world where compromise is always a risk, one of the best ways to protect your organization is by ensuring that your response capabilities are effective, and one of the most valuable steps in strengthening a response capability is learning from others’ experiences. This webinar will discuss many issues that security professionals deal with when responding to incidents, and how they can address them.

Women in Cyber Security (Tucson, AZ, USA, March 31 - April 1, 2017) With support from various industry, government and academic partners, WiCyS has become a continuing effort to recruit, retain and advance women in cybersecurity. It brings together women in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring.

Cyber Attacks, Threats, and Vulnerabilities

Researchers find link between cyber espionage group and Saudi hacking campaign - CyberScoop (Cyberscoop) Reports from Symantec suggest that a series of recent intrusions share some similarities with Shamoon, an infamous 2012 hacking operation.

Hacker Group Claims Responsibility for Lloyds Bank Outages, Ransom Demand (BleepingComputer) A group of at least two hackers has tried to extort a ransom payment from the Lloyds Banking Group according to a copy of an email the hackers sent to a high-ranking executive.

HummingBad malware returns; new variant hides in Google Play apps - SD Times (SD Times) Check Point Software discovered a new variant of the sophisticated malware known as HummingBad

A Whale of a Tale: HummingBad Returns | Check Point Blog (Check Point Blog)   Check Point researchers have found a new variant of the HummingBad malware hidden in more than 20 apps on Google Play. The infected apps in this campaign were downloaded several million times by unsuspecting users. Check Point informed the Google Security team about the apps, which were then removed from Google Play. This new …

Was The Guardian’s WhatsApp reporting “irresponsible” or fake news? (The Conversation) The Guardian has drawn the ire of a large number of cryptography and security experts by publishing a story claiming that WhatsApp has a security backdoor that would allow it, or governments, to snoop…

Researchers predict upsurge of Android banking malware - Help Net Security (Help Net Security) Source code for creating a potent Android banking Trojan have been leaked, and researchers are expecting an onslaught of malware based on it.

UK Firms Warned of Fake Ransomware Scams (Infosecurity Magazine) UK Firms Warned of Fake Ransomware Scams. Citrix claims 40% have experienced ‘bluff’ ransomware, with many paying up

Report: Half of ransomware's SMB victims pay up (CSO Online) More than 50 percent of small and midsized businesses have fallen victim to ransomware, and, of those, 48 percent paid a ransom, according to a report released today by Ponemon Institute and Carbonite.

Three Medical Data Breaches Expose 242,600 Patients' PHI (eSecurity Planet) The exposed data includes names, Social Security numbers, birthdates, contact details, medical record numbers and/or clinical information.

ThePirateBay.org goes down; dark web domain is up and running (HackRead) You are not alone; the ThePirateBay.org (TPB) domain is offline worldwide. The reason for this outage is unclear, but the good news is that you can still a

Online Dating Fraud Hits Record High (Infosecurity Magazine) The number of people defrauded in the UK by online dating scams reached an all-time high in 2016

This ‘Yelp for Cybercrime’ Wants to Help Hackers Avoid Getting Scammed (Motherboard) There’s now a website where cybercriminals can name and shame other cybercriminals who have swindled them.

Why Dependence On Cloud Providers Could Come Back And Bite Us (Dark Reading) It's time to re-evaluate the cloud policies you have in place. And if you're not learning from the mistakes of others, you're doomed to repeat them.

Security Patches, Mitigations, and Software Updates

Apple Patches Critical Kernel Vulnerabilities (Threatpost | The first stop for security news) Apple released updates across its product lines, including iOS 10.2.1, patching a number of critical code execution vulnerabilities in the kernel, libarchive and WebKit.

Apple issues security patches for... just about everything (WeLiveSecurity) If you have a piece of Apple technology in your house or office, chances are that it's time you updated it.

Update Your iPhone Right Now (WIRED) Apple just released an iOS update full of security fixes that you need to jump on.

Widely used WebEx plugin for Chrome will execute attack code—patch now! (Ars Technica) Publicly known “magic string” lets any site run malicious code, no questions asked.

Symantec revokes faulty security certificates | ZDNet (ZDNet) The cybersecurity firm has once again been left red-faced after issuing insecure certificates.

Apps Carrying HummingBad Variant Booted From Google Play (Threatpost | The first stop for security news) Google has removed 20 apps from Google Play that were spreading a variant of the HummingBad Android malware called Hummingwhale.

Microsoft Reveals Windows Defender Security Center Scheduled for Creators Update (BleepingComputer) The Windows 10 Creators Update scheduled for launch later this year will include an upgrade of the default Windows Defender antivirus, which will feature a new settings panel named the Windows Defender Security Center.

Cyber Trends

The Rise of Ransomware (Carbonite) Small business owners have enough on their plates, such as wearing many different hats and managing the critical day-to-day elements of their businesses. Security can easily become a low priority. Many brush off high-profile cyber-attacks frequently reported in the media as they assume most are happening to large, global brands, governments or celebrities.

Zero Day Exploits Will Rise From Once per Week to Once Per Day in 2021 (Canadian Insider) New Cybersecurity Ventures report offers insight for CISOs and IT security teams

Privacy Is a Basic Human Right… and Good for Business, Too (Cisco Blogs) We humans love to share and communicate. From the beginning of recorded history, we’ve sought connection, culture, and commerce by sharing aspects of ourselves with others. But we also want to be left alone without undue interference to lead our lives. So how do we solve this dichotomy?

Hollywood cybersecurity vs. Vegas cybersecurity (The Christian Science Monitor) The cybersecurity we see in movies and TV often takes some creative license (we’re looking at you, CSI), but the stuff on stage in Vegas conferences can be just as far removed from the day-to-day practice of cybersecurity, too.

Enterprise Encryption and Authentication Usage (Echoworx) Osterman Research conducted a primary market research survey on behalf of Echoworx. The goal of the survey was to query encryption-focused decision makers and influencers in organizations of various sizes about their organizations’ plans for the deployment of encryption technologies, twofactor authentication and related issues.

One in Three Web Visitors is an Attack Bot (Infosecurity Magazine) One in Three Web Visitors is an Attack Bot. Report claims 94% of websites experienced an attack last year

The Rise of Cyber Threats (Norwich University) The Internet is a real entity but its intangible nature creates a big challenge for security experts. As they try to secure businesses and countries against threats to their cyber-safety, it is helpful to analyze data from the past, recent statistics, and to review forecasts regarding future threats.

Marketplace

Yahoo sale to Verizon delayed as data breaches investigated (Computing) Yahoo announces that its sale will be shifted into the second quarter.

Amid security questions, Yahoo says it's delaying merger with Verizon (NBC News) The Wall Street Journal reported that regulators are investigating whether Yahoo disclosed two massive breaches to its investors in a timely manner.

Avaya Bankruptcy Sends Clear Message to Legacy IT Makers (eWeek) Avaya's bankruptcy is significant news due to the fact Avaya is the world's largest and most widely installed legacy on-premises communications systems provider.

IBM Just Bought This Startup to Boost Cybersecurity (Fortune) A former IBM executive will rejoin the company.

LANDESK and HEAT Software Merge to Form Ivanti (Yahoo! Finance) Clearlake Capital Group, L.P. (together with its affiliates, "Clearlake") today announced it has completed the acquisition of LANDESK. In conjunction with the transaction close, LANDESK and HEAT Software announced the two.

QuintessenceLabs Sees Additional Investment from Westpac Group to Strengthen Partnership (Yahoo! Finance) QuintessenceLabs today confirmed it has received an additional capital investment from Westpac Group, increasing the company's stake from approximately 11 percent to 16 percent. QuintessenceLabs is expanding ...

Microsoft Ventures backs Illusive Networks, a cybersecurity firm that protects with deception (TechCrunch) Illusive Networks, a cybersecurity startup based out of Israel that protects networks by building "deception" frameworks to identify and trap malicious..

US Army Bug Bounty Program Fixes 118 Flaws - Dark Reading (Dark Reading) The Hack the Army program, sponsored by the US Army, received 400 bug reports and paid more than $100,000 to hackers who found 118 unique bugs.

Root9B to Support Chiron on Cyber Operational Training for DoD Under $50M Contract (ExecutiveBiz) Root9B has partnered with Chiron Technology Services to deliver cyber operational training to the Defense Department under the team’s potential five-year, $50 million contract. Root9B will provide cyber operations, incident response, threat emulation and network defense training that will work to prepare cybersecurity teams to defend against evolving cyber threats, the Colorado Springs, Colorado-based firm said Thursday. The...

Microsoft mulls cutting UK datacenter investment amid Brexit concerns (Ars Technica) Company currently depends heavily on EU-assembled systems and EU-wide data sharing.

New Board Members of the Anti-Phishing Working Group Join the Fight Against Attacks on US Democracy and $3B in Internet Crime Business Losses (Yahoo! Finance) The Anti-Phishing Working Group is pleased to announce the appointment of three new members to its Board of Directors. Brad Wardman, PhD. of PayPal, Dave Piscitello of ICANN, and Pat Cain of The Cooper Cain Group have joined the APWG Board of Directors.

Products, Services, and Solutions

SndrBlock will let you send huge files and secure messages (VentureBeat) Secure messaging company Sndr is launching a crowdfunding campaign on Kickstarter today for SndrBlock, a palm-sized device that lets you share huge files in a secure way.

ThreatQuotient and Vandis Partner to Customize Threat Intelligence for Accelerated Detection and Response (BusinessWire) Partnership provides customers with best-in-class threat operations and management, better understanding of how attackers see their networks.

WatchGuard Threat Detection and Response Adds Complete Network and Endpoint Visibility to Total Security Suite (PRNewswire) WatchGuard® Technologies, a leader in advanced network security solutions,...

New realtime detection and extraction solution prevents JavaScript-based cyberattacks including sophisticated ransomware (prcenter) To offer enterprises and organizations advanced network solutions for protection against script-based cyberattacks, leading IT security vendor Infotecs uses the new realtime JavaScript detection and extraction capabilities of Rohde & Schwarz Cybersecurity’s DPI engine in their next-generation firewall.JavaScript attacks are devastating, especially for companies and organizations.

Bromium Mobilizes Army of Endpoints to Fight the Cyber Drug War (MarketWired) Bromium supports enterprise innovation by giving users their freedom back, through launch of new virtualization-based security platform.

Technologies, Techniques, and Standards

Effective ICS cyber defense methods - Help Net Security (Help Net Security) This article focuses on effective cyber defense methods which are capable protecting the ICS section by using proven IT defense technologies.

St Jude case highlights ongoing divide over ‘responsible bugs disclosure’ (Naked Security) Disclosing bugs and vulnerabilities is ‘the free market.

How to keep branch offices as secure as corporate HQ (CSO Online) Satellite worksites can cause big headaches for tech pros tasked with keeping company assets secure. We talked to a number of tech pros to find out more about the dangers—and the solutions.

Real-time network health management: Closing the gap between known and unknown threats - Help Net Security (Help Net Security) To create network situational awareness with visibility of IT assets, you need integrative capacity, scalability and real-time assessment capabilities.

Data Privacy Experts Reveal how to Comply with the EU General Data Protection Regulation (GDPR) (WALB) Anonos Inc. (Anonos), in partnership with the International Association of Privacy Professionals (IAPP), announces a timely webinar on the impact of the EU General Data Privacy Regulation (GDPR) on global data analytics and artificial intelligence (AI)

How Cybercriminals Hack Facebook, Instagram and Snapchat Passwords - Heimdal Security Blog (Heimdal Security Blog) Here are the methods cybercriminals use to hack your Instagram, Facebook or Snapchat password.

Social Media Offers Tools to Improve Mental Health, Reduce Suicide (DoD LIve) The Defense Department makes the total fitness of service members a top priority, and that includes mental health and suicide prevention. Military suicide is the culmination of complex interactions among biological, social, economic, cultural and psychological factors operating at the individual, community and societal levels.

Design and Innovation

Lavabit developer has a new encrypted, end-to-end email protocol (CSO Online) The developer behind Lavabit, an email service that noted leaker Edward Snowden used, is releasing source code for an open-source end-to-end encrypted email standard that promises surveillance-proof messaging.

Machine Learning In Cybersecurity Warrants A Silver Shotgun Shell Approach - Dark Reading (Dark Reading) When protecting physical or virtual endpoints, it's vital to have more than one layer of defense against malware.

What’s next for blockchain and cryptocurrency (TechCrunch) In May of 2010, someone on a Bitcoin forum by the name of Lazlo claimed to have bought two pizzas for 10,000 bitcoins. It was the first time anyone had..

Video: How to create a secure password, as told by a 12 year old (The Christian Science Monitor) A young New Yorker started her own business to sell secure passwords.

Research and Development

Mental “vaccine” protects both parties from plague of fake news and lies (Ars Technica) Republican or Democrat, preemptive facts and info can thwart partisan tripe.

Academia

CyberPatriot Announces 2017 CyberCamp Program (Yahoo!) The Air Force Association's (AFA) CyberPatriot program will be hosting its third round of CyberCamps throughout the United States this summer. Registration will be open from March 1 through May 1, 2017. Closing with a record 85 camps in 2016

Legislation, Policy, and Regulation

Narrative, Cyberspace and the 21st Century Art of War (Fifth Domain | Cyber) In February 2013, an article insipidly entitled “The Value of Science in Prediction” appeared in the Russian publication Military-Industrial Courier. The article was penned by Valery Gerasimov, chi…

Russia, Hacking and Industry's "New" Normal | WashingtonExec (WashingtonExec) In today's interconnected society, it won't just be governments who are subjected to geopolitical cyberattacks: industries are targets too.

China announces mass shutdown of VPNs that bypass Great Firewall (Ars Technica) China says all VPN providers must get permission from government to operate.

Three Observations on China's Approach to State Action in Cyberspace (Lawfare) We just returned from 36 hours in Beijing as part of a small group of American academics and government representatives to meet with Chinese counterparts about contemporary issues in cybersecurity.

Net PoliticsThe Continued Importance of the U.S.-China Cyber Dialogue - Net Politics (Council on Foreign Relations - Net Politics) During the second week of January, I was in Beijing for the tenth round of the Center for Strategic and ...

Turnbull declares cyber security 'the new frontier of warfare' (ABC News) Malcolm Turnbull declares cyber security the new frontier of warfare and espionage, while announcing new measures to protect Australian democracy from foreign interference.

Deloitte: Australia needs to beef up cyber-security - Manufacturers' Monthly (Manufacturers' Monthly) Financial services firm Deloitte has warned that Australian governments and businesses need to toughen their defences against cyber attacks, according to Sky News. Australia currently has the fifth highest level of cyber attacks in the world and Deloitte says that distributed denial of service attacks (DDOS) will become more sophisticated, harder to combat and more … Continue reading Deloitte: Australia needs to beef up cyber-security →

Labor accuses Malcolm Turnbull of putting politics ahead of cyber security (the Guardian) Prime minister says Labor, Nick Xenophon and Greens were all invited to a briefing, but they have no record of this and only found out through the media

The Knowns and Unknowns of Trump’s Cyber Plan (Defense One) Questions surround how the new president will tackle cybersecurity.

54% of Americans say existing cyber security laws aren't getting the job done - Help Net Security (Help Net Security) Americans want to see a pressing need to modernize laws dealing with the digital economy and stepped up efforts to combat cybercrime.

Senate confirms Trump's pick to run the CIA (Military Times) The Senate on Monday confirmed President Donald Trump's nominee to run the CIA despite some Democratic objections that Rep. Mike Pompeo has been less than transparent about his positions on torture, surveillance and Russia's meddling in the U.S. election.

Cyber Expert Named as DHS Chief of Staff (Meritalk) The Department of Homeland Security announced last week that Kirstjen Nielsen will serve as the agency’s new chief of staff.

Federal CISO Touhill Leaves Public Service with Appreciation, Advice (Fifth Domain | Cyber) The federal government should concentrate less on new policies and more on optimizing organizational architecture and culture to support what exists, recommends former Federal Chief Information Sec…

GCHQ director Robert Hannigan resigns (Infosecurity Magazine) GCHQ director Robert Hannigan resigns citing personal reasons

Litigation, Investigation, and Law Enforcement

FBI reviewed Flynn’s calls with Russian ambassador but found nothing illicit (Washington Post) The diplomat’s communications are routinely swept up by U.S. agents.

FBI found no wrongdoing in Flynn’s calls with Russia: report (TheHill) An FBI review of communications between Russia’s ambassador to the U.S. and President Trump’s national security advisor did not produce any incriminating evidence, The Washington Post reported Monday night.

Pune: Two more arrested in Quick Heal fraud case (The Indian Express) The incident has allegedly caused the firm a loss of about Rs 900 crore.

Inside Minnesota’s Risky Plan to Deradicalize Young ISIS Recruits (WIRED) A new program aims to transform homegrown ISIS recruits back into normal young Americans.

Man who spent $96k in stolen veterans funds on online porn gets prison (Ars Technica) Prosecutors said he “got ‘sucked in’ and continued to do it because it was fun.”

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

BlueHat IL (Tel Aviv, Israel, January 24 - 25, 2017) Announcing BlueHat IL – a special edition of Microsoft's leading cyber security conference for top professionals, to be held for the very first time in Tel Aviv, Israel. Over the past 10 years, BlueHat conferences have drawn the brightest minds in security to discuss key industry challenges. And now, BlueHat IL is here to crank it up by exploring and creating new cyber security thoughts and boundaries. This exclusive, by invitation only, single track event will host top cyber security professionals from around the world, who will come together to tackle the present and peek into the future. It will feature brilliant speakers and focus on breakthrough research, key trends and emerging threats in the field. Registration closes December 28.

SANS Cyber Threat Intelligence Summit & Training 2017 (Arlington, Virginia, USA, January 25 - February 1, 2017) Join SANS at this innovative Summit as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities. Most organizations are familiar with threat intelligence, but...

Blockchain Protocol and Security Engineering (Stanford, California, USA, January 26 - 27, 2017) This conference will explore the use of formal methods, empirical analysis, and risk modeling to better understand security and systemic risk in blockchain protocols. The conference aims to foster multidisciplinary...

CyberTech (Tel Aviv, Israel, January 30 - 31, 2017) Cybertech is the most significant conference and exhibition of cyber technologies outside of the United States. Cybertech provides attendees with a unique and special opportunity to get acquainted with...

Enigma (Oakland, CA, USA, January 30 - February 1, 2017) Join a diverse mix of experts and enthusiasts from industry, academia, and government for three days of presentations and open sharing of ideas. Our focus is on current and emerging threats and defenses...

National Credit Union - Information Sharing & Analysis Organization - 2017 Tech Conference (Cape Canaveral, Florida, USA, January 31 - February 2, 2017) Join us for three days of Cyber Security topics that are pertinent to Credit Union cyber resilience, real-time security situational awareness information sharing, and coordinated response in the global...

Southern Virginia - Cyber Security Lunch & Learn (Norfolk, Virginia, USA, February 2, 2017) Cyber security experts discuss security incident response. Dealing with cyber security risk is an exercise in managing daily chaos. Organizations know they need to improve their posture but common roadblocks...

Insider Threat Program Development Training For NISPOM CC 2 (Toms River, NJ, USA, February 6 - 7, 2017) Insider Threat Defense announced it will hold a 2 day training class on Insider Threat Program Development (NISPOM Conforming Change 2) on Feb. 6-7, 2017, in Toms River, NJ. For a limited time the training...

The Risks and Benefits of Artificial Intelligence and Robotics (Cambridge, England, UK, February 6 - 7, 2017) The Risks and Benefits of Artificial Intelligence and Robotics Workshop aims to provide media and security professionals with an in-depth understanding of the implications that the rapid advancement of...

SANS Southern California - Anaheim 2017 (Anaheim, California, USA, February 6 - 11, 2017) Learn practical, relevant tips and techniques from industry leaders. Join us for SANS Southern California - Anaheim 2017, and choose from eight courses on cyber defense, penetration testing, incident response,...

Workplace Violence & Response To Active Shooter Events Meeting (Laurel, Maryland, USA, February 9, 2017) The National Insider Threat Special Interest Group (NITSIG) will be hosting a meeting on February 9, 2017, at the Johns Hopkins University Applied Physics Laboratory, Laurel, MD. The meeting will be exclusively ...

RSA Conference 2017 (San Francisco, California, USA, February 13 - 17, 2017) The current state of cybersecurity means there are many opportunities for the industry as a whole to collaborate on new innovations. Discovering the next great opportunity will require everyone to embrace...

Using STIX/TAXII to share automated cyber threat data (San Francisco, California, USA, February 15, 2017) Cybersecurity experts representing the financial sector, healthcare, utilities, software providers, government, academia and nonprofits continue to define/develop the STIX/TAXII specifications as the solid...

Insider Threat Program Development Training For NISPOM CC 2 (Simi Valley, CA, USA, February 22 - 23, 2017) Insider Threat Defense announced it will hold a 2 day training class on Insider Threat Program Development (NISPOM Conforming Change 2) on Feb. 22-23, 2017, in Simi Valley, CA. For a limited time the training...

SANS Dallas 2017 (Dallas, Texas, USA, February 27 - March 4, 2017) We are pleased to invite you to attend SANS Dallas 2017, on February 27- March 4 at The Westin Dallas Downtown, located in the heart of the city. We have selected several of our top information security...

Autonomous Vehicles Silicon Valley (Santa Clara, California, USA, February 28 - March 2, 2017) The road to autonomy: Regulation. Consumer Acceptance. Safety & Security. Explore the latest technologies and hottest issues for the autonomous vehicles industry.

The Cyber Security Summit: Denver (Denver, Colorado, USA, March 1, 2017) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts.

International Cyber Risk Management Conference (ICRMC) (Toronto, Ontario, Canada, March 2 - 3, 2017) The third annual International Cyber Risk Management Conference (ICRMC) brings together a world class roster of experts with cross-sector, global and multidisciplinary expertise to share knowledge, lessons ...

SANS San Jose 2017 (Milpitas, California, USA, March 6 - 11, 2017) Securing and defending your network has never been more important as attacks and breaches make the news daily. Gain the skills and tools you need to win the battle against the wide range of cyber adversaries...

15th annual e-Crime & Cybersecurity Congress (London, England, UK, March 7 - 8, 2017) Europe's largest and most sophisticated gathering of senior cybersecurity professionals from international business, governments, law enforcement and intelligence agencies.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.