skip navigation

More signal. Less noise.

Daily briefing.

Saudi Arabia is concerned about the latest rounds of Shamoon 2, which this week are disclosed to have hit chemical industry targets as well as the Labor Ministry. These incidents indicate a shift in Shamoon 2's target set: the November attacks involving the malware most prominently focused on aviation operations.

Check Point warns of "Charger," a newly discovered ransomware strain found in the EnergyRescue app in the Google Play Store. Google's Android security team has managed to interdict the malware before it reached the point of mass infection. In the case of Charger, the extortionists' threat is release, sale, or other abuse of stolen data, mostly contacts and SMS messages. "All your data is already stored on our servers!" crow the hoods, who demand $180 in protection money. The malware was available for about four days before being taken down; the incident moves Ars Technica to skepticism about the effectiveness of Play Store security scans.

zScaler and Malwarebytes are warning that two newly evolved remote access Trojans (RATs) are circulating in the wild. zScaler reports that SpyNote is flying the false flag of a Netflix app. Malwarebytes says that the well-known AndroRAT has become more stable, added new functionality, and increased its obfuscation.

It seems a "vigilante" (as Motherboard characterizes the actor) is finding poorly secured databases and inserting an empty folder into them to warn admins. 

Cisco is patching its WebEx Chrome Plug-in. Users are advised to update.

In industry news, RiskIQ buys Maccabim; Verizon says nothing about Yahoo!

Notes.

Today's issue includes events affecting Australia, Ecuador, Estonia, Russia, Saudi Arabia, Sweden, United Kingdom, United States.

In today's CyberWire podcast we hear from our partners at Lancaster University, as Awais Rashid describes how Internet-of-things vulnerabilities affect healthcare. Our guest is Michael Lipinski from Securonix on claims that the Anthem data breach was the work of a nation-state (he's skeptical).

A special edition of our Podcast is still up and available. It covers buying cyber security. Every day there seems to be a new security product on the market, with many of them claiming to provide something that you simply can’t live without. Companies appear and disappear, and businesses are faced with difficult, confusing, and often expensive choices. In this CyberWire special edition, we explore how businesses are navigating the process of choosing products and technologies in a crowded marketplace. We talk to some key stakeholders to find out what drives their purchasing decisions, and what they wished their vendors knew before they came knocking on their doors.

Top 10 Cyber Incident Pain Points: Are You Prepared? (Webinar, January 26, 2017) In a world where compromise is always a risk, one of the best ways to protect your organization is by ensuring that your response capabilities are effective, and one of the most valuable steps in strengthening a response capability is learning from others’ experiences. This webinar will discuss many issues that security professionals deal with when responding to incidents, and how they can address them.

Women in Cyber Security (Tucson, AZ, USA, March 31 - April 1, 2017) With support from various industry, government and academic partners, WiCyS has become a continuing effort to recruit, retain and advance women in cybersecurity. It brings together women in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring.

Cyber Attacks, Threats, and Vulnerabilities

Saudi Arabia just got hit with another cyber attack (StepFeed) It's the second cyberattack in three months

Saudi Arabia warns over cyber attacks as labor ministry hit - Saudi Gazette (Saudi Gazette) Saudi Arabia warned organizations in the Kingdom on Monday to be on the alert for cyber attacks including a version of the destructive Shamoon virus, as a chemicals firm reported a network disruption and the Ministry of Labor and Social Development said it had been attacked. An alert from the telecoms authority advised

Charger mobile ransomware steals contacts and SMS messages (Help Net Security) Charger mobile ransomware locks the device and displays a message demanding payment. The ransom demand is for 0.2 Bitcoins or roughly $180.

Ransomware app hosted in Google Play infects unsuspecting Android user (Ars Technica) "ALL YOUR DATA IS ALREADY STORED ON OUR SERVERS!" malicious app warned.

Smartphone Ransomware Is a Looming Threat (Consumer Reports) Smartphone ransomware attacks are spreading, Consumer Reports notes, and researchers say they've found malware called Charger in a Google Play Store app.

Severe vulnerability in Cisco's WebEx extension for Chrome leaves PCs open to easy attack (CSO Online) If you have the Cisco WebEx Chrome browser extension installed make sure you're running the latest version.

SpyNote RAT posing as Netflix app (Cloud Security Solutions | Zscaler) As users have become more attached to their mobile devices, they want everything on those devices. There’s an app for just about any facet of one’s personal and professional life, from booking travel and managing projects, to buying groceries and binge-watching the latest Netflix series.

Mobile Menace Monday: AndroRAT Evolved (Malwarebytes Labs) An increasing amount of mobile malware known as Android/Trojan.AndroRAT has been seen in the wild lately.  AndroRAT is a contraction of Android and RAT (Remote Access Trojan)

Graftor Variant Leveraging Signed Microsoft Executable (Cylance) DLL hijacking is not a new technique by any means, but that makes it no less effective. The Cylance Threat Guidance team investigates how malware leverages this technique.

Android Pattern Lock ‘can be cracked in five attempts’ – here’s what to do (Naked Security) Wait, what? Android’s Pattern Lock can be easily cracked? Here’s some advice to help you secure your phone

Data Fragmentation Foments Big Security Gaps (Infosecurity Magazine) 76% of data security pros believe in the maturity of their data security strategy, but 93% report persistent technical challenges.

Malicious SVG Files in the Wild (SANS Internet Storm Center) In November 2016, the Facebook messenger application was used to deliver malicious SVG files to people [1]. SVG files (or "Scalable Vector Graphics") are vector images that can be displayed in most modern browsers (natively or via a specific plugin).

Researcher Finds Hidden Twitter ‘Star Wars’ Bot (Infosecurity Magazine) Researcher Finds Hidden Twitter ‘Star Wars’ Bot. Massive network of fake accounts linked to a single entity

Bad Bots Up Their Human Impersonation Game (Dark Reading) Every third website visitor was an attack bot in 2016, and humans represent just under half of all Internet traffic, new Imperva data sample shows.

A Vigilante Is Warning Admins of Open Databases Before They Get Hacked (Motherboard) Maybe this is the hero we need right now.

That online job candidate may be carrying a virus (CSO Online) LinkedIn and other social networks are becoming targets for threat actors since they know it's a great way to bypass company's defenses, according to cybersecurity firm Cylance. LinkedIn is typically a site that is not blocked by network filters to allow HR departments the freedom to communicate with prospective job candidates.

Hacker Selling 1 Billion user accounts stolen from Chinese Internet Giants (HackRead) A Dark Web marketplace is where you can buy anything from illegal drugs to weapons and several other products including digital goods. In a recent listing,

Clash of Clans Maker Hacked (Infosecurity Magazine) A vulnerability in the software it uses to run its forums allowed hackers to access forum user information.

St. Louis Public Library Recovers from Ransomware Attack (Threatpost | The first stop for security news) Services are being restored to the St. Louis Public Library computer system after a ransomware attack impacted access to machines and data at all 17 branches.

Even Cybercriminals Get Spammed (Motherboard) Including Russian-speaking crooks.

Security Patches, Mitigations, and Software Updates

Cisco Patches Critical Flaw in WebEx Chrome Plugin (Threatpost | The first stop for security news) Cisco has fixed a vulnerability in its WebEx extension for Chrome that allowed for remote code execution on computers running the plugin.

Cyber Trends

Majority of Organizations are in the Dark Regarding Daily Network Attacks, According to New Global Research from DomainTools (PRNewswire) DomainTools, the leader in domain name and DNS-based cyber threat...

Report: 111 billion lines of code will have to be secured this year - SD Times (SD Times) Report reveals the importance of application security and the increase of new software being written

Arbor: DDoS attacks growing faster in size, complexity - Cyberscoop (Cyberscoop) Arbor Networks, because it provides services to so many large internet providers, has visibility into about a third of all global internet traffic.

Bot Traffic Report 2016 (Imperva Incapsula) The annual Imperva Incapsula Bot Traffic Report, now in its fifth year, is an ongoing statistical study of the bot traffic landscape. For our latest report we examined 16.7+ billion visits to 100,000 randomly-selected domains on the Incapsula network to tackle the following questions

All-Time High of 1,093 Data Breaches Reported in U.S. in 2016 (eSecurity Planet) The number represents a 40 percent increase over the previous year, according to a recent report.

2016 Year End Data Breach Quickview Report (Risk Based Security) Get your complimentary copy of Risk Based Security's Year End 2016 Data Breach Quick View. Executive summary of data breaches.

Consumers worried about privacy more than ever - Help Net Security (Help Net Security) 84% of U.S. consumers expressed concern regarding the security of their PII and 70% told IDC that their concern is greater today than just a few years ago.

Key cloud adoption trends and challenges for government entities - Help Net Security (Help Net Security) Major barriers to cloud adoption are concerns about unauthorized access, the risk of losing control over data, as well as backup and recovery.

Report: Saudis aware of online risks, but hold businesses responsible for data breaches (Arab News) Saudi consumers place responsibility for protecting their personal data firmly on organizations holding their data — and not themselves, said a report.

Marketplace

IoT MSSPs market revenues to top $11 billion in 2021 - Help Net Security (Help Net Security) Industrial applications are set to be the core focus for IoT MSSPs with ABI Research forecasting overall market revenues to increase fivefold in 2021.

Verizon stays mum on Yahoo as customer growth rebounds (CNET) The Yahoo deal's supposed to be the next big step in Verizon's transformation, but it's on hold as both companies assess the impact of Yahoo's data breaches.

RiskIQ Deepens Digital Threat Mitigation Capabilities with Acquisition of Maccabim (BusinessWire) Increase in brand abuse, malvertising, spear phishing, spoofing requires more automated digital threat triage, legal coordination and response

Exclusive: Keysight Technologies explores acquisition of Ixia: sources (Reuters) Keysight Technologies Inc (KEYS.N), a provider of software and equipment to the electronics and wireless communications industries, is in talks to acquire U.S. data technology company Ixia (XXIA.O), according to people familiar with the matter.

Zuckerberg Charity Acquires Artificial Intelligence Startup | NewsFactor Network (News Factor) Philanthropic organizations do not typically make acquisitions, but that is exactly what the Chan Zuckerberg Initiative (CZI) is doing with search engine startup Meta to provide free access to researchers.

Cisco to buy app management vendor AppDynamics for US$3.7 billion (CRN Australia) Supporting transition toward software-centric solutions.

SentinelOne Secures $70 Million to Meet Growing Demand to Replace Traditional Antivirus - SentinelOne (SentinelOne) Series C Round Brings Total Funding to More Than $110 Million PALO ALTO, Calif.—January 25, 2017—SentinelOne, the company transforming endpoint security by delivering real-time protection powered by machine learning and dynamic behavior analysis, today announced it has raised an additional $70 million in Series C financing. The company plans to use this new infusion of... Read more »

Secret Double Octopus Raises $6M Series A (eSecurity Planet) Multi-factor security firm gets new financial backing as it takes aim at growing share in the authentication market.

This Cyber Security Play Should Be In Your Portfolio (Seeking Alpha) Check Point delivers the best ROIC in the cyber security landscape. Growth has rejuvenated due to a ramp up in sales efficiency. The cloud and advanced security

Check Point’s money machine: each revenue dollar converted to 50 cents of profit - Business (Haaretz) The Israeli company has stayed atop the international cybersecurity market by sticking to a winning formula.

Maryland’s two largest tech groups are merging (Baltimore Business Journal) Maryland's two largest technology associations — the Tech Council of Maryland and the Chesapeake Regional Tech Council — have merged, the groups announced Tuesday evening during the Maryland Policy and Leadership Dinner in Annapolis.

State leadership tours Fort Gordon cyber facilities (Augusta Chronicle) Georgia leaders will be in Augusta on Tuesday to take a look at the developing cybersecurity missions at Fort Gordon and around the Augusta community.

Cybersecurity Veteran Ron Gula Joins Eastwind Networks Advisory Board (Yahoo! Finance) Eastwind Networks, the cybersecurity solutions and breach analytics cloud platform designed to provide visibility, forensics and incident response capabilities to enterprises, is thrilled to announce a new member to its Board of Advisors, Ron Gula.

WhiteHat Security Hires Accomplished IT Sales Leader Matthew Handler as Senior Vice President of Global Sales (JMI) WhiteHat Security, the only application security provider that combines the best of technology and human intelligence, today announced the appointment of strategic IT sales veteran Matthew Handler as the company’s Senior Vice President of Global Sales, effective immediately. Handler will oversee WhiteHat Security’s overall sales strategy and execution worldwide, as well as sales operations, solutions, and expanding the company’s strategic alliance partners and programs.

Products, Services, and Solutions

NSS Labs Releases Caws 2.2: A Cyber Threat Protection Platform Delivering Threat Discovery, Analysis And Automation (NSS Labs) NSS Labs, Inc., the global leader in operationalizing cybersecurity, today announced CAWS 2.2, a Cyber Threat Protection Platform and Cyber Threat Impact (CTI) Product to deliver comprehensive threat visibility, contextual threat analysis and security workflow automation. CAWS CTI is powered by NSS Labs’ BaitNET™ threat harness with over 40% unique threats and live exploits discovered in the wild, to deliver real-time, 24x7 threat discovery and analysis, with one-of-a-kind capture, harvest and replay technology.

NSFOCUS Introduces Comprehensive Web Application Security Solution (Yahoo! Finance) Complex attacks on web-based applications are on the rise, accounting for approximately 40 percent of all data breaches in 2016. To combat this growing threat, NSFOCUS, an intelligent hybrid security solutions provider, today introduced its Web Application Security solution – to ensure enterprises are

Cryptzone Named to CIOReview Magazine’s 20 Most Promising AWS Solution Providers (Cryptzone) AppGate, a Software-Defined Perimeter purpose-built for the AWS environment, earns accolade.

ThreatQuotient and Vandis Partner to Customize Threat Intelligence for Accelerated Detection and Response (Yahoo! Finance) ThreatQuotient™, a trusted threat intelligence platform innovator, today announced a strategic partnership with Vandis to better serve the threat operations and management needs of their shared customers.

Infoblox Launches ActiveTrust® Cloud to Extend Protection for Remote Workers and Branch Offices (Yahoo! Finance) Infoblox Inc., the network control company that provides Actionable Network Intelligence, today announced the global availability of Infoblox ActiveTrust ® Cloud. Delivered ...

New Akamai Tool Can Secure Remote Devices (Meritalk) Akamai released a tool on Jan. 24 that government agencies can use to secure their telecommuting employees’ devices.

Swimlane Integrates Its Automated Security Platform with HPE Security Arcsight ESM (Yahoo! Finance) Swimlane, a leader in automated incident response and security orchestration, announced today an integration with HPE Security Arcsight Enterprise Security Manager (ESM), HPE's comprehensive security information and event management solution that identifies

Google Home builds out its ecosystem with Honeywell and Belkin WeMo support (TechCrunch) Google was a bit late to the connected home party. The company’s Echo competitor Home officially launched in November of last year, and slowly but surely,..

Morphisec SIEM Integration substantially increases efficacy of security operations (Yahoo! Finance) Morphisec, leading developer of  Moving Target Defense (MTD) cybersecurity products, today announces integration with leading security incident and event ...

EdgeWave Boosts Security Capabilities and Granular Policy Management for its Industry Recognized iPrism Secure Web Gateway Solution (Marketwired) EdgeWave, Inc.® (www.edgewave.com), a cybersecurity firm based in La Jolla, California, announced today the release of EdgeWave iPrism™ Secure Web Gateway 8.1. This release is focused on delivering enhanced security and deeper, more granular policy control and management for enterprises

‘ShareSafe,’ From Logikcull, Arms Businesses in Critical Fight Against Data Breach and Cybercrime (BusinessWire) In a move that will go far in strengthening organizations’ ability to protect sensitive data from the rising tides of data breach and cybercrime, Logikcull, the leading provider of cloud-based Legal Intelligence solutions, has introduced an instant-sharing feature that provides critical safeguards around the most vulnerable business information.

Thycotic Releases Secret Server v10.1 (PRNewswire) Thycotic, a provider of privileged account management (PAM) and endpoint...

DuckDuckGo Search Engine Hits a Milestone with 14 Million Searches a Day (HackRead) DuckDuckGo is an Internet search engine which has been experiencing phenomenal growth culminating in the company hitting a milestone of 14 million searches

World’s most popular email server praised as ‘near-impenetrable’ (Naked Security) Exhaustive audit by external experts found only three minor flaws

Monero, the Drug Dealer’s Cryptocurrency of Choice, Is on Fire (WIRED) As the black market caught on to its anonymity properties, Monero became the fastest growing cryptocurrency of 2016.

Technologies, Techniques, and Standards

The Trouble With DMARC: 4 Serious Stumbling Blocks (Dark Reading) Popularity for the Domain-based Message Authentication, Reporting and Conformance email authentication standard is growing. So why are enterprises still struggling to implement it?

As attacks rise, we ask: how secure is your Hadoop installation? (Naked Security) As database break-ins spread, we offer some advice for checking on your installations

Can equipping your security team reduce the impact of a breach? (Infosecurity Magazine) After a year of breaches, Can equipping your security team reduce the impact?

What your security scientists can learn from your data scientists to improve cybersecurity (TechCrunch) Security remains one of the top unresolved challenges for businesses. Billions of dollars have been spent on security technology over the last 30 years, yet..

Four lesser-known WiFi security threats and how to defend against them (CSO Online) You’ve hardened your network against all the common weaknesses, now we’ll show you how to take your wireless security to the next level.

Design and Innovation

When is a blockchain not a blockchain? (Naked Security) Financial services businesses have taken the original blockchain concept in a new direction – so why are the purists so upset about Accenture’s approach?

Research and Development

US Intelligence seeks a universal translator for text search in any language (Ars Technica) MATERIAL program seeks help for analysts searching “low resource” languages.

Bitglass Awarded Patent for Agentless Mobile Security (Yahoo! Finance) Bitglass, the total data protection company, today announced it has been awarded a patent for agentless secure app access and selective wipe of corporate data on any device. The technology, covered by ...

Vencore supporting DARPA with jam-resistant networks (C4ISRNET) Vencore has been awarded a DARPA prime contract to develop jam-resistant networks.

Academia

Leidos to Sponsor Air Force Association’s Cyber Education Program; Chuck Heflebower Comments - GovCon Executive (GovCon Executive) Leidos will continue to sponsor the Air Force Association's cyber education program for the eighth consecutive year

Legislation, Policy, and Regulation

Cyberconscripts: Baltic draftees can choose IT over infantry (Bismarck Tribune) The tiny Baltic nation of Estonia is experimenting with the idea of cyberconscription, a move that gives draftees with tech skills the chance to work shoring

Trump and the Intelligence Community Deserve a Do-Over (The National Interest) How the new administration can recover from damage done during the 2016 election.

Need to Reorganize US Spy Agencies (Consortium News) On President Trump’s first full day in office, he went to the CIA and promised to back the nation’s spy agencies, but his time would be better spent downsizing the sprawling intelligence community, says Ivan Eland.

Digital Rights Activists Hail Trump’s Death Blow Against TPP (WIRED) But they worry about what future deals will mean for privacy and access.

Comcast, AT&T, and ISP lobbyists are excited about Trump’s FCC chair (Ars Technica) Ajit Pai repeatedly sided with ISPs on FCC rules, will be "formidable opponent."

Net Neutrality Advocates Blast Trump’s New FCC Boss Ajit Pai (Motherboard) Open internet activists fear Pai will reverse crucial free speech protections.

James Comey will reportedly stay on as FBI director in Trump's administration (Business Insider) President Donald Trump has reportedly asked James Comey to stay on as FBI director in his administration.

AG Nominee Backs Law Enforcement’s Ability to ‘Overcome’ Encryption (Threatpost | The first stop for security news) President Trump’s attorney general pick Jeff Sessions says law enforcement should be able to “overcome” encryption in criminal investigations.

CYBERCOM's new buying power now closer to reality (FederalNewsRadio.com) CYBERCOM is in the midst of creating its own acquisition office to handle its new spending authority.

Air Force CISO: Adversaries are watching you (C4ISRNET) Peter Kim, Air Force CISO, warned that adversaries are constantly monitoring public and private activity.

Integrating Cyber a Top Priority, Says Vice Adm. Michael Gilday (Fifth Domain) Since taking the helm of U.S. 10th Fleet Cyber Command in July, Vice Adm. Michael Gilday has worked to maximize his experience as a surface warfare officer and the former director of operations/J-3 at U.S. Cyber Command, among other past assignments.

Cyber Training Battalion Opens New Company in Oklahoma (Fifth Domain) A new Cyber Training Battalion company, Charlie, has been activated at Fort Sill in Lawton, Oklahoma, according to an article in The Lawton Constitution tweeted by the Army Cyber Command and Second Army.

Hiring freeze result of Trump team's review of federal agencies (FederalNewsRadio.com) President Donald Trump signed an executive order Monday implementing a federal hiring freeze.

OMB nominee Mulvaney open to expanding hiring freeze to contractors (FederalNewsRadio.com) Rep. Mick Mulvaney (R-S.C.) offered his first insights into his management ideas during nomination hearings to be the next director of OMB.

Worry more about attrition, not the 90-day hiring freeze, human capital experts say (FederalNewsRadio.com) HR experts say President Trump's hiring freeze leaves plenty of room for interpretation, and that attrition should worry agencies more than a 90-day freeze.

Litigation, Investigation, and Law Enforcement

ATO chooses PwC to investigate 2016's HPE storage failure (CRN Australia) Caused by HPE 3PAR failure.

UK courts experiencing surge in cyber-crime case load (Register) Value of fraud surpasses £1bn for first time in five years

Court denies US government appeal in Microsoft overseas email case (CSO Online) A U.S. appeals court will not reconsider its groundbreaking decision denying Department of Justice efforts to force Microsoft to turn over customer emails stored outside the country.

Court ruling stands: US has no right to seize data from world’s servers (Ars Technica) Outcome means hot-button privacy topic could reach US Supreme Court.

Decision looms on Assange extradition to Sweden (Fox News) Swedish authorities are getting closer to either indicting WikiLeaks founder Julian Assange for rape stemming from an incident in August 2010 or letting it drop, Fox News has learned.

Police in Indianapolis Have Had Stingray Cell Site Simulators Since 2012 (Motherboard) Previously unreported, the IMPD has had a StingRay since 2012, ascertained from their Non Disclosure Agreement with the FBI.

Ex-Goldman Sachs programmer found guilty, again, of source code theft (Ars Technica) Court: It's silly to let Sergey Aleynikov go free just because he stole digital files.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Risky Business (London, England, UK, February 23, 2017) How are you tackling Cyber Crime in the Property Transaction? Join our panel of expert speakers at the IET in London to find out more about cyber crime in the property transaction and the steps you can...

2017 Community College Cyber Summit (C3S) (National Harbor, Maryland, USA, June 28 - 30, 2017) 3CS is the only national academic conference focused on cybersecurity education at community colleges. Four tracks are available for college faculty and administrators, IT faculty who are involved or who...

Upcoming Events

SANS Cyber Threat Intelligence Summit & Training 2017 (Arlington, Virginia, USA, January 25 - February 1, 2017) Join SANS at this innovative Summit as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities. Most organizations are familiar with threat intelligence, but...

Blockchain Protocol and Security Engineering (Stanford, California, USA, January 26 - 27, 2017) This conference will explore the use of formal methods, empirical analysis, and risk modeling to better understand security and systemic risk in blockchain protocols. The conference aims to foster multidisciplinary...

CyberTech (Tel Aviv, Israel, January 30 - 31, 2017) Cybertech is the most significant conference and exhibition of cyber technologies outside of the United States. Cybertech provides attendees with a unique and special opportunity to get acquainted with...

Enigma (Oakland, CA, USA, January 30 - February 1, 2017) Join a diverse mix of experts and enthusiasts from industry, academia, and government for three days of presentations and open sharing of ideas. Our focus is on current and emerging threats and defenses...

National Credit Union - Information Sharing & Analysis Organization - 2017 Tech Conference (Cape Canaveral, Florida, USA, January 31 - February 2, 2017) Join us for three days of Cyber Security topics that are pertinent to Credit Union cyber resilience, real-time security situational awareness information sharing, and coordinated response in the global...

Southern Virginia - Cyber Security Lunch & Learn (Norfolk, Virginia, USA, February 2, 2017) Cyber security experts discuss security incident response. Dealing with cyber security risk is an exercise in managing daily chaos. Organizations know they need to improve their posture but common roadblocks...

Insider Threat Program Development Training For NISPOM CC 2 (Toms River, NJ, USA, February 6 - 7, 2017) Insider Threat Defense announced it will hold a 2 day training class on Insider Threat Program Development (NISPOM Conforming Change 2) on Feb. 6-7, 2017, in Toms River, NJ. For a limited time the training...

The Risks and Benefits of Artificial Intelligence and Robotics (Cambridge, England, UK, February 6 - 7, 2017) The Risks and Benefits of Artificial Intelligence and Robotics Workshop aims to provide media and security professionals with an in-depth understanding of the implications that the rapid advancement of...

SANS Southern California - Anaheim 2017 (Anaheim, California, USA, February 6 - 11, 2017) Learn practical, relevant tips and techniques from industry leaders. Join us for SANS Southern California - Anaheim 2017, and choose from eight courses on cyber defense, penetration testing, incident response,...

Workplace Violence & Response To Active Shooter Events Meeting (Laurel, Maryland, USA, February 9, 2017) The National Insider Threat Special Interest Group (NITSIG) will be hosting a meeting on February 9, 2017, at the Johns Hopkins University Applied Physics Laboratory, Laurel, MD. The meeting will be exclusively ...

RSA Conference 2017 (San Francisco, California, USA, February 13 - 17, 2017) The current state of cybersecurity means there are many opportunities for the industry as a whole to collaborate on new innovations. Discovering the next great opportunity will require everyone to embrace...

Using STIX/TAXII to share automated cyber threat data (San Francisco, California, USA, February 15, 2017) Cybersecurity experts representing the financial sector, healthcare, utilities, software providers, government, academia and nonprofits continue to define/develop the STIX/TAXII specifications as the solid...

Insider Threat Program Development Training For NISPOM CC 2 (Simi Valley, CA, USA, February 22 - 23, 2017) Insider Threat Defense announced it will hold a 2 day training class on Insider Threat Program Development (NISPOM Conforming Change 2) on Feb. 22-23, 2017, in Simi Valley, CA. For a limited time the training...

SANS Dallas 2017 (Dallas, Texas, USA, February 27 - March 4, 2017) We are pleased to invite you to attend SANS Dallas 2017, on February 27- March 4 at The Westin Dallas Downtown, located in the heart of the city. We have selected several of our top information security...

Autonomous Vehicles Silicon Valley (Santa Clara, California, USA, February 28 - March 2, 2017) The road to autonomy: Regulation. Consumer Acceptance. Safety & Security. Explore the latest technologies and hottest issues for the autonomous vehicles industry.

The Cyber Security Summit: Denver (Denver, Colorado, USA, March 1, 2017) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts.

International Cyber Risk Management Conference (ICRMC) (Toronto, Ontario, Canada, March 2 - 3, 2017) The third annual International Cyber Risk Management Conference (ICRMC) brings together a world class roster of experts with cross-sector, global and multidisciplinary expertise to share knowledge, lessons ...

SANS San Jose 2017 (Milpitas, California, USA, March 6 - 11, 2017) Securing and defending your network has never been more important as attacks and breaches make the news daily. Gain the skills and tools you need to win the battle against the wide range of cyber adversaries...

15th annual e-Crime & Cybersecurity Congress (London, England, UK, March 7 - 8, 2017) Europe's largest and most sophisticated gathering of senior cybersecurity professionals from international business, governments, law enforcement and intelligence agencies.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.