skip navigation

More signal. Less noise.

Daily briefing.

Sweden's armed forces disclose that they've sustained a cyber attack from an unnamed source. The incident required the services to shut down their Caxcis IT system.

Saudi Arabia remains on high alert for further infestations of system-killing Shamoon 2 malware. The infection is thought to be carried, for the most part, by malicious emails. See Symantec's report for an account of Shamoon's possible connection to the Greenbug cyber espionage group.

Bugs in AlphaBay, the big Dark Web "trading post" (as ZDNet calls it), have permitted a hacker (grey or black hat, take your pick) to obtain and leak more than 200,000 messages exchanged on the site.

A new strain of VirLocker, an easily spread but also easily defeated ransomware variant, is out in the wild. Both Sophos and ESET have provided decryption tools for earlier versions, but this latest edition seems even more easily thwarted than that, according to Malwarebytes researchers. Entering any sixty-four characters into the lock screen's text box (sixty-four zeroes will do, says Help Net Security), click "Pay Fine," and VirLocker touchingly believes it's been paid. In other ransomware news, the St. Louis, Missouri, library system has successfully recovered from its extortion incident because it had an effective file backup program in place.

Russian authorities have arrested Ruslan Stoyanov, a senior researcher at Kaspersky Lab, on charges of treason. Kaspersky itself seems not implicated, as the alleged offenses date to Stoyanov's pre-Kaspersky employment with Russia's Interior Ministry. It's thought those alleged offenses may involve corruption, not espionage.

Notes.

Today's issue includes events affecting France, Netherlands, Russia, Saudi Arabia, Spain, Sweden, Ukraine, United Kingdom, United States.

In today's CyberWire podcast we hear from our partners at the University of Maryland's Center for Health and Homeland Security: Markus Rauschecker gives us his take on a US Department of Commerce report on Internet-of-things devices. We also have a guest, Dan Larson from CrowdStrike, who outlines the evolution of ransomware.

A special edition of our Podcast is still up and available, and it's all about how to buy cyber security. Every day there seems to be a new security product on the market, with many of them claiming to provide something that you simply can’t live without. Companies appear and disappear, and businesses are faced with difficult, confusing, and often expensive choices. In this CyberWire special edition, we explore how businesses are navigating the process of choosing products and technologies in a crowded marketplace. We talk to some key stakeholders to find out what drives their purchasing decisions, and what they wished their vendors knew before they came knocking on their doors.

Top 10 Cyber Incident Pain Points: Are You Prepared? (Webinar, January 26, 2017) In a world where compromise is always a risk, one of the best ways to protect your organization is by ensuring that your response capabilities are effective, and one of the most valuable steps in strengthening a response capability is learning from others’ experiences. This webinar will discuss many issues that security professionals deal with when responding to incidents, and how they can address them.

Women in Cyber Security (Tucson, AZ, USA, March 31 - April 1, 2017) With support from various industry, government and academic partners, WiCyS has become a continuing effort to recruit, retain and advance women in cybersecurity. It brings together women in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring.

Cyber Attacks, Threats, and Vulnerabilities

Swedish forces exposed to extensive cyber attack: Dagens Nyheter (Reuters) Sweden's armed forces were recently exposed to an extensive cyber attack that prompted them to shut down an IT system used in military exercises, daily newspaper Dagens Nyheter reported on Wednesday.

Shamoon malware revisiting Saudi Arabia; cyberinfrastructure on high alert (HackRead) The dreaded Shamoon malware is back to haunt Saudi Arabia; therefore, the government has wasted no time in issuing a warning alert to a number of organizat

Cyber attacks said to be initiated by email (Zawya) It’s not confirmed that this is the same variant of the Shamoon malware which attacked Saudi Arabian organization

Greenbug cyberespionage group targeting Middle East, possible links to Shamoon (Symantec Security Response) Greenbug may answer the question of how Shamoon obtains the stolen credentials needed to carry out its disk-wiping attacks.

‘First utility cyber attack will happen this year’ (Energy Live News) The first reported instance of a cyber attack on a utilities provider will happen this year.

Lloyds cyber-attack details emerge - BBC News (BBC News) Lloyds Bank was hit by a denial of service attack nearly two weeks ago that disrupted online access.

AlphaBay Dark Web marketplace hacked, private messages leaked | ZDNet (ZDNet) Over 200,000 messages were compromised due to a security flaw.

Dark Web’ Largest Trading Platform AlphaBay Hacked; 200k Messages Leaked (HackRead) AlphaBay is counted among the largest trading marketplace on the Dark Web and this is something that makes the platform inquisitive about prevailing securi

Insider Trading: KickAss (Wapack Lab) Wapack Lab research has uncovered KickAss (KA): an underground forum with experienced grey and black hat hackers and coders who specialize ...

Android Phones Still Open To WAP Attacks - Information Security Buzz (Information Security Buzz) Context Researchers discover SMS-based vulnerabilities in Samsung Galaxy devices Android phones are still vulnerable to SMS-based attacks according to researchers at Context Information Security. One of the bugs found by Context in older models of Samsung Galaxy devices could be triggered remotely and rendered the device unusable until a factory reset was performed, leaving users …

Hackers Tear Apart Trend Micro, Find 200 Vulnerabilities In Just 6 Months (Forbes) Trend Micro is one of the biggest names in cybersecurity, an $120 billion industry that promises to deflect a significant chunk of attacks hitting customers. But Trend and many of its peers are themselves creating software vulnerable to hacks, as proven by two researchers who've found and reported more than 200 flaws across the Japanese company's suite of products since July 29 last year.

Jupyter Notebook unwittingly opens huge server security hole (Help Net Security) Researchers found 350 internet-facing Jupyter Notebook servers giving unauthenticated access to Jupyter’s web user interface & command line shell interface.

Machine behaviors that threaten enterprise security (CSO Online) Machine learning has moved enterprise security forward, allowing for visibility inside the network in order to better understand user behavior. However, malicious actors are using what is done with machine learning on the inside in order to attack the perimeter.

Default Credentials Found in Schneider Electric Wonderware Historian (Threatpost) ICS-CERT warns of default credentials in Schneider Electric Wonderware Historian that can be abused to compromise Historian databases.

VirLocker ransomware is back, but can be defeated (Help Net Security) VirLocker (aka VirLock, aka VirRansom) is a virulent piece of machine-locking ransomware that has been around for quite some time.

Ransomware makes California nursing school feel ill (CSO Online) About three months ago, an instructor at Gurnick Academy, a California-based nursing school, had his biggest fear come alive. When he tried to access his lectures, the files were encrypted. The teacher was literally locked out of his classroom.

Half of Ransomware Victims Pay Criminals’ Demands to Recover Data (Threatpost) A Ponemon Institute report on ransomware revealed 48 percent of businesses surveyed paid a ransom in exchange for getting their data back.

St Louis Library Back-Ups Save Ransomware Blushes (Infosecurity Magazine) St Louis Library Back-Ups Save Ransomware Blushes. Attack disrupted 17 locations for days, but data is being restored

US Park Service tweets were result of old Twitter passwords (CSO Online) Two instances of tweets from National Park Service accounts that became political hot potatoes in the last few days were the result of bad password management, according to officials.

Zombie files rise from dead due to Dropbox metadata bug (Ars Technica) Old files, quarantined because of corrupted data, re-appeared in users’ accounts.

4 Ways Your Office Security Can be Breached - Nerd's Magazine (Nerd's Magazine) Compromised cyber office security in particular poses a threat to just about any business – especially where confidential personal information is concerned.

4 big security threats facing your small business (BetaNews) You no longer have to be a large corporation to draw the attention of cybercriminals. In fact, your small business could be appealing to hackers, simply because you don’t have the same level of security that a big firm can bring to bear.

Want to buy a 'smart' hair brush? Read this first (The Christian Science Monitor Passcode) Cybersecurity experts say many of the internet-connected products increasingly turning up on store shelves are insecure, giving malicious hackers new ways of attacking consumers – and the entire internet.

Pew Research Study Exposes America's Poor Password Hygiene (Dark Reading) Americans feel like they've lost control over their online lives, but they still aren't always practicing proper security.

Security Patches, Mitigations, and Software Updates

Microsoft Adds New Features to Office 365 Advanced Threat Protection (Redmondmag) Microsoft announced that a couple of new features have been added to its Office 365 Advanced Threat Protection e-mail security service.

Firefox 51 starts flagging HTTP login pages as insecure (Help Net Security) Mozilla has released Firefox 51, and this newest latest stable version of the popular browser comes with many security fixes and improvements.

Now there’s a better way to prevent Facebook account takeovers (Ars Technica) Site enhances two-factor authentication with crypto keys that plug into USB slots.

High-Severity Chrome Vulnerabilities Earn Researcher $32K in Rewards (Threatpost) Researcher Mariusz Mlynski found and disclosed four high-severity vulnerabilities in Chrome’s Blink rendering engine, earning himself $32,000 through the Chrome Rewards program.

Cyber Trends

Data Breaches Exposed 4.2 Billion Records In 2016 (Dark Reading) The 4,149 data breaches reported in 2016 shattered the all-time high of nearly 1 billion exposed records in 2013.

Top 10 most malware-infected US cities (Help Net Security) Whether you live in a big city or small town, from east coast to west coast and everywhere in between, you are susceptible to being a victim of malware.

Most organizations are unaware of daily malicious activity (Help Net Security) One-third of security pros are savvy enough to detect daily attacks, but the looming majority (66 percent) are unaware of daily malicious activity.

Consumers worried about privacy more than ever (Help Net Security) 84% of U.S. consumers expressed concern regarding the security of their PII and 70% told IDC that their concern is greater today than just a few years ago.

Arctic Wolf Networks Survey Reveals Mid-Market Cybersecurity Dissonance: Highlights Disparity Between Perception vs. Reality (BusinessWire) Half of respondents say they don’t know where to start to improve security posture

The State of Mid-Market Cybersecurity: Findings and Implications (Arctic Wolf) 50 percent of IT professionals say they don’t know where to start to improve their security posture.

Healthcare is one of cybercrime’s most targeted sectors (Vectra) Healthcare organizations are a prime target of cyber attackers.

Society urged to nurture cyber talent at Microsoft security conference (ComputerWeekly) Cyber security investigative reporter Brian Krebs has urged society to cultivate more “hackers for good” in today’s age of internet super villains

Marketplace

Top 10 most malware-infected US cities - Help Net Security (Help Net Security) Whether you live in a big city or small town, from east coast to west coast and everywhere in between, you are susceptible to being a victim of malware.

Verodin, RSA'17 & Letting Go of the Security Assumptions "Blankie"​. (LinkedIn) In a couple of weeks, it's anticipated that more than 40,000 computer security professionals will descend on San Francisco for our annual reunion/

What the AppDynamics sale could mean for other tech IPO candidates (TechCrunch) As the first planned public offering of 2017, AppDynamics was supposed to be a bellwether for other upcoming tech IPOs. If it went public and performed well,..

Qosmos legal interceptions contracts without a home (Intelligence Online) France’s deep packet inspection specialist was recently acquired by Sweden’s ENEA and is getting out of government interception.

Ignore Palo Alto Networks Inc: Here Are 3 Better Stocks -- The Motley Fool (The Motley Fool) The data security upstart isn't quite the high-flying Street darling it once was; there are better alternatives.

Wombat Security Extends its Leadership Position in the Security Awareness and Training Market (Yahoo! Finance) Wombat Security Technologies ("Wombat"), the leading provider of cyber security awareness and training solutions that change end user behavior, today ...

Cyber Innovation Center impacting Shreveport Bossier area (STBS) Cyber Innovation Center works to develop a sustainable knowledge based workforce that can support the growing needs of government, industry, and academia. CIC and the National C...

Cybereason Announces its Strategic Advisory Board to Support its Rapid Growth and Expansion (SAT PR) Cybereason, developers of the world’s only military-grade, real-time prevention, detection, and response platform, today announced the creation of its Strategic Advisory Board to support the company’s growth and global expansion. The board consists of cybersecurity leaders with diverse backgrounds in both the private and public sector. This board will be responsible for providing strategic guidance and input to the core teams within Cybereason.

Products, Services, and Solutions

Cybersecurity Startup Bricata Inks OEM Deal with Cylance (Bricata) Bricata, LLC, a developer of network intrusion detection and prevention solutions, today announced an OEM relationship with Cylance® Inc

GlobalPlatform releases consumer-centric model configuration (Contactless Intelligence) Industry association GlobalPlatform has released its Consumer-Centric Model Configuration. This framework enables consumers to have ultimate control over which secure applications they want to use…

Palo Alto Networks Launches Cybersecurity Guide for Directors and Officers (Newswire Today) Palo Alto Networks®, the next-generation security company, has announced the publication of “Navigating the Digital Age: The Definitive Cybersecurity Guide for Directors and Officers United Kingdom.” This guide will provide U.K. boards, executives and C-level officers at enterprises, government agencies and other organizations with practical, expert advice on how to raise the bar on cybersecurity.

Password-free security uses voice, user behavior to verify identity (CSO Online) Tired of conventional passwords? So is Nuance Communication, a tech firm that is promoting the human voice as a way to secure user accounts.

War Games: Unisys Unveils Threat Simulation Service To Help Clients Manage Cyber Security Attacks (CRN) It's not just a game, but Unisys is using gamification to help businesses understand how they would react to real-world threats, sharpening their skills for the next cyberattack.

Dataprobe Improves Network Reliability for Power Over Ethernet Systems (Yahoo! Finance) Dataprobe announces the release of the newest product in the iBoot ® family of remote power control systems dedicated to improving network reliability.

Machine learning tool helps county detect cyber risks -- GCN (GCN) Officials in Livingston County, Mich., turned to a machine learning tool that can find anomalies in user and device behaviors without previous knowledge of what to look for.

SyferLock Announces Technology Alliance with OpenIAM to Provide Software-Based Authentication (Bobsguide) SyferLock Technology Corporation today announced a technology alliance with OpenIAM and has proven interoperability of SyferLock’s GridGuard™ two-factor and multi-factor authentication solutions with OpenIAM’s open source identity and access management (“IAM”) solutions. SyferLock’s software-based authentication solutions now provide stronger access controls for OpenIAM’s IAM solutions, without the need for hardware tokens and without mobile device dependency like SMS-based solutions.

Sophos Rolls Out Phishing Security Test And Training Program (Media Post) Security company Sophos now offers a testing and training platform to address the threat of phishing scams.

WatchGuard Threat Detection and Response boosts Total Security Suite (Security News Desk) Seattle-based cyber-security specialist WatchGuard has launched Threat Detection and Response (TDR), a new cloud-based cyber-security service that promises to give its users the ability to detect advanced threats on endpoints, correlate this with data collected from the network and respond immediately.

Wombat Security Technologies Selects Attunity CloudBeam to Accelerate Cloud Data Integration (Yahoo! Finance) Attunity Ltd. (ATTU), a leading provider of data integration and Big Data management software solutions, announced today that Wombat Security Technologies (Wombat), a leader in information security awareness and training software, has chosen Attunity CloudBeam to accelerate data integration between its

Review of the Cold Storage Hardware Wallet Cryptosteel (Nigeria Today) There are various ways to maintain bitcoin using cold storage techniques like a paper or a hardware wallet. Lots of these methods keep your cryptocurrency safe, but private keys and seed phrases need to be backed up in a secure fashion. One method of backup is called Cryptosteel, which can safely house private keys, BIP39 compatible seeds, and even secret cryptographic messages.

Technologies, Techniques, and Standards

Browser Autofill Data Can Be Phished - How to Test Vulnerability and Stay Safe (Yahoo! Finance) The autofill function on your browser is convenient to help complete web forms quickly but did you know that many browsers will autofill hidden fields and provide a lot more data then you may be aware of? Earlier this month a web developer and hacker published

How to Secure a Smartphone for the Tweeter-in-Chief (Fifth Domain | Cyber) Before, during and since the campaign, he used an Android smartphone to conduct his business and tweet prolifically, directly reaching millions of followers. But when he was inaugurated, Trump surrendered that device and accepted in its place a smartphone that has somehow been made more secure.

IOC's: Risks of False Positive Alerts Flood Ahead (SANS Internet Storm Center) Yesterday, I wrote a blog post[1] which explained how to interconnect a Cuckoo[2] sandbox and the MISP[3] sharing platform. MISP has a nice REST API that allows you to extract useful IOC's in different formats. One of them is the Suricata / Snort format.

Research and Development

Cyberintrusion Detection System On Raytheon’s Radar (Aviation Daily) Raytheon Intelligence, Information and Services (IIS) has launched an internal research and development effort to create a cyberintrusion detection system to be included in the cockpits of military and civil aircraft.

DarkMatter partners with Radboud University for research in cryptography and security (CPI Financial) The research project, which will initially run for a year, will conduct research on side channel attacks at a cryptographic protocol level, studying the impact of combining multiple cryptographic primitives across different inter-platform and intra-platform components.

Legislation, Policy, and Regulation

Welcome to the Competition (War on the Rocks) Russia's cyberattacks should be teaching Americans something that those situated in the orbits of China, Iran, and Russia have long known:: There are serious political competitions underway for regional and strategic dominance.

Worried about cybersecurity and the connected car? There’s a bill for that (Ars Technica) The bipartisan legislation wants to identify best practices and ways to ward off threats.

Can Congress help boost US digital defenses? (The Christian Science Monitor) After US intelligence officials blamed Russia for interfering in November's vote, a new Senate subcommittee will help the Defense Department build up its digital arsenal for the next generation of cybersecurity threats.

Trump nominates businessman Philip Bilden as new Navy Secretary (Military Times) The former Army Reserve intelligence officer will take over a promised rebuilding of the naval fleet.

Navy zeroes in on network cybersecurity, innovation, cloud (C4ISRNET) Cybersecurity, innovation and cloud will be three main focus areas for the NGEN recompete.

Litigation, Investigation, and Law Enforcement

Консультант Лубянки завис в Лефортово (Коммерсант) Расследование вокруг ЦИБ ФСБ привело к аресту сотрудника "Лаборатории Касперского"

Russia arrests top manager at cybersecurity firm, Russian agent on treason charge, newspaper says (CNBC) Ruslan Stoyanov and a senior Russian FSB intelligence officer were arrested in December. Both face charges of treason.

Russia Arrests Kaspersky Cybercrime Hunter In 'Treason Probe' (Forbes) One of Russia's most successful cybercrime investigators and hacker hunter at one of the world's biggest security companies, Kaspersky Lab, has been arrested by Russian law enforcement as part of a probe into possible treason, according to reports. Kaspersky has confirmed incident response chief Ruslan Stoyanov was at the center of an investigation, but could not offer more details.

A top hacker-hunter at Russia's largest cybersecurity firm has been arrested on charges of treason (Business Insider) Stoyanov was arrested along with a senior Russian FSB intelligence officer. They both face charges of treason.

EXCLUSIVE: IG Investigating Obama Admin Cyber Attacks On Georgia Election System (The Daily Caller) Federal officials have launched an investigation into why the Department of Homeland Security hacked into the Georgia state governmental network, including its election system, The Daily Caller New

Recrimination or Reform? The FBI’s Current Crisis Is Not the Bureau’s Biggest Problem (Lawfare) The Federal Bureau of Investigation is once again the target of intense criticism for its questionable judgment.

Insider Threat Special Report: Whistleblowers (CipherBrief) Distinguishing between whistleblowers who want to point out and fix problems within the intelligence community and employees who want to damage national security will demand increased attention as the insider threat problem grows, experts say.

Spain says Russian detained for US is a top financial hacker (Yahoo! Finance) Spanish police say a detained Russian computer programmer is one of that country's most important hackers and is wanted by the United States for suspected financial fraud amounting to some $5 million.

Apple sues Qualcomm in China, expanding fight over patent licensing (Ars Technica) Qualcomm is under legal attack, now in two of the world's biggest markets.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Insider Threat 2017 Summit (Monterey, California, USA, March 29 - 30, 2017) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical...

Cyber Security Summit: Atlanta (Atlanta, Georgia, USA, April 6, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Atlanta. Receive...

Cyber Security Summit in Dallas (Dallas, Texas, USA, May 5, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from Proofpoint, CenturyLink, IBM and more. Register with promo code cyberwire50 for half off...

2017 Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 17 - 18, 2017) It is more important than ever that in-house and outside counsel stay abreast of the most current developments and best practices in cybersecurity. At our Institute you will receive insights on the best...

Cyber Security Summit: Seattle (Seattle, Washington, USA, June 1, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Seattle. Receive...

Cyber Security Summit: DC (Washington, DC, USA, June 29, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: DC. Receive 50%...

Cyber Security Summit: Chicago (Chicago, Illinois, USA, August 8, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Chicago Receive...

Cyber Security Summit: New York (New York, New York, USA, September 15, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: New York. Receive...

Cyber Security Summit: Boston (Boston, Massachusetts, USA, November 1, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Boston. Receive...

Cyber Security Summit Los Angeles (Los Angeles, California, USA, November 30, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Los Angeles. Receive...

Upcoming Events

Blockchain Protocol and Security Engineering (Stanford, California, USA, January 26 - 27, 2017) This conference will explore the use of formal methods, empirical analysis, and risk modeling to better understand security and systemic risk in blockchain protocols. The conference aims to foster multidisciplinary...

CyberTech (Tel Aviv, Israel, January 30 - 31, 2017) Cybertech is the most significant conference and exhibition of cyber technologies outside of the United States. Cybertech provides attendees with a unique and special opportunity to get acquainted with...

Enigma (Oakland, CA, USA, January 30 - February 1, 2017) Join a diverse mix of experts and enthusiasts from industry, academia, and government for three days of presentations and open sharing of ideas. Our focus is on current and emerging threats and defenses...

National Credit Union - Information Sharing & Analysis Organization - 2017 Tech Conference (Cape Canaveral, Florida, USA, January 31 - February 2, 2017) Join us for three days of Cyber Security topics that are pertinent to Credit Union cyber resilience, real-time security situational awareness information sharing, and coordinated response in the global...

Southern Virginia - Cyber Security Lunch & Learn (Norfolk, Virginia, USA, February 2, 2017) Cyber security experts discuss security incident response. Dealing with cyber security risk is an exercise in managing daily chaos. Organizations know they need to improve their posture but common roadblocks...

Insider Threat Program Development Training For NISPOM CC 2 (Toms River, NJ, USA, February 6 - 7, 2017) Insider Threat Defense announced it will hold a 2 day training class on Insider Threat Program Development (NISPOM Conforming Change 2) on Feb. 6-7, 2017, in Toms River, NJ. For a limited time the training...

The Risks and Benefits of Artificial Intelligence and Robotics (Cambridge, England, UK, February 6 - 7, 2017) The Risks and Benefits of Artificial Intelligence and Robotics Workshop aims to provide media and security professionals with an in-depth understanding of the implications that the rapid advancement of...

SANS Southern California - Anaheim 2017 (Anaheim, California, USA, February 6 - 11, 2017) Learn practical, relevant tips and techniques from industry leaders. Join us for SANS Southern California - Anaheim 2017, and choose from eight courses on cyber defense, penetration testing, incident response,...

Workplace Violence & Response To Active Shooter Events Meeting (Laurel, Maryland, USA, February 9, 2017) The National Insider Threat Special Interest Group (NITSIG) will be hosting a meeting on February 9, 2017, at the Johns Hopkins University Applied Physics Laboratory, Laurel, MD. The meeting will be exclusively ...

RSA Conference 2017 (San Francisco, California, USA, February 13 - 17, 2017) The current state of cybersecurity means there are many opportunities for the industry as a whole to collaborate on new innovations. Discovering the next great opportunity will require everyone to embrace...

Using STIX/TAXII to share automated cyber threat data (San Francisco, California, USA, February 15, 2017) Cybersecurity experts representing the financial sector, healthcare, utilities, software providers, government, academia and nonprofits continue to define/develop the STIX/TAXII specifications as the solid...

Insider Threat Program Development Training For NISPOM CC 2 (Simi Valley, CA, USA, February 22 - 23, 2017) Insider Threat Defense announced it will hold a 2 day training class on Insider Threat Program Development (NISPOM Conforming Change 2) on Feb. 22-23, 2017, in Simi Valley, CA. For a limited time the training...

Risky Business (London, England, UK, February 23, 2017) How are you tackling Cyber Crime in the Property Transaction? Join our panel of expert speakers at the IET in London to find out more about cyber crime in the property transaction and the steps you can...

SANS Dallas 2017 (Dallas, Texas, USA, February 27 - March 4, 2017) We are pleased to invite you to attend SANS Dallas 2017, on February 27- March 4 at The Westin Dallas Downtown, located in the heart of the city. We have selected several of our top information security...

Autonomous Vehicles Silicon Valley (Santa Clara, California, USA, February 28 - March 2, 2017) The road to autonomy: Regulation. Consumer Acceptance. Safety & Security. Explore the latest technologies and hottest issues for the autonomous vehicles industry.

The Cyber Security Summit: Denver (Denver, Colorado, USA, March 1, 2017) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts.

International Cyber Risk Management Conference (ICRMC) (Toronto, Ontario, Canada, March 2 - 3, 2017) The third annual International Cyber Risk Management Conference (ICRMC) brings together a world class roster of experts with cross-sector, global and multidisciplinary expertise to share knowledge, lessons ...

SANS San Jose 2017 (Milpitas, California, USA, March 6 - 11, 2017) Securing and defending your network has never been more important as attacks and breaches make the news daily. Gain the skills and tools you need to win the battle against the wide range of cyber adversaries...

15th annual e-Crime & Cybersecurity Congress (London, England, UK, March 7 - 8, 2017) Europe's largest and most sophisticated gathering of senior cybersecurity professionals from international business, governments, law enforcement and intelligence agencies.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.