skip navigation

More signal. Less noise.

Daily briefing.

SecureWorks reports that Fancy Bear, the Russian GRU outfit famous for compromising the US Democratic Party's National Committee last spring, has been found in a British television network (unnamed for legal considerations). Fancy Bear established persistence in July 2015 and wasn't detected for a year, which is interesting given Fancy Bear's relative noisiness compared to its sibling Cozy Bear. German authorities are also seeing an increase in activity that looks like Fancy Bear's. Diplomatic sources in Russia's London embassy dismiss the allegations as Western nostalgia for the Cold War. ThreatConnect has devoted some attention to fleshing out indicators of compromise by Fancy Bear; their report is interesting (and a reminder of the distinction between evidence and intelligence).

Saudi worries about Shamoon persist. Intel Security has an overview of their current research into Shamoon 2's details, and Wapack Lab reports signs that the malware is turning up in the shipping industry as well.

The well-known banking Trojan Dridex is back, and Flashpoint says the malware now employs a new user account control bypass method.

DoubleFlag, the criminal group who's been selling data stolen from large Chinese ISPs, claims to have data on 126 million U.S. Cellular customers. U.S. Cellular tells HackRead they've investigated, and DoubleFlag's wares are bogus: there's been no breach.

LeakedSource, grey market purveyors of access to stolen passwords, is down, possibly for good. Someone (handle "LTD") claiming to be in a position to know said yesterday on the OGFlip forum that LeakedSource had been raided by US authorities.

Notes.

Today's issue includes events affecting European Union, Germany, Israel, Moldova, Netherlands, Romania, Russia, Saudi Arabia, Taiwan, United Kingdom, United States, and Venezuela.

Today's CyberWire daily podcast will feature Dale Drew from our partners at Level 3. He'll be discussing threats from the Asia Pacific region. We'll also have a guest, Vince Crisler from Dark Cubed, who'll review the lessons learned from the Grizzly Steppe report on Russian election hacking and influence operations.

A special edition of our Podcast is still up and available, and it's all about how to buy cyber security. Every day there seems to be a new security product on the market, with many of them claiming to provide something that you simply can’t live without. Companies appear and disappear, and businesses are faced with difficult, confusing, and often expensive choices. In this CyberWire special edition, we explore how businesses are navigating the process of choosing products and technologies in a crowded marketplace. We talk to some key stakeholders to find out what drives their purchasing decisions, and what they wished their vendors knew before they came knocking on their doors.

Women in Cyber Security (Tucson, AZ, USA, March 31 - April 1, 2017) With support from various industry, government and academic partners, WiCyS has become a continuing effort to recruit, retain and advance women in cybersecurity. It brings together women in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring.

Cyber Attacks, Threats, and Vulnerabilities

Russia-linked Fancy Bear hackers had access to UK television station for 'almost a year' (International Business Times UK) Malware used by DNC hackers linked to attack UK on media.

Stepping to FANCY BEAR (or how to efficiently validate and enrich a jumbled list of indicators) (ThreatConnect) Over the last few weeks the U.S. government released two reports on Russian hacking and influence operations related to the U.S. election. Most notably, the unclassified version of the Intelligence Community Assessment (ICA) “Assessing Russian Activities and Intentions in Recent US Elections” released on January 6, mirrored assessments we have made over the last seven months in our blog series on FANCY BEAR, their operations, faketivists, and motivations.

Analysis of new Shamoon infections - Help Net Security (Help Net Security) All of the initial analysis pointed to Shamoon emerging in the Middle East. This however was not the end of the story since the campaign continues to target...

Shamoon and Essex Shipping (Wapack Lab) On 17 January 2017 the Saudi Arabia Computer Emergency Response Team (CERT), Abdulrahman  al-Friah, confirmed that close to 22 b...

Flashpoint - Dridex Banking Trojan Returns, Leverages New UAC Bypass Method (Flashpoint) First observed in July 2014, “Dridex,” a financial banking Trojan, is considered the successor to the “GameOver ZeuS” (GoZ) malware.

Cisco WebEx code execution hole – what you need to know (Naked Security) Google’s Project Zero found a serious hole in Cisco’s WebEx browser extension that is nearly but not yet fully fixed. Here’s what to do.

Can you trust your Android VPN client? - Help Net Security (Help Net Security) Do you trust your Android VPN client to keep your data secure and your online browsing private? Well, perhaps you shouldn't.

Hacker Selling 126 Million Cell Phone Details of "U.S. Cellular" Customers (HackRead) A few hours ago we exclusively reported on a Dark Web vendor DoubleFlag selling more than 1 Billion accounts stolen from Chinese Internet giants. Now, the

Cross-Site Request Forgery: What Happened to the Sleeping Giant? (Network Security Blog | Qualys, Inc.) A decade ago, cross-site request forgery (CSRF, often pronounced “c-surf”) was considered to be a sleeping giant, preparing to wake and inflict havoc on the Worldwide Web.  But the doom…

How one man could have deleted any public Facebook video (Naked Security) And then Dan Melamed did the right thing: he reported it to Facebook

More mobe malware creeps into Google Play – this time, ransomware (Register) Charger seeks to drain bank accounts of unlucky 'droids

Ransom attacks double in Europe as SMEs are targeted (Small Business) Radware finds ransom attacks was the #1 motivation behind cyber attacks and IoT botnets are now a major concern for CIOs.

Police Department Loses Years Worth of Evidence in Ransomware Incident (BleepingComputer) Police in Cockrell Hill, Texas admitted yesterday in a press release that they lost years worth of evidence after the department's server was infected with ransomware.

“You took so much time to joke me”—two hours trolling a Windows support scammer (Ars Technica) "Albert Morris" and team get taken for a ride while we tried to track their tradecraft.

Exploring the Cybercrime Underground: Part 3 – Into the RAT Nest - Palo Alto Networks Blog (Palo Alto Networks Blog) In this third part of Unit 42’s Cybercrime Underground blog series, we’re taking a slightly different approach. In this blog we begin with data from a real attack in the wild, and use the evidence from that attack to make a connection back to underground forums and the actors who are using them. Rather than starting from an attack we had already explored, we looked into a third-party research report linking an Adwind malware sample to a specific command and control (C2) domain and loosely associating a number of other domains. …

Get ready for the next White House e-mail (and Twitter) scandal (Ars Technica) An insecure phone, a press secretary posting his password, and private e-mail—really?

The security of President Trump's Android smartphone (Graham Cluley) The New York Times reports that US President Donald Trump is still using an old, poorly-secured Android smartphone.

Trump’s Personal Phone Is a National Security Risk (Motherboard) Trump might be using a totally easy to hack phone, according to security researchers.

Security Patches, Mitigations, and Software Updates

Facebook Adds Physical Key Security For Member Accounts (Dark Reading) Social media site now supports security keys to boost multifactor authentication.

Firefox flags Web of Trust add-on as suspicious, blocks by default (Graham Cluley) Firefox blocks WOT completely, in an attempt to protect users against malicious activity.

Google to Block .js Attachments in Gmail (Threatpost) Citing security concerns, Google announced that it will soon block JavaScript (.js) file attachments in Gmail.

Clock’s ticking for MD5-signed JAR files, says Oracle (Naked Security) Oracle’s delay in dropping support for the hash seems strange, but it’s finally named the day

Uber.com Backup Bug Nets Researcher $9K (Threatpost) A researcher earned $9K for identifying a XXE vulnerability in third party backup software used by Uber.

Cyber Trends

Is Your Network Protected? Cyber Crime in the Age of Information (Media Center) Within the last four years, online security and data breaches have grown increasingly threatening, compromising big name companies such as Target, Home Depot and Sony Corporation. Yahoo became the most recently identified victim of a major hacking in mid- December of 2016, although the breach dates back as far as 2013. The attack compromised 1.5 …

Five emerging technology trends essential to business success - Help Net Security (Help Net Security) Accenture Technology Vision 2017 predicts the most significant technology trends that people will apply to disrupt business over the next three years.

Online Trust Alliance Finds Consumer Data Breaches Level Off While Other Cyberattacks Skyrocket (OSINT) OTA documents 82,000 “cyber incidents” in 2016 negatively impacted businesses and organizations; admits there could have been more than 250,000 when accounting for unreported incidents

Marketplace

Microsoft to continue to invest over $1 billion a year on cyber security (Reuters) U.S. software firm Microsoft Corp (MSFT.O) will continue to invest over $1 billion annually on cyber security research and development in the coming years, a senior executive said.

KeyW Announces Public Offering of Common Stock (Yahoo! Finance) The KeyW Holding Corporation today announced that it has commenced an underwritten public offering of 8,500,000 shares of its common stock. The Company expects to grant the ...

Former Bartender and Psychiatrist Among Those Selected for New Cyber Retraining Academy (Business News Wales) SANS Institute, the global cyber security training organisation, has its European HQ in Swansea and the UK operation is headed up by Cardiff’s Stephen Jones.

Security Industry Veteran David DeWalt Joins ForgeRock as Vice Chairman (Yahoo! Fnance) ForgeRock®, the leading open platform provider of digital identity management solutions, today announced that Executive Chairman of FireEye David DeWalt has joined the company board of directors as Vice ...

Check Point hires high profile Canadian channel chief (Computer Dealer News) CDN has learned Ang Valentini has left Avaya Canada for a big role at Israeli security vendor Check Point Software Technologies Ltd.

Products, Services, and Solutions

Verizon Digital Media Solutions, Distil Networks to mitigate bad bots (TECHSEEN) Verizon Digital Media Services & Distil Networks have partnered for bot detection and mitigation on Verizon's Edgecast Content Delivery Network

New infosec products of the week​: January 27, 2017 - Help Net Security (Help Net Security) Here are some of the most interesting infosec products released in the fourth week of January, including RiskSense, Watchguard, Infoblox, and more.

Dome9 Achieves SOC 2 Type 2 Certification (Marketwired) Independent attestation of SOC 2 Type 2 compliance demonstrates Dome9's continued commitment to protecting its customers and their data confidentiality

UK to get high-grade cryptographic solutions - Enterprise Times (Enterprise Times) Becrypt and Cyber1st are to work together in order to design and deliver new high-grade cryptographic solutions to market.

OPSWAT Releases New Content Disarm & Reconstruction Report (Benzinga) OPSWAT's Content Disarm & Reconstruction Report is a new report that demonstrates the benefits of OPSWAT's data sanitization (CDR) technology. This technology reconstructs...

Malwarebytes 3.0.6 with stability and performance improvements - gHacks Tech News (gHacks Technology News) Malwarebytes 3.0.6 is the latest version of the popular security program for Windows that is available as a free and premium version.

Technologies, Techniques, and Standards

For Utility Solution Providers, Who is Policing the Cyber Police? (Transmission and Distribution World) How well are manufacturers providing cyber protection for the equipment they provide to utilities?

Former Mozilla Engineer: Disable Your Antivirus Software, Except Microsoft's (BleepingComputer) "Antivirus software vendors are terrible; don't buy antivirus software, and uninstall it if you already have it (except for Microsoft's)." This is how Robert "Roc" O'Callahan, a former Mozilla bigwig engineer started a blog post today, in which he details a long list of issues that antivirus software have caused to browser vendors.

No, disabling your anti-virus software does not make security sense (Graham Cluley) Don’t throw the baby out with the bath water.

How I Would Hack Your Network (If I Woke Up Evil) (Dark Reading) How would an attacker target your company? Here's a first-person account of what might happen.

Firewall Efficacy Increased When Deployed with a Firewall Management Tool, FireMon Study Finds (Yahoo! Finance) FireMon, the leader in Network Security Policy Management , has released a commissioned study entitled Automate Zero Trust Policy and Enforcement conducted by independent, research-based consultancy, Forrester ...

Tip: Secure Your Microsoft Account with Two-Step Verification (Thurott) If you’re using a Microsoft account (MSA), you need to secure it with two-step verification. And then use an authenticator app to make it painless.

INFOGRAPHIC: Improve Network Security and Staff Productivity with a Firewall Auditing Tool - FireMon (FireMon) In a study commissioned by FireMon, Forrester Consulting found that organizations with firewall auditing and configuration tools realize more benefits that those without. For the study, Forrester surveyed more than 188 IT security decision makers at US enterprise companies. Results …

Army Reserve pilots management tool for cyber talent -- GCN (GCN) Working with Carnegie Mellon University, the Army Reserve has developed the Cyber Warrior Database, a master repository to track the skills soldiers acquire in their civilian jobs and match them to potential military applications.

Design and Innovation

Google pressure on devs to fix security issues bears fruit (Naked Security) Google’s App Security Improvement program has grown some real teeth since it was launched in 2014

Quantum Computers Versus Hackers, Round One. Fight! (WIRED) Can the nascent consumer quantum computing industry help cybersecurity firms with optimization problems like threat detection?

Indegy to Present Industrial Cyber Attack Demos at RSA 2017 ICS Sandbox (BusinessWire) Founders to discuss industrial cyber security measures on ICS Sandbox stage, Birds of Feather session and live Sandbox demo

For the Next Election, Don’t Recount the Vote. Encrypt It (WIRED) A new voting system promises to avoid unnecessary recounts---and prove when they're necessary, too.

Craig Newmark puts $500K towards reducing harassment on Wikipedia (TechCrunch) Craigslist founder Craig Newmark has donated half a million dollars towards Wikipedia's "Community health initiative," aimed at reducing harassment and..

Research and Development

In a bad mood? You might not be allowed to log on (Naked Security) ‘Brainwave biometrics’ could one day be used to gauge our fitness to access certain resources

Whitewood Announces the Awarding of a U.S. Patent for Quantum Key Management (Yahoo! Finance) Whitewood, a developer of solutions focused on improving the use of cryptography, is pleased to announce that the U.S. Patent and Trademark Office granted a new patent entitled, Quantum Key Management.

Academia

DCC earns designation as National Center of Excellence in Cyber Defense (GoDanRiver.com) Gov. Terry McAuliffe announced the National Security Agency and the U.S. Department of Homeland Security had officially designated Danville Community College as a National Center of Academic Excellence in Cyber

Senior Homeland Security official named UAlbany dean (Times Union) A senior official from the U.S. Department of Homeland Security has been named dean of the new University at Albany College of Emergency Preparedness, Homeland Security and Cybersecurity. Before coming to the federal government, Griffin held several high-ranking leadership and first responder posts for local governments in Arlington and Loudon counties in Virginia, and the towns of Tyngsborough and Townsend, Mass. The College of Emergency Preparedness, Homeland Security and Cybersecurity will work to educate and train students in the skills needed to prepare for, protect against, respond to and recover from natural and human-caused risks and threats in New York and around the world.

Legislation, Policy, and Regulation

Election Hacks, Artificial Intelligence, and Fake News Move Doomsday Clock Closer to Midnight (Meritalk) Every year since 1947, the Bulletin of the Atomic Scientists has adjusted the minute hand on the so-called Doomsday Clock to depict how close the world is to midnight—a metaphor for the increasing or decreasing threats to humanity.

Trump Order Sparks Privacy Shield Fears (Infosecurity Magazine) Trump Order Sparks Privacy Shield Fears. Data sharing agreement not in jeopardy, European Commission assures

Cyber Espionage and the Very Real Risk to Our Critical Infrastructure - Carbon Black (Carbon Black) As technology has become more sophisticated, the battlefield has increasingly shifted from the physical to the digital. With cyber war now being fought on a global scale, there is more onus on security than ever, and too many organizations (and governments) are not taking the threat as seriously as they should, especially when it comes...

Cyber probes gain traction on the Hill -- FCW (FCW) Cyber is front and center as the 115th Congress completes its first month, with multiple investigations into Russia’s election-related hacking and now a resolution to create a Senate Select Committee on Cybersecurity.

President Outlines Vague Cyber Mission (Meritalk) President Donald Trump released his Making Our Military Strong Again and America First Foreign Policy last week, which hint at potential changes to the Federal cybersecurity community.

6 Myths About National Security Intelligence (Fifth Domain | Cyber) These false expectations could damage the credibility of the U.S. intelligence community and its ability to fulfill its mission.

Bill Calls for Study of Cybersecurity Standards for Cars (Threatpost) A bipartisan bill was introduced this week in the House calling for the NHTSA to conduct a study that would determine appropriate cybersecurity standards for motor vehicles.

New SPY Bill Aims to Improve Connected Car Security (Infosecurity Magazine) New SPY Bill Aims to Improve Connected Car Security. Proposed legislation calls for new standards

Navy committed to DoD-wide network security plan (C4ISRNET) The Navy is committed to JRSS migration, though on their own terms.

The Army is looking for AGR officers, warrants to go cyber (Army Times) Army Reserve officers and warrant officers in the Active Guard and Reserve can for the first time apply for a voluntary transfer to the Army’s cyber branch.

FBI director James Comey will be interviewed at SXSW (The Verge) FBI Director James Comey will be interviewed at the SXSW conference in Austin this year on March 13th. This would be the public’s first opportunity to really hear from Comey post-inauguration. The...

Litigation, Investigation, and Law Enforcement

The Strange Case of a Hacked Dark Web Child Porn Site Just Got Stranger (Motherboard) Europol confirms it has documents related to Giftbox, a dark web child abuse site that was recently used to deploy a Tor Browser zero-day exploit.

Breach notification website LeakedSource allegedly raided (CSO Online) LeakedSource, a breach notification service that exposed some of 2016’s largest data breaches, might be facing a permanent shutdown. According to a forum post on a well-known marketplace, the owner of LeakedSource was raided earlier this week, though exact details of the law enforcement action remain a mystery.

LeakedSource website goes dark amid claims of police raid (Register) Breach-and-tell database is offline for good, claims post

Site that sold access to 3.1 billion passwords vanishes after reported raid (Ars Technica) LeakedSource garnered criticism for actively cracking the passwords it sold.

Anomali Publishes Comprehensive Analysis of Evidence in 2016 Election Hacks (Yahoo! Finance) Anomali, provider of market-leading threat intelligence platforms, today announced the publication of Election Security in an Information Age, authored by Anomali Director of Security Strategy Travis Farral. ...

Election Security in an Information Age (Anomali) Over the last two years, there have been an increasing number of information security attacks on political organizations, government institutions, and political operatives. Learn more about governments interfering with foreign politics in this special report.

Author of Trump’s Favorite Voter Fraud Study Says Everyone’s Wrong (WIRED) At first, Jesse Richman was excited by all the attention his research was getting. Now he has days when he wishes he had never published it.

The NSA Has Found a New Way to Categorically Deny FOIA Requests (Gizmodo) The notoriously secretive National Security Agency is raising “security concerns” to justify an apparent new policy of pre-emptively denying Freedom of Information Act requests about the agency’s contractors.

Rogue tweeters in government could be prosecuted as hackers (Sacramento Bee) Who are the federal government's rogue tweeters, using official agency social media accounts to poke President Donald Trump? Are these acts of civil disobedience, or federal crimes?

'Rogue' Government Twitter Accounts Should Verify Themselves (Motherboard) AltNatParkSer and other 'rogue' science agency Twitter accounts have done nothing to gain the public's trust.

Lawyer for “inventor of e-mail” sends threat letter over social media posts (Ars Technica) Shiva Ayyadurai's attorney, who sued Techdirt, goes after another blogger.

Three Men Jailed for Taiwan ATM Heist (Infosecurity Magazine) Three Men Jailed for Taiwan ATM Heist. Eastern Europeans part of a suspected international gang

Fugitive Arrested In $200 Million Credit Card Fraud Scam (U.S. Department of Justice) A New York man was arrested for his role in one of the largest credit card fraud schemes ever charged by the Justice Department, U.S. Attorney Paul J. Fishman announced

Venezuelan officials arrest four Bitcoin miners on charges of stealing electricity (Ars Technica) With the economy in shambles, Bitcoin miners have tried to side-step currency woes.

Dutch secret service tries to recruit Tor-admin (Buro Jansen & Jansen) Recently a Dutch man with an MSc (Master of Science) at the Delft University of Technology and admin of Tor-exit nodes was approached by two agents of the Dutch intelligence service, the AIVD. They wanted to recruit the man as an informant or undercover agent, who would also infiltrate foreign hacker communities. The person tells his story.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Cyber Protect Conference (Nottingham, England, UK, February 9, 2017) Business owners have been invited to attend Nottinghamshire's first-ever cybercrime conference to learn how to better protect their data. The Cyber Protect Conference is being jointly hosted by the county's...

The 2nd China Automotive Cyber Security Summit 2017 (Shanghai, China, February 24, 2017) CACSS2017 will Provide a platform for Automotive OEMs, Tier 1 suppliers, Automotive security solution/ technology/products developers,Automotive electronics companies, IT companies, Mobile data suppliers,...

Investing in America’s Security: Cybersecurity Issues (Jersey City, New Jersey, USA, March 10, 2017) Please join us for the 5th Annual Northeast Regional Security Education Symposium hosted by the Professional Security Studies Department at New Jersey City University. The Symposium’s keynote address will...

Upcoming Events

CyberTech (Tel Aviv, Israel, January 30 - 31, 2017) Cybertech is the most significant conference and exhibition of cyber technologies outside of the United States. Cybertech provides attendees with a unique and special opportunity to get acquainted with...

Enigma (Oakland, CA, USA, January 30 - February 1, 2017) Join a diverse mix of experts and enthusiasts from industry, academia, and government for three days of presentations and open sharing of ideas. Our focus is on current and emerging threats and defenses...

National Credit Union - Information Sharing & Analysis Organization - 2017 Tech Conference (Cape Canaveral, Florida, USA, January 31 - February 2, 2017) Join us for three days of Cyber Security topics that are pertinent to Credit Union cyber resilience, real-time security situational awareness information sharing, and coordinated response in the global...

Southern Virginia - Cyber Security Lunch & Learn (Norfolk, Virginia, USA, February 2, 2017) Cyber security experts discuss security incident response. Dealing with cyber security risk is an exercise in managing daily chaos. Organizations know they need to improve their posture but common roadblocks...

Insider Threat Program Development Training For NISPOM CC 2 (Toms River, NJ, USA, February 6 - 7, 2017) Insider Threat Defense announced it will hold a 2 day training class on Insider Threat Program Development (NISPOM Conforming Change 2) on Feb. 6-7, 2017, in Toms River, NJ. For a limited time the training...

The Risks and Benefits of Artificial Intelligence and Robotics (Cambridge, England, UK, February 6 - 7, 2017) The Risks and Benefits of Artificial Intelligence and Robotics Workshop aims to provide media and security professionals with an in-depth understanding of the implications that the rapid advancement of...

SANS Southern California - Anaheim 2017 (Anaheim, California, USA, February 6 - 11, 2017) Learn practical, relevant tips and techniques from industry leaders. Join us for SANS Southern California - Anaheim 2017, and choose from eight courses on cyber defense, penetration testing, incident response,...

Workplace Violence & Response To Active Shooter Events Meeting (Laurel, Maryland, USA, February 9, 2017) The National Insider Threat Special Interest Group (NITSIG) will be hosting a meeting on February 9, 2017, at the Johns Hopkins University Applied Physics Laboratory, Laurel, MD. The meeting will be exclusively ...

RSA Conference 2017 (San Francisco, California, USA, February 13 - 17, 2017) The current state of cybersecurity means there are many opportunities for the industry as a whole to collaborate on new innovations. Discovering the next great opportunity will require everyone to embrace...

Using STIX/TAXII to share automated cyber threat data (San Francisco, California, USA, February 15, 2017) Cybersecurity experts representing the financial sector, healthcare, utilities, software providers, government, academia and nonprofits continue to define/develop the STIX/TAXII specifications as the solid...

Insider Threat Program Development Training For NISPOM CC 2 (Simi Valley, CA, USA, February 22 - 23, 2017) Insider Threat Defense announced it will hold a 2 day training class on Insider Threat Program Development (NISPOM Conforming Change 2) on Feb. 22-23, 2017, in Simi Valley, CA. For a limited time the training...

Risky Business (London, England, UK, February 23, 2017) How are you tackling Cyber Crime in the Property Transaction? Join our panel of expert speakers at the IET in London to find out more about cyber crime in the property transaction and the steps you can...

SANS Dallas 2017 (Dallas, Texas, USA, February 27 - March 4, 2017) We are pleased to invite you to attend SANS Dallas 2017, on February 27- March 4 at The Westin Dallas Downtown, located in the heart of the city. We have selected several of our top information security...

Autonomous Vehicles Silicon Valley (Santa Clara, California, USA, February 28 - March 2, 2017) The road to autonomy: Regulation. Consumer Acceptance. Safety & Security. Explore the latest technologies and hottest issues for the autonomous vehicles industry.

The Cyber Security Summit: Denver (Denver, Colorado, USA, March 1, 2017) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts.

International Cyber Risk Management Conference (ICRMC) (Toronto, Ontario, Canada, March 2 - 3, 2017) The third annual International Cyber Risk Management Conference (ICRMC) brings together a world class roster of experts with cross-sector, global and multidisciplinary expertise to share knowledge, lessons ...

SANS San Jose 2017 (Milpitas, California, USA, March 6 - 11, 2017) Securing and defending your network has never been more important as attacks and breaches make the news daily. Gain the skills and tools you need to win the battle against the wide range of cyber adversaries...

15th annual e-Crime & Cybersecurity Congress (London, England, UK, March 7 - 8, 2017) Europe's largest and most sophisticated gathering of senior cybersecurity professionals from international business, governments, law enforcement and intelligence agencies.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.