skip navigation

More signal. Less noise.

Daily briefing.

The CyberWire announces a new service: the Week that Was.

Every Sunday evening, the CyberWire takes a look back in the Week that Was, a narrative summary of the past seven days' significant cyber security news. Designed for busy professionals who need a week-to-week perspective on developments and trends, the Week that Was provides context for the breaking stories of the day. Every issue is organized topically, with inline links to sources the reader can follow for amplified detail. Like the Daily News Briefing, the Week that Was is delivered to subscribers by email, free and spam-free. If you already subscribe to the CyberWire Daily News Briefing you'll automatically receive the Week that Was (a sixth issue joining the five you already receive each week). If you aren't a Daily News Briefing subscriber but would like to sign up for just the Week that Was, you can do so here.

ISIS claims responsibility for two atrocities—a murder and hostage standoff in Melbourne, and a double suicide bombing in Tehran. Both are being exploited online for their presumed inspirational value. The Tehran murders are not as anomalous as some would think: Shi'ite Muslims are little better than Crusaders in ISIS's Salafist demonology.

Similar intra-Muslim conflict may be playing out in current tensions between Qatar and its Arab neighbors. Those neighbors, especially Saudi Arabia, have long seen Iran as a dangerous rival in the region. CNN reports that Russian threat actors were behind the hack of Qatar's QNS with hoaxed pro-Iran and pro-Israel news that provoked the diplomatic rift. 

The Turla threat actors are back, working through a backdoored Firefox extension that checks Instagram for command-and-control. Platforms other than Instagram are also being used, but Turla shows a preference for Britney Spears Instagram emissions.

The EternalBlue exploits behind WannaCry and some other recent problems are appearing in attempts against aerospace and defense industry targets; they're reported to have been ported to Windows 10, which lends additional urgency to patching.

4iq found seventy-seven-million individuals' records exposed in a breach of Edmodo educational technology. And Kromtech researchers found an exposed US database of ten-million cars (and their owners).

Investigation of the recently charged NSA leaker continues. As far as the leaked reports themselves go, former US Homeland Security Secretary Johnson says he knows nothing of them.

A 14-year-old boy in Japan was arrested for creating and distributing ransomware. His motive? "To become famous."

Notes.

Today's issue includes events affecting Australia, Bahrain, Canada, Egypt, European Union, France, Iran, Italy, Japan, Philippines, Qatar, Russia, Saudi Arabia, Ukraine, United Arab Emirates, United Kingdom, United States, and Yemen.

In today's podcast, we hear from our partners at the Johns Hopkins University, as Joe Carrigan describes how you can crack PINs using a mobile device's accelerometer. Our guest is Eliana Schwartz, who gives us a preview of CyberTech Fairfax.

And Recorded Future's latest podcast, From Russia with Lulz, produced in partnership with the CyberWire, is still up, наши друзья. Enjoy.

Delta Risk (Webinar, June 8, 2017) Insider threats are more prevalent but not any less difficult to detect and deter. One of the best ways to address insider threats is to implement a formal insider threat program in your organization. Delta Risk experts discuss essential elements of an insider threat program, and why you need one now more than ever.

CyberTech Fairfax (Fairfax, Virginia, USA, June 13, 2017) Cybertech Fairfax: meet tech execs, start-ups, investors & legal, media & mktg pros changing the global cyber landscape. Cybertech Fairfax is a thought-provoking conference on global cyber threats, solutions, innovations and technologies.

UMBC Cybersecurity Graduate Info Session (Rockville, Maryland, USA, June 15, 2017) Learn how UMBC’s graduate programs in Cybersecurity can elevate your career at our upcoming Info Session. Led by industry experts, our programs combine hands-on technical training with unparalleled opportunity.

CyberSecurity International Symposium (Chicago, Illinois, USA, July 10 - 11, 2017) Network with leading cybersecurity professionals, innovators, CIOs and regulators who are on the front lines of securing critical business and infrastructure networks. This in-depth Symposium examines the latest technologies, best practices, and lessons learned in achieving end-to-end network security for organizations of all varieties.

Cyber Attacks, Threats, and Vulnerabilities

Attackers bomb Iran parliament and mausoleum, at least 12 dead: Iranian media (Reuters) Suicide bombers and gunmen attacked Iran's parliament and the Mausoleum of Ayatollah Khomeini in Tehran on Wednesday morning, killing at least 12 people in a twin assault at the heart of the Islamic Republic, Iranian officials and media said.

Police declare Brighton siege an act of terror as IS claims attack (NewsComAu) A suspected terrorist who killed a man and took a woman hostage in an up-market suburb of Melbourne overnight had arranged to meet her through an escort service.

130 British imams refuse to perform funerals for London, Manchester attackers (CBS News) “These vile murderers seek to divide our society and instil fear; we will ensure they fail,” Muslim Council of Britain says

Banishing the 'extremist' image - A crucial task for British-Pakistanis (Deutsche Welle) British-Pakistanis are shocked and appalled by the fact that one of the suspected London attackers is from their community. Yet they find it increasingly difficult to dissociate themselves from the radicalist tag.

Russian Hackers Control Malware via Britney Spears Instagram Posts (HackRead) A group of Russian-speaking hackers has been attacking multiple governments for years now. Not only that, but they also experimented with different methods

Slack, Telegram, Other Chat Apps Being Used as Malware Control Channels (Dark Reading) Cybercriminal are abusing third-party chat apps as command-and-control infrastructures to spread their malware.

Backdoored Firefox extension checks Instagram for C&C info (Help Net Security) Turla APT is using a backdoored Firefox extension to compromised targets' systems, and it uses Instagram comments to discover the URL of its C&C server.

Turla’s watering hole campaign: An updated Firefox extension abusing Instagram (WeLiveSecurity) The Turla espionage group is still using watering hole techniques to redirect potentially interesting victims to their C&C infrastructure.

Victim Machine has joined #general: Using Third-Party APIs as C&C Infrastructure (TrendLabs Security Intelligence Blog) Attackers have begun to abuse modern chat platforms as command-and-control infrastructures by exploiting the very trait that makes them attractive to use.

Deep dive into the Edmodo data breach (Medium) Analyzing the largest breach of children’s data exposed so far

Unprotected database exposes VINs, owner info of 10 million cars (Help Net Security) A database containing info on 10 million cars sold in the US and personal information about their owners has been found exposed online. database car VIN

Malicious Android Ads leading to drive by downloads (Cloud Security Solutions | Zscaler) Drive by downloads causing chaos

NSA’s EternalBlue Exploit Ported to Windows 10 (Threatpost) Researchers have ported the EternalBlue exploit to Windows 10, meaning that any unpatched version of Windows can be affected by the NSA attack.

Leaked NSA Exploit 'EternalBlue' Being Used in New Trojan Attacks (HackRead) A recently leaked NSA exploit that was discovered in the biggest ransomware attack (WannaCry) ever is now powering Trojan malware. The EternalBlue exploit

NSA's Leaked EternalBlue Exploit Implemented in Cyber Attacks Targeting the Aerospace and Defence Industry (Virus Guides) The notorious EternalBlue exploit was leaked from the NSA a couple of months ago. The aftermath from this revelation continues to get more severe with time

MS-17-010: EternalBlue’s Large Non-Paged Pool Overflow in SRV Driver - TrendLabs Security Intelligence Blog (TrendLabs Security Intelligence Blog) The EternalBlue exploit took the spotlight last May as it became the tie that bound the spate of malware attacks these past few weeks.

Threat Spotlight: Inside the WannaCry Attack (Cylance) Threat Guidance performs a deep-dive technical analysis of WannaCry, outlining the complete lifecycle of the malware, from installation and propagation through to the ransomware payload and auxiliary modules.

#INFOSEC17 WannaCry's Amateur Attackers Used Sophisticated Exploit (Infosecurity Magazine) The WannaCry ransomware was ‘amateur’, but using a sophisticated exploit was the reason for its success.

InfoSec 2017: a look at the family album of ransomware (Naked Security) Here’s SophosLabs’ guide to what’s been happening in the families of ransomware in the past six months

Google ads for tech support scams – would you spot one? (Naked Security) Rogue ads at the top of search results are targeting you for tech support scams – here’s what to watch out for

BA blames bank holiday IT outage technician pulling the plug (Computing) IT contractor blamed for causing BA chaos by, literally, pulling out a plug in the data centre

Curiosity Kills Security When it Comes to Phishing (Threatpost) The results of an academic experiment reveal that recipients of Facebook messages are much more likely to click on suspicious links.

Why Phishing Season Lasts All Year for Top US Retailers (Dark Reading) No major brand is immune from cyber squatters; the more popular the company, the more look-alike domains phishers register as bait. Here are some techniques to watch out for.

This Russian Vending Machine Will Sell You Fake Instagram Likes (Motherboard) 100 likes will cost you just $.89.

Security Patches, Mitigations, and Software Updates

IBM Backup Bug Gets Workaround Fix After Nine Months of Exposure (Threatpost) IBM quietly released a workaround fix for a vulnerability in its Spectrum Protect enterprise backup software it has known about since September 2016.

Google Fixes 30 Vulnerabilities, Five High Severity, in Chrome 59 (Threatpost) Google fixed 30 vulnerabilities, including five high severity issues, in the latest version of Chrome, Chrome 59, on Monday.

Two cheers for Google’s native Chrome ad-blocker (Naked Security) With more and more of us resorting to blocking the ads that turn websites into the digital equivalent of Piccadilly Circus’s neon landscape, we look at what Google’s move to control adv…

Cyber Trends

Election Security in an Information Age: How the Events of 2016 May Shape the Future of Democratic Elections (Anomali) Over the last two years, there have been an increasing number of information security attacks on political organizations, government institutions, and political operatives.

Most organizations believe their mainframe is more secure than other systems (Help Net Security) Is your mainframe secure? Most global CIOs believe it's more secure then other systems, but 84 percent say insider threats are a blind spot.

Marketplace

Cybersecurity labor crunch to hit 3.5 million unfilled jobs by 2021 (CSO Online) The cyber crime epidemic is expected to triple the number of open cybersecurity positions to 3.5 million over the next five years.

SpaceX will launch the US Air Force’s top secret X-37B spaceplane in August (TechCrunch) SpaceX has secured a contract to launch the uncrewed X-37B spaceplane, a secret military spacecraft created by the U.S. Air Force that's kind of like a..

Wiretap Closes $4.9M Series A Equity Investment Led by Draper Triangle, Ohio Innovation Fund, Rev1 Ventures, Jumpstart (Marketwired) Columbus-based high-growth startup secures Enterprise Social Networks and accelerates collaboration productivity; proceeds to fuel go-to-market sales, marketing and R&D

EY buys cyber-attack specialist to help protect Asia-Pacific clients (South China Morning Post) Move comes in the wake of the recent ‘WannaCry’ attack which affected 200,000 computers in 30,000 organisations across 120 countries

Planning for electronic warfare: Army looks for latest tech (C4ISRNET) The Army is interested in market research for its EW planning tool.

Thales Joins Linux Foundation’s Core Infrastructure Initiative (Thales e-Security News Release) New Gold Member partners with CII to improve Internet security and fortify open source infrastructure

IT Security Industry Veteran David M. Gordon Joins STIGroup, Ltd. As President (PRWeb) Seasoned business leader chartered to grow market share, expand strategic partnerships and lead go-to-market strategy

Products, Services, and Solutions

Digital Defense, Inc. Named Best Buy in Vulnerability Management Comparison from SC Magazine Labs (PRWeb) Frontline Vulnerability Manager™ given top ranking

NSS Labs Announces 2017 Next Generation Firewall Group Test Results (NSS Labs) Security efficacy for leading NGFW products impacted by evolving threat landscape. 7 Products Receive Recommended Rating – 4 Receive Caution Rating.

AlienVault Expands USM Anywhere Partner Ecosystem with New AlienApps for Palo Alto Networks, ServiceNow & Carbon Black (Marketwired) Highly extensible architecture expands the capabilities of its all-in-one cloud monitoring solution

SentinelOne Joins Fortinet Fabric-Ready Program to Integrate Advanced Endpoint Protection with the Fortinet Security Fabric (GlobeNewswire News Room) Fortinet and SentinelOne Deliver a Joint Security Solution to Address Today’s Most Advanced Persistent Threats

High-Tech Bridge Reinforces ImmuniWeb with Interactive Application Security Testing Technology (BusinessWire) High-Tech Bridge reinforces its machine-learning DAST and SAST technologies with an IAST offering, and adds integration with HP ALM and Splunk to faci

High-Tech Bridge and DenyAll partner to defend web applications and services (Help Net Security) A new High-Tech Bridge DenyAll partnership enables joint customers to export vulnerability data from ImmuniWeb Portal and import it to DenyAll WAF.

William Woods University Resolves User Issues in 15 Minutes and Limits Damage from Ransomware (Netwrix) The university replaces time-consuming manual processes to increase the IT team’s productivity and strengthen data security

Generali Global Assistance Launches Identity Protection Platform in Canada - Generali (Generali) Generali Global Assistance (“the Company”), a leader in the assistance industry since its founding in 1963 and part of the global Generali Group, today announced that its innovative and proprietary identity protection platform is now available for the Canadian marketplace. Generali Global Assistance has protected the assets of organizations and  …

Manage and secure access from Mac computers (IS Decisions) UserLock 9.5 now supports both Windows and Mac users.

Balbix Launches AI-Enabled Predictive Breach-Risk Platform (eSecurity Planet) The startup, headed by the former CEO of Bromium, takes the wraps off its AI-enabled risk-detection tech.

Endace Launches New Network Recorder to Help Financial Traders with Regulatory Compliance (IT Business Net) The EndaceProbe 4100-TR provides rich timing information, high-speed network recording, and built in investigation tools to help Financial Traders comply with MiFID-II and other trading regulations

Technologies, Techniques, and Standards

Unleash the Kraken! 6 Things Your CISO is Thinking but Can’t Say Aloud (Bricata Blog) There are a lot of things your CISO is thinking but they can’t say out loud, according to a session at the 2017 RSA Conference. Here are few that stood out for us.

Network anomaly detection can provide a false sense of security (Control Global) ICS cyber security is still too ”IT-focused”. That is, currently ICS cyber security is all about the network.

How computer security pros hack the hackers (CSO Online) If you want to meet a really smart hacker, talk to a cybersecurity defender. These talented professionals are working every day to make cybercrime harder and less lucrative.

Get the Most Value from your Spam (Infosecurity Magazine) A lot of information can be gathered from spam to influence mitigation research.

Malware and XOR - Part 2 (SANS Internet Storm Center) In part 1, I gave some examples to recover XOR keys from encoded executables if we knew some of the content of the unencoded file (known plaintext attack). In this part, I give some examples to automate this process using my xor-kpa tool

Using Threat Intelligence to Defend Against 0day Vulnerabilities (ThreatQuotient) As a security professional, I am always amused by the reaction to 0day announcements. On one hand, there is always a strong interest in technically understanding the vulnerability and how it is exploited.

How to stay secure while staying connected on vacation (Help Net Security) The wide availability of Wi-Fi networks can make it difficult to unplug and disconnect on vacation. secure Wi-Fi vacation

Design and Innovation

Crowdsourcing application security closes the automated assessment gap (CSO Online) Crowdsourced pen tests aren't for everyone, but for one SaaS provider they help identify software flaws that automated tools may miss.

Wikipedians Want to Put Wikipedia on the Dark Web (Motherboard) They're concerned about more than just surveillance.

Research and Development

Intel officials pin high hopes on automation, artificial intelligence (C4ISRNET) Intelligence officials want to get ahead of the enemy — and the technology curve — through automation.

Legislation, Policy, and Regulation

Chinese Firms Help Government Monitor Citizens with Big Data (VOA) China is profiling its citizens on good and bad behavior to enhance political control

Australia will launch a review of its spy law and foreign interference in response to growing Chinese influence (Business Insider) "The threat of political interference by foreign intelligence services is a problem of the highest order and it is getting worse," the attorney general said.

CNN Exclusive: US suspects Russian hackers planted fake news behind Qatar crisis (CNN) US investigators believe Russian hackers breached Qatar's state news agency and planted a fake news report that contributed to a crisis among the US' closest Gulf allies, according to US officials briefed on the investigation.

How do you know if the leaks are real? (Panda Security Mediacenter) Do you think mainstream media knows how to verify leaks accurately?

Vladimir Putin and the Little Green Men of the Internet (Defense One) The future of Kremlin-backed information operations against Western governments looks a lot like Russia's deceptive campaign against Crimea in 2014.

Saudi Arabia vs. Qatar vs. Iran (Deutsche Welle) The Gulf States are turning away from Qatar over its alleged support of terrorism. But is the move really about the fight against terrorism, or does it have to do with something else that is upsetting Saudi Arabia?

Trump tweets put ‘nerve center’ of ISIS war in the middle of Qatar dispute (Military Times) The comments from the president immediately raised the stakes for a major U.S. hub in the region at Al-Udeid, which serves as the "nerve center" for the U.S. air war in Iraq and Syria, and which bases 10,000 American troops.

Trump takes sides in Arab rift, suggests support for isolation of Qatar (Reuters) U.S. President Donald Trump took sides in a deep rift in the Arab world on Tuesday, praising Middle East countries' actions against American ally Qatar over Islamist militants even though the tiny Gulf state hosts the largest U.S. air base in the region.

Trump takes credit for Gulf countries cutting diplomatic ties with Qatar (Washington Examiner) During his May 21 speech in Saudi Arabia, Trump called Qatar a 'crucial strategic partner.'

Will Qatar’s Diplomatic Exile Spark the Next Great War? (Foreign Policy) The Sunni Gulf powers have long been spoiling for a fight with Iran. This could be just the excuse they need.

Trump is assembling all the pieces he needs to go after Iran (Business Insider) Trump's national-security team, Pentagon leadership, and intelligence service could either check a drive for war or facilitate it.

Worried About Election Hacking? There’s a Fix for That (The Nation) A tech-savvy measure introduced by members of the Congressional Progressive Caucus would protect against cyber meddling.

Trump to nominate ex-Justice Department official to lead FBI (FederalNewsRadio.com) President Donald Trump says he'll nominate a former Justice Department official as FBI director.

GDPR four per cent fine won't be 'loaded shotgun fired off left, right and centre' predicts Hounslow Council information manager (Computing) ICO will seek to educate rather than fine, says Matthew Kay

USPTO Director Michelle Lee has resigned without warning (Ars Technica) The future is unclear with Lee, a favored candidate of tech companies, moving on.

Litigation, Investigation, and Law Enforcement

Ex-DHS chief: ‘I know of no such evidence’ Russia altered vote counts (TheHill) "We saw no actual altering of voter counts," Jeh Johnson said.

5 Unanswered Questions Raised By The Leaked NSA Hacking Report (WMOT) America's sprawling elections infrastructure has been called "a hairball" — but as people in Silicon Valley might ask, is that a feature or

Here’s what we know about the alleged NSA leaker’s military record (Air Force Times) The 25-year-old Air Force veteran allegedly sent classified information to a news outlet.

How did accused NSA leaker Reality Winner get security clearance? (NBC News) There are thousands of young people doing high-level security work around the globe, say experts, and a new breed of leakers who aren't motivated by money.

How The Intercept might have helped unmasked Reality Winner to the NSA (Graham Cluley) Following the trail of digital dots…

How a few yellow dots burned the Intercept’s NSA leaker (Ars Technica) By providing copy of leak, Intercept likely accelerated ID of contractor.

Snowden: Prosecuting NSA Leaker Reality Winner Is a 'Fundamental Threat to the Free Press' (Motherboard) "To hold a citizen incommunicado and indefinitely while awaiting trial for the alleged crime of serving as a journalistic source should outrage us all."

NSA Leaker: ‘Being White Is Terrorism’ (The Daily Caller) The woman charged by the Department of Justice with stealing "Top Secret" information from the National Security Agency apparently believes being white is a form of terrorism. That's according to a

NSA Leaks Contradict What Obama Promised The Public About Russia’s Election Meddling (The Daily Caller) Leaked NSA documents revealing that Russia engaged in election-related hacking efforts just days before the election directly contradict what former President Barack Obama told the American public.

#Infosec17: Paxman Talks Trust at Infosecurity Europe (Infosecurity Magazine) Veteran broadcaster claims Russian election hacking allegations fall down on attribution

MI5 was warned attacker Youssef Zaghba ‘wanted to be a terrorist’ (Times (London)) MI5 ignored a warning from Italian police that the youngest of the London Bridge attackers “wanted to be a terrorist” and had Islamic State material on his phone, it was claimed yesterday. Youssef...

Third terrorist Youssef Zaghba made last call to mother in Italy before attack (Times (London)) Youssef Zaghba called his mother last Thursday to say goodbye. Just over 48 hours later, along with two other Islamic militants, he killed seven people at London Bridge in the latest terrorist...

Terror and the Teddy Bear Society (Wall Street Journal) Even the arrests after each attack give comfort to the enemy, which can act with impunity even if known.

Notre Dame: Attacker shouted that he was a soldier of Isil as he attempted to strike police officer with hammer (The Telegraph) French police shot a man outside Notre-Dame cathedral in Paris on Tuesday after he tried to attack them with a hammer and shouted "This is for Syria" in a terror incident just two days after the London attacks.

Duterte left flailing as Islamists carve out ‘caliphate’ in the Philippines (TImes (London)) Among the narrow lanes, abandoned schools and shuttered shops of Marawi, invisible men who move like ghosts are pinning down an army. One of them was at large yesterday afternoon — an Islamist...

Flynn turns over documents to panel probing Russia, Trump (Military Times) Former National Security Adviser Michael Flynn turned over about 600 pages of documents Tuesday to the Senate intelligence committee as part of its investigation into Russia's meddling in the 2016 presidential election, according to a congressional aide.

James Comey sued by intelligence contractor Dennis Montgomery over spying on Americans (Circa) A former U.S. intelligence contractor tells Circa he walked away with more than 600 million classified documents on 47 hard drives from the National Security Agency and the CIA, a haul potentially larger than Edward Snowden's now infamous breach.

Trump’s Twitter Blocking May Violate First Amendment (WIRED) The Knight First Amendment Institute has sent a letter to President Trump, arguing that blocking Americans on Twitter violates their First Amendment rights.

Twitter users threaten legal action if Trump doesn’t unblock them (Ars Technica) Mayors can’t eject city hall critics, so Trump can’t block Twitter critics, either.

Can you commit manslaughter by sending texts? We’re about to find out (Ars Technica) "All you have to do is turn on the generator and you will be free and happy."

Kaspersky pushes for new anti-trust investigation into Microsoft over security software practices (Computing) Microsoft is abusing dominant position to favour Windows Defender over other IT security products, claims Kaspersky

14-year-old Japanese Student Caught for Creating Ransomware (HackRead) The cyber criminal community is quite active is developing nasty ransomware to infect unsuspecting users and demand a large amount of money in return. But

Pursuing Cyber-Criminals with Cyber-Tracing (Infosecurity Magazine) Once a cyber-attack or incident is contained, a potential next step is to seek recourse against the wrongdoer.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

AFA CyberCamp (Pittsburgh, Pennsylvania, USA, July 24 - 28, 2017) The AFA CyberCamp program is designed to excite students new to cybersecurity about STEM career opportunities and teach them important cyber defense skills through hands-on instruction and activities.

Cyber Security, Oil, Gas & Power 2017 (London, England, UK, November 29 - 30, 2017) ACI’s Cyber Security - Oil, Gas, Power Conference will bring together key stakeholders from energy majors and technology industries, to discuss the challenges and opportunities found in the current systems.

Upcoming Events

4th Annual Cybersecurity Summit (Arlington, Virginia, USA, June 7, 2017) Federal agencies are facing ever more sophisticated adversaries and threats that place our privacy, our economy, and our nation at risk. Cybersecurity is a dynamic and crosscutting field that is ever changing The 4th Annual Cybersecurity Summit is a place for important discussions about the challenges with cyber-security and is also a significant benefit both for the AFFIRM scholarship program, which helps students focused on IT skills... and is the largest support for USCC's summer camp program, which focuses on cybersecurity.

Cyber 8.0 Conference (Columbia, Maryland, USA, June 7, 2017) Join the Howard County Chamber of Commerce for their 8th annual cyber conference, where they will explore innovation, funding, and growth. Participants can expect riveting discussions from cyber innovators...

2017 ICIT Forum: Rise of The Machines (Washington, DC, USA, June 7, 2017) The 2017 ICIT Forum brings together over 300 cybersecurity executives from across critical infrastructure sectors to receive the latest ICIT research from our experts, share knowledge, develop strategies...

SecureWorld Chicago (Rosemont, Illinois, USA, June 7, 2017) Join your fellow security professionals for high-quality, affordable training and education. Attend featured keynotes, panel discussions, and breakout sessions—all while networking with local peers. Earn...

NYS Cyber Security Conference (Albany, New York, USA, June 7 - 8, 2017) June 2017 marks the 20th Annual New York State Cyber Security Conference and 12th Annual Symposium on Information Assurance (ASIA) and we invite you to join us for this nationally recognized event. Technology's...

RSAC Unplugged (London, England, UK, June 8, 2017) Informal, up close and personal, intimate…that’s RSAC Unplugged. Ignore the background noise and focus on what’s important in information security right now as part of a one-day program focused on excellent...

Insider Threat Program Development / Management Training For NITP-NISPOM CC 2 (Huntsville, Alabama, USA, June 8 - 9, 2017) Insider Threat Defense announced it will hold a 2 day training class on Insider Threat Program (ITP) Development / Insider Threat Risk Management (National Insider Threat Policy (NITP), NISPOM Conforming...

BSides Pittsburgh 2017 (Pittsburgh, Pennsylvania, USA, June 9, 2017) BSides Pittsburgh is part of a global series of community-driven conferences presenting a wide range of information security topics from technical topics, such as dissecting network protocols, to policy...

29th Annual FIRST Conference (San Juan, Puerto Rico, USA, June 11 - 16, 2017) FIRST is an international confederation of trusted computer incident response teams who cooperatively handle computer security incidents and promote incident prevention programs.

21st Colloquium, Cyber Security Education Innovation for the 21st Century (Las Vegas, Nevada, USA, June 12 - 14, 2017) The Colloquium for Information Systems Security Education (CISSE) provides a forum for dialogue among academia, industry and government. Protection of the information and infrastructure used to create,...

ETSI Security Week 2017 (Sophia Antipolis, France, June 12 - 16, 2017) This year's event will address key cybersecurity standardization challenges in the short, medium and longer term. The event will look at the different aspects of cybersecurity underpinning our digital...

Cyber Tech Fairfax (McLean, Virginia, USA, June 13, 2017) Cybertech Fairfax will provide attendees with a unique opportunity to learn about the latest innovations and solutions from the cyber community. It will serve as an incredible B2B platform with a strong...

Cyber Tech Fairfax (McLean, Virginia, USA, June 13, 2017) A thought-provoking conference and exhibition on global cyber threats, solutions, innovations and technologies. At Cybertech Fairfax, high-profile speakers and panelists will focus on the global cyber...

LegalSec Summit 2017 (Arlington, Virginia, USA, June 13 - 14, 2017) Whatever your role in security, there’s something here for you! Hear from experts who will share their experiences related to information security, and develop takeaways to use in your organization. The...

AFCEA Defensive Cyber Operations Symposium (Baltimore, Maryland, USA, June 13 - 15, 2017) Cyber operations are a challenging mission for the U.S. Defense Department and government community that builds, operates and defends networks. Cyber leaders and warriors must continually evolve to adapt...

Global Cybersecurity Summit 2017 (Kiev, Ukraine, June 14 - 15, 2017) During the two-day summit, participants will be exposed to cybersecurity best practices, cutting-edge advancements, and emerging innovations in defensive security across a series of categories, including...

Information Assurance Symposium (Baltimore, Maryland, USA, June 19 - 21, 2017) The Information Assurance Symposium is the premier IA event at which leaders and practitioners share vital information and provide direction and best practices to meet today's challenges in IA and the...

Norwich University Cyber Security Summit (Northfield, Vermont, USA, June 19 - 21, 2017) Norwich University’s College of Graduate and Continuing Studies (CGCS) is pleased to announce the first annual Cyber Security Summit in June 2017. The summit, presented in a continuing education format,...

Hack in Paris (Paris, France, June 19 - 23, 2017) Hack In Paris brings together major professional IT security and technical hacking experts to attend training and talks exclusively in English. Intrusion attempts grow more frequent and sophisticated,...

SANS Minneapolis 2017 (Minneapolis, Minnesota, USA, June 19 - 24, 2017) Get relevant, practical cybersecurity training at SANS Minneapolis 2017 (June 19-24). This event features the information needed to build crucial skills in protecting your organization from the latest...

Naval Future Force Science and Technology Expo (Washington, DC, USA, June 20 - 23, 2017) The Office of Naval Research’s (ONR) biennial 2017 Naval Future Force Science and Technology (S&T) EXPO will take place July 20-21, 2017. The Expo is the premier S&T event for the Navy and Marine Corps...

Borderless Cyber USA (New York, New York, USA, June 21 - 22, 2017) Borderless Cyber is an international, executive-level conference series that began in 2015. It’s designed to bring together the private sector and policy makers to evaluate, debate, and collaborate on...

Global Insider Threat Summit (London, England, UK, June 22, 2017) Companies are spending millions on cybersecurity, but breaches are still on the rise. Multinational enterprises, small businesses, healthcare organizations, and even national governments are all feeling...

Chertoff Group Security Series: Security in the Boardroom (East Palo Alto, California, USA, June 22, 2017) The Chertoff Group Security Series will aim to enhance and add to the Security in the Boardroom conversation by applying our insights into technology, threat, and policy to help executives respond to the...

Cyber Week (Tel Aviv, Israel, June 25 - 29, 2017) Bringing together international cybersecurity experts and enthusiasts, Cyber Week provides the opportunity to gain insight into the latest global developments in cybersecurity. The conference welcomes...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.