skip navigation

More signal. Less noise.

Daily briefing.

A new service from the CyberWire: the Week that Was

Every Sunday evening, the CyberWire will take a look back at the Week that Was, delivering a narrative summary of the past seven days' significant cyber security news. Designed for busy professionals who need a week-to-week perspective on developments and trends, the Week that Was provides context for the breaking stories of the day. Every issue is organized topically, with inline links to sources the reader can follow for amplified detail. Like the Daily News Briefing, the Week that Was is delivered to subscribers by email, free and spam-free. If you already subscribe to the CyberWire Daily News Briefing you'll automatically receive the Week that Was (a sixth issue joining the five you already receive each week). If you aren't a Daily News Briefing subscriber but would like to sign up for just the Week that Was, you can do so here.

Former FBI Director Comey's testimony yesterday before the US Senate Intelligence Committee has proved something of a Rorschach test for media observers. As WIRED's headline writers put it, "James Comey said exactly what you wanted him to say." 

His testimony about Russian influence operations in the last US election season, however, was unambiguous: "There was a massive effort to target government and near-governmental agencies, like non-profits," he said. The FBI became aware of the campaign in 2015. Comey described the operation as long-standing Russian practice, and said "they'll be back."

The FBI thinks they've already been back, in Qatar, with a disinformation campaign mounted through hacked Qatar News Agency feeds that's successfully disrupted intra-alliance relations within the Gulf Coordination Council. Doha-based Al Jazeera also reports a sustained attack, this one a distributed denial-of-service operation, possibly using repurposed Mirai botnets.

Mirai itself no longer holds first place in the IP-camera botnet-sweeps. The leader is now Persirai.

More problems arise within the Android ecosystem to trouble enterprise users. Zscaler reports a malicious Android package representing itself as a "cleaning" app from Google, "Ks cleaner." It secures admin rights on infected devices and uses them to display ads, download other apps, etc. And Kaspersky has found rooting malware "DVmap" hiding behind a simple puzzle game, "colourblock." Google has ejected this one from the PlayStore.

Various security companies report seeing new malware, "Zusy," in spam campaigns. Its payload is delivered in malicious PowerPoint file that infects users who mouse over links in the presentation.

Notes.

Today's issue includes events affecting Australia, Bahrain, Egypt, European Union, Iran, Libya, Qatar, Russia, Syria, Thailand, United Arab Emirates, United Kingdom, United States, and Yemen.

In today's podcast we hear from our partners at the University of Maryland's Center for Health and Homeland Security, as Ben Yelin discusses Florida's new money laundering legislation targeting Bitcoin. Our guest, Will Ackerly from Virtru, talks about California law, the GDPR, and the right to be forgotten online.

CyberTech Fairfax (Fairfax, Virginia, USA, June 13, 2017) Cybertech Fairfax: meet tech execs, start-ups, investors & legal, media & mktg pros changing the global cyber landscape. Cybertech Fairfax is a thought-provoking conference on global cyber threats, solutions, innovations and technologies.

UMBC Cybersecurity Graduate Program Open House (Catonsville, Maryland, USA, June 21, 2017) Whether you’re changing careers or want to move into management, UMBC’s Cybersecurity graduate programs can get you where you want to be. Join us to learn how on 6/21.

CyberSecurity International Symposium (Chicago, Illinois, USA, July 10 - 11, 2017) Network with leading cybersecurity professionals, innovators, CIOs and regulators who are on the front lines of securing critical business and infrastructure networks. This in-depth Symposium examines the latest technologies, best practices, and lessons learned in achieving end-to-end network security for organizations of all varieties.

Cyber Attacks, Threats, and Vulnerabilities

Comey: Russians Targeted ‘Hundreds’ of Entities in Election Hacking (Motherboard) Former FBI director James Comey's testimony is a solid reminder that the Russian hacking campaign went far beyond the Democratic National Committee and John Podesta.

Everything We Know About Russia's Election-Hacking Playbook (WIRED) Just when the cybersecurity world thinks it's found the limits of how far Russian hackers will go to meddle in foreign elections, a new clue emerges that suggests another line has been crossed.

Online Voting Is a Terrible Idea (Motherboard) An ode to pen and paper.

Russian hackers to blame for sparking Qatar crisis, FBI inquiry finds (the Guardian) Gulf state isolated by neighbours after freelance hacking operation planted fake news to discredit emir over his Islamist links

Al Jazeera Media Network Battling Cyber Attack (Fortune) The hacking attempts are "systematic and continual," the network said.

Al-Jazeera claims to be victim of cyber attack as Qatar crisis continues (Ars Technica) Broadcaster targeted after hackers planted “fake news” on Qatar’s state news service.

Al Jazeera Media Network Hit by Massive Hack (Foreign Policy) Is this the latest in a series of unfortunate events in Gulf state relations?

Motorola Moto G4, G5 Vulnerable to Local Root Shell Attacks (Threatpost) Moto G4 and Moto G5 model Motorola phones are vulnerable to kernel command line injection vulnerabilities.

Android Malware with Code Injecting Capability Found on Google Play Store (HackRead) Google Play Store has been found harboring another malware and this one has the ability to disable the security settings on Android devices.

Malicious Android app installs 'impossible to remove' adware (HackRead) The IT Security researchers have discovered a new malware that is essentially an Android Package or APK masked as a cleaner app called Ks cleaner and trick

Malicious Android Applications Raise Concerns for Enterprises (Recorded Future) Malicious software targeting Android applications is far too common, raising the insider threat concern for enterprises.

Sneaky hackers use Intel management tools to bypass Windows firewall (Ars Technica) Serial ports don’t have firewalls.

Malware Uses Obscure Intel CPU Feature to Steal Data and Avoid Firewalls (BleepingComputer) Microsoft's security team has come across a malware family that uses Intel's Active Management Technology (AMT) Serial-over-LAN (SOL) interface as a file transfer tool.

Authentication Bypass, Potential Backdoors Plague Old WiMAX Routers (Threatpost) WiMAX routers manufactured by several companies, including Huawei and ZyXEL, are vulnerable to an authentication bypass and potential backdoors.

Linux Malware Mines for Cryptocurrency Using Raspberry Pi Devices (BleepingComputer) A Linux trojan detected under the generic name of Linux.MulDrop.14 is infecting Raspberry Pi devices with the purpose of mining cryptocurrency.

Boatload of Security Flaws Make Fosscam IP Cameras Absolutely Useless (BleepingComputer) IP cameras manufactured by Chinese vendor Fosscam are riddled with security flaws that allow an attacker to take over the device and penetrate your network.

Move Over, Mirai: Persirai Now the Top IP Camera Botnet (Dark Reading) Mirai's success has spawned a flurry of similar IoT malware.

The Reigning King of IP Camera Botnets and its Challengers (TrendLabs Security Intelligence Blog) Early this month we discussed a new Internet of Things (IoT) botnet called Persirai (detected by Trend Micro as ELF_PERSIRAI.A), which targets over 1000 Internet Protocol (IP) camera models.

Bitcoin, Litecoin Exchange BTC-E Suffers Massive DDoS Attacks (HackRead) After Internet of Things (IoT) devices, the favorite target of cyber criminals is cryptocurrency exchanges. In the latest, the popular Bitcoin and Litecoin

New PowerPoint malware delivery technique tested by spammers (Help Net Security) A spam run detected by several security companies has attempted to deliver malware through an innovative technique: a link in a PowerPoint slideshow.

Zusy Malware Spreading via PPTs, No Clicking Required (Infosecurity Magazine) The malware that executes when the user “mouses over” a link—no clicking or macros required.

Mouse hovering malware delivery scheme spotted, called potentially very dangerous (SC Media US) Cybercriminals have started using a new technique to infect computers that only requires the victim place their cursor over a malicious hyperlink for the malware to be injected.

Cyber Threats 101: Fileless Attacks (The Stealthiest of All) (Infosecurity Magazine) Malicious scripts that hijack legitimate software, without installing themselves on the hard drive at all.

I admit it, I'm a cyber security professional and I fell for a phishing email (CRN Australia) [Comment] Don't call me an idiot: misplaced arrogance is the biggest problem in today's cyber security world.

TheDarkOverlord Targets Entertainment Sector with Leak of Unaired ABC Show (SurfWatch Labs, Inc.) On Monday, the extortion group known as TheDarkOverlord released the first eight episodes of ABC’s soon-to-be-aired television show “Steve Harvey’s Funderdome” on the torren…

Cyberpunk 2077 developers blackmailed after hackers steal plans... (HOTforSecurity) Are you such a video game fanatic that you simply can't wait to get your paws on sneak previews of upcoming hit titles? If so, your fervour may be fuelling the criminal activities of an unnamed group of who have targeted a developer of highly popular video...

'Witcher' Developer Says Hackers Have Compromised Its Next Big Game (Motherboard) Life imitates art.

Security Patches, Mitigations, and Software Updates

June’s Android Security Bulletin Address Critical Vulnerabilities in Media Framework and Qualcomm Components (TrendLabs Security Intelligence Blog) Google recently released their June security bulletin for Android, which addresses critical vulnerabilities found in Media framework, as well as various critical vulnerabilities that are based on Qualcomm components.

Google Removes Rooting Trojan Dvmap From Play Store (Threatpost) Google removed a rooting an Android Trojan called Dvmap from Google Play that injects malicious code into an infected device’s system library.

VMware Patches Critical Vulnerabilities in vSphere Data Protection (Threatpost) VMware fixed two critical vulnerabilities in its vSphere Data Protection solution this week that could have allowed an attacker to execute commands on the appliance, among other outcomes.

Cisco Patches Critical Flaws in Prime Data Center Network Manager (Threatpost) Cisco patched two critical flaws in its Prime Data Center Network Manager, including one that could be exploited remotely and allow an attacker root access.

Cyber Trends

Exclusive: New SEC enforcement chiefs see cyber crime as biggest market threat (Reuters) Hackers are increasingly breaking into brokerage accounts to steal assets or make illegal trades, prompting U.S. securities regulators to start tracking cyber crimes more closely, two newly appointed enforcement officials said in an interview on Thursday.

Q1 Midmarket Threat Summary Report (eSentire) The Q1 Midmarket Threat Summary Report provides a quarterly snapshot of threat events investigated by the eSentire Security Operations Center (SOC).

GDPR a “huge business opportunity, not a compliance thing.” (Infosecurity Magazine) GDPR a “huge business opportunity, not a compliance thing.”

Global Cybersecurity Workforce Shortage to Reach 1.8 Million as Threats Loom Larger and Stakes Rise Higher ((ISC)²) Report calls for employers to look for new recruitment channels and consider workers with more diverse skillsets and non-technical backgrounds to attract and retain cybersecurity talent

Snyk - XSS Attacks: The Next Wave (Snyk) It’s been over 10 years since Cross Site Scripting (XSS) became big news, awareness has grown and defenses have become much more sophisticated. But, as we show in this post, recent data indicates XSS attacks are only increasing.

Thousands of Organizations Run the Majority of their Computers on Outdated Operating Systems, Nearly Tripling Chances of a Data Breach (PRNewswire) BitSight, the Standard in Security Ratings, today released a new...

Attack rates are increasing across the board (Help Net Security) Vectra looked at the prevalence of strategic phases of the attack lifecycle across 13 industries, and found finance and technology to be the most resilient.

Don’t like Mondays? Neither do attackers (CSO Online) You can reduce potential damage by paying attention to when attackers are most likely to strike.

Email-borne threats: Watch your inbox closely on Thursdays (Help Net Security) Malicious email attachment message volume spikes more than 38% on Thursdays over the average weekday volume, Proofpoint has discovered.

Marketplace

Cyber security can make or break mergers: study (iTWire) Cyber security concerns rank high on the list when corporates and private equity firms consider mergers and acquisitions of software companies, accord...

Yahoo $4.5 billion sale to Verizon to close Tuesday, golden parachutes approved (Mercury News) Yahoo shareholders also approve $23 million golden parachute for CEO Marissa Meyer.

With path cleared to close Yahoo deal, Verizon prepares the pink slip printer (Ars Technica) Deal to close June 13, as Yahoo stockholders approve endgame.

Microsoft confirms acquisition of security automation firm Hexadite (CRN Australia) May estimates valued the deal at US$100 million.

Cloud security firm Illumio raises $125m to expand 'adaptive segmentation' platform (ZDNet) The Sunnyvale, California-based company has raised $267 million in total from investors such as JPMorgan, Andreessen Horowitz, and Accel Partners.

Blockchain technology and cryptography provider Stratumn raises €7m (CryptoNinjas) Stratumn, a provider of network solutions securing processes between enterprises and their stakeholders through blockchain technology and ad...

Better Buy: FireEye Inc. vs. Check Point Software (The Motley Fool) It’s been a profitable year for shareholders of both data security firms, though for different reasons.

Symantec's CEO Says the Company's Got Its Groove Back (Fortune) Never mind what competitors might say.

Symantec and the changing of the guard in cybersecurity (CIO Dive) Traditional vendors can't always keep up with the malicious actors plaguing enterprise systems. What does that mean for established security companies?

Leidos and Cray Inc. Announce Strategic Alliance to Offer Multi-Level Security Solutions (EconoTimes) Leidos (NYSE:LDOS) a global science and technology solutions leader, and global supercomputer leader Cray Inc. (Nasdaq:CRAY) today announced the companies have signed a...

Webroot and ConnectWise Expand Partnership to Help Customers Reduce Web Browsing Risks (PRNewswire) Webroot, the market leader in endpoint security, network security,...

Webroot Announces Thirteenth Consecutive Quarter of Double-Digit Business Growth (PRNewswire) Webroot, the market leader in endpoint security, network security,...

Raytheon Lands $600M Army Software Sustainment Contract; Dave Wajsgras Comments (GovCon Wire) Raytheon (NYSE: RTN) has received a potential $600 million contract to provide software sustainment

We plan more acquisitions in tech, digital, cyber space: EY (DealStreetAsia) The 'big four' are evolving into technology consultancies as indicated by EY's acquisition of Melbourne-based Open Windows Australia

Ernst & Young denies that major redundancies in IT consulting are planned (Computing) A consultation is underway, admits E&Y, but nothing of the scale reported

​Cyber Security Growth Network wants the world to buy Australian (ZDNet) The Cyber Security Growth Network's CEO wants to make it easier for Australian cyber firms to enter international markets without having to relocate.

Trustwave Announces Expansion in Chicago (Lawndale News) Mayor Rahm Emanuel joined Trustwave to open the company’s new and expanded headquarters in downtown Chicago.

Products, Services, and Solutions

New infosec products of the week​: June 9, 2017 (Help Net Security) Absolute expands its self-healing endpoint security and compliance solutions for Android devices Absolute expands its support for Android to provide uncomp

ARC, SANS to collaborate on cybersecurity workforce education (Plant Services) The two organizations will work together to support cybersecurity workforce education and development for industry, energy, utilities, government, academia, and infrastructure

Oxygen Forensic Detective 9.4 Goes all in for Android Device Capabilities (PRNewswire) Oxygen Forensics, a worldwide developer and provider of advanced forensic data examination tools for mobile devices and cloud services, is going all in on Android devices by adding Samsung cloud extraction capabilities for its flagship product, Oxygen Forensic Detective 9.4, and through a partnership with Passware, Inc. to overcome data encryption on Android devices.

Keeping Threat Intelligence Ahead Of The Bad Guys (Forbes) Over the course of my recent series on establishing a cybersecurity portfolio, I’ve recommended five steps for businesses to engage in as they determine the security investments that are right for them: 1) Determine Needs; 2) Allocate Spending According to Risk; 3) Design Your Portfolio; 4) Choose the Right Products; and 5) Rebalance as Needed.

Juniper Security Platform Now Supports Cisco Switches (SDxCentral) Juniper Networks updated its network security platform, which now supports Cisco switches and integrates with Microsoft Azure and VMware NSX.

High-Tech Bridge ImmuniWeb named Best Emerging Technology (Help Net Security) Web and mobile application security testing services provider High-Tech Bridge has won the “Best Emerging Technology” category at the SC Awards Europe 2017.

Comodo AEP Eschews Tradition to Bring a New Level of Protection to the Enterprise (eSecurity Planet) Comodo’s Advanced Endpoint Protection (AEP) brings AI-powered analysis and a default-deny containment approach to the enterprise.

Frost & Sullivan Applauds the Unparalleled Accuracy of Deep Instinct's Deep Learning-Based Endpoint and Mobile Security Solution (PRNewswire) Based on its recent analysis of the endpoint and mobile security market for...

Centrify Fortifies Platform Security with Bugcrowd Bug Bounty Program (Sys-Con Media) Centrify to award up to $3,000 per vulnerability to ensure the security of the Centrify Identity Services platform

PhishMe Adds New GDPR Compliance Module to Their Complimentary Computer Based Training Program (BusinessWire) PhishMe®, a global provider of phishing defence and intelligence solutions for the enterprise, today announced the availability of a complimentary

EventTracker launches improved threat intelligence platform (BetaNews) The rapidly changing world of cyber security means that companies need to be able to respond quickly to threats.

Zenedge Launches API Security Solution with SDK (ProgrammableWeb) Zenedge has launched Zenedge API Security, a product designed to protect APIs from DDoS attacks and malicious bots.

How to buy Bitcoins, and where you can do it (Graham Cluley) Here are some basics to get you started…

Technologies, Techniques, and Standards

InfoSec 2017: how to protect yourself against the next WannaCry (Naked Security) What made WannaCry different from other ransomware attacks? We explain how it happened – and look at what lessons we’ve learned

Security Orchestration Fine-Tunes the Incident Response Process (Dark Reading) Emerging orchestration technology can cut labor-intensive tasks for security analysts.

Using History to Overcome the Challenge of Threat Intelligence Data Overload (Security Week) Applying unfiltered threat intelligence to defenses generates significant false positives

Insider Threat Detection in a Borderless World (Infosecurity Magazine) Detecting insider threats in this new environment also requires a different approach. One that combines securing applications, locking down identities and monitoring how identities use applications.

What the hacking of Gordon Ramsay’s email teaches us all (The State of Security) It doesn’t matter if you’re a regular user or a short-fused celebrity chef, we all need to harden the defences of our email accounts.

Design and Innovation

Apple’s Safari is going to use AI to track who’s tracking you (Naked Security) Safari will use machine learning to decide which third-party cookies to block, with the aim of reducing how much your footsteps around the web are followed by advertisers

To Stop Terrorists, Google Jigsaw’s Radical Strategy is Talking to Them (WIRED) Yasmin Green heads R&D at Jigsaw, a think tank at Google's parent company. Her radical strategy? Tackle the web's dark side by talking to its creators.

Cisco Patches Critical Flaws in Prime Data Center Network Manager (Threatpost) Cisco patched two critical flaws in its Prime Data Center Network Manager, including one that could be exploited remotely and allow an attacker root access.

Research and Development

Quantum-powered random numbers could provide key to better cryptography (SC Media UK) True randomness is impossible to achieve with conventional hardware, and some applications are terrible at it, but are our current random number generators 'good enough' and is it worth using quantum technology to achieve better randomness?

Academia

Summer STEM for Kids (SANS Internet Storm Center) It's summertime and your little hackers need something to keep them busy! Let look at some of the options for kids to try out. I’ve tried out each of these programs and have had good luck with them.

Legislation, Policy, and Regulation

Experts, Microsoft Push For Global NGO To Expose Hackers (NDTV) As cyberattacks sow ever greater chaos worldwide, IT titan Microsoft and independent experts are pushing for a new global NGO tasked with the tricky job of unmasking the hackers behind them.

The Roots of a Failing War Against Extremism, At Home and Abroad (War on the Rocks) Governments across the world are aware of the need to win the war of ideas with Islamism. However, many governments in the West have chosen to prosecute th

May to try to form government after UK election debacle, uncertainty over Brexit talks (Reuters) British Prime Minister Theresa May will ask Queen Elizabeth for permission to form a government on Friday after an election debacle that saw her Conservative Party lose its parliamentary majority days before talks on Britain's EU departure are due to begin.

Lawmakers to Pentagon: Tell Us When You Use Cyber Weapons (Defense One) A proposed law would require congressional notification when DOD conducts external cyber operations — offensive or defensive.

How New Social Media Background Checks Could Enhance Homeland Security (The Daily Signal) The Department of Homeland Security will now conduct social media background checks on the most high-risk individuals coming into America.

Task force tells Congress health IT security is in critical condition (Ars Technica) Report warns lack of security talent, glut of legacy hardware pose imminent threat.

The US Needs to Get Serious About Securing the Internet of Hackable Things (Motherboard) In an exclusive Motherboard op-ed, US Senator Mark Warner says last month's global WannaCry ransomware attack should be a wake up call for connected device security.

Litigation, Investigation, and Law Enforcement

People in the UAE Can Now Be Jailed for 15 Years for ‘Liking’ Qatar (Motherboard) In the wake of Saudi Arabia's row with Qatar, the United Arab Emirates is cracking down on social media dissent.

Iran says 5 Tehran attackers had fought for Islamic State (Military Times) Five of the men who launched an attack in the heart of Iran's capital previously fought for the Islamic State group, the country's Intelligence Ministry said Thursday, acknowledging the first such assault by the extremists in the Shiite power.

Accused leaker, an Air Force vet, ordered to remain jailed pending trial (Military Times) A federal judge ordered a young woman charged with leaking classified U.S. documents to remain jailed until her trial after prosecutors argued Thursday she might possess more stolen government secrets.

Case 1:17-mj-00024-BKE Document 5-1 Filed 06/05/17 AFFIDAVIT IN SUPPORT OF APPLICATION FOR ARREST WARRANT (US Department of Justice) I, Justin C. Garrick, being first duly sworn, hereby depose and state as follows

Alleged NSA leaker Reality Winner to plead not guilty (NBC News) Reality Winner, intelligence contractor who is accused of leaking a highly classified report, will plead not guilty, her lawyer told NBC News on Wednesday.

REALITY WINNER: Prosecutors: Alleged NSA leaker wanted to 'burn the White House down' (WSBTV) A federal magistrate judge held a detention hearing for Reality Winner Thursday afternoon.

WikiLeaks Declares War on The Intercept (The Daily Beast) The FBI says a reporter led it to an NSA leaker. Julian Assange says that person, whom he suspects is an Intercept reporter, is a ‘menace’ to sources, journalists, and democracy.

Statement for the Record Senate Select Committee on Intelligence (Senate Intelligence Committee) Chairman Burr, Ranking Member Warner, Members of the Committee. Thank you for inviting me to appear before you today.

James Comey Said Exactly What You Wanted Him to Say (WIRED) As you may have heard, earlier today, Trump's special guy he has that thing with sat before the Senate to answer questions about his brief tenure working with the Trump administration.

Comey: 'A foreign government used technical intrusion to try to shape the way we think' (Computing) Former FBI director gives evidence before the US Congress, claiming that Russia attempted to hack the recent US presidential elections

Chris Matthews: Trump-Russia collusion theory 'came apart' with Comey testimony (Washington Examiner) Matthews said that first Comey revealed 'Flynn wasn't central to the Russian investigation,' and secondly, he said that kills the idea that...

Comey: Trump told ‘Lies, Plain and Simple’ (Foreign Policy) The former FBI chief goes on the attack in his first public account of his firing, accusing the president of pressuring him to drop Flynn…

The ‘Private’ Jim Comey (Wall Street Journal) Some good questions the former FBI chief prefers not to answer.

Comey's Latest Statement Is An Indictment Of Comey, Not Trump (The Federalist) In his latest statement, former FBI director James Comey makes clear that he was playing a game with Donald Trump, and that Trump called his bluff.

James Comey Goes Back to Washington (WIRED) Recently fired FBI director James Comey’s unprecedented Senate hearing Thursday morning riveted official Washington and left reporters, members of Congress, and the American public with almost more questions than before...

Did Another Intelligence Director Lie to Wyden About Surveillance? (US News & World Report) Dan Coats said 'not to my knowledge' in an echo of James Clapper's infamous 'not wittingly' response.

It is not OK to break the law to catch criminals, judge rules (Naked Security) The ‘flagrancy of the FBI’s misconduct’ in obtaining the warrant and deploying malware in a fishing expedition to catch child abusers was ‘truly staggering’, said the judge…

Army colonel, others charged in alleged bribery scheme (Army Times) A U.S. Army colonel, his wife and a former defense contractor are accused of participating in what federal prosecutors call a bribery and kickback scheme connected to a Georgia military base.

Thailand jails man for 35 years for Facebook posts that insulted its royal family (TechCrunch) A man in Thailand has been sentenced to 35 years in prison after he was found guilty of insulting the country's royal family on Facebook. Identified only..

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Inside Job 2: Improving Cybersecurity by Improving Cyber Hygiene (Arlington, Virginia, USA, June 15, 2017) This symposium brings together a diverse group of talented cyber professionals from government, private sector, and academia to talk about Cyber Hygiene. Most cyber breaches are due to human error so,...

Upcoming Events

BSides Pittsburgh 2017 (Pittsburgh, Pennsylvania, USA, June 9, 2017) BSides Pittsburgh is part of a global series of community-driven conferences presenting a wide range of information security topics from technical topics, such as dissecting network protocols, to policy...

29th Annual FIRST Conference (San Juan, Puerto Rico, USA, June 11 - 16, 2017) FIRST is an international confederation of trusted computer incident response teams who cooperatively handle computer security incidents and promote incident prevention programs.

21st Colloquium, Cyber Security Education Innovation for the 21st Century (Las Vegas, Nevada, USA, June 12 - 14, 2017) The Colloquium for Information Systems Security Education (CISSE) provides a forum for dialogue among academia, industry and government. Protection of the information and infrastructure used to create,...

ETSI Security Week 2017 (Sophia Antipolis, France, June 12 - 16, 2017) This year's event will address key cybersecurity standardization challenges in the short, medium and longer term. The event will look at the different aspects of cybersecurity underpinning our digital...

Cyber Tech Fairfax (McLean, Virginia, USA, June 13, 2017) Cybertech Fairfax will provide attendees with a unique opportunity to learn about the latest innovations and solutions from the cyber community. It will serve as an incredible B2B platform with a strong...

Cyber Tech Fairfax (McLean, Virginia, USA, June 13, 2017) A thought-provoking conference and exhibition on global cyber threats, solutions, innovations and technologies. At Cybertech Fairfax, high-profile speakers and panelists will focus on the global cyber...

LegalSec Summit 2017 (Arlington, Virginia, USA, June 13 - 14, 2017) Whatever your role in security, there’s something here for you! Hear from experts who will share their experiences related to information security, and develop takeaways to use in your organization. The...

AFCEA Defensive Cyber Operations Symposium (Baltimore, Maryland, USA, June 13 - 15, 2017) Cyber operations are a challenging mission for the U.S. Defense Department and government community that builds, operates and defends networks. Cyber leaders and warriors must continually evolve to adapt...

Global Cybersecurity Summit 2017 (Kiev, Ukraine, June 14 - 15, 2017) During the two-day summit, participants will be exposed to cybersecurity best practices, cutting-edge advancements, and emerging innovations in defensive security across a series of categories, including...

Information Assurance Symposium (Baltimore, Maryland, USA, June 19 - 21, 2017) The Information Assurance Symposium is the premier IA event at which leaders and practitioners share vital information and provide direction and best practices to meet today's challenges in IA and the...

Norwich University Cyber Security Summit (Northfield, Vermont, USA, June 19 - 21, 2017) Norwich University’s College of Graduate and Continuing Studies (CGCS) is pleased to announce the first annual Cyber Security Summit in June 2017. The summit, presented in a continuing education format,...

Hack in Paris (Paris, France, June 19 - 23, 2017) Hack In Paris brings together major professional IT security and technical hacking experts to attend training and talks exclusively in English. Intrusion attempts grow more frequent and sophisticated,...

SANS Minneapolis 2017 (Minneapolis, Minnesota, USA, June 19 - 24, 2017) Get relevant, practical cybersecurity training at SANS Minneapolis 2017 (June 19-24). This event features the information needed to build crucial skills in protecting your organization from the latest...

Naval Future Force Science and Technology Expo (Washington, DC, USA, June 20 - 23, 2017) The Office of Naval Research’s (ONR) biennial 2017 Naval Future Force Science and Technology (S&T) EXPO will take place July 20-21, 2017. The Expo is the premier S&T event for the Navy and Marine Corps...

Borderless Cyber USA (New York, New York, USA, June 21 - 22, 2017) Borderless Cyber is an international, executive-level conference series that began in 2015. It’s designed to bring together the private sector and policy makers to evaluate, debate, and collaborate on...

Global Insider Threat Summit (London, England, UK, June 22, 2017) Companies are spending millions on cybersecurity, but breaches are still on the rise. Multinational enterprises, small businesses, healthcare organizations, and even national governments are all feeling...

Chertoff Group Security Series: Security in the Boardroom (East Palo Alto, California, USA, June 22, 2017) The Chertoff Group Security Series will aim to enhance and add to the Security in the Boardroom conversation by applying our insights into technology, threat, and policy to help executives respond to the...

Cyber Week (Tel Aviv, Israel, June 25 - 29, 2017) Bringing together international cybersecurity experts and enthusiasts, Cyber Week provides the opportunity to gain insight into the latest global developments in cybersecurity. The conference welcomes...

O’Reilly Artificial Intelligence Conference (New York, New York, USA, June 27 - 29, 2017) From bots and agents to voice and IoT interfaces, learn how to implement AI in real-world projects, and explore what the future holds for applied artificial intelligence engineering.

SIA GovSummit (Washington, DC, USA, June 28 - 29, 2017) The 2017 SIA GovSummit focuses on how government leverages security technologies to drive success across a wide spectrum of missions. Held annually in Washington, the Security Industry Association's government...

2017 Community College Cyber Summit (C3S) (National Harbor, Maryland, USA, June 28 - 30, 2017) 3CS is the only national academic conference focused on cybersecurity education at community colleges. Four tracks are available for college faculty and administrators, IT faculty who are involved or who...

Cyber Security Summit: DC (Washington, DC, USA, June 29, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: DC. Receive 50%...

SINET New York connects the United States’ three most powerful institutions and evangelizes the importance of industry, government and academic collaboration on security initiatives. (New York, New York, USA, June 29, 2017) SINET New York connects the United States’ three most powerful institutions and evangelizes the importance of industry, government and academic collaboration on security initiatives.

CyberSecurity International Symposium (Chcago, Illinois, USA, July 10 - 11, 2017) The Symposium will take an in-depth look at the latest cyber security threats and trends, as well as real-world strategies for securing critical networks and data in enterprise, commercial, government...

East Midlands Cyber Security Conference and Expo (Leicester, England, UK, July 11, 2017) The conference and expo will bring together over 150 businesses, information security providers and key influencers to discuss the threats posed by online criminals and the practical ways in which business...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.