skip navigation

More signal. Less noise.

Daily briefing.

US-CERT and others begin work to prevent CrashOverride, the malware ESET and Dragos found behind last December's Ukrainian power grid takedown, from hitting utilities elsewhere. The US Department of Homeland Security's National Cybersecurity and Communications Integration Center (NCCIC) has distributed a set of indicators of compromise to the power industry; they're freely available to any interested parties. The security firms who produced the research attribute the malware to a threat group (Electrum, with ties to Sandworm) and stop short of calling out a nation-state, but Ukrainian authorities have left no doubt that the attacks they sustained were the work of Russian security services.

Criminals are exploiting the Samba vulnerability to mine cryptocurrencies.

In industry news, NSO Group, controversial vendor of Pegasus lawful intercept tools, is for sale, for roughly a billion dollars.

The New York Times credits US cyber operators with successes against both Iran and North Korea but says efforts against ISIS have been less successful. The Caliphate's recruiting and inspiration networks are reconstituted almost as soon as they're taken down, and continue to reach terrorists. This suggests that influence operations are tougher to block than traditional IT or OT hacks.

Authorities are working harder to expunge content held objectionable from the Internet, and in this case at least the judgment is blasphemy, and the penalty is death. A court in Pakistan has handed down a capital sentence for a man, Taimoor Raza, finding that he insulted the Prophet Mohammed in the course of a Facebook debate concerning Islam.

Notes.

Today's issue includes events affecting Australia, China, Iran, Israel, Democratic Peoples Republic of Korea, Netherlands, Pakistan, Russia, Saudi Arabia, Syria, Ukraine, United Kingdom, United States.

In today's podcast, we hear from our partners at the SANS Institute and the ISC Stormcast, as Johannes Ullrich discusses IPV6 security. Our guest, Kirsten Bay from Cyber adAPT, will share some perspective on Wannacry and the importance of a detection-led approach.

UMBC Cybersecurity Graduate Program Open House (Catonsville, Maryland, USA, June 21, 2017) Whether you’re changing careers or want to move into management, UMBC’s Cybersecurity graduate programs can get you where you want to be. Join us to learn how on 6/21.

The Cyber Security Summit: DC (Washington, DC, USA, June 29, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from the U.S. Dept of Justice, Cybraics, CenturyLink, Alert Logic and more. Register with promo code cyberwire50 for half off your admission (Regular price $350).

CyberSecurity International Symposium (Chicago, Illinois, USA, July 10 - 11, 2017) Network with leading cybersecurity professionals, innovators, CIOs and regulators who are on the front lines of securing critical business and infrastructure networks. This in-depth Symposium examines the latest technologies, best practices, and lessons learned in achieving end-to-end network security for organizations of all varieties.

Cyber Attacks, Threats, and Vulnerabilities

U.S. Cyberweapons, Used Against Iran and North Korea, Are a Disappointment Against ISIS (New York Times) The Islamic State’s internet use has proved a more elusive target than missile systems or centrifuges, American officials say.

Israeli hackers reportedly got into ISIS networks and found they were building laptop bombs (Business Insider) The intelligence gleaned from the electronic heist was "so exquisite" that it helped US spies get an understanding of how such devices would be detonated.

Alert (TA17-163A) CrashOverride Malware (US-CERT) The National Cybersecurity and Communications Integration Center (NCCIC) is aware of public reports from ESET and Dragos outlining a new, highly capable Industrial Controls Systems (ICS) attack platform that was reportedly used in 2016 against critical infrastructure in Ukraine. As reported by ESET (link is external) and Dragos (link is external), the CrashOverride malware is an extensible platform that could be used to target critical infrastructure sectors. NCCIC is working with its partners to validate the ESET and Dragos analysis, and develop a better understanding of the risk this new malware poses to the U.S. critical infrastructure.

Cyber firms warn of malware that could cause power outages (Reuters) Two cyber security firms have uncovered malicious software that they believe caused a December 2016 Ukraine power outage, they said on Monday, warning the malware could be easily modified to harm critical infrastructure operations around the globe.

Energy industry becomes cyber war battlefield (The Bakersfield Californian) U.S. energy facilities are increasingly being targeted by cybercriminals, according to a recent report released by government and private security officials. Just one agency, the Department of Homeland Security, reported

First Malware Designed Solely for Electric Grids Caused 2016 Ukraine Outage (Dark Reading) Attackers used CrashOverride/Industroyer to cause a partial power outage in Kiev, Ukraine, but it can be used anywhere, say researchers at Dragos and ESET.

Industroyer can knock out power grid, ESET (SC Media US) Researchers at ESET have been examining malware samples that they claim can do precisely what was used to knock off power to the residents of Kiev in Decem

Russia has developed a cyberweapon that can disrupt power grids, according to new research (Washington Post) Already used in Ukraine, the malware could be modified to target U.S. systems.

CRASHOVERRIDE Analyzing the Threat to Electric Grid Operations (Dragos) Dragos, Inc. was notified by the Slovakian anti-virus firm ESET of an ICS tailored malware on June 8th, 2017. The Dragos team was able to use this notification to find samples of the malware, identify new functionality and impact scenarios, and confirm that this was the malware employed in the December 17th, 2016 cyber-attack on the Kiev, Ukraine transmission substation which resulted in electric grid operations impact.

Analyzing Xavier: An Information-Stealing Ad Library on Android (TrendLabs Security Intelligence Blog) We have recently discovered a Trojan Android ad library called Xavier that steals and leaks a user’s information silently. Xavier’s impact has been widespread, with more than 800 applications embedding the ad library’s SDK having been downloaded millions of times from Google Play.

ForcePoint: TrickBot spreading using Necurs botnet (Computing) TrickBot malware shifts from malvertising to Necurs botnet to spread, warns Malwarebytes

ForcePoint: TrickBot spreading using Necurs botnet (http://www.computing.co.uk) TrickBot malware shifts from malvertising to Necurs botnet to spread, warns Malwarebytes,Security,Networks ,security-spotlight,Malwarebytes,malware,email,TrickBot,Financial Services

ForcePoint: TrickBot spreading using Necurs botnet (Computing) TrickBot malware shifts from malvertising to Necurs botnet to spread, warns Malwarebytes

ForcePoint: TrickBot spreading using Necurs botnet (http://www.computing.co.uk) TrickBot malware shifts from malvertising to Necurs botnet to spread, warns Malwarebytes,Security,Networks ,security-spotlight,Malwarebytes,malware,email,TrickBot,Financial Services

The Rise of Polymorphic Malware (LIFARS) Polymorphic malware is code engineered with the ability to transform from its original form every time it is executed to evade detection.

Free Mac-Based Ransomware-as-a-Service MacRansom Surfaces (Threatpost) A new, free macOS-based ransomware as a service has surfaced on the darkweb. Researchers say once the malware encrypts users’ files, they’re “pretty much gone for good.”

Someone Is Offering Mac Ransomware on the Dark Web (Motherboard) New Mac malware might be a sign of things to come for Apple computer users.

SambaCry Flaw Exploited to Deliver Cryptocurrency Miner (Security Week) A recently patched Samba flaw known as EternalRed and SambaCry has been exploited in the wild to deliver a cryptocurrency miner to vulnerable machines, researchers warned.

Attackers Mining Cryptocurrency Using Exploits for Samba Vulnerability (Threatpost) Kaspersky Lab said it has seen some of the first exploits targeting a patched Samba vulnerability, and those are being used to mine Monero cryptocurrency.

Blinking Router LEDs Leak Data From Air-Gapped Networks (Threatpost) Researchers say sensitive data can be extracted from air-gapped networks via a wireless router’s blinking LEDs.

Mouseover Macro Campaign Delivers Gootkit Trojan Via PowerPoint (Cyber Security Experts) Earlier this week, a researcher analyzed a newly detected technique for delivering malware involving PowerPoint files and mouseover events. Today, Trend Micro has published details on a spam campaign it detected in late May using the same technique. TrendLabs researchers Rubio Wu and Marshall Chen suggest that although the recent campaign was limited (which in Read more about Mouseover Macro Campaign Delivers Gootkit Trojan Via PowerPoint…

Word exploits weaponised in quick time (Naked Security) The normal lifecycle of an Office exploit can take months – what makes this latest Word exploit different?

Chinese-Made Video Cameras Pose Major Cyber Attack Risk (Washington Free Beacon) A Chinese company warned Monday that some of its remote-controlled video cameras contain flaws that a security firm said could be used in cyber attacks.

Virgin Media’s Super Hub gets hit by another big security flaw (TechRadar) Super Hub 2 was the vulnerable party this time round

Stolen UAE InvestBank, Qatar National Bank Data Sold on Dark Web (HackRead) There may be a serious conflict between Qatar and the UAE (United Arab Emirates), but hackers see no difference, for them, it is all about making easy mone

Watch out! Scammers are making a fortune in the iOS App Store (HOTforSecurity) Just how much money can a scammy iPhone app make in the iOS App Store? You may be surprised. After all, how does $80,000 per month sound to you? The “Mobile protection :Clean & Security VPN” app is estimated to be have earnt its developer $80,000 per... #iosappstore #mobileprotection #scammers

Fortinet: Cybercrime ditches regional targets & goes for global 'element of surprise' (Security Brief) According to Fortinet's Global Threat Landscape Report, attackers are always looking for 'the element of surprise'.

Victims Lost US$1B to Ransomware (TrendLabs Security Intelligence Blog) Over the course of 2016, ransomware operators trailed their sights on bigger targets and raked in US$1 billion for their efforts.

Georgia’s voting machines face criticism, but state says they’re secure (Atlanta Journal-Constitution) Georgia officials have stood by the state's electronic voting machines, which it adopted in 2002, despite questions raised in a recent lawsuit.

Security Patches, Mitigations, and Software Updates

Crypto and SSL Improvements in High Sierra and iOS 11 (Hashed Out) After Apple's WWDC conference, we've compiled a list of all the crypto and SSL-related changes that are coming to High Sierra and iOS 11.

Apple to auto-update devices to two-factor authentication (Naked Security) iOS 11 and macOS High Sierra public beta testers will be automatically upgraded from 2SV. But, most users are unclear about the benefits of using 2FA.

Cyber Trends

New Imperva report reveals why old security fails (Software Testing News) Data and application security solution company Imperva has released its new Hacker Intelligence Initiative (HII) report.

Massive Surge in Botnet Malware Activity in Q1 2017 (eSecurity Planet) At the same time, ransomware usage dropped by 44.9 percent.

New Mimecast report detects 400% jump in impersonation attacks (Times of Oman) The number of impersonation attacks detected this quarter rose by more than 400 per cent quarter over quarter, in comparison to the data initially reported in the February 2017.

IT professionals believe their data is safer in the cloud than on-premise (Help Net Security) IT professionals believe that when facing malfunctions, malicious attacks and disasters, their organization's data is safer in the cloud than on-premises.

Security in the words of Dr Seuss (CSO) This is what Dr Seuss said and it’s something former Telstra CISO discussed during his opening keynote address at the Emerging Cyber Threats summit held in Sydney on 7 and 8 June 2017.

Differences in personal security behaviors of US and UK workers (Help Net Security) Wombat surveyed more than 2,000 working adults about cyber security topics and best practices that are fundamental to network and data security.

Marketplace

Israeli hacking company NSO Group is on sale for more than $1 billion (Cyberscoop) The Israeli hacking firm best known for the Pegasus mobile malware is looking for a buyer.

Honeywell to acquire industrial cyber security software leader Nextnine (Automotive World) Honeywell announced today that it has signed a definitive agreement to purchase Nextnine, a privately held provider of security management solutions and technologies for industrial cyber security. The addition of Nextnine’s industry-leading security solutions and secure remote service capabilities will enhance the Company’s existing range of innovative cyber security technologies and significantly increase Honeywell’s Connected Plant cyber security customer base.

Tanium lays out channel plans after $100m funding win (Channelweb) Security vendor looking to build deeper channel ties with enterprise VARs

How Raytheon Will Unlock The Value Of Its Cybersecurity Business For Shareholders (Forbes) Defense contractor Raytheon is flying high. Its stock is trading near an all-time high, up over 80% since Dr. Thomas A. Kennedy became Chairman & CEO in 2014. E.P.S. rose 21% year-over-year in the first quarter, and Wall Street is noticing. Argus Research says the company's business mix and growth outlook merit a premium valuation. Morningstar says Raytheon is poised "for some of the fastest growth in the defense industry," and despite the recent run-up in share price is "the least expensive pure-play defense name."

Raytheon's Space and Airborne Systems Awarded $42.8M Deal (NASDAQ.com) Raytheon Company 's RTN Space and Airborne Systems Division has won a $42.8 million contract for production of Identification Friend-or-Foe (IFF) KIV-77 Mode 4/5 cryptographic appliqué computers. Per the terms, the work will be carried out at Largo, FL and is expected to be completed by June 8, 2022.

Leidos: The Combination Of SAIC Divestiture And Lockheed Martin Spin Off Is Well Poised For A Breakout (Seeking Alpha) On August 16th, 2016, LockHeed Martin spun off its information systems and strategic solutions business to Leidos Holdings Inc., a defense services, technology

Why Proofpoint Keeps Shaking FireEye (Seeking Alpha) FireEye is sleeping on a cash cow hidden in its EX series of email security solutions. Sustainable double-digit growth in cloud security will provide the needed

3 Stocks With FireEye-Like Growth Potential (nwitimes.com) Our societal dependence on technology has made us increasingly more vulnerable to internet attacks. That's why an ever-increasing number of companies are to looking to internet security companies like FireEye

Can Dell change endpoint security? (Computerworld) Traditional PC security is failing most companies, and a new approach is required if enterprises are to be protected. Can PC vendors like Dell dramatically improve endpoint security?

“Cyber Ninjas” Tell it Like it is ... and Companies are Listening (Northrop Grumman Newsroom) Earning a spot at the top, Northrop Grumman was named among the best places to work for Cyber Ninjas, according to a recent report issued by the SANS Institute, a global leader in information security training. “Cyber Ninjas” are defined as those...

Strengthening Security Through Alliances (Benzinga) JKL Web Technologies forms an alliance with BTB Security.

CyberSponse, Inc. Appoints Former United States Federal CISO Greg Touhill, Brigadier General, US Air Force (Ret.), to its Board of Directors (PRWeb) CyberSponse, Inc., the leader in incident response automation and orchestration, appoints former Federal CISO, Gregory Touhill, Brigadier General, US Air Force (Ret.), to its company Board of Directors.

Products, Services, and Solutions

Nets Rolls Out Preventative Fraud Service to Protect Online Consumers Across the Nordics (Nets) Nets blocks clickbait traps and unsolicited recurring payments worth €1.9m, reducing card disputes by up to 20%. ​

ThreatConnect Partners with CenturyLink for Managed Security Services (ThreatConnect) ThreatConnect provides managed security services providers the ability to offer more premium services

Reed Smith Releases First App for Multistate Assessment of Data Breach Notification Obligations (Reed Smith LLP) Global law firm Reed Smith LLP today announced the launch of Breach RespondeRS, a free app. Nearly every state in the United States has a data security breach law, requiring notice when certain personal information is lost, stolen, or misused. But the many laws differ in small but crucial respects, making it difficult to get to a bottom line.

Launching New Multistate Assessment Tool for Data Breach Notification Obligations (Technology Law Dispatch) Nearly every state in the United States requires notification when certain personal information is lost, stolen, or misused.

SPYRUS Announces Extensive Family of FIPS 140-2 Level 3 Certified Hardware Root of Trust Devices for the Internet of Things (Marketwired) Devices available in multiple form factors to support blockchain, IoT infrastructures or embedded, edge, and standalone computing platforms

Cybersecurity Leadership and Governance (Covenant Security Solutions) The goal for this course is to provide an understanding of cybersecurity leadership focused on people and not just technology and policy. It will give you an overview of frameworks to support your risk management activities. It is highly useful to any organizational executive, or leader seeking an understanding of building cybersecurity cultures and governance. The instructor is Dr. Mansur Hasib, called the 'Peter Drucker' of Cyber Security Leadership. He is published in the “Cybersecurity Canon” and recent recipient of the coveted “2017 People's Choice Award” in Cybersecurity training.

Microsoft integrates with Zimperium to guard against zero-day mobile threats (BetaNews) Cyber attacks aren't limited to desktop systems, mobile endpoints are equally at risk and for enterprises this is something else that needs protection.

Microsoft will counter cyberattacks on Windows 10 with AI from Hexadite (TechRepublic) Criminals are winning the battle for data access way too often. Microsoft is adding AI and automation to its security platform by acquiring innovations from Hexadite.

Adelaide's emt Distribution named US-security vendor Thycotic's master distributor in Asia-Pacific (CRN Australia) Emt Distribution first to distribute Thycotic in Australia.

This hypnotic, terrifying map charts cyberattacks in real-time (WIRED UK) Kaspersky Labs has created a map that uses live data to give you an insight into cyber threats

Illusive Networks Tricks Attackers With Email Data Deceptions (eWEEK) The deception technology vendor adds a new email deception feature that will place fake information in corporate mail systems in a bid to trick attackers.

SecureWorks Innovates Counter Threat Platform to Enable Enterprises to Better Detect, Contain, and Eliminate Cyber Threats (BusinessWire) SecureWorks® (NASDAQ: SCWX), a leading provider of intelligence-driven information security solutions, continues to innovate its flagship Counter

Dimension Data Launches Endpoint Lifecycle Management Services (PRNewswire) Global IT services and solutions provider to help organizations accelerate adoption of enterprise mobility through...

Apple of Their Eye: Dimension Data Launches Apple Practice to Drive iOS Adoption in the Enterprise (CRN) Dimension Data has unveiled a dedicated Apple practice to help businesses easily manage corporate apps and data across the Mac, iPad, iPhone and Apple Watch.

IBM upgrades VersaStack for hybrid cloud (The Stack) IBM has announced a new version of VersaStack which now includes new VDI and hybrid cloud capabilities, to increase the flexibility of hybrid cloud networks.

Technologies, Techniques, and Standards

SOF goes cyber (Shephard) Details have emerged regarding a joint training exercise conducted by the US Army Cyber Command and Dutch Defence Cyber Command (DCC), aimed at developing a ‘Cyber Warrior’ concept for special operations forces (SOF) operating at the tactical edge.

Partnership between Dutch and Army Cyber Brigade Benefits Both Nations (DVIDS) Dutch Brig. Gen. Hans Folmer, commandant of his country's newly-formed Dutch Defence Cyber Command (DCC), met with Col. John (Dave) Branch, commander of the 780th Military Intelligence (MI) Brigade (Cyber), to strengthen their partnership and to discuss cyber and future training opportunities at the Muscatatuck Urban Training Center (MUTC), Mar. 16.

Crying wolf: Combatting cybersecurity alert fatigue (SC Media US) Not only must security pros contend with ever-increasing attacks to their networks, they also must finagle the tool sets guarding their systems to make certain settings are as they should be, reports Greg Masters.

An Introduction to VolUtility (SANS Internet Storm Center) If you would like to practice memory forensics using Volatility but you don't like command line tools and you hate to remmber plugins then VolUtility is your friend.

The best identity management advice right now (CSO Online) We've never been closer to getting pervasive, global identities. And with 2FA/MFA, you get all of the benefit with less of the risk.

Why are Businesses still Taking Unnecessary Risks with Cybersecurity? (Infosecurity Magazine) Businesses carry IT-related commercial risk that is either misunderstood, poorly communicated, or worse still, unidentified.

Mobile app developers: Make sure your back end is covered (ITworld) Developers need to make sure they are baking security into the application code and protecting how their apps handle data, but as the so-called HospitalGown security issue shows, they also need to know how the back-end servers and data stores are being configured.

AusCERT 2017 - Myths and Truths to Building a World Class Cyber Defence (CSO) Chris Coryea comes from Leidos – a major MSSP in the United States which is comprised of about 33000 employees that come from the original Leidos MSSP business and Lockheed Martin's cyber security team. That brought together the MSSP capability with advanced analytics and Lockheed Martin's famed Cyber Security Kill Chain approach.

10 Ways to Fight Advanced Malware With Threat Intelligence Sharing (Security Intelligence) The X-Force Exchange threat intelligence sharing platform brings collaboration to the forefront of the ongoing fight against WannaCry and other malware.

Top tips to secure your home wifi network from net nasties (Future Five) Your home internet network is become more and more vulnerable. Here's what you can do to help protect it from hackers and other net nasties.

Design and Innovation

This UK Company Is Making It Easier for Private Companies to 'Hack Back' (Motherboard) As the US considers legislation that would allow companies to strike-back against hackers, a UK firm is already making that step a little bit easier.

Academia

DCC ‘Cyber Team’ honored at national summit (GoDanRiver.com) The Danville Community College “Cyber Team” was honored Wednesday at the National Cyber Security Summit in Huntsville, Alabama.

AccessData to Host Digital Forensics Lab at Cybersecurity Camp for Girls at Dakota State University (Globe Newswire) AccessData Group, a leading provider of integrated digital forensics and e-discovery software, will host hands-on labs to educate students about digital forensics at the 2017 GenCyber: Girls in CybHER Security camp at Dakota State University (DSU).

San Juan College hosts youth cybersecurity camp (Farmington Daily Times) A free San Juan College summer camp focusing on teaching K-12 students about cybersecurity is in high demand.

Legislation, Policy, and Regulation

The Saudi-Iran War Comes to Washington (Foreign Policy) In the battle for Middle East supremacy, Tehran and Riyadh are pulling out all the stops.

Intelligence and the Presidency (Foreign Affairs) The relationship between Trump and the intelligence community needs to be recalibrated. The president must understand that “alternative facts” have no place in the work of intelligence professionals.

Work on government security strategy is progressing (CSO) Working alongside the Prime Minister’s special adviser for all things cyber gives Jacob Boyle a unique perspective on the government’s role in securing the country – not just with all the services offered by government but also in working with businesses and the security industry.

Litigation, Investigation, and Law Enforcement

Man in Pakistan sentenced to death for blasphemous Facebook comments (TechCrunch) There's disturbing news from Pakistan, where a man has been handed the death sentence for allegedly making blasphemous comments on Facebook. The Guardian..

Pakistan: man sentenced to death for blasphemy on Facebook (the Guardian) Taimoor Raza was found guilty of insulting the prophet Muhammad during an argument on social media with a counter-terrorism official

Why Isn't Twitter Deleting the Weis Market Shooter's 'Suicide Tapes'? (Motherboard) It’s been four days since Randy Stair killed three people in a Pennsylvania supermarket. Why is his extensive web presence still online?

This Is How Chinese Spying Inside the U.S. Government Really Works (The National Interest) A federal affidavit shows how China lured and paid a suspected spy inside the State Department.

How Russia Targets the U.S. Military (POLITICO Magazine) With hacks, pro-Putin trolls and fake news, the Kremlin is ratcheting up its efforts to turn American servicemembers and veterans into a fifth column.

The monumental idiocy of leaker Reality Leigh Winner (Washington Examiner) If it's true that Winner has been openly discussing the PR angle with family members over monitored phone calls, it suggests she is dimmer...

Top Democrat calls for investigation of Loretta Lynch’s Clinton probe (New York Post) The top Democrat on the Senate Judiciary Committee called Sunday for a congressional investigation into former Attorney General Loretta Lynch’s handling of the Hillary Clinton email pr…

Byron York: Is Robert Mueller conflicted in Trump probe? (Washington Examiner) Comey is a good friend of special counsel Robert Mueller — such a good friend, for about 15 years now, that the two men have been described...

Yes, Robert Mueller Should Recuse Himself From Investigating Trump Over Comey Firing (Daily Wire) In light of James Comey's testimony last week, it is abundantly clear that Special Counsel for the Russia investigation Robert Mueller needs to recuse himself from any issues surrounding the former FBI Director.

Cyber Scam: A Side of the Web You Won (The Citizen) When Pinakita Gupta ordered a surprise gift for her friend through an Instagram store Chic Carnations, little did she know she was in for an

Many terrorists' first victims are their wives - but we're not allowed to talk about that (New Statesman) The links between domestic violence and mass killings are now exhaustively documented. So why the conspiracy of silence?

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Cyber Tech Fairfax (McLean, Virginia, USA, June 13, 2017) Cybertech Fairfax will provide attendees with a unique opportunity to learn about the latest innovations and solutions from the cyber community. It will serve as an incredible B2B platform with a strong...

Cyber Tech Fairfax (McLean, Virginia, USA, June 13, 2017) A thought-provoking conference and exhibition on global cyber threats, solutions, innovations and technologies. At Cybertech Fairfax, high-profile speakers and panelists will focus on the global cyber...

LegalSec Summit 2017 (Arlington, Virginia, USA, June 13 - 14, 2017) Whatever your role in security, there’s something here for you! Hear from experts who will share their experiences related to information security, and develop takeaways to use in your organization. The...

AFCEA Defensive Cyber Operations Symposium (Baltimore, Maryland, USA, June 13 - 15, 2017) Cyber operations are a challenging mission for the U.S. Defense Department and government community that builds, operates and defends networks. Cyber leaders and warriors must continually evolve to adapt...

Global Cybersecurity Summit 2017 (Kiev, Ukraine, June 14 - 15, 2017) During the two-day summit, participants will be exposed to cybersecurity best practices, cutting-edge advancements, and emerging innovations in defensive security across a series of categories, including...

Inside Job 2: Improving Cybersecurity by Improving Cyber Hygiene (Arlington, Virginia, USA, June 15, 2017) This symposium brings together a diverse group of talented cyber professionals from government, private sector, and academia to talk about Cyber Hygiene. Most cyber breaches are due to human error so,...

Information Assurance Symposium (Baltimore, Maryland, USA, June 19 - 21, 2017) The Information Assurance Symposium is the premier IA event at which leaders and practitioners share vital information and provide direction and best practices to meet today's challenges in IA and the...

Norwich University Cyber Security Summit (Northfield, Vermont, USA, June 19 - 21, 2017) Norwich University’s College of Graduate and Continuing Studies (CGCS) is pleased to announce the first annual Cyber Security Summit in June 2017. The summit, presented in a continuing education format,...

Hack in Paris (Paris, France, June 19 - 23, 2017) Hack In Paris brings together major professional IT security and technical hacking experts to attend training and talks exclusively in English. Intrusion attempts grow more frequent and sophisticated,...

SANS Minneapolis 2017 (Minneapolis, Minnesota, USA, June 19 - 24, 2017) Get relevant, practical cybersecurity training at SANS Minneapolis 2017 (June 19-24). This event features the information needed to build crucial skills in protecting your organization from the latest...

Naval Future Force Science and Technology Expo (Washington, DC, USA, June 20 - 23, 2017) The Office of Naval Research’s (ONR) biennial 2017 Naval Future Force Science and Technology (S&T) EXPO will take place July 20-21, 2017. The Expo is the premier S&T event for the Navy and Marine Corps...

Borderless Cyber USA (New York, New York, USA, June 21 - 22, 2017) Borderless Cyber is an international, executive-level conference series that began in 2015. It’s designed to bring together the private sector and policy makers to evaluate, debate, and collaborate on...

Global Insider Threat Summit (London, England, UK, June 22, 2017) Companies are spending millions on cybersecurity, but breaches are still on the rise. Multinational enterprises, small businesses, healthcare organizations, and even national governments are all feeling...

Chertoff Group Security Series: Security in the Boardroom (East Palo Alto, California, USA, June 22, 2017) The Chertoff Group Security Series will aim to enhance and add to the Security in the Boardroom conversation by applying our insights into technology, threat, and policy to help executives respond to the...

Cyber Week (Tel Aviv, Israel, June 25 - 29, 2017) Bringing together international cybersecurity experts and enthusiasts, Cyber Week provides the opportunity to gain insight into the latest global developments in cybersecurity. The conference welcomes...

O’Reilly Artificial Intelligence Conference (New York, New York, USA, June 27 - 29, 2017) From bots and agents to voice and IoT interfaces, learn how to implement AI in real-world projects, and explore what the future holds for applied artificial intelligence engineering.

SIA GovSummit (Washington, DC, USA, June 28 - 29, 2017) The 2017 SIA GovSummit focuses on how government leverages security technologies to drive success across a wide spectrum of missions. Held annually in Washington, the Security Industry Association's government...

2017 Community College Cyber Summit (C3S) (National Harbor, Maryland, USA, June 28 - 30, 2017) 3CS is the only national academic conference focused on cybersecurity education at community colleges. Four tracks are available for college faculty and administrators, IT faculty who are involved or who...

Cyber Security Summit: DC (Washington, DC, USA, June 29, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: DC. Receive 50%...

SINET New York connects the United States’ three most powerful institutions and evangelizes the importance of industry, government and academic collaboration on security initiatives. (New York, New York, USA, June 29, 2017) SINET New York connects the United States’ three most powerful institutions and evangelizes the importance of industry, government and academic collaboration on security initiatives.

CyberSecurity International Symposium (Chcago, Illinois, USA, July 10 - 11, 2017) The Symposium will take an in-depth look at the latest cyber security threats and trends, as well as real-world strategies for securing critical networks and data in enterprise, commercial, government...

East Midlands Cyber Security Conference and Expo (Leicester, England, UK, July 11, 2017) The conference and expo will bring together over 150 businesses, information security providers and key influencers to discuss the threats posed by online criminals and the practical ways in which business...

Electronic Warfare Olympics & Symposium (Colorado Springs, Colorado, USA, July 13 - 14, 2017) The 2017 Electronic Warfare Olympics & Symposium will improve the capability, and marketability, of spectrum warriors by building the local EW/IO community. and bringing awareness to the capabilities in...

3rd Edition CISO Summit India 2017 (Mumbai, India, July 14, 2017) Cyber security has gone through a tremendous change over the last couple of months. Ecosystem disruptions like demonetization, emergence of payment banks and fintech play have put technology as the sine...

CYBERCamp2017 (Herndon, Virginia, USA, July 17 - 28, 2017) Always wondered what “cyber attacks” really are? How a special group of cyber warriors protect and defend our banks, stores, and electric plants every second? Join experts from the FBI and the foremost...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.