skip navigation

More signal. Less noise.

Daily briefing.

It appears that the Petya/Nyeta/NotPetya ransomware campaign isn't really ransomware at all, but rather misdirection for a quieter campaign designed to install at least an information-stealing Trojan, and perhaps other malware. So don't pay the ransom; you won't get your files back that way.

Observers and investigators looking at Petya/Nyeta/NotPetya see a slow accumulation of circumstantial evidence pointing to Russian security organs. One interesting development: F-Secure believes it's found signs that EternalBlue was incorporated into the campaign's code before the ShadowBrokers released it in April, which suggests either a connection between the ShadowBrokers and Petya/Nyeta/NotPetya's controllers, or that the controllers had independent access to the exploit. More demands are heard in the US Congress for NSA to tell what it lost through leaks and what else might be out there.

The ShadowBrokers have upped their prices (June sales of exploit-of-the-month club memberships did so well they figure they can charge more in July) and also announced a "VIP service" whose precise shape and benefits are so far still unclear. Whatever it is, it can be yours for $130,000.

WikiLeaks has opened Vault7 again, this time with "OutlawCountry." They claim it's a CIA-developed tool for exploiting Linux systems.

In industry news, Zscaler is reported to be moving toward an IPO with a $2 billion valuation.

The cyber-disinformation-sparked crisis in the Gulf continues unabated.

Russia has called for an international crackdown on cybercrime, to which one can only say, sure you're right, Mr. Peskov. "Stop me before I hack again," eh Vlad?

Notes.

Today's issue includes events affecting Australia, China, Egypt, France, Germany, India, Italy, Japan, New Zealand, Nigeria, Poland, Qatar, Russia, Saudi Arabia, Spain, Sweden, Ukraine, United Arab Emirates, United Kingdom, United States..

A note to our readers: next Tuesday, of course, is Independence Day in the US, the day we observe and celebrate the Amexit of 1776. We'll publish the Week that Was as usual Sunday, and the CyberWire Daily News Briefing as usual on Monday, but Tuesday will be a holiday for us. Enjoy the 4th. And you'll find continuing coverage of Petya/Nyetya/NotPetya on our site.

Not surprisingly (since you can even hire hitmen there, too, not that you would) the dark web has guides on how to commit fraud. In today's podcast we hear from our partners at Terbium Labs as Director of Analysis Emily Wilson tells us about Terbium's research into those fraud guides. We also have two guests from ThreatConnect, Drew Gidwani, Director of Analytics, and Andy Pendergast, Vice President of Product and Co-Founder. They talk us through the findings of a recent SANS survey on security optimization.

BSides Las Vegas (Las Vegas, Nevada, USA, July 25 - 26, 2017) BSides Las Vegas isn’t another “talk at you” conference. Everyone at BSides is a participant. Track after track, year after year, the security researchers, engineers, analysts and managers that present at BSidesLV are looking to engage our participants and be engaged by them. Our presenters don’t talk at you, they converse with you. Come join the conversation!

8th Annual Billington CyberSecurity Summit (Washington, DC, USA, September 13, 2017) The 8th Annual Billington CyberSecurity Summit September 13 in Washington D.C. brings together world-class cybersecurity thought leaders for high-level information sharing, unparalleled networking and public-private partnerships from a cross-section of civilian, military and intelligence agencies, industry and academia.

Cyber Attacks, Threats, and Vulnerabilities

NotPetya used NSA exploits even before release by Shadow Brokers (Computing) New research from security firm F-Secure suggests that NotPetya malware was made six months ago using NSA exploits before they were released by hackers

Petya: “I Want To Believe” (News from the Lab) There’s been a lot of speculation and conjecture around this “Petya” outbreak. A great deal of it seems to have been fueled by confirmation bias (to us, at least). Many things abo…

His ‘Petya’ Code Was Used in a Global Cyber Attack, Now He Wants to Help (The Daily Beast) The James Bond baddie-inspired ‘Janus’ began selling his ransomware in spring 2016. Now a modified version is wreaking havoc—and he says it wasn’t him, and he wants to crack it.

Petya, PetrWrap, GoldenEye, and WannaCry: a ransomware pandemic scorecard. (The CyberWire) The malware pandemic that broke out of initial infections in Ukraine on Tuesday, June 27th, is the familiar Petya ransomware, modified to incorporate the EternalBlue exploit. Here's a rundown, with commentary by the experts.

This is What It Looks Like When You Get Hit with the NotPetya Ransomware (Motherboard) It's almost impossible to recover your files.

Is this Petya, NotPetya, GoldenEye, ExPetr, or PetrWrap? (Forcepoint) Forcepoint Security Labs will continue to refer to this as a Petya outbreak, although other vendors have chosen to apply additional or alternative names to it.

Petya: The Sophisticated and Multi-Pronged Ransomware Attack (Recorded Future) A new cyber attack that is quickly spreading throughout the world appears to be delivering ransomware and a trojan information stealer.

Petya Wormed Ransomware Causes Havoc (Netskope) A wormed version of the Petya/GoldenEye ransomware family has been found to be propagating via the SMB exploit patched in MS17-010 (AKA EternalBlue). This is the same vulnerability exploited by...

The NotPetya Global Pandemic (CyberArk) In May 2017, WannaCry took advantage of an exploit in the Windows operating system to usher in a cyber security pandemic – ransomware that can spread its infection like a traditional worm.

Technical Analysis of Petya Ransomware Propagation (Alcavio) "Petya" is the most recent ransomware strain, is spreading quickly despite microsoft windows patches

Petya Ransomware Outbreak - June 27, 2017 (Cloud Security Solutions | Zscaler) One month after the WannaCry outbreak, we are seeing another widespread ransomware outbreak, possibly involving the Petya ransomware family variant.

Petya: Recommendations for defense and remediation. (The CyberWire) What can enterprises do, now, to protect themselves against Petya and the other, similar attacks soon to follow?

NotPetya attacker can't provide decryption keys, researchers warn (Help Net Security) The installation key (ID) that the victims need to provide in order to get the decryption key back is a useless, randomly generated string.

Patch management could have stopped NotPetya attacks: Verizon (IT World Canada) Good patch management could have stopped the spread this week of the NotPetya ransomware

Practical Steps for Petya Ransomware Protection (Revolutionary Security) You may have heard that there is a new ransomware campaign leveraging the EternalBlue (MS17-10) exploit from the recent Vault 7 leaks.

Deconstructing Petya: how it spreads and how to fight back (Naked Security) It’s been 24 hours since the outbreak first hit: here’s what we know now about how Petya behaves

10 Things You Need to Know About NotPetya (Note: Don’t Pay the Ransom) (Cyxtera) Europe woke up Tuesday to massive attacks on both governments and some of the world’s largest brands.

NotPetya is designed to destroy, says Malwarebytes (Computing) It is a scam and you will never get your money back

How collective defense can work. (The CyberWire) As they did two weeks ago with CrashOverride, the ISACs appear to be working as advertised.

Ukrainian Spooks Call in FBI, NCA and Europol (Infosecurity Magazine) Ukrainian Spooks Call in FBI, NCA and Europol. Race to unmask ‘Petya’ threat actors intensifies

NITDA, others raise alert as ‘GoldenEye’ paralyses businesses (Guardian (Nigeria)) National Information Technology Development Agency (NITDA) and other cyber security firms have alerted Nigerian companies on the rampaging ransomware attacks called Petya or ‘GoldenEye’.

When sharing isn't caring. (The CyberWire) There's been a tendency to romanticize leaking and even espionage.

Cyber-Attacken auf Banken und Firmen in Russland und Ukraine (hearZONE) Zum zweiten Mal innerhalb von zwei Monaten hat ein massiver Angriff mit Erpressungssoftware Firmen rund um den Globus getroffen.

Policy, conflict, attribution, and preparing for more to come. (The CyberWire) Ukrainian authorities have their suspect, but attribution isn't going to be simple. What's clear, however, is that more such attacks can be expected.

Decrypting the Motivations Behind NotPetya/ExPetr/GoldenEye (Dark Reading) Experts discuss the methods and targets involved in this week's massive malware outbreak to figure out what motivated attackers.

Thoughts on the on-going global cyber attacks as they affect industrial control systems (ICSs) (Control Global) With ICSs, we are in a very uneven battle.

Petya: Is it ransomware or cyberwarfare? (CSO Online) It turns out Petya isn't ransomware, but a cyber weapon being used to carry out cyberwarfare activities.

Pnyetya: Yet Another Ransomware Outbreak (Medium) Hiding the small movement inside the big movement

Global cyber attack likely cover for malware installation in Ukraine: police official (Reuters) The primary target of a crippling computer virus that spread from Ukraine across the world this week is highly likely to have been that country's computer infrastructure...

Cyber-attack was about data and not money, say experts (BBC News) They point to "aggressive" features of the malware that make it impossible to revive key files.

Top experts at Tel Aviv conference keep close eye on global cyber attack (The Jerusalem Post) One name kept coming up when it comes to who may be behind the global attacks.

Why this ransomware attack is more alarming than the last (Marketplace) Chester Wisniewski, senior security researcher with Sophos, talks to us about the latest cyber breach.

Ransomware's global epidemic is just getting started (CNET) WannaCry should have been a major warning to the world about ransomware. Then the GoldenEye strain of Petya ransomware arrived. What’s next?

Ransomware Attack on DLA Piper Puts Law Firms, Clients on Red Alert (The American Lawyer) The implications of network-crippling malware may be just as damaging for a deadline-driven service industry that holds the fate of companies’ legal issues i...

Fears of hackers targeting US hospitals, medical devices for cyber attacks (ABC News) Experts are warning that not only is the randsomware problem getting worse, but hospital computers and medical devices are vulnerable to hacking.

First Maersk ship docks in NZ after cyber attack (Stuff) Shipping giant Moller-Maersk assures NZ ports and freight firms its operations are intact despite cyber attack.

Global shipping feels fallout from Maersk cyber attack (Reuters) Global shipping is still feeling the effects of a cyber attack that hit A.P. Moller-Maersk (MAERSKb.CO) two days ago, showing the scale of the damage a computer virus can unleash on the technology dependent and inter-connected industry.

Cyber attack 'worst possible timing' for Gothenburg port (The Local (Sweden)) Trouble-hit Gothenburg harbour is still struggling to get its services up and running after shipping mammoth Maersk was hit by a cyber attack.

CIA May Have Developed Linux Malware (Infosecurity Magazine) The latest Vault 7 dump on WikiLeaks, dated 29 June 2017, contains a document on Linux malware the CIA may have developed, named OutlawCountry

Shadow Brokers Group Leaks Stolen National Security Agency Hacking Tools (NPR) Last August, hacking tools were stolen from the National Security Agency. Now, those tools are being used in a number of cyber attacks around the world, and there's mounting pressure on the NSA to do something.

Shadow Brokers hike prices for stolen NSA exploits, threaten to out ex-Uncle Sam hacker (Register) Also starts mysterious VIP service for $130,000

Ransomware Attacks Continue in Ukraine with Mysterious WannaCry Clone (BleepingComputer) A fourth ransomware campaign focused on Ukraine has surfaced today, following some of the patterns seen in past ransomware campaigns that have been aimed at the country, such as XData, PScrypt, and the infamous NotPetya.

Cerber Renames Itself as CRBR ENCRYPTOR to Be a PITA (BleepingComputer) Ransomware developers are really trying to screw with us this week. This is shown with the CERBER Ransomware suddenly deciding to change its name to CRBR Encryptor. It's bad enough what they do with victims, now they just want to be a PITA?

Iraqi leader says ISIS is at its end; the US military says not so fast (Washington Examiner) 'We are seeing the end of the fake Daesh state, the liberation of Mosul proves that,' Iraqi Prime Minister Haider al-Abadi said.

Azure AD Connect vulnerability allows attackers to reset admin passwords (Help Net Security) An Azure AD Connect vulnerability could be exploited by attackers to gain unauthorized access to on-premises AD privileged user accounts.

Hacking nuclear submarines – how likely is the nightmare scenario? (Naked Security) Nuclear submarines run on Windows XP – but is that the ships’ weakest point?

MoD: HMS Queen Elizabeth Will Not Have Windows XP Systems When Operational (Silicon UK) UPDATED: MoD squashed concerns that legacy software in the Navy's latest aircraft carrier leave it open to cyber attacks

Hackers breached a US nuclear power plant's network, and it could be a 'big danger' (Business Insider) This breach "could lead to another attack that could be more serious," one cybersecurity expert said.

Critical Infrastructure Protection (CIP): Security problems exist despite compliance (CSO Online) CIP is just one of 14 mandatory NERC standards that are subject to enforcement in the U.S.

Who was to blame for what looked like a DDoS attack on the AA? That would be … the AA (Naked Security) AA members not unreasonably complied when they received an email warning them to change their passwords … but the AA’s servers couldn’t cope

This Dark Web Site Creates Robocalls to Steal People’s Credit Card PINs (Motherboard) A new service offers cybercriminals automated social engineering as a service.

This Retail Website Considers Password Security Optional (Threatpost) The glaring privacy issues tied to an online health and beauty retailer allows customers to log-in to their user accounts with just their email address – no password needed.

Security Patches, Mitigations, and Software Updates

Windows 10: Microsoft's new Insider Preview is packed with security features (ZDNet) Microsoft doubles down on enterprise security features ahead of the Windows 10 Fall Creators Update.

Cyber Trends

Cyber, electronic warfare blur tactical, strategic lines (C4ISRNET) The Army is working to test new technologies to help inform requirements, doctrine and operational concepts in the cyberspace domain.

Survey: Security Incidents like WannaCry Happen Multiple Times a Year (Healthcare Informatics) Nearly half of cybersecurity professionals in a recent survey said that there have been other security incidents like the recent WannaCry attack that they worked on just as frantically without the public ever hearing about it.

Guidance Software Security Report Finds a Growing Number of Enterprises Are Preparing for Breaches While Managing Increasing Security Challenges (BusinessWire) Guidance Software announces IT and security survey results, finding that companies are preparing to respond to a major breach in the coming year.

SMBs Focus on Endpoint Security while Large Enterprises Prioritize Data Security, Says Netwrix Survey (Netwrix) Despite having different approaches to security, only a quarter of SMBs and large organizations alike claim to be well prepared to beat cyber risks.

Druva Releases Annual Enterprise Ransomware Report (Druva) Ransomware attacks are on the rise; half of businesses infected once will be hit again; 82 percent of companies attacked turn to backup to recover; 33 percent of ransomware attacks target servers

Laptops hold more sensitive data, but they’re less protected than smartphones (Alertsec) Laptops hold more sensitive data, but they’re less protected than smartphones

Top cloud challenges: Security, compliance, and cost control (Help Net Security) The cloud is not living up to expectations because of compliance and security concerns, downstream costs, and cloud management tools on the market.

Marketplace

Silicon Valley security 'unicorn' takes steps towards an IPO (Silicon Valley Business Journal) Cloud security business Zscaler Inc. is reportedly interviewing potential underwriters for an IPO that could value it at about $2 billion.

Startup Takes AI Approach as Cyber Threats Mount (Datanami) Little else has worked lately when it comes to cybersecurity, prompting a startup and its backers to give artificial intelligence a shot. A group of indust

IBM and Cisco Systems: these two tech titans could actually make a cyber security partnership work (Verdict) Even the largest cyber security vendors can use all the help they can get with ransomware attacks like Petya and WannaCry becoming scarily common.

Tracing Raytheon’s Bold Launch into the Fifth Domain (The Cipher Brief) Raytheon, one of the U.S. government’s largest defense contractors, is known for making bold competitive moves.

Bishop Fox Ranked Among "Top Companies to Work for in Arizona" for Fourth Consecutive Year (PRNewswire) Bishop Fox announced today that it has been named to the list of "Top...

Products, Services, and Solutions

New infosec products of the week​: June 30, 2017 (Help Net Security) Featured infosec products this week include releases from Akamai, Comodo, Indegy, NXP Semiconductors, and Objective Development.

Cylance Signs Distributor Agreement with Toshiba (BW CIOWORLD) Toshiba launches sales of CylancePROTECT AI-driven antivirus solution

Palo Alto Networks Virtualized Data Center Ultimate Test Drive (Breaking Defense) Interested in taking a Palo Alto Networks virtualized next-generation firewall product for a test drive?

Customers and Partners Turn to Zscaler to Secure SD-WAN Implementations (Marketwired) Zscaler grows partner ecosystem for secure, easy, and cost-effective local Internet breakouts

GoDaddy Introduces New Small Business Security Features (Small Business Trends) If you have a small business website, you know how dangerous malware and viruses can be.

Stopping Online Predators in Their Tracks with Help from Cybersleuth Investigations (Morningstar) That person you're talking with on Twitter, LinkedIn or Facebook may seem like your perfect soulmate, but in reality, they're the perfect nightmare.

Technologies, Techniques, and Standards

The next frontier of cyber governance: Achieving resilience in the wake of NotPetya (Help Net Security) Here’s how organizations can get ahead of existential threats and lead the charge in the next frontier of cyber governance.

DHS' 72-hour marathon to keep agencies, industry safe from WannaCry (FederalNewsRadio.com) Jeanette Manfra, acting undersecretary for cybersecurity at DHS, offered a look into the steps DHS took to keep federal agencies safe from WannaCry.

Combat Training Center rotations continue to drive evolution of Army Cyber-Electromagnetic Activities (DVIDS) The Army Cyber Command-led initiative to develop Cyber-Electromagnetic Activities (CEMA) in Army tactical units has come a long way since its inception as a pilot program in 2015.

Defending Against a Cyberattack on Democracy (Roll Call) Congressional campaigns rocked by Russian interference in the 2016 election are trying to make sure that it never happens again. Campaigns and elections are top targets for future cyberattacks. So campaign committees and campaigns themselves are taking steps to bolster security staff and training.

The role of web filtering in a modern security architecture (Help Net Security) The greatest challenge for a web filtering vendor is always going to be speed, followed closely by comprehension, according to Smoothwall.

Why the GDPR is good for you (Computing) With consumer trust at an all-time low, when companies embrace the privacy principles that underpin GDPR they will attract more customers

Design and Innovation

Post-quantum cryptography on smart cards demonstrated by Infineon - SecureIDNews (SecureIDNews) Infineon successfully supported an instance of next-generation, post-quantum cryptography (PQC) on smart cards using an off-the-shelf contactless chip.

Legislation, Policy, and Regulation

Egypt has blocked over 100 local and international websites including HuffPost and Medium (Quartz) They include Medium, Huffington Post, and Al Jazeera

There’s No Space for Qatar to Save Face (Foreign Policy) As the crisis in the Gulf heats up, the impossible demands made by the Saudis and Emiratis virtually ensure that things will get ugly.

Try as it may, Trump administration can't avoid Qatar crisis (Military Times) It's the geopolitical crisis the Trump administration just can't quit.

How to negotiate the Qatar crisis (NY Daily News) Saudi Arabia has finally announced its demands for ending its maritime blockade, enforced by sea and air...

There is No Other Way with Pakistan (War on the Rocks) In the midst of Trump administration developing its policies on Afghanistan and Pakistan, the experts in Washington, are divided. The key question seems to

With bank sanctions and arms sales, US hardens line on China (Military Times) The Trump administration hardened its approach to China on Thursday, blacklisting a small Chinese bank over dealings with North Korea while approving more than a billion dollars in military sales to Taiwan.

Trump to Meet With Putin at G-20 Gathering Next Week (null) The White House would not say whether the issue of Russia’s meddling in last year’s election would be directly addressed at the meeting.

Pentagon: Russia Very Much a Threat to the United States (Foreign Policy) In a new report, the Defense Intelligence Agency highlights Moscow’s fear of regime change and increased military spending as reason to take Russia seriously.

Pentagon Report: Kremlin Believes U.S. Wants Regime Change In Russia (RadioFreeEurope/RadioLiberty) Kremlin leaders believe the United States wants regime change in Russia, a worry that is feeding rising tensions between the two former Cold War foes, a U.S. defense intelligence report said on June 28.

Russia doesn't rule out retaliation if U.S. bans Kaspersky products (Reuters) Russia does not rule out retaliatory measures if the United States bans Moscow-based cyber security firm Kaspersky Lab's products, RIA news agency cited Russia's Communications Minister Nikolai Nikiforov as saying on Thursday.

H.R. McMaster: Omission of Article 5 commitment from Trump speech a 'manufactured controversy' (Washington Examiner) 'The president is absolutely committed to our treaty.'

Australia creates military cyber unit to expand hacking attacks (Reuters) Australia has created its first military cyber division, a government minister said on Friday, seeking to expand hacking attacks on foreign enemies including Islamic State.

Why the NSA Makes Us More Vulnerable to Cyberattacks (Foreign Affairs) When the U.S. government discovers a vulnerability in a piece of software, it can either keep it secret or it can alert the software vendor. In the case of WannaCry ransomware that spread throughout the Internet earlier this month, the NSA found the vulnerability years ago and decided to exploit it rather than disclose it.

What is needed to split NSA and Cyber Command? (C4ISRNET) In this first of a four-part series, we examine what Cyber Command needs to operate as its own, independent entity.

Here’s what Cyber Command’s war-fighting platform will look like (C4ISRNET) Cyber Command will need its own infrastructure and platform to conduct its mission separate from what it currently shares with the NSA.

Cyber, electronic warfare blur tactical, strategic lines (C4ISRNET) The Army is working to test new technologies to help inform requirements, doctrine and operational concepts in the cyberspace domain.

Senate zeros out funding for US Army’s battlefield network (Defense News) The Senate Armed Services Committee, in its fiscal year 2018 policy bill, has zeroed out funding for the Army’s battlefield network.

The Encryption Debate Should End Right Now (WIRED) When law enforcement argues it needs a “backdoor” into encryption services, the counterargument has typically been that it would be impossible to limit such access to one person or organization.

Litigation, Investigation, and Law Enforcement

Dem rep demands info on ransomware attack from NSA (TheHill) Rep. Ted Lieu (D-Calif.) is calling on the National Security Agency (NSA) to release what it knows about a massive ransomware attack that surged across the globe this week.

Kremlin urges international action to combat cyber crime (Yeni Şafak) Cyber attacks like the one which hit Russia and other countries on Tuesday underline the need for a concerted international action to fight cyber crime, Kremlin spokesman Dmitry Peskov said on Wednesday.

Six held in Spain, UK and Germany in anti-jihadist raids (BBC News) Among those arrested is a man in Birmingham described as as Salafist imam.

Sexism in terrorism: How reporting on women's acts of violence distorts reality (Middle East Eye) The media's coverage of terrorist acts perpetrated by women often distort their motivations. It's time female terrorist are given agency for their participation in violence

Facebook moderators can inspect private messages of users suspected of terror links (Help Net Security) Facebook's human moderators have the final say on whether there is a need to remove content or if law enforcement needs to be notified of a threat.

Twitter's Meme War Isn't About Civility, It's About Money (WIRED) If you're a fan of online music journalism, Tuesday was not a great day.

A new report raises some big questions about Michael Flynn and Russian hackers (Vox) The Wall Street Journal describes how one Trump supporter reached out to hackers — and dropped Flynn’s name.

Bush administration official blasts Trump over Russia (Reuters via Yahoo!) A former U.S. diplomat who served under Republican President George W. Bush criticized the Trump administration on Wednesday for failing to do more to investigate allegations that Russia sought to meddle in the 2016 U.S. election.

Windows 10 snooping: Microsoft has halved data it collects from PCs says watchdog (TechRepublic) The French regulator CNIL announced that Windows 10 now complies with the country's data protection laws, following changes to how the OS handles user privacy.

Canadian Supreme Court Says It's Fine To Censor The Global Internet; Authoritarians & Hollywood Cheer... (Techdirt) For the past few years, we've been covering the worrisome Google v. Equustek Solutions case in Canada. The case started out as a trademark case, in which Equustek claimed that another company was infringing on its trademarks online.

Mexican politicians targeted with spyware, research shows (TheHill) Citizen Lab releases new research on government spyware deployed against targets in Mexico.

Turkish journalists 'humiliated' by Israeli security at cyber conference (The Jerusalem Post) Turkish journalists were shocked by their treatment at the hands of Israeli security just as Israeli and Turkey are trying to normalize relations.

Microsoft-Led Investigation Results in Arrest of Four Tech Support Scammers (BleepingComputer) City of London Police announced they arrested four suspects, two men, and two women, on accusations of running tech support scams.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

DEF CON 25 (Las Vegas, Nevada, USA, July 27 - 30, 2017) You know how we know it’s almost DEF CON? The Southwest is having a heat wave, that ancient tweet about the Feds (allegedly) not appreciating the ‘Spot the Fed’ contest is back and the interwebz are buzzing...

Cybersecurity Nexus North America 2017 (CSX) (Washington, DC, USA, October 2 - 4, 2017) Be a part of a global conversation with professionals facing the same challenges as you at the nexus—where all things cyber security meet. Cyber security doesn’t take a vacation and it doesn’t sleep. You...

Hacker Halted (Atlanta, Georgia, USA, October 9 - 10, 2017) The theme for Hacker Halted 2017 is The Art of Cyber War: Lessons from Sun Tzu. 2,500 years ago, Sun Tzu wrote 13 chapters on military strategy. Fast forward to today and we are still learning from those...

POC 2017 (Seoul, Korea, November 2 - 3, 2017) POC started in 2006 and has been organized by Korean hackers & security experts. It is an international security & hacking conference in Korea. POC doesn't pursue money. POC concentrates on technical and...

Countermeasure (Ottawa, Ontario, Canada, November 9 - 10, 2017) Now into its sixth year in Ottawa, and consistently advancing in both size and content quality, COUNTERMEASURE continues to be the national capital's premier IT security event. As in years past, attendees...

Third International Conference on Information Security and Digital Forensics (ISDF 2017) (Thessaloniki, Greece, December 8 - 10, 2017) A 3 day event, with presentations delivered by researchers from the international community, including presentations from keynote speakers and state-of-the-art lectures.

Upcoming Events

CyberSecurity International Symposium (Chcago, Illinois, USA, July 10 - 11, 2017) The Symposium will take an in-depth look at the latest cyber security threats and trends, as well as real-world strategies for securing critical networks and data in enterprise, commercial, government...

East Midlands Cyber Security Conference and Expo (Leicester, England, UK, July 11, 2017) The conference and expo will bring together over 150 businesses, information security providers and key influencers to discuss the threats posed by online criminals and the practical ways in which business...

Electronic Warfare Olympics & Symposium (Colorado Springs, Colorado, USA, July 13 - 14, 2017) The 2017 Electronic Warfare Olympics & Symposium will improve the capability, and marketability, of spectrum warriors by building the local EW/IO community. and bringing awareness to the capabilities in...

3rd Edition CISO Summit India 2017 (Mumbai, India, July 14, 2017) Cyber security has gone through a tremendous change over the last couple of months. Ecosystem disruptions like demonetization, emergence of payment banks and fintech play have put technology as the sine...

CYBERCamp2017 (Herndon, Virginia, USA, July 17 - 28, 2017) Always wondered what “cyber attacks” really are? How a special group of cyber warriors protect and defend our banks, stores, and electric plants every second? Join experts from the FBI and the foremost...

National Insider Threat Special Interest Group - Insider Threat Symposium & Expo (Laurel, Maryland, USA, July 18, 2017) The National Insider Threat Special Interest Group (NITSIG) is excited to announce that it will hold a 1 day Insider Threat Symposium & Expo (ITS&E), on July 18, 2017, at the Johns Hopkins University Applied...

2nd Annual Billington Automotive Cybersecurity Summit (Detroit, Michigan, USA, July 18, 2017) The 2017 Billington Automotive Cybersecurity summit will build on the 2016 inaugural summit that brought together a who’s who of speakers including the CEO of GM and the Secretary of Transportation, prestigious...

SANSFIRE 2017 (Washington, DC, USA, July 22 - 29, 2017) Now is the time to advance your career and develop skills to better protect your organization. At SANSFIRE 2017, choose from over 45 hands-on, immersion-style security training courses taught by real-world...

ISSA CISO Executive Forum: Security Awareness and Training--Enlisting your entire workforce into your security team (Las Vegas, Nevada, USA, July 23 - 24, 2017) The gap in Security skills in the workforce have put the pinch on Security teams. Join us to learn how to get lean by empowering the rest of your organization to understand and manage security risks. We’ll...

AFA CyberCamp (Pittsburgh, Pennsylvania, USA, July 24 - 28, 2017) The AFA CyberCamp program is designed to excite students new to cybersecurity about STEM career opportunities and teach them important cyber defense skills through hands-on instruction and activities.

BSides Las Vegas (Las Vegas, Nevada, USA, July 25 - 26, 2017) BSides Las Vegas isn’t another “talk at you” conference. Everyone at BSides is a participant. Track after track, year after year, the security researchers, engineers, analysts and managers that present...

Cross Domain Support Element Summer Workshop 2017 (Laurel, Maryland, USA, July 25 - 26, 2017) The Unified Cross Domain Services Management Office (UCDSMO) is presenting a two-day workshop for the benefit of the Cross Domain Support Element (CDSE) Offices, and the personnel who support them. Topics...

Black Hat USA 2017 (Las Vegas, Nevada, USA, July 26 - 27, 2017) Now in its 20th year, Black Hat is the world’s leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2017 kicks off with four days...

RSA Conference 2017 Asia Pacific & Japan (Singapore, July 26 - 28, 2017) RSA Conference 2017 Asia Pacific & Japan is the leading information security event in the region. Join us for three days of high quality education, engaging content and valuable networking. Get exposure...

North American International Cyber Summit (Detroit, Michigan, USA, July 30, 2017) In its sixth year, the cyber summit brings together experts from across the globe to address a variety of cybersecurity issues impacting the world of business, education, information technology, economic...

Cyber Texas (San Antonio, Texas, USA, August 1 - 2, 2017) CyberTexas was established to provide expanded access to security developments and resources located in Texas; provide an ongoing platform for the education and skill development of cyber professionals...

Cyber Security Summit: Chicago (Chicago, Illinois, USA, August 8, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Chicago Receive...

PCI Security Standards Council: 2017 Latin America Forum (Sao Paulo, Brazil, August 9, 2017) Join your industry colleagues for a full day of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment industry or showcase a new product, you’ll...

2017 DoDIIS Worldwide Conference (St. Louis, Missouri, USA, August 13 - 16, 2017) Hosted annually by the DIA Chief Information Officer, the DoDIIS Worldwide Conference features a distinguished line-up of speakers and an extensive selection of breakout sessions allowing attendees to...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.