skip navigation

More signal. Less noise.

Daily briefing.

Want to become part of the CyberWire story?

People have asked us how they can support the CyberWire, and so we're pleased to say we've launched our new Patreon site, where we've created a variety of support levels. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story, and we thank you for reading and listening. 

The hacking of French President-elect Macron's campaign emails has yet to turn up anything observers find particularly scurrilous or discreditable, with influence operations amounting to little more than tendentious jeering memes in social media. Flashpoint thinks the effort shows signs of haste, perhaps driven by Macron's late emergence as a serious candidate.

Ars Technica reports that some evidence points toward Evrika ZAO, a St. Petersburg IT company that numbers Russia's FSB among its customers. WikiLeaks itself noted, in what practically counts as an admission against interest, that metadata in some of the leaked material indicates that it was last edited by someone working at Evrika. Trend Micro has maintained for some time that operations against Macron's campaign are circumstantially but significantly similar to the ones Pawn Storm (Fancy Bear, that is, the GRU) conducted against the US Democratic National Committee last year. Moscow denies involvement, denouncing the attribution as slander.

False flags planted in the leaks are possibilities, but German and British authorities are taking the threat of Russian information operations against their own elections very seriously. Recently retired US DNI Clapper agrees, and says the US should expect more of the same.

WikiLeaks, unchastened by l'affaire Macron, continued its Vault7 dumps Friday, releasing "Archimedes," said to be a CIA tool used to compromise devices operating within a single LAN.

Today is Patch Tuesday, but one problem couldn't wait: Microsoft late yesterday fixed a remote-code-execution vulnerability Google's Project Zero found in Windows' Malware Protection Engine. Google called the bug "crazy-bad."

Notes.

Today's issue includes events affecting China, European Union, France, Germany, Ireland, Japan, Democratic Peoples Republic of Korea, Russia, Syria, United States.

In today's podcast, Joe Carrigan from our partners at the Johns Hopkins University describes the benefits of segmenting your home network, especially the benefits of putting IoT devices on a distinct segment isolated from your home PCs. Our guest is Andrew Blaich from the mobile security company Lookout. He discusses the Pegasus lawful-intercept tool as it appears on Android devices. 

 

Who's in Your Cloud? Gaining Visibility Into Your Network and Critical Assets (Webinar, May 11, 2017) Since cloud services are accessible from anywhere, at any time, getting visibility into your cloud activity is critical. Delta Risk experts examine the increasing importance of cloud monitoring and how it can protect your organization.

Borderless Cyber USA (New York, New York, USA, June 21 - 22, 2017) Is your enterprise investing enough to protect against cyber-attack? Are you putting your resources where they have the most impact? How can you be sure? Senior security executives come together at Borderless Cyber to uncover new strategies, make new connections, and leave better prepared to defend their cyber practices--in the computer room and the Board room. The conference will take place at the historic U.S. Customs House in lower Manhattan on 21-22 June. Receive an extra $100 off the corporate rate. Use the discount code Cyberwire when registering. Special government rates and Early Bird savings are also available. We look forward to seeing you this June in NYC!

Cyber Attacks, Threats, and Vulnerabilities

WikiLeaks reveals Archimedes, a CIA tool that can attack a computer inside an LAN (Computing) More details on CIA-connected hacking tools released

Evidence suggests Russia behind hack of French president-elect (Ars Technica) Russian security firms' metadata found in files, according to WikiLeaks and others.

Macron Hack Attack, Clumsy and Ignored, Is Met With Gallic Shrug (Bloomberg.com) Emmanuel Macron seemed like the latest high-profile victim of political cyber warfare Friday when a vast trove of documents from his presidential campaign was dumped online less than 48 hours before polls opened. It spread rapidly on social media.

Ex-intel chief James Clapper warns of more Russian hacks (CNET) Fueled by the success of the 2016 presidential race, Russians will be back to hack future US elections, the former director of national intelligence predicts.

Trump’s silence on French hacks troubles cyber experts (POLITICO) The White House’s failure to mention the attack on one of America’s oldest allies has worried Democrats, cyber policy specialists and former White House officials.

Islamic State says it beheads Russian officer in Syria: SITE (Reuters) Islamic State has issued a video showing the beheading of what it described as a Russian intelligence officer captured in Syria, the U.S.-based SITE monitoring website reported on Tuesday.

Are Cyber Crooks Funding North Korea’s Nukes? (The Daily Beast) How does Kim Jong Un come up with the billions to pay for his nuclear tests? Increasingly successful online bank heists provide at least some of the cash, experts say.

Google 0-Day Hunters Find 'Crazy Bad' Windows RCE Flaw (The Hacker News) Google Project Zero Security Researchers claim to have found a worst remote code execution vulnerability of all time in the Microsoft Windows operating system.

Bitdefender uncovers new malware targeting government agencies (IT Pro Portal) It's based on a legitimate, yet controversial, toolkit.

Everything you need to know about Intel's scary security flaw (Mashable) And how to protect yourself.

Irish public warned as cyber scammers target Tesco and Bank of Ireland customers (The Irish Sun) THE Irish public are being warned by an antivirus protection company as cyber scammers are targeting Tesco and Bank of Ireland customers.

FCC hit with DDoS attacks after John Oliver takes on net neutrality (CSO Online) The FCC's website slowed to a crawl after comic and political commentator John Oliver urged viewers to flood the agency with comments in support of net neutrality, in what appeared to be a repeat of a 2014 incident. But the cause may have been more sinister than people expressing their support for net neutrality rules.

DoS (Denial of Service) Attack Tutorial: Ping of Death, DDOS   (Anil Minz Info-Tech) What is DoS Attack? DOS is an attack used to deny legitimate users access to a resource such as accessing a website, network, emails, etc. or making it extremely slow. DoS is the acronym for Denial…

Persirai: New Internet of Things (IoT) Botnet Targets IP Cameras (TrendLabs Security Intelligence Blog) A new Internet of Things (IoT) botnet called Persirai (Detected by Trend Micro as ELF_PERSIRAI.A) has been discovered targeting over 1,000 Internet Protocol (IP) Camera models based on various Original Equipment Manufacturer (OEM) products.

Website Flaw Let True Health Diagnostics Users View All Medical Records (KrebsOnSecurity) Over the past two weeks readers have pointed KrebsOnSecurity to no fewer than three different healthcare providers that failed to provide the most basic care to protect their patients’ records online. Only one of the three companies — the subject of today’s story — required users to be logged on in order to view all patient records.

Hackers Leverage Flaws in SS7 to Drain Victims' Bank Accounts (eSecurity Planet) The attackers were able to redirect SMS messages used for two-factor authentication in order to approve money transfers.

A Cell Network Flaw Lets Hackers Drain Bank Accounts. Here’s How to Fix It (WIRED) Security researchers have warned about SS7 for years. Now that hackers have used it to rob banks, here's how telecoms can finally fix it.

Ransomware by the Book (Recorded Future) Ransomware has quickly risen to one of the top cyber threats. Here we speak with someone who quite literally wrote the book on ransomware — Allan Liska.

Ransomware: The epidemic of our time (Barracuda) Every few years or so, a new threat surfaces and becomes the attackers’ “go-to” method of attack.

Quick Heal detected millions of malware samples on Windows and on Android platform in Q1 2017 (PCQuest) According to Quick Heal Threat Report for Q1 2017, about 295 million malware samples were blocked on the systems of Quick Heal users. February clocked the highest number of detection.

Are you encrypting your documents? Here’s what happens when you don’t (Naked Security) It was bad enough when a university’s unencrypted salaries spreadsheet when missing two years ago – and then it popped up again

Why hackers attack celebrities (GulfNews) In Hollywood cybercriminals have found a lucrative niche they have learnt the highest-profile targets are supported by a system of soft targets

Security Patches, Mitigations, and Software Updates

Microsoft releases emergency patch to fix severe remote-code execution flaw that exploits Windows' own anti-virus engine (Computing) Microsoft acts quickly following disclosure by Google's Project Zero bug-hunters

Microsoft releases emergency patch to fix severe remote-code execution flaw that exploits Windows' own anti-virus engine (Computing) Microsoft acts quickly following disclosure by Google's Project Zero bug-hunters

Microsoft releases emergency patch to fix severe remote-code execution flaw that exploits Windows' own anti-virus engine (Computing) Microsoft acts quickly following disclosure by Google's Project Zero bug-hunters

Microsoft releases emergency patch to fix severe remote-code execution flaw that exploits Windows' own anti-virus engine (Computing) Microsoft acts quickly following disclosure by Google's Project Zero bug-hunters

Viral phishing scams and vulnerabilities: What to watch out for this Patch Tuesday (Help Net Security) We can expect an update for the OS, IE and Flash Player for IE of course. Also, count on at least a Flash update from Adobe, but maybe not much else.

Google Ratchets Up OAuth Policies in Wake of Phishing Attacks (Dark Reading) Google says it responded to the widespread Google Docs phishing campaign within one hour of detecting it.

Spectacular phishing attack pushes Google to improve defenses (Help Net Security) The most recent Google-themed phishing attack shouldn't have come as a surprise, but it did - and has affected around a million Gmail users.

Hikvision Patches Backdoor in IP Cameras (Threatpost) Hikvision recently patched a backdoor in a slew of its cameras that could have made it possible for a remote attacker to gain full admin access to affected devices.

Microsoft pulls plug on Windows 10's debut version (Computerworld) Windows 10 1507, which debuted in 2015, will receive its last security patches on Tuesday.

Cloudflare changes abuse policy but refuses to “censor the Internet” (Ars Technica) Network operator was criticized for forwarding abuse reports to racist sites.

Cyber Trends

Opinion | Ai Weiwei: How Censorship Works (New York Times) Those who remain silent to please the authorities make China’s brutal system possible.

Cyberattacks on governments double (GCN) To hackers, government targets may be just as attractive as banks, a new report suggests.

Data protection is top consumer demand among connected home support solutions (Parks Associates) New Parks Associates research shows that 59% of U.S. broadband households planning to purchase a smart home device are interested in a support service that guarantees the security of their device from unauthorized access.

Research Reveals Organizations Falling Behind in Cybersecurity Analytics and Operations Despite Business Pressure to Improve (BusinessWire) New research from ESG, commissioned by DFLabs and other technology vendors, reveals challenges to Cybersecurity Analytics and Operations and the incre

UK Firms Flag Cybersecurity Fears Over Energy Sector (Infosecurity Magazine) UK Firms Flag Cybersecurity Fears Over Energy Sector. Majority would switch supplier after a breach, says PwC

Marketplace

Does your business need cyber liability insurance? (Business Journals) We’ve all heard about the various security measures our businesses should have in place to defend against cyberattack. We know this is something we need to invest both time and money into if we want to remain safe.

Deloitte acquires Sydney MSP and devops specialist Strut Digital (CRN Australia) Strut Digital to strengthen consultancy's DevOps ability.

WISeKey International Holding (WIHN.SW) Successfully Integrates 4 Cybersecurity IoT Companies (WISeKey SA, WISeTrust SA, VaultIC and Quovadis) into a New IoT CyberSecurity Platform Company (BusinessWire) WISeKey International Holding Ltd (“WISeKey” or the “Company”) (SIX:WIHN) celebrated its first year of the listing of its WIHN

RedLock emerges from stealth to protect customers from faulty cloud configurations (TechCrunch) The major cloud infrastructure vendors know a thing or two about securing their platforms, but they still can't protect their customers against user..

Dell EMC puts pressure on Cisco with open networking push (CRN Australia) Will unveil state-of-the-art networking products.

Can Cisco’s Security Business Keep Growing in Fiscal 3Q17? (Market Realist) According to IDC, tech (QQQ) heavyweight Cisco Systems (CSCO) continues to dominate the security appliance market with a 13.7% share. Other top players in this space include Check Point Software Technologies (CHKP), Palo Alto Networks (PANW), Fortinet (FTNT), and Huawei, with shares of 12.3%, 11.1%, 9.5%, and 4.7%, respectively, as of 4Q16.

Harris Corp. wins Air Force cryptographic contract (C4ISRNET) The contract has a maximum value of $875 million.

Tanium Challenges Continue As VMware Ends OEM Relationship (CRN) VMware has ended its OEM relationship with Tanium, CRN has learned, the latest in a series of challenges the cybersecurity company has faced in recent weeks.

FireEye Inc (FEYE) Stock Has Cleared Security. Buy It! (InvestorPlace) Last week's rally in FireEye showed renewed hope, which has resulted in a much more promising chart stance for FEYE stock.

FireEye's Big Earnings Beat: Sunny Skies Ahead? (The Motley Fool) Has the long-suffering cybersecurity firm finally turned a corner with its first quarter beat?

Elliott's Singer Eyes Gigamon Sale (TheStreet) The activist investor launched an insurgency campaign at the network technology company, which is part of a consolidating industry

Gigamon, Meet Elliott. Next, Meet Your Buyer. (Bloomberg Gadfly) Step 1, the activist investor takes a stake. Step 2, a takeover.

How One Scrappy Startup Survived the Early Bitcoin Wars (WIRED) Inside the early days of cryptocurrency.

CrowdStrike in partner recruitment mode after opening Milan office (Channelnomics) Security vendor primed for expansion after previously sealing UK distribution deal,Vendor,Security ,CrowdStrike,Southern Europe

BioCatch Receives Frost & Sullivan New Product and Innovation Award for Continued Disruption in Behavioral Biometrics Landscape (PRNewswire) BioCatch, the global leader in behavioral biometrics, announced today that it...

Staples names former HP security exec to lead cyber-security (Chain Store Age) An office supplies giant is taking steps to tighten up its data security strategies.

21st Century Fox Names Palantir’s Melody Hildebrandt Head of Information Security (Variety) 21st Century Fox has hired Melody Hildebrandt as global chief information security officer, overseeing cybersecurity and risk management for the media conglomerate’s technology and communicat…

Forcepoint Extends Commitment to Securing Global Governments, Names New Executive and Sales Leadership (PRNewswire) Global cybersecurity leader Forcepoint™ today announced two leadership...

US's Digital Shadows expands executive leadership to support rapid growth (Zawya) New chief marketing officer, new board member and new director of security intelligence join. - Zawya MENA Edition

Nuix names chief operating officer and former Fujitsu boss Rod Vawdrey as new chief executive (CRN Australia) Rod Vawdrey promoted from chief operating officer.

Palo Alto Networks Channel Chief Leaves For Hyper-Converged Startup (CRN) After helping revamp Palo Alto Networks' partner program last year, Todd Palmer has left the security company to lead the channel charge for a hyper-converged startup.

Senior Intelligence Official Ron Moultrie Joins Balabit Advisory Board (Marketwired) Highly-decorated cyber security expert, former NSA Director of Operations, and senior manager with CIA to help guide strategic development initiatives

Products, Services, and Solutions

IBM Mobile First & SecuredTouch Offer Integrated Solution for Frictionless Authentication (Financial IT) SecuredTouch behavioral biometric technology is now a primary authentication option in IBM’s MobileFirst Foundation.

FinalCode Announces Global Launch of FinalCode Express Edition (FinalCode) File encryption package offers persistent protection anywhere files go, now starting as low as $10 per month

FinalCode Launches Client for Mac Worldwide: FinalCode persistent file security now available for both Windows and Mac users to prevent file data loss (FinalCode) FinalCode, Inc., a leading provider of information security software, today announced the immediate global availability of FinalCode® for Mac. Now FinalCode, a persistent, file-centric information rights management (IRM) solution that protects files wherever they go, inside and outside of the organization, is available for both Windows and Mac users.

Skycure Redefines Mobile Threat Defense with Updated Platform that Enables Safer and Smarter Enterprise Mobile Apps (Marketwired) Comprehensive mobile threat defense solution adds mobile app reputation service and built-in threat connectors so enterprises can build self-defending mobile apps

Guidance Software Announces EnCase® Mobile Investigator (BusinessWire) Guidance software announces new EnCase Mobile Investigator.

KoolSpan selects Trustonic to protect TrustCall application code integrity (Trustonic) KoolSpan has selected the innovative Trustonic Application Protection (TAP) solution to help protect its widely successful TrustCall application.

Synnex signs exclusive agreement with Avast, for AVG's portfolio (CRN Australia) Offers AVG security software portfolio to ANZ partners.

Affiliated and Essence USA Launch PERS-Focused Dealer Program (PRNewswire) Program highlights Essence's PERS+ with Smart...

eScan introduces innovative Endpoint Protection Solutions for Enterprises (Open PR) Enterprises can no longer rely solely on traditional security solutions in today’s evolving cyber threat landscape.

Carbon Black beefs up solution to lock down data center servers (Data Center News) Carbon Black is on a mission to lock down data center servers, at a time when server breaches are amongst the most common cyber attacks.

Intercede Announces Secure Login For WordPress (Information Security Buzz) RapID Secure Login enables WordPress users to easily access their accounts without insecure and cumbersome passwords...

CrowdStrike Expands Its Market-leading Managed Threat Hunting Service (BusinessWire) CrowdStrike® Inc., the leader in cloud-delivered endpoint protection, today launched new service levels for its Falcon OverWatch™ managed th

Two-factor authentication SaaS provider Duo Security launches MSP program (ChannelBuzz.ca) Following last year’s creation of a partner program, Duo has created another program specifically for MSPs.

Virtustream launches Healthcare Cloud (ZDNet) With its capabilities around highly regulated workloads and Dell's reach in the healthcare sector, Virtustream is well poised to offer a healthcare-specific cloud.

Technologies, Techniques, and Standards

Japan to rate home devices on cyber-attack vulnerabilities (The Salt Lake Tribune) The Internal Affairs and Communications Ministry plans to introduce a certification system for home appliances and other devices that can be connected to the internet that will show how resilient the devices are against cyber-attacks, it has been learned.

Britain's Political Parties Are Spending Millions on Voter Micro-Targeting (Motherboard) The data that turned the world upside down continues to do so.

How to protect your boss from phishing attacks (Naked Security) Oversharing on social media can make both individuals and the companies we work for targets for spearphishers and whalers. Here are our tips to help stop that happening

'GDPR will be hard for large suppliers like Salesforce' warns expert panel (Computing) Large vendors used to handing out boilerplate terms and unused to negotiating contract details will struggle with GDPR, warn CIOs

What healthcare CISOs should know (Help Net Security) The question healthcare orgs need to ask themselves every day: “Are we more secure today than yesterday?” Here's some advice healthcare CISOs should heed.

SOCs are maturing, but need more automation (Help Net Security) SOC maturity is improving. Their primary strengths are flexibility of response and response time, while their weakness is lack of visibility into events.

Stop thinking all high profile cyber-attacks come from China and Russia (Thycotic) Despite dramatic media coverage, most breaches in cyber security are not caused by nation-state attacks carried out by sophisticated hackers. Far too often businesses try to save face by blaming attacks on state actors when they have failed to make proper cybersecurity investments that leave them vulnerable to amateur hackers.

Some consumer PCs also appear to have dangerous Intel exploit (CSO Online) Despite reports that consumers got away clean, a dangerous Intel exploit may actually be in some consumer PCs

How to prevent your data from being searched at the US border (CSO Online) Travelers concerned about their privacy can take steps to protect their data as they cross the U.S. border. They should remember the old Boy Scout motto: Be prepared.

Air Force migrates, consolidates top-secret network (C4ISRNET) The Air Force says it is nearing completion of consolidating all legacy Joint Worldwide Intelligence Communications Systems across the force and National Guard.

Security awareness is good, but good security culture is better (Help Net Security) Are you worried about the fact that breaches are increasingly being traced back to human interaction? Build security culture into your organization.

The Security Culture Report 2017 (CLTRe) The Security Culture Report 2017 – Indepth insights into the human factor – is a a deep dive into the security cultures of more than 10 000 employees across 5 industry sectors, 38 companies and two countries.

Age and Gender Balance Essential in Security Culture (Infosecurity Magazine) Age and Gender Balance Essential in achieving an internal Security Culture.

Design and Innovation

German firms will streamline online login with a European bent (CSO Online) Several German firms are taking a stab at a single login process for accessing different online services -- an approach that could compete with U.S. offerings.

IoT security companies take on device discovery, authentication (IoT Agenda) Learn how three IoT security companies -- Pwnie Express, Rubicon Labs and Device Authority -- are solving IoT device discovery and IoT authentication.

IBM's Watson Taking on Cybersecurity and Health (Bloomberg.com) IBM is doubling down on Watson, the cognitive computing technology. Bloomberg's Caroline Hyde visited IBM's security and health units headquartered in Cambridge, Mass., where Watson is now applying its deep machine learning to help in drug discovery as well as monitoring cyberattacks. (Source: Bloomberg)

Buffett says IBM's Watson will have greatest value when it replaces human labor (CNBC) Billionaire investor Warren Buffett says IBM's artificial intelligence unit Watson should one day take the place of humans.

IBM's Watson 'is a joke,' says Social Capital CEO Palihapitiya (CNBC) Social Capital CEO Chamath Palihapitiya shared his views on IBM and Tesla at the Sohn Conference on Monday.

Disconnected thinking: Why are we managing optimised systems with dated human mindsets? (Computing) The human minds controlling increasingly smart systems need to shape up and be remodelled, argues Peter Cochrane

Research and Development

Researchers Explore Idea of Sabotage via Antivirus Engines (BleepingComputer) Four researchers from two universities in Germany have devised a method of turning an antivirus engine's malware scanning engine into an attack weapon.

Where cryptography and quantum computing intersect (Microsoft Research) By Kristin Lauter, Principal Researcher, Microsoft Research Last week I spent time at the American Institute of Mathematics in San Jose, working with a group of 20 or so mathematicians and computer scientists on questions related to quantum arithmetic, at a conference co-organized by researchers in the Microsoft Research (MSR) Quantum Architectures and Computation (QuArC) …

Legislation, Policy, and Regulation

CNI, Startups & Cyber-Skills High on the Agenda for UK Government (Infosecurity Magazine) CNI, Startups & Cyber-Skills High on the Agenda for UK Government

Joint Staff links cyber ops to countering air, missile threats (C4ISRNET) In an update to a 2012 joint publication, the Joint Staff now includes cyberspace operations for support in countering air and missile threats.

Editorial: NSA’s decision to cut data collection just a first step (East Bay Times) An East Bay Times editorial argues that the NSA’s decision to cut back on its data collection is but a first step of many that need to be taken.

Introduction: A Twenty-First Century Framework for Digital Privacy (National Constitution Center) At the beginning of the twenty-first century, breathtaking changes in technology pose stark challenges to privacy and security.

Litigation, Investigation, and Law Enforcement

North Korea claims plot reveals US state-sponsored terrorism (Military Times) After arresting two American university instructors and laying out what it says was an elaborate, CIA-backed plot to assassinate Kim Jong Un, North Korea is claiming to be the victim of state-sponsored terrorism — from the White House.

U.S. Concerned About Kaspersky Lab Links to Russian Gov't, Article Claims (MSP Mentor) Are Kaspersky Lab products a threat to U.S. national security?

US Officials Are Warning About A Russian Cybersecurity Company's US Government Ties (BuzzFeed) Kaspersky has denied links to the Russian government, but US officials are raising doubts.

Clapper: Intel community stands by finding that Vladimir Putin sought to undermine US election (Washington Examiner) Clapper summarized the intelligence community's findings by saying Vladimir Putin tried to erode the "faith and confidence" of U.S. voters.

Yates: Alarm about Russian blackmail led to warning on Flynn (Military Times) Former acting Attorney General Sally Yates told Congress Monday she bluntly warned the Trump White House in January that new National Security Adviser Michael Flynn "essentially could be blackmailed" by the Russians because he apparently had lied to his bosses about his contacts with Moscow's ambassador in Washington.

Russiagate: Trump Is Trying to Put Out a Fire With More Smoke (Foreign Policy) If Republicans have a shred of intellectual integrity, they’ll ignore the president’s flailing, and follow the evidence wherever it leads.

DHS Report Outlines Feds' Mobile Security Threats (Dark Reading) The US Department of Homeland Security sent Congress a study on mobile security threats facing federal government workers as well as recommendations for protection.

U.S. government steps up focus on cybercrimes (ConsumerAffairs) In response to the proliferation of cybercrime activity, such as last week's phishing scam targeting Gmail users, U.S. law enforcement is increasing its ef

FBI Reports Uptick In Cyber Wire Fraud In 2016 (PYMNTS.com) Cyber wire fraud via email had increased during the last seven months of last year, according to a new warning from the Federal Bureau of Investigation.

US device searches at borders ignite resistance (CSO Online) In CBP's fiscal year 2015, the agency searched just 8,503 devices during 383.2 million border crossings. But in fiscal year 2016, the number of device searches jumped to 19,033, and in the first six months of FY2017, CBP searched 14,993 devices, putting the agency on pace to search nearly 30,000 devices for the year.

Child abuse network had 10,000 UK members (Times (London)) As many as 10,000 Britons signed up to one of the world’s largest paedophile networks, which operated on a clandestine part of the internet for almost two years without police shutting it down.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

National Cyber Security Summit (Huntsville, Alabama, USA, June 6 - 8, 2017) The National Cyber Summit is the preeminent event for cyber training, education and workforce development aimed at protecting our nation’s infrastructure from the ever-evolving cyber threat. The summit...

Upcoming Events

Law Enforcement and Public Safety Technology Forum (Washington, DC, USA, May 9 - 10, 2017) For the ninth year, AFCEA Bethesda is gathering the law enforcement and public safety IT community. The Law Enforcement and Public Safety Technology Forum will bring together more than 300 executives,...

SANS Security West 2017 (San Diego, California, USA, May 9 - 18, 2017) Cybersecurity skills and knowledge are in high demand. Cyber attacks and data breaches are more frequent and sophisticated, and organizations are grappling with how to best defend themselves. As a result,...

OWASP AppSec EU (Belfast, Northern Ireland, UK, May 12 - 18, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative...

EnergySec Security Education Week (Austin, Texas, USA, May 14 - 19, 2017) The Energy Sector Security Consortium, Inc.'s Security Education Week is designed for early to mid career cybersecurity professionals currently employed at electric utilities in North America. Students...

K(no)w Identity Conference (Washington, DC, USA, May 15 - 17, 2017) To converge identity experts from across all industries in one space, to be at the nexus of ideas and policies that will fundamentally change identity around the world. Provides business leaders, privacy...

Global Cybersecurity Innovation Summit Advancing International Collaboration (London, England, UK, May 16 - 17, 2017) SINET – London creates a forum to build and maintain international relationships required to foster vital information sharing, broad awareness and the adoption of innovative Cybersecurity technologies.

Public Sector Cyber Security Conference: Defending the Public from Cyber-Attacks (Salford, England, UK, May 17, 2017) Join us for the Public Sector Cyber Security Conference where leading experts will explain how to protect the vital services provided by central Government, local councils and the NHS. Learn how to safeguard...

PCI Security Standards Council: 2017Asia-Pacific Community Meeting (Bangkok, Thailand, May 17 - 18, 2017) Two days of networking and one-of-a-kind partnership opportunities await you. Whether you want to learn more about updates in the payment card industry or showcase a new product, you’ll find it all at...

2017 Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 17 - 18, 2017) It is more important than ever that in-house and outside counsel stay abreast of the most current developments and best practices in cybersecurity. At our Institute you will receive insights on the best...

Northsec Applied Security Event (Montreal, Québec, Canada, May 18 - 21, 2017) The conference will feature technical and applied workshops hosted in parallel for the most motivated attendees. Topics include application and infrastructure (pentesting, network security, software and/or...

SANS Northern Virginia - Reston 2017 (Reston, Virginia, USA, May 21 - 26, 2017) This event features comprehensive hands-on technical training from some of the best instructors in the industry and includes courses that will prepare you or your technical staff for DoD 8570 and GIAC...

Enfuse 2017 (Las Vegas, Nevada, USA, May 22 - 25, 2017) Enfuse™ is a three-day security and digital investigations conference where specialists, executives, and experts break new ground for the year ahead. Enfuse offers unsurpassed networking opportunities,...

2017 Cyber Investing Summit (New York, New York, USA, May 23, 2017) The 2nd Annual Cyber Investing Summit is an all-day conference focusing on investing in the $100+ billion dollar cyber security industry. Attendees will explore the financial opportunities, trends, challenges,...

Citrix Synergy (Orlando, Florida, USA, May 23 - 25, 2017) Learn how to solve your IT flexibility, workforce continuity, security and networking challenges—and power your business like never before—with the workspace of the future.

AFCEA/GMU Critical Issues in C4I Symposium (Fairfax, Virginia, USA, May 24 - 25, 2017) The AFCEA/GMU Critical Issues in C4I Symposium brings academia, industry and government together annually to address important issues in C4I technology and systems R&D. The agenda for 2017 will include:...

AFCEA/GMU Critical Issues in C4I Symposium (Fairfax, Virginia, USA, May 24 - 25, 2017) The AFCEA/GMU Critical Issues in C4I Symposium brings academia, industry and government together annually to address important issues in C4I technology and systems R&D.

SECON 2017 (Jersey City, New Jersey, USA, May 25, 2017) Social engineering impacts security. (ISC)2 New Jersey Chapter is a 501(c)(3) not-for-profit charitable organization. Our chapter’s mission is to disseminate knowledge, exchange ideas, and encourage community...

Cyber Southwest (Tucson, Arizona, USA, May 27, 2017) CSW will be dedicated to furthering the discussion on cyber education and workforce development in Arizona, healthcare cybersecurity, and technical training in areas such as threat intelligence, insider...

SANS Atlanta 2017 (Atlanta, Georgia, USA, May 30 - June 4, 2017) Learn the most effective steps to prevent attacks and detect adversaries with actionable techniques that you can directly apply when you get back to work. Take advantage of tips and tricks from the experts...

Cyber Security Summit: Seattle (Seattle, Washington, USA, June 1, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Seattle. Receive...

Cyber Security Summit: Seattle (Seattle, Washington, USA, June 1, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Seattle. Receive...

SANS Houston 2017 (Houston, Texas, USA, June 5 - 10, 2017) At SANS Houston 2017, SANS offers hands-on, immersion-style security, security management, and pen testing training courses taught by real-world practitioners. The site of SANS Houston 2017, June 5-10,...

Infosecurity Europe 2017 (London, England, UK, June 6 - 8, 2017) Infosecurity Europe is the region's number one information security event featuring Europe's largest and most comprehensive conference programme and over 360 exhibitors showcasing the most relevant information...

Cyber 8.0 Conference (Columbia, Maryland, USA, June 7, 2017) Join the Howard County Chamber of Commerce for their 8th annual cyber conference, where they will explore innovation, funding, and growth. Participants can expect riveting discussions from cyber innovators...

2017 ICIT Forum: Rise of The Machines (Washington, DC, USA, June 7, 2017) The 2017 ICIT Forum brings together over 300 cybersecurity executives from across critical infrastructure sectors to receive the latest ICIT research from our experts, share knowledge, develop strategies...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.