skip navigation

More signal. Less noise.

Daily briefing.

Victims of WannaCry ransomware continue to treat their infestations. Researchers are increasingly convinced the attack was a North Korean operation (but caveat lector: the evidence remains circumstantial, the attribution preliminary and provisional).

Other, better crafted and arguably more dangerous campaigns exploiting EternalBlue vulnerabilities are under way, and they seem to be playing a longer, more focused game. Heimdal calls one such effort "BlueDoom." Although disguising itself as WannaCry, BlueDoom drops no ransomware payload and appears to be aiming for long-term persistence to serve future attacks. It incorporates a suite of exploits believed stolen from NSA.

Other EternalBlue-based campaigns mine cryptocurrencies; some such exploitation antedates WannaCry.

OilRig, a cyber campaign generally believed to be run by Iran against regional rivals, especially Saudi Arabia, has resumed, and this time researchers see evidence that Iran is using the services of Russian cybercriminals.

Legislation introduced into the US Senate this week, the "PATCH Act," would formalize the vulnerability equities process and remove it from Intelligence Community control.

NIST has supplemented US President Trump's cybersecurity Executive Order with guidance on how agencies should implement that order. Comments on Draft NISTIR 8170 are open through June 30. The US House has passed the Modernizing Government Technology Act (MGTA) to facilitate replacement and modernization of outdated Federal IT systems.

For all the concern about election hacking in the West, Agari's study of political parties in Germany, Norway, and the UK finds them deficient in email authentication, with poorly implemented DMARC (Domain-based Message Authentication, Reporting and Conformance) policies.


Today's issue includes events affecting Bangladesh, China, European Union, Germany, India, Iran, Iraq, Democratic Peoples Republic of Korea, Norway, Philippines, Russia, Saudi Arabia, South Africa, Syria, United Kingdom, United States.

A note to our readers: you'll find the fourth installment of our coverage of the developing WannaCry story here.

In today's podcast we speak about ransomware trends with Dale Drew from our partners at Level 3 Communications. Our guest is Mandeep Khera from Arxan Technologies, who discusses the challenges of securing mobile apps.

The Cyber Security Summit: Seattle (Seattle, Washington, USA, June 1, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from the U.S. Dept of Justice, CenturyLink, root9B, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350)

CyberTech Fairfax (Fairfax, Virginia, USA, June 13, 2017) Cybertech Fairfax: meet tech execs, start-ups, investors & legal, media & mktg pros changing the global cyber landscape. Cybertech Fairfax is a thought-provoking conference on global cyber threats, solutions, innovations and technologies.

Cyber Attacks, Threats, and Vulnerabilities

Political Parties in DMARC Fail Ahead of Elections (Infosecurity Magazine) Political Parties in DMARC Fail Ahead of Elections. Agari warns that democratic process is at risk in UK, Germany and Norway

Iranian 'OilRig' expands attacks, works with Russian hackers-for-hire (SC Magazine UK) Attacks believed to be Iranian in origin were fended off for more than two weeks in April, but security experts examining the code detected something they'd never seen before: snippets of code baring similarities to a known Russian toolkit available on the underground Russian marketplace.

ISIS — From the Ground to Cyber Space (The Cipher Brief) There are two schools of thought about the nature of the threat posed by the Islamic State in Iraq and Syria (ISIS). Some experts say the group is nearly vanquished as it struggles to hold on to Mosul, Iraq, and prepares for the inevitable fight for its capital in Raqqa, Syria.

Why ISIS Is Bullet-Proof (The Cipher Brief) The Cipher Brief’s Bennett Seftel sat down with Michael W.S. Ryan, Senior Fellow at the Jamestown Foundation, to discuss ISIS’ recent battlefield losses, the group’s current level of influence, and what to expect from ISIS in coming months.

Shadow Brokers threaten to unleash more hacking tools (Guardian) Group linked to NSA cyberwarfare tools used in ransomware attack threatens to set up ‘wine of the month’-style service

Researchers discover another ongoing cyberattack using NSA hacking tools (ABC News) Cybersecurity researchers have identified a second ongoing global cyberattack that has quietly hijacked hundreds of thousands of computers around the world, including many in the United States, for a massive cryptocurrency mining operation.

Security Alert: BlueDoom Worm Caught Spreading through EternalBlue, Integrates Batch of Leaked NSA Exploits (Heimdal Security Blog) BlueDoom includes a heap of leaked NSA exploits and is preparing for widespread distribution. Could be more harmful than WannaCry ransomware.

Next NSA Exploit Payload Could be Much Worse Than WannaCry (Threatpost) Researchers urge Windows admins to apply MS17-010 before the next attack using the EternalBlue NSA exploit deploys a worse payload than WannaCry ransomware.

Second massive WannaCry-like cyber attack identified (euronews) Cyber security experts reveal they have found a second massive computer virus which has affected hundreds of thousands of computers world-wide.

Computer virus similar to WannaCry begins manufacturing digital currency (Global News) Researchers at security firm Proofpoint said the related attack installs a currency “miner” that generates digital cash.

Another Large-Scale Cyber-Attack Underway, Says Proofpoint (NDTV Another large-scale, stealthy cyber-attack is underway on a scale that could dwarf last week's assault on computers worldwide, a global cybersecurity firm told AFP on Wednesday.

Cryptocurrency-mining malware cashes in on NSA exploit that enabled WannaCry (Naked Security) WannaCry continues to hit headlines, but it’s not the first piece of malware to make use of the NSA’s EternalBlue exploit

What we currently know about the global cyberattack (ABC News) As danger from a global cyberattack that hit some 150 nations continues to fade, analysts are starting to assess the damage. Hard-hit organizations such as the U.K.'s National Health Service appear to be bouncing back, and few people seem to have actually paid the ransom. But the attack has...

3 Security Firms Say WannaCry Ransomware Shares Code with North Korean Malware (BleepingComputer) While initially, we thought this would be a silly and unsubstantiated discovery, the number of security firms claiming they've identified and confirmed connections between the WannaCry ransomware and malware used by the Lazarus Group has now gone up to three.

WannaCry Ransomware Attack Linked to North Korea, Cybersecurity Experts Say (FedTech) Microsoft has decried the stockpiling of “zero-day” exploits by agencies, like the National Security Agency, and says such behavior led to the attack.

Link seen between groups behind ransomware, RCBC cyber heist (Philippine Star) A cybersecurity firm said that the recent WannaCry ransomware attacks may be connected to the group that orchestrated one of the biggest cyberheists in history that involved a Philippine bank.

NSA warned Microsoft about vulnerability connected to ‘Wanna Cry’: report (TheHill) The National Security Agency warned Microsoft about a vulnerability in Windows after a hacker group began to leak hacking tools used by the agency online, the Washington Post reported late Tuesday.

Fearing Shadow Brokers leak, NSA reported critical flaw to Microsoft (Ars Technica) WaPo confirms long-held suspicions as NSA cyberweapons crisis threatens to grow worse.

Microsoft held back free patch that could have slowed WannaCry (Financial Times) Microsoft held back from distributing a free repair for old versions of its software that could have slowed last week’s devastating ransomware attack, instead charging some customers $1,000 a year per device for protection against such threats.

Chinese state media says US should take some blame for cyberattack (CNBC) Chinese state media on Wednesday criticized the United States for hindering efforts to stop global cyber threats in the wake of the WannaCry "ransomware" attack.

Malware Case Is Major Blow for the N.S.A. (New York Times) The latest nightmare for the agency, which is responsible for eavesdropping, code breaking and cyberespionage, appears to be far from over.

The WannaCry Ransomware Pandemic: Implications for the Vulnerability Equities Process. (The CyberWire) NSA is now believed to have warned Microsoft of the possibility that EternalBlue vulnerabilities were likely to be exploited in the wild.

Shadow Brokers threaten to unleash more hacking tools (Guardian) Group linked to NSA cyberwarfare tools used in ransomware attack threatens to set up ‘wine of the month’-style service

Hackers threaten to sell WannaCry code (CRN Australia) As cyber attacks start to ease.

Shadow Brokers, Who Leaked WannaCry Exploit, Planning Release More Zero-Day Bugs (Fossbytes) Leakers of the Windows SMB exploit, the Shadow Brokers are back again to release 0-day bugs, which is a mix of good news and bad news for us

WannaCry: a throwback to the past and a vision of the future (Lookout) When WannaCry started disrupting business operations, mobile devices enabled some work to continue. However, the vast majority of business are unprepared for a similar attack on mobile.

WannaCry: the ransomware worm that didn’t arrive on a phishing hook (Naked Security) Email doesn’t seem to have been the initial vector for WannaCry, which initially took hold in south-east Asia

WannaCry ransomware continues to puzzle cyber-security researchers (The Indian Express) Researchers are still unsure exactly how WannaCry ransomware spread as despite digging through old databases they could not find any phishing mails linked to the attack.

Patch or Perish: NERC-CIP and the Lesson of the WannaCry Worm (Navigant Research) Last Friday and over the weekend, thousands of computers were infected with the Wana Decrypt0r 2.0 or WannaCry worm. The rapid spread of this malware was due to its ability to seek out other comput…

WannaCry update: The worst ransomware outbreak in history (Avast) Avast update on WannaCry: who was affected, who was targeted, how to remove it, and more.

WannaCry fallout -- the worst is yet to come, experts say (CSO Online) The massive scale of the recent WannaCry ransomware attack has exposed some significant weaknesses in global IT systems, and we're likely to see more attacks leveraging similar techniques, and doing even more damage, security experts say.

Here's how WannaCry became the most virulent malware since Conficker (Tech2 ⋆ New York city blog) WannaCry a.k.a. WannaCryptor a.k.a. WCry is wreaking havoc in the digital world, particularly in Europe. At last count, this malicious bit of code has affected over 200,000 computers worldwide. WannaCry is officially known as WanaCryptor, that’s what the malware’s developer calls it anyway. For the sake of convenience, we’ll refer to it as WCry from …

Who are we kidding? WannaCry is not a first (Help Net Security) On Friday, May 12, 2017, the world was alarmed to discover that cybercrime has reached a new record, in a widespread ransomware attack dubbed WannaCry that

Kolkata worst affected by WannaCry attack: Quick Heal (The Hindu Business Line) Over 48,000 ransomware attempts detected in India

WannaCry: Smaller businesses are at great risk (Help Net Security) 87 percent reported that their SMB clients had been targeted by ransomware in the 12 months up to September 2016, according to Datto.

WannaCry and IoT: Vendors react (Help Net Security) Along with the security of "traditional" computers, we must also think and do more about the security of so-called Internet of Things (IoT) devices.

As WannaCry Spreads, Law Firm Reveals Separate Ransomware Cost Them $700,000 (SurfWatch Labs, Inc.) Businesses across the world are still recovering from last Friday’s outbreak of the WannaCry ransomware. On Monday, White House homeland security adviser Tom Bossert said that the ransomware had hi…

Exploit Kits Continue Attacks, While Slammer Worm Resurfaces in Check Point’s ‘Most Wanted’ Malware (GlobeNewswire News Room) Exploit Kit usage shows no sign of abating following surge in April, says Check Point

Brooks Brothers reveals theft of payment card details (Naked Security) Retailer suggests ‘unauthorized individual’ was behind the breach – and says it’s now resolved

Don't Panic: Breach at software developer shouldn’t affect its customers or its future (CSO Online) A leading independent Mac and iOS development company has chagrin, but says no customer or financial information leaked, nor was its website compromised.

Zomato Hacked; 17 Million Accounts Sold on Dark Web (HackRead) Since 2015 the Dark Web marketplaces have been flourishing. From drugs, weapons, databases, fake documents to all sorts of illegal stuff are available for

Muslim Dating Site ‘Pure Matrimony’: Reset Your Passwords (Motherboard) Motherboard obtained a list of 120,000 hashes that appear to relate to the site.

Mirai DNS Water Torture finance sector attack dominated Q1: Akamai (ZDNet) The vendor's first quarter threat report has found Mirai DNS Water Torture Attacks, a DNS query flood included in Mirai malware, targeted its customers in the financial services industry.

IOT still has vulnerabilities (PCMag India) The forecast is still a little gloomy if the Q1 2017 report is anything to go by

Security Patches, Mitigations, and Software Updates

How to Apply the Windows Update that Patches the EternalBlue SMB Exploit (Heimdal Security Blog) Here is how to apply the Windows update you need to patch the EternalBlue exploit used by WannaCry and Uiwix ransomware.

My Little CVE Bot (SANS Internet Storm Center) The massive spread of the WannaCry ransomware last Friday was another good proof that many organisations still fail to patch their systems. Everybody admits that patching is a boring task. They are many constraints that make this process very difficult to implement and... apply! That’s why any help is welcome to know what to patch and when.

Joomla users: Update immediately to kill severe SQLi vulnerability (Help Net Security) Version 3.7 of Joomla, pushed out less than a month ago, opens websites to SQL injection attacks, Sucury Security researchers have found.

Cyber Trends

Inside the Motivations Behind Modern Cyberattackers (Dark Reading) Attackers seeking money, dominance, and data are banding together and sharing infrastructure to target businesses.

WISeKey Explains What Happens When the WannaBes Move On to the Internet of Things (BusinessWire) WISeKey International Holding Ltd (“WISeKey”) (SIX:WIHN) announced today, that WannaCrypt ransomware - also known as WannaCrypt, WannaCry,


Wannacry Virus - Wannaprofit? Check Out Check Point Stock (ValueWalk) Wannacry Virus exploits a flaw in Windows XP, a legacy operating system that Microsoft no longer officially supports - CheckPoint Software

Cybersecurity — A big deal for contracting [Commentary] (Fifth Domain | Cyber) It is imperative that best practices be shared across disciplines and that everyone be involved — and fast!

Distil Networks Acquires Are You A Human (Marketwired) Investment expands braintrust of bot defense engineering talent, adds verified human dataset, and further positions Distil as the market leader in bad bot defense

Cisco to cut 1100 jobs (CRN Australia) Blames sales decline from service provider and public sector businesses.

Cisco earnings: Security sales continue to drive its software-as-a-service model (MarketWatch) Cisco earnings are expected to show continued growth in security, even as switching and routers decline.

Cisco’s Future Is Looking More Secure (WSJ) Cisco’s underperforming stock is due for a lift with the tech giant’s security business in focus as it reports earnings.

WannaCry attack lifts shares in cybersecurity firm Sophos to record high (Guardian) Oxfordshire-based firm inundated with calls in wake of last week’s ransomware attack on NHS and other businesses

The 3 Best Dividend Stocks in Cybersecurity (Madison) Cybersecurity stocks are usually considered growth plays instead of income plays. That's because many smaller cybersecurity firms aren't profitable, and they usually reinvest their cash back into marketing or R&D.

Why FireEye, Inc. Shareholders Have Nothing to Worry About (The Motley Fool) Though sales are slowing, the data security upstart is on the right track.

Karamba Raises $12M for Vehicle Security (eSecurity Planet) Connected and autonomous vehicles represent a growing threat vector that needs to be defended.

CACI awarded classified National Security contracts (Evertiq) CACI International has been awarded USD 349 million in previously unannounced awards on classified contracts with federal government customers.

CACI Receives $21M TO to Provide Cyber Security Support to NAVFAC (American Security Today) CACI International has been awarded a $21 million task order by the Space and Naval Warfare Systems Center (SSC) Atlantic to provide cyber security systems support to the Naval Facilities Engineering Command (NAVFAC) to enhance the security of industrial control systems important to America’s critical infrastructure. The two-year task order, awarded under the SPAWAR Integrated …

Corero feeling like a million bucks after latest order (Proactiveinvestors UK) Corero Network Security PLC (LON:CNS) - A US-based international web site hosting services provider has

WordPress announces bug bounty program (Help Net Security) WP is used by 28% of the top 10 million websites. The WordPress bug bounty program has been set up via the HackerOne platform.

PhishLabs Names Tony Prince CEO (CEO.CA) Charleston-based cybersecurity firm expands executive team with proven, experienced industry leadership

Veristor Adds Jackie Groark as Director, Security / CISO (PRNewswire) Expert in threat detection and intelligence brings real-world insights into security and risk management strategies

Products, Services, and Solutions

Distil Networks Enables Websites to Clean up Google Analytics for Free (Distil Networks) Google Analytics plugin lets users filter bot data that Google misses from reports providing deeper insights into real users and better decision making

Razberi and Cylance OEM Partnership Will Bring AI-Powered Cybersecurity to Video Surveillance Systems (BusinessWire) Razberi and Cylance® Inc. have signed an OEM agreement to embed CylancePROTECT® software in Razberi ServerSwitchIQ™ appliances, augmenti

SAP expands IoT platform (CRN Australia) Pulls additional machine learning, AI, big data analytics and blockchain.

FirstWave partners with Fortinet (NewsComAu) FirstWave Cloud Technology has signed onto the Fortinet FortiPartner Program, with leading global cyber security solutions provider Fortinet.

Not-So-Terrible Twos: IBM X-Force Exchange Celebrates Its Second Birthday (Security Intelligence) Since its inception two years ago, the IBM X-Force Exchange has grown into a comprehensive hub for industrywide threat intelligence collaboration.

Ridding Ransomware With IBM MaaS360 With Watson (Security Intelligence) MaaS360 cognitive UEM allows you to manage all endpoints from a single platform, making it easy to keep all systems current with software updates.

Technologies, Techniques, and Standards

NIST releases cybersecurity framework guidance in support of cyber EO (Fifth Domain | Cyber) The National Institute of Standards and Technology has released draft guidance to assist federal agencies in meeting the mandates of President Trump’s new executive order for strengthening the cybersecurity of federal networks and critical infrastructure.

DRAFT NISTIR 8170 The Cybersecurity Framework: Implementation Guidance for Federal Agencies (NIST) This document provides guidance on how the Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework) can be used in the U.S. federal government in conjunction with the current and planned suite of NIST security and privacy risk management publications.

DHS wargames included a scenario similar to WannaCry (CSO Online) In March of 2016, the Department of Homeland Security conducted a national exercise to see how the government and the private sector would react to a multi-sector cyberattack on critical infrastructure. The scenario included malware mimicking some of the traits of WannaCry. In the end, the private sector saved the day, but not without facing some serious challenges.

5 Tools That’ll Help Keep Ransomware Off Your Devices (WIRED) Some pick-ups that could help protect you from the next big ransomware wave.

Why We Need a Data-Driven Cybersecurity Market (Dark Reading) NIST should bring together industry to create a standard set of metrics and develop better ways to share information.

Security updates belong in the limelight, not in the dustbin of history (WeLiveSecurity) Without regular security updates, your endpoint will be left standing alone against an entire army of cybercriminals who see you as easy prey.

How Big Fuzzing helps find holes in open source projects (Naked Security) Google’s beta project, OSS-Fuzz, has found 264 vulnerabilities in 47 open-source projects – so is it an idea whose time has come?

How To Safely Secure IoT Devices (Business Solutions) The Internet of Things (IoT) is a powerful business tool, opening new doors to connectivity, data, and efficiency. However, as IoT grows and becomes more common, the risks also increase.

DISA vice director: Cyber training most effective when done piecemeal (C4ISRNET) DISA's Vice Director Maj. Gen. Sarah Zabel, in providing details regarding cyber protection team training, explained piecemeal training seems to be what builds expertise.

Design and Innovation

Mobey Forum Calls for Mindset Change in Financial App Development (Fintech Finance) Security must be equal to feature development if banks are to mitigate risk in mobile services, contends new report The Risk Mitigation Workgroup of Mobey Forum, the global industry association emp…

Big Data & IoT Summit 2017: Lloyds dredges the 'data lake' (Computing) Machine learning has great potential when combined with big data, says Lloyds's Nicholas Williams - but watch out for the GDPR

​Samsung: Here's how we're securing your smart TV (ZDNet) Samsung wants you to know that it really does take smart TV security seriously.

‘A robot doesn’t have to shoot back,’ Rodney Brooks says of machines in the military (TechCrunch) Rethink Robotics co-founder and CTO, former CSAIL director and all-around robot luminary Rodney Brooks joined the Disrupt New York stage this afternoon to..

Research and Development

Can data be secured while it’s being worked on? (C4ISRNET) Under a contract with the Office of the Director of National Intelligence, Galois will "explore the feasibility of securing data while it is being computed on through the use of fully homomorphic encryption (FHE)," according to a company news release.

Legislation, Policy, and Regulation

Too many spies spoil the intelligence broth (Live Mint) India’s intelligence community is growing but in an ad hoc manner, without any overarching strategy

South Africa: Improved Policies to Secure Cyberspace ( Government is making inroads in putting in place policy and legislative measures that will secure South Africa's cyberspace.

New US IT security bill would force NSA to report WannaCry-style zero-day flaws (Computing) But not publicly, or to the software vendor itself

Cybersecurity Bill Would Shift Power From NSA (Fortune) A bill proposed in Congress would require the NSA to inform representatives of other government agencies about security holes it finds.

‘‘Protecting Our Ability 5 to Counter Hacking Act of 2017’’ or ‘‘PATCH Act of 6 2017’’ (United States Senate) A bill to establish the Vulnerability Equities Review Board, and for other purposes.

PATCH Act Is Important Step Forward on Federal Responsible Disclosure Policy (ITIF) Every year the federal government discovers countless vulnerabilities in software and hardware products used by millions of American businesses and individuals. But instead of responsibly disclosing this information to the developers who can fix these flaws, the U.S. government will sometimes hoard these vulnerabilities to use against others.

Public Knowledge Welcomes Cybersecurity PATCH Act (Public Knowledge) Today, Senators Brian Schatz (D-HI), Ron Johnson (R-WI) and Cory Gardner (R-CO), along with Representatives Ted Lieu (D-CA) and Blake Farenthold (R-TX), introduced the Protecting Our Ability to Counter Hacking (“PATCH”) Act.

IT modernization bill passes House (TheHill) New IT equipment is more secure and costs less in the long run than out of date systems currently in place.

Executive Order focuses on cyber-threats, agency responses (Compliance Week) With coincidental timing amid a global cyber-security attack by the WannaCry virus, President Donald J. Trump has issued an Executive Order on “Strengthening the Cyber-security of Federal Networks and Critical Infrastructure.”

The Cyber Workforce Gap: A National Security Liability? (War on the Rocks) In a remarkable confluence of events, the White House released their much-awaited cybersecurity executive order less than a day before the outbreak of a ma

House IT chair eyes 'cyber national guard’ as next legislative push (TheHill) Concept would boost "cross pollination of ideas" between government, private sector.

Lawmakers Ask For Hearings On Ransomware Attacks On Healthcare Sector (Homeland Security Today) Tuesday, two lawmakers sent a letter to the majority staff of the House Committee on Homeland Security requesting hearings on the cybersecurity posture of the nation’s healthcare and lifeline sectors in the wake of the recent worldwide ransomware attacks that brought many hospitals in Europe, especially in the UK, virtually to their knees, endangering lives of patients either in surgery or preparing to go into surgery.

Acquisition reform panel: Cut restrictions so DoD can take 'mission first' approach (Defense News) Ignore the noise and focus on what gets the job done the best, the panel says.

Litigation, Investigation, and Law Enforcement

Special counsel Mueller named to probe Trump-Russia ties (Military Times) The Justice Department on Wednesday appointed former FBI Director Robert Mueller as a special counsel to oversee a federal investigation into potential coordination between Russia and the Trump campaign during the 2016 presidential election.

Opinion | Rod Rosenstein saves the Republican Party from itself (Washington Post) The deputy attorney general poured some water onto a raging political inferno by appointing a special counsel to handle the Russia probe.

Exclusive - Trump campaign had at least 18 undisclosed contacts with Russians: sources (Reuters) Michael Flynn and other advisers to Donald Trump’s campaign were in contact with Russian officials and others with Kremlin ties in at least 18 calls and emails during the last seven months of the 2016 presidential race, current and former U.S. officials familiar with the exchanges told Reuters.

David Ignatius: The bull in the intelligence china shop (St. Louis Post-Dispatch) Think of the intelligence community and its fragile array of secret relationships as a china shop. Think of President Donald Trump as a bull, restless and undisciplined. For months, we’ve

Political Data Mining During Brexit Is Under Investigation in the UK (Motherboard) "What is happening now is just a fraction of what will become possible in the future."

A ‘Hacker’ Exposed a Mexican Drug Lord, Now He's Trying to Save His Own Life (Motherboard) The computer engineer secretly shot video of the purported heir to Sinaloa cartel boss Joaquín “Chapo” Guzmán and was reported to be living in the US under government protection. In fact, he’s stuck in Mexico.

Facebook fined $122 million for misleading EU over WhatsApp deal (Ars Technica) Facebook says it couldn't automatically match WhatsApp accounts; EC disagrees.

ATM Black Box attacks: 27 arrested all over Europe (Help Net Security) The efforts of a number of EU Member States and Norway, culminated in the arrest of 27 individuals linked with ATM Black Box attacks across Europe.

UK airport authorities arrest human rights activist for not sharing his passwords (HackRead) The director of CAGE human rights organization, Muhammad Rabbani was returning from a trip abroad last year when he was stopped at the UK airport for not r

Security Guard Hacks and Trashes Company Servers After Quitting His Job (BleepingComputer) A California judge has found Yovan Garcia, a former security guard, guilty for hacking his former employer, stealing proprietary software, and trashing the company network after he resigned and left his job.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Atlanta Cyber Week (Atlanta, Georgia, USA, October 2 - 6, 2017) Atlanta Cyber Week is a public-private collaboration hosting multiple events during the first week of October that highlight the pillars of the region’s cybersecurity ecosystem and create an opportunity...

Upcoming Events

Northsec Applied Security Event (Montreal, Québec, Canada, May 18 - 21, 2017) The conference will feature technical and applied workshops hosted in parallel for the most motivated attendees. Topics include application and infrastructure (pentesting, network security, software and/or...

SANS Northern Virginia - Reston 2017 (Reston, Virginia, USA, May 21 - 26, 2017) This event features comprehensive hands-on technical training from some of the best instructors in the industry and includes courses that will prepare you or your technical staff for DoD 8570 and GIAC...

Enfuse 2017 (Las Vegas, Nevada, USA, May 22 - 25, 2017) Enfuse™ is a three-day security and digital investigations conference where specialists, executives, and experts break new ground for the year ahead. Enfuse offers unsurpassed networking opportunities,...

cybergamut Technical Tuesday: Future of System Exploitation (Elkridge, MD, USA, May 23, 2017) This talk describes recent trends in vulnerability research and system exploitation, provides case studies of systems that were compromised that were not believed to be vulnerable (or in novel ways), discusses...

SC Cyber 2017 Summit (Columbia, South Carolina, USA, May 23, 2017) SC Cyber, in partnership with the U.S. Chamber of Commerce and the South Carolina Chamber of Commerce, will host a cybersecurity summit that brings together top experts nationally from government, law...

2017 Cyber Investing Summit (New York, New York, USA, May 23, 2017) The 2nd Annual Cyber Investing Summit is an all-day conference focusing on investing in the $100+ billion dollar cyber security industry. Attendees will explore the financial opportunities, trends, challenges,...

Citrix Synergy (Orlando, Florida, USA, May 23 - 25, 2017) Learn how to solve your IT flexibility, workforce continuity, security and networking challenges—and power your business like never before—with the workspace of the future.

CyberSmart 2017 (Fredericton, New Brunswick, Canada, May 24 - 25, 2017) As cybersecurity grows as a significant global challenge, the growing gap between Canada’s cyber workforce demand and supply offers our country both a challenge and an opportunity. CyberSmart 2017 will...

AFCEA/GMU Critical Issues in C4I Symposium (Fairfax, Virginia, USA, May 24 - 25, 2017) The AFCEA/GMU Critical Issues in C4I Symposium brings academia, industry and government together annually to address important issues in C4I technology and systems R&D. The agenda for 2017 will include:...

AFCEA/GMU Critical Issues in C4I Symposium (Fairfax, Virginia, USA, May 24 - 25, 2017) The AFCEA/GMU Critical Issues in C4I Symposium brings academia, industry and government together annually to address important issues in C4I technology and systems R&D.

SECON 2017 (Jersey City, New Jersey, USA, May 25, 2017) Social engineering impacts security. (ISC)2 New Jersey Chapter is a 501(c)(3) not-for-profit charitable organization. Our chapter’s mission is to disseminate knowledge, exchange ideas, and encourage community...

Cyber Southwest (Tucson, Arizona, USA, May 27, 2017) CSW will be dedicated to furthering the discussion on cyber education and workforce development in Arizona, healthcare cybersecurity, and technical training in areas such as threat intelligence, insider...

SANS Atlanta 2017 (Atlanta, Georgia, USA, May 30 - June 4, 2017) Learn the most effective steps to prevent attacks and detect adversaries with actionable techniques that you can directly apply when you get back to work. Take advantage of tips and tricks from the experts...

Cyber Security Summit: Seattle (Seattle, Washington, USA, June 1, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Seattle. Receive...

Cyber Security Summit: Seattle (Seattle, Washington, USA, June 1, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Seattle. Receive...

SANS Houston 2017 (Houston, Texas, USA, June 5 - 10, 2017) At SANS Houston 2017, SANS offers hands-on, immersion-style security, security management, and pen testing training courses taught by real-world practitioners. The site of SANS Houston 2017, June 5-10,...

Cyber Resilience Summit: Measuring and Managing Software Risk, Security and Technical Debt (Brussels, Belgium, June 6, 2017) The Consortium for IT Software Quality is bringing the Cyber Resilience Summit to Europe, to take place on 6 June 2017 in Brussels, Belgium, the vibrant heart of political Europe and headquarters of the...

National Cyber Security Summit (Huntsville, Alabama, USA, June 6 - 8, 2017) The National Cyber Summit is the preeminent event for cyber training, education and workforce development aimed at protecting our nation’s infrastructure from the ever-evolving cyber threat. The summit...

Infosecurity Europe 2017 (London, England, UK, June 6 - 8, 2017) Infosecurity Europe is the region's number one information security event featuring Europe's largest and most comprehensive conference programme and over 360 exhibitors showcasing the most relevant information...

Cyber 8.0 Conference (Columbia, Maryland, USA, June 7, 2017) Join the Howard County Chamber of Commerce for their 8th annual cyber conference, where they will explore innovation, funding, and growth. Participants can expect riveting discussions from cyber innovators...

2017 ICIT Forum: Rise of The Machines (Washington, DC, USA, June 7, 2017) The 2017 ICIT Forum brings together over 300 cybersecurity executives from across critical infrastructure sectors to receive the latest ICIT research from our experts, share knowledge, develop strategies...

SecureWorld Chicago (Rosemont, Illinois, USA, June 7, 2017) Join your fellow security professionals for high-quality, affordable training and education. Attend featured keynotes, panel discussions, and breakout sessions—all while networking with local peers. Earn...

NYS Cyber Security Conference (Albany, New York, USA, June 7 - 8, 2017) June 2017 marks the 20th Annual New York State Cyber Security Conference and 12th Annual Symposium on Information Assurance (ASIA) and we invite you to join us for this nationally recognized event. Technology's...

RSAC Unplugged (London, England, UK, June 8, 2017) Informal, up close and personal, intimate…that’s RSAC Unplugged. Ignore the background noise and focus on what’s important in information security right now as part of a one-day program focused on excellent...

Insider Threat Program Development / Management Training For NITP-NISPOM CC 2 (Huntsville, Alabama, USA, June 8 - 9, 2017) Insider Threat Defense announced it will hold a 2 day training class on Insider Threat Program (ITP) Development / Insider Threat Risk Management (National Insider Threat Policy (NITP), NISPOM Conforming...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.