skip navigation

More signal. Less noise.

How do you take the guesswork out of evaluating anti-malware products in-house?

Anti-malware protection is a cornerstone of information security, so when it comes to testing, don’t take the vendor’s word for it. Test for yourself.

Daily briefing.

Akamai is tracking a fast-flux botnet distributing malware through 14,000 IP addresses.

Germany's Bundesamt für Sicherheit in der Informationstechnik (BSI) says it can't confirm US and Israeli claims that Kaspersky security software has been exploited for espionage by Russian intelligence services. (But German security companies continue to point out that their software is "made in Germany," and above all that they're not Kaspersky.) RT says that Kaspersky's new agreement to work with Interpol against cybercrime shows that the company is just a victim of US anti-Russian animus, but most observers think the American ban on using Kaspersky software in Federal networks has some serious foundation.

ISIS is swiftly vanishing from the territory it sought to govern as a caliphate, but experts caution that ISIS is unlikely to disappear, or acknowledge any setback. The group's inspirational narrative is likely to shift to an emphasis on hegira, likening its current phase to the Prophet's strategic withdrawal in 622 from Mecca to Medina.

Equifax and its competing credit bureau TransUnion both acknowledged that third-party code embedded in some of their websites for the purpose of tracking performance was malicious, directing visitors to a bogus Flash update site. Both companies say their core systems were unaffected, and that they've fixed the website problem.

New York State's Attorney General Eric Schneiderman, already investigating the Equifax breach, has announced an investigation into Deloitte's security incident.

Hyatt disclosed a credit card breach affecting forty-one hotels in eleven countries between March 18th and July 2nd of this year.


Today's issue includes events affecting Australia, Germany, Indonesia, Israel, Democratic Peoples Republic of Korea, Republic of Korea, Russia, United Kingdom, United States.

A note to our readers: we'll have more on this week's events, CyberMaryland and AUSA, coming up with subsequent issues.

Survey says: frameworks are good, compliance could be better.

How does the public sector view the state of cyber risk management, IT modernization, and the role of cybersecurity standards in improving our nation’s cyber posture?  A survey of government and industry attendees at the 2017 AWS Public Sector Summit provides a unique window into the perceptions, challenges and opportunities for cyber risk management. Download your copy of the 2017 Public Sector Cyber Risk Management Report.

In today's podcast, we hear from our partners at Accenture Labs, as  Malek Ben Salem describes a recently discovered vulnerability in software defined networks. Our guest is Jeff Schilling, CSO of Armor Cloud Security, who offers insight into the Russian state actors who are so busy in cyberspace. (In his last military assignment, Schilling was the Director of the U.S. Army’s global Security Operations Center at U.S. Army Cyber Command.)

Cyber Security Summit: Boston and Los Angeles (Boston, Massachusetts, USA, November 8, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security on November 8 in Boston and November 29 in Los Angeles. Register with promo code cyberwire50 for half off your admission (Regular price $350).

Cyber Attacks, Threats, and Vulnerabilities

Germany: 'No evidence' Kaspersky software used by Russians for hacks (Reuters) Germany's BSI federal cyber agency said on Wednesday it had no evidence to back media reports that Russian hackers used Kaspersky Lab antivirus software to spy on U.S. authorities.

Here's how Russia was secretly spying on the United States (Salon) Two years ago, Israel detected that Russia was searching for sensitive information

The Real Threat from Kaspersky Security Software (Lawfare) It’s far more grave than one compromised NSA contractor.

Kaspersky to share threat intelligence with Interpol in ‘fight against cybercrime’ (RT International) Kaspersky Lab signed a threat intelligence sharing deal with Interpol on Thursday, as the Russian cybersecurity firm continues its fight against US claims of being involved in spying activities.

Shadow Brokers Exploit Dumping Service Allegedly Nets $90,000 (Bitsonline) The shadow brokers exploit dumping service has been an apparent success as it had allegedly netted tens of thousands of dollars in only a few months.

Primetime Politics (Foreign Affairs) The plush blue curtains open, revealing a cluster of cheap eateries.

Defeat as Victory? How the Islamic State Will Rely on Hijrah to Claim a Win (War on the Rocks) The “mini-empire” that ISIL built in Iraq and Syria is collapsing, which fuels a sense of triumphalism in the West. The logic is simple: ISIL made itself s

CIA’s Pompeo calls out WikiLeaks at UT; Assange responds via Twitter (mystatesman) CIA Director Mike Pompeo, speaking at the University of Texas Thursday, called WikiLeaks a non-state agency bent on the destruction of the U.S.

North Korea Escalating Cyber-Attacks With Little Fear of Retaliation (eWEEK) Most North Korean cyber-attacks are directed at South Korean targets, but the global WannaCry ransomware attack in May 2017 has been attributed to a North Korean hacking group.

Pivoting off Hidden Cobra Indicators (Arbor Networks Threat Intelligence) On June 13th 2017, US-CERT issued a joint Technical Alert (TA17-164A) entitled Hidden Cobra – North Korea’s DDoS Botnet Infrastructure. The alert, which wa

A Dragonfly in the Ointment: Energy Sector Cyber Attacks Signal Dark Days Ahead (Legaltech News) Recent attacks may not yet have resulted in damages or disruption, but Dragonfly appears to be positioning itself to learn how the targeted energy facilities...

Equifax rival TransUnion also sends site visitors to malicious pages (Ars Technica) People visiting TransUnion’s Central American site redirected to potpourri of badness.

Equifax says code on its website 'was serving malicious content' (Los Angeles Times) Equifax has taken part of its website offline after code on the site redirected users to a malicious URL. Separately, a top Republican congressman introduced a bill that would stop credit reporting firms from using Social Security numbers to identify Americans.

Equifax website hacked again, this time to redirect to fake Flash update (Ars Technica UK) Malware researcher encounters bogus download links during multiple visits.

Equifax says systems not compromised in latest cyber scare (Reuters) Equifax Inc said on Thursday that one of its third-party vendors had been running malicious code on one its web pages, but that the credit reporting agency was not the subject of another cyber attack and its systems were not compromised.

New Revelations and Website Weirdness Push Equifax from Bad to Worse (Digital Guardian) Driver’s license data on millions may have been stolen, while many more Brits were affected.

Flaming galah: defence data hack puts cyber security in the spotlight (Financial Review) Defence Industry Minister Christopher Pyne has deflected blame from the government over a massive cyber security breach of secret defence data.

The ‘Matrix Banker’ Reloaded (Darktrace) Over the last few weeks, Darktrace has confidently identified traces of the resurgence of a stealthy attack targeting Latin American companies.

Inventive cyber gang steals millions from East European banks (Help Net Security) Trustware researchers have uncovered a series of ingenious bank heists that cost several Eastern European and Russian banks up to $10 millions each.

Hyatt Hotels Suffers 2nd Card Breach in 2 Years (KrebsOnSecurity) Hyatt Corp. is alerting customers about another credit card breach at some hotels, the second major incident with the hospitality chain in as many years.

Researchers go public after BPC Banking’s long silence on SQL injection bug (Gears of Biz) Rapid7 has gone public with news of an e-commerce SQL injection vulnerability, saying it couldn’t raise a response from the vendor.

Akamai Identifies 14K-Strong Fast Flux Botnet (BleepingComputer) Researchers at Akamai have identified a botnet of over 14,000 IP addresses used in malware distribution operations. The botnet is still up and running, and experts believe it will be hard to take it down because its operators are employing a clever technique called Fast Flux.

Microsoft Office Attack Runs Malware Without Needing Macros (BleepingComputer) Malware authors don't necessarily need to trick users to enable macros to run malicious code. An alternative technique exists, one that takes advantage of another legitimate Office feature.

DDoS attacks: Brands have plenty to lose, even if attacked only once (Help Net Security) DDoS attacks continue to be an effective means to distract and confuse security teams while inflicting serious damage on brands.

Unpatched Exploit Lets You Clone Key Fobs and Open Subaru Cars (BleepingComputer) Tom Wimmenhove, a Dutch electronics designer, has discovered a flaw in the key fob system used by several Subaru models, a vulnerability the vendor has not patched and could be abused to hijack cars.

New ransomware family exploiting poor security in remote desktop services (TEISS) Researchers have uncovered a new ransomware family that is exploiting poor security credentials in remote desktop services and encrypting files.

The malware that won't die: Is Locky reclaiming its title as king of ransomware? (ZDNet) Once by far the most common form of ransomware, Locky ransomware is now on the rise again.

Dark web ransomware economy: Sellers pulling in six-figure salaries (Help Net Security) Organizations need to rethink their security strategy since the dark web ransomware economy is growing at a rate of more than 2,500% per year.

These Cities House the Largest Bot Populations in the U.S. (Security Week) Botnets are widespread worldwide, serving whichever purpose they were designed to, and the United States is one of the largest sources of botnet attacks. Across the country, Chicago and Washington D.C. are home to the largest number of bots (infected hosts), Symantec has discovered.

CW500: A perfect storm – the cyber attack that hit Parliament ( The former director of the Parliamentary Digital Service shares details and lessons learned from the cyber attack hat hit UK parliament in June and explains why it was a “good experience”

Security Patches, Mitigations, and Software Updates

Microsoft's latest Patch Tuesday caused widespread BSOD Wednesday (Computing) Microsoft issues new fix to fix its shonky patches

Cyber Trends

KnowBe4 Releases Q3 2017 Top-Clicked Phishing Report (Broadway World) KnowBe4 Releases Q3 2017 Top-Clicked Phishing Report

Can you be hacked by the world around you? [Commentary] (Fifth Domain) The day is coming when intrusions can happen through normal communications with or sensing performed by a computer or smartphone.


The cyberwars are coming — here’s how to prepare (and make money) (MarketWatch) With billions of hacking events per day, the companies charged with stopping them will only grow, says Jeff Reeves.

Cybersecurity risk-monitoring platform SecurityScorecard raises $27.5 million from Nokia, GV, Intel, Sequoia, others (VentureBeat) Cybersecurity rating and risk-monitoring platform SecurityScorecard has raised $27.5 million in a series C round of funding led by Nokia's global venture capital (VC) arm, Nokia Growth Partners (NGP).

Attivo Networks Raises $21M to Boost Cyber-Deception Tech (eSecurity Planet) Total funding to date stands at $45.7M as the company aims to differentiate in an increasingly crowded deception technology market.

Parsons buys Williams Electric to grow Army, critical infrastructure cyber footprints (Washington Technology) Parsons Corp. acquires Florida-headquartered Williams Electric to grow in the Army Corps of Engineers and critical infrastructure cyber markets.

Parsons buys Williams Electric to grow Army, critical infrastructure cyber footprints -- Washington Technology (Washington Technology) Parsons Corp. acquires Florida-headquartered Williams Electric to grow in the Army Corps of Engineers and critical infrastructure cyber markets.

Parsons buys Williams Electric to grow Army, critical infrastructure cyber footprints (Washington Technology) Parsons Corp. acquires Florida-headquartered Williams Electric to grow in the Army Corps of Engineers and critical infrastructure cyber markets.

Parsons buys Williams Electric to grow Army, critical infrastructure cyber footprints -- Washington Technology (Washington Technology) Parsons Corp. acquires Florida-headquartered Williams Electric to grow in the Army Corps of Engineers and critical infrastructure cyber markets.

Akamai's Nominum Buyout to Boost Carrier & Enterprise Clients ( Akamai Technologies Inc AKAM is strengthening its security product portfolio. The company recently announced plans to acquire Nominum, a leading provider of DNS and enterprise security solutions for carriers.

WhiteHawk wins $1M cyber-security contract with BAE ( In today’s hyper-digitised corporate landscape, cyber attacks and security breaches are on the rise, and ramifications for businesses can be enormous.

AppRiver staying in GB after sale (Gulf Breeze) Michael Murdoch, CEO of AppRiver With over 260 employees, AppRiver is one of Santa Rosa County's largest employers, so it's comforting to know that those jobs are staying in Gulf Breeze after the company took a majority investment from Marlin Equity Partners.

Cybersecurity Startup Verodin Wins Security Current's Security Shark Tank® Palo Alto (Verodin) Chief Information Security Officers (CISOs) award Verodin third consecutive win, noting its innovation and importance to the industry

Vanguard Integrity Professionals Appoint New President (PRNewswire) Vanguard Integrity Professionals, Inc. cybersecurity experts with...

Products, Services, and Solutions

New infosec products of the week​: October 13, 2017 (Help Net Security) New infosec products of the week include offerings from BitSight, LogRhythm, ObserveIT, Secure Channels, ShiftLeft, and ZoneFox.

Informatica Enhances Enterprise-wide Visibility and Control of Critical Sensitive Data (Informatica) Secure@Source empowers customers to execute data-driven digital transformation with confidence and compliance

Aqua Security and PureSec Partner to Secure Container and Serverless Applications | Aqua (Aqua) Aqua Security, the leading platform provider for securing container-based applications, and PureSec, the leading security platform for serverless architectures, today announced a partnership to secure applications based on containers and serverless functions in …

Aqua Security and Carahsoft Partner to Deliver Container Security to the Federal Sector (IT Business Net) Aqua's "Secure Once, Deploy Anywhere" approach streamlines compliance and reduces complexity; Aqua and Carahsoft already enabled one Federal agency to build more secure applications fast...

NSS Labs Conducts First Cross-Platform Test of Leading Web Browsers (P&T Community) NSS Labs, Inc., a global leader and trusted source for independent fact-based cybersecurity guidance, today announced the release of its Web Browser Security Comparative Reports. The reports reveal how effective web browsers are at protecting users from socially engineered malware (SEM) and phishing attacks. To minimize exposure to emerging threats, enterprise have begun to limit the use of legacy browsers to internal and legacy applications.

Digital Shadows Unveils Strategic Partnerships and Launches an Industry-Leading Digital Risk Management Technology Ecosystem (BusinessWire) Digital Shadows, the industry leader in digital risk management, today announced the launch of its Digital Risk Management Technology Ecosystem.

Gigamon Introduces New Integrations with Splunk and Phantom, Bringing Its Defender Lifecycle Model to Life (PRNewswire) Gigamon Inc. (NYSE: GIMO), the industry leader in visibility...

IBM, Google launch open source container security tool for developers (TechRepublic) IBM is partnering with Google on a new project called Grafeas, which offers a central hub of metadata that can be used to manage and secure the software supply chain.

Crafting Cryptography for Tiny Embedded Devices (Electronic Design) "With 8-bit or 16-bit processors, we weren’t thinking about security until someone could take control of the brakes in my car with them," SecureRF's chief said.

Akamai Improves Bot Manager to Defend Against Credential Stuffing (eWEEK) Technology to help protect against bot-driven credential stuffing attacks is now integrated into the premier edition of Akamai's Bot Manager.

Technologies, Techniques, and Standards

Cyber Command stands up planning cells at combatant commands (C4ISRNET) Cyber Command has stood up forward-deployed planning cells within the combatant command staffs to help better coordinate offensive and defensive cyber effects.

A peek inside Army cyber protection teams (C4ISRNET) Members of the Army's Cyber Protection Brigade provided reporters insight into their unique mission set.

Where do cyber and EW fit at the theater level? (C4ISRNET) As the Army looks to employ more cyber effects into battlefield scenarios, integrating planners with commanders and units will be critical.

Enterprises increasingly leveraging endpoint data for security investigations (Help Net Security) Code42 confirmed how critical it is for organizations to access and leverage endpoint data for additional uses above and beyond backup and recovery.

Office 365 Active Usage Soars — Some Still Unclear On Security (Barracuda) If you asked an end user within an organization that recently migrated from Microsoft Office Suite to Office 365, they’d probably tell you that the transition was smooth and hardly noticeable.

The Goldilocks Effect of Cyber Threat Data (Security Week) In the world of big data there’s something I refer to as “the Goldilocks effect” and it’s particularly problematic when it comes to cyber threat data.

Design and Innovation

Replacing Social Security Numbers Won’t Be Easy, But It’s Worth It (WIRED) The Social Security number system is broken. And while fixing it will take a lot of work, there are ways to keep your identity more secure.

Here’s what the Pentagon’s persistent cyber training platform might look like (C4ISRNET) One of the most important components needed in the coming years by the cyber operations community within the Pentagon is its own cyber firing range.

5 reasons the Army can’t replicate Silicon Valley (Defense News) The Army acknowledges these serious deficiencies.

Research and Development

Why these cybersecurity researchers are automating vulnerability assessments (TechRepublic) System complexity is preventing humans alone from finding vulnerabilities, so researchers in the UK and at CMU are working to automate an online cybersecurity system support service to help analysts.

Encryption in a post-quantum world (IT Pro Portal) The long-term security offered by many encryption systems is under severe threat.

Here’s how the Army’s electronic warfare program differs from years past (C4ISRNET) The Army's approach to multifunction in its electronic warfare program of record is a departure from years past.

DHS Invests In a Range of Mobile Security Technologies (FedTech) The Department of Homeland Security awarded R&D contracts to bolster mobile application security across agencies.


Four ways colleges can strengthen their cybersecurity programs (Help Net Security) If breaches can't be entirely blocked, what can IT professionals in higher education do to prevent these kinds of disaster scenarios? The GovEd team at Log

Main cybersecurity problem for colleges? Gathering diverse kinds of data (Help Net Security) The chief problem colleges is that they gather and store very diverse kinds of data, on both the student and their parents.

Legislation, Policy, and Regulation

Indonesia plans to block 30 million websites with new automated online censorship system (VPNCompare) The Indonesian Government plans to block up to 30 million websites after investing in a new automated online censorship system.

[Editorial] Are we ready? (Korea Herald) The shocking revelation that North Korea hacked war plans prepared by South Korea and the US calls for outside investigation by institutions such as the National Assembly or the state audit agency.

US government becomes the latest to demand 'back doors' in encrypted communications (Computing) US joins UK government in attacking encryption

Congressmen question DoD takeover of security clearance investigations (Federal Times) The Department of Defense’s scheduled takeover of its security clearance investigations from the National Background Investigations Bureau may only add to the clearance backlog rather than alleviate it.

DoD pushing hard to resume responsibility of its own security clearance process ( The Defense Department is strongly urging lawmakers to give it the authority to resume responsibility for its own security clearance process.

Army cyber should ‘let nerds be nerds,’ experts say (Army Times) The Army’s cyber organizations need to let “nerds be nerds” without pressure on them to rise into leadership roles, said members of a panel on cyber force management on Wednesday.

Litigation, Investigation, and Law Enforcement

Assange Disputes Congressman’s Story About Potential Deal (The Daily Caller) WikiLeaks founder Julian Assange disputed California Republican Rep. Dana Rohrabacher's statements that Assange would give up the source behind a release of Democratic National Committee emails in 20

'I'm not going to have that debate right now': Chelsea Manning really doesn't want to talk about WikiLeaks (Business Insider) "I can't talk about that," she said loudly, and often, about WikiLeaks at The New Yorker Festival on Sunday.

More pressure put on credit bureaus to make credit freezes free (Lehigh Valley Business Cycle) Three dozen attorneys general ask Experian to waive credit freeze fees after Equifax data breach

NY attorney-general probes Deloitte over cyber attack (Financial Times) Eric Schneiderman is also investigating Equifax hack

Cyber Court Commissioned for London (Acumin) This week it was announced that a new court is set to open to support the City of London. Based in the square mile, the 18 court room new building has been commissioned and will be backed by the City of London Corporation.

Nike, Walmart, Intact Lawyers Offer Advice On Privacy By Design (New York Law Journal) Put yourself in the consumer’s shoes. It may sound trite, but it is a running theme for in-house privacy counsel when making decisions about their companies—...

Efforts to Protect Consumer Data Face Corporate Pushback (New York Law Journal) Corban Rhodes and Ross Kamhi write: We are at a pivotal moment with respect to how the law protects consumer personal information. The public, however, is la...

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Connected Medical Device & IOT Security Summit (Baltimore, Maryland, USA, January 25 - 26, 2018) The Summit will offer practical solutions to many of the daunting security challenges facing medical device and connected health technology companies, healthcare providers, payers and patients. The program...

Upcoming Events

Global Conference on Cyberspace (GCCS) (New Dehli, India, November 23 - 24, 2017) The Global Conference on Cyberspace (GCCS) aims to deliberate on the issues related to promotion of cooperation in cyberspace, norms for responsible behaviors in cyberspace and to enhance cyber capacity...

Aviation Cyber Security (London, England, UK, November 21 - 22, 2017) Join us on November 21/22 in London, England for the Cyber Senate Aviation Cyber Security Summit. We will address key issues such as the importance of information sharing and collaboration, supply chain...

Federal IT Security Conference (Columbia, Maryland, USA, November 14, 2017) The Federal IT Security Institute (FITSI) in partnership with Phoenix TS in Columbia, MD is hosting the second annual Federal IT Security Conference. Speakers from NIST, DHS, the Defense Department as...

Sector (Toronto, Ontario, Canada, November 13 - 15, 2017) Illuminating the Black Art of Security. Now entering its 11th year, SecTor has built a reputation of bringing together experts from around the world to share their latest research and techniques involving...

Countermeasure (Ottawa, Ontario, Canada, November 9 - 10, 2017) Now into its sixth year in Ottawa, and consistently advancing in both size and content quality, COUNTERMEASURE continues to be the national capital's premier IT security event. As in years past, attendees...

2017 ICIT Gala & Benefit (Washington, DC, USA, November 9, 2017) The Annual ICIT Gala and Benefit is the year’s most prestigious and intimate gathering of legislative, agency and private sector leaders committed to protecting our Nation’s critical infrastructures. This...

4th Annual Journal of Law & Cyber Warfare Conference (New York, New York, USA, November 9, 2017) Join thought leaders across the industry for a day of collaboration and education with an outstanding group of cyber security experts. In this one-day program, we continue JLCW's 5+ year reputation for...

Fourth Annual JLCW Conference (New York, New York, USA, November 9, 2017) The 2017 Journal of Law and Cyber Warfare symposium speakers represent an unparalleled group of cyber security experts with a wide variety of industry expertise and knowledge. Attendees will hear from...

SINET Showcase 2017 (Washington, DC, USA, November 8 - 9, 2017) SINET – Washington DC provides a platform to identify and highlight “best-of-class” security companies that are addressing the most pressing needs and requirements in Cybersecurity. As always, this event...

CyCon US (Washington, DC, USA, November 7 - 8, 2017) The 2017 International Conference on Cyber Conflict U.S. (CyCon U.S.) will take place 7-8 Nov 2017 at the Ronald Reagan Building in Washington D.C. CyCon U.S. facilitates knowledge generation and information...

RSA Conference 2017 Abu Dhabi (Abu Dhabi, UAE, November 7 - 8, 2017) RSA Conference 2017 Abu Dhabi is the leading information security event in the region. This year's Conference will take place 7 to 8 November at the Emirates Palace in Abu Dhabi. Join us for two days of...

National Initiative for Cybersecurity Education Conference and Expo (Dayton, Ohio, USA, November 7 - 8, 2017) Cybersecurity has emerged as one of the leading creators of jobs and opportunity for all economic sectors. The demand for cybersecurity positions in both the public and private sector is large and growing,...

POC 2017 (Seoul, Korea, November 2 - 3, 2017) POC started in 2006 and has been organized by Korean hackers & security experts. It is an international security & hacking conference in Korea. POC doesn't pursue money. POC concentrates on technical and...

Exploring Health IT Innovation and Cybersecurity in the Digital Era (Kalamzoo, MIchigan, USA, November 2 - 3, 2017) Government, industry and academic leaders in health information technology and cybersecurity will headline a conference focused on "Exploring Health IT Innovation and Cybersecurity in the Digital Era"...

Cyber Security Summit: Boston (Boston, Massachusetts, USA, November 1, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Boston. Receive...

2017 International Information Sharing Conference (Washington, DC, USA, October 31 - November 1, 2017) Join us for the inaugural International Information Sharing Conference hosted by the Information Sharing and Analysis Organization Standards Organization (ISAO SO), with participation from the Department...

2017 International Information Sharing Conference (Washington, DC, USA, October 31 - November 1, 2017) Join us for the inaugural International Information Sharing Conference hosted by the Information Sharing and Analysis Organization Standards Organization (ISAO SO), with participation from the Department...

2017 Annual Conference: Networking the Future (Tampa, Florida, USA, October 27, 2017) Networking the Future is the Florida Center for Cybersecurity's fourth annual conference and will host hundreds of cybersecurity technical and non-technical stakeholders from industry, government, the...

RETR3AT Cybersecurity Conference (Montreat, North Carolina, USA, October 27, 2017) Each year, Montreat College’s Center for Cybersecurity Education and Leadership hosts RETR3AT, a conference designed to engage, educate, and raise awareness about cybersecurity in Western North Carolina...

RETR3AT Cybersecurity Conference (Montreat, North Carolina, USA, October 27, 2017) Each year, Montreat College’s Center for Cybersecurity Education and Leadership hosts RETR3AT, a conference designed to engage, educate, and raise awareness about cybersecurity in Western North Carolina...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.