skip navigation

More signal. Less noise.

Do you know the best practices for applying threat intelligence?

Threat intelligence is one of the most talked about areas of information security today, but how do you actually use it? Learn best practices for applying threat intelligence with Recorded Future's latest white paper. Download your free copy now.

Daily briefing.

Check Point warns that a new Internet-of-things botnet shaping up could become at least as damaging as Mirai. While they see some possible similarities and connections to Mirai, researchers regard this new botnet as "an entirely new and far more sophisticated campaign." The botmasters have concentrated on herding IP cameras. Check Point says "more than a million organizations" have been affected.

Sofacy (APT28) is aggressively exploiting the Adobe Flash vulnerability patched Monday. The Russian intelligence service threat actor is working to get as much as it can in the wild before the world gets around to applying the patch.

University of Washington researchers demonstrate how third-party attackers can exploit smartphone apps' targeted advertising systems to conduct surveillance of users.

Cisco joins the ranks of vendors who have patched against the KRACK WPA2 vulnerability.

Facebook draws adverse attention from those concerned with information operations and security. The social media giant says it's working to secure itself (a "painful" process) and promises to help secure upcoming Canadian elections.

Fairly or unfairly, suspicion of Kaspersky products as being the Russian FSB's royal road into the enterprise has taken firm root in the commercial sector.

NATO leaders feel unsure of their ability to counter Russian hybrid warfare, and fear losing battlefield advantage. 

The cost of NotPetya pseudoransomware continues to be counted. Verisk estimates that Merck's insurers will pay out some $275 million, with the big pharma company itself on the hook for more.

Marcus Hutchins ("Malwaretech") is out on bail and unencumbered, awaiting trial.

Notes.

Today's issue includes events affecting Canada, China, Estonia, Germany, NATO/OTAN, Russia, United Nations, United States.

A note to our readers: this coming week we plan to be in Atlanta for the annual Industrial Control System Security Conference. Watch for reports on the proceedings.

Are your needs being addressed at every stage of the cyber attack cycle?

Security organizations face numerous challenges, from increasingly large volumes of data and lack of tools and trained staff to validate intelligence, to the inability to operationalize threat intelligence. Learn how the threat intelligence-as-a-service model can strengthen and complement security postures of varying maturity levels in a webinar with Intellyx’s Principal Analyst Charles Araujo and LookingGlass’ Doug Dangremond, Senior Vice President of Threat Intelligence Services. Thursday, November 9 @ 2PM ET. Sign up now.

In today's podcast, we speak with our partners at Terbium Labs as Emily Wilson offers her well-informed take on credit bureau claims, post-Equifax breach, that they can scan the Dark Web. Our guest is Michael Sutton, CISO at Zscaler, who discusses the wisdom or unwisdom of zero-day hoarding. 

SecurityWeek’s 2017 ICS Cyber Security Conference (Atlanta, Georgia, USA, October 23 - 26, 2017) As the largest and longest-running cyber security-focused conference for the ICS/SCADA sector, SecurityWeek’s ICS Cyber Security Conference caters to the energy, utility, chemical, transportation, manufacturing, and other industrial and critical infrastructure organizations, including the military.

Earn a master’s degree in cybersecurity from SANS (Online, October 30, 2017) Earn a master’s degree in cybersecurity from SANS, the world leader in information security training. Learn more at a free online information session on Monday, October 30th, at 3:00 pm ET. For complete information on master’s degree and graduate certificate programs, visit www.sans.edu.

Cyber Security Summit: Boston and Los Angeles (Boston, Massachusetts, USA, November 8, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security on November 8 in Boston and November 29 in Los Angeles. Register with promo code cyberwire50 for half off your admission (Regular price $350).

Cyber Attacks, Threats, and Vulnerabilities

This new botnet could take down the internet - and it's rapidly spreading across the world (International Business Times UK) New botnet spotted enslaving internet-of-things (IoT) devices, said Check Point.

A New IoT Botnet Storm is Coming (Check Point Research) A massive Botnet is forming to create a cyber-storm that could take down the internet. An estimated million organizations have already been infected. The Botnet is recruiting IoT devices such as IP Wireless Cameras to carry out the attack. New cyber-storm clouds are gathering. Check Point Researchers have discovered of a brand new Botnet evolving …

APT28 racing to exploit CVE-2017-11292 Flash vulnerability before patches are deployed (Proofpoint) On Tuesday, October 18, Proofpoint researchers detected a malicious Microsoft Word attachment exploiting a recently patched Adobe Flash vulnerability, CVE-2017-11292. We attributed this attack to APT28 (also known as Sofacy), a Russian state-sponsored group.

Malware in firmware can be as equally creative as it can be destructive (WeLiveSecurity) Malware in firmware can be both creative and destructive and runs before the OS loads and target components in order to modify or subvert their behavior

MacOS Proton backdoor delivered via Trojanized media player app (Help Net Security) A Trojanized version of Elmedia Player software for Mac was available for download for who knows how long from the developer's official site.

'BoundHook' Technique Enables Attacker Persistence on Windows Systems (Dark Reading) CyberArk shows how attackers can leverage Intel's MPX technology to burrow deeper into a compromised Windows system.

Quarter of emails claiming to be from feds are malicious, unauthenticated, says cyber firm (Fifth Domain) Some 25 percent of emails claiming to be from the federal government are either unauthenticated or malicious, according to a new report from cybersecurity firm Agari.

Inside the thriving ransomware market (CSO Online) Researchers at Carbon Black examined the Ransomware market and discovered some interesting facts about the booming criminal economy. Mirroring some of the legal technology markets, such as those for software development, the market for Ransomware is dominated by unique custom solutions and turnkey offerings.

How individuals can use online ad buying to spy on you (Naked Security) It’s not just the advertisers who can track you

As our power grids get smarter, they're more vulnerable to attack (WIRED) In a sprawling office building in south Wales, Kevin Jones simulates massive cyber attacks on power grids, factories and other vital parts of national infrastructure. It’s the only way of knowing whether these facilities will cope when the real attack comes, he says.

Hacking the grid may not be as difficult as the October 13, 2017 Wired article suggests (Control Global) Aurora, forced oscillations, and other types of incidents that can manipulate physics may not be a difficult to cause as previously believed and may not be detectable from network anomaly detection.

10 Social Engineering Attacks Your End Users Need to Know About (Dark Reading) It's Cybersecurity Awareness Month. Make sure your users are briefed on these 10 attacker techniques that are often overlooked.

Security Patches, Mitigations, and Software Updates

Cisco plugs WPA2 holes, critical Cloud Services Platform flaw (Help Net Security) Cisco fixes WPA2 flaws that can be exploited in the newly unveiled KRACK attacks, as well as a critical vulnerability affecting its Cloud Services Platform.

Ubuntu 17.10 brings enhanced security and productivity for developers (Help Net Security) Ubuntu 17.10 features a new GNOME desktop on Wayland, and new versions of KDE, MATE and Budgie. On the cloud, it brings Kubernetes 1.8.

PC maker Purism disables flawed Intel Management Engine (Computing) Disabling Intel Management Engine, deeply embedded in Intel CPUs, could circumvent security risks,Security ,Intel,Purism,Intel Management Engine,Active Management Technology,AMT

Visa integrates biometrics for credit card payments (Computing) Visa plans to tighten payments with biometric authentication - although 'cardholder not present' will remain a problem,Financial Solutions,Security ,Visa,biometric,authentication,Visa ID Intelligence

Cyber Trends

The difference between cybersecurity and cybercrime, and why it matters [Commentary] (Fifth Domain) Most advice for avoiding online dangers – like having long passwords, using two-factor authentication and encrypting data – wouldn’t have helped Amy.

Business suffers as over-zealous security tools block legitimate work (Help Net Security) Security tools block legitimate work and lead to frustrated users, unhappy CISOs and strained relationships between workers and IT departments.

Can it be true? Most consumers value security more than convenience (Help Net Security) New research contradicts the widely-held belief that consumers value convenience and experience over security when shopping online.

The complex digital life of the modern family: Online safety and privacy concerns (Help Net Security) Learn about the concerns about online safety and privacy, and how the modern family views responsibility to keep themselves safe while on the Internet.

More than Half of US Banks Say Fraud Schemes Too Sophisticated and Evolve Too Quickly to Stop, Survey Reveals (GlobeNewswire News Room) Massive data breaches, such as Equifax, and quickly evolving hacking attacks present challenges as fraud related incidents increase

Alert Logic survey finds only 5% of EU companies believe they are compliant with GDPR - VanillaPlus - The global voice of Telecoms IT (VanillaPlus) Alert Logic, the provider of Security-as-a-Service solutions for the cloud, announced the results of a survey conducted with over 200 European based compan

Marketplace

Facebook is struggling to meet the burden of securing itself, security chief says (Ars Technica) Chief Security Officer described security report as a “very painful process.”

Merck cyber attack may cost insurers $275 million - Verisk's PCS (Reuters) Insurers could pay $275 million (209.06 million pounds) to cover the insured portion of drugmaker Merck & Co's loss from a cyber attack in June, according to a forecast by Verisk Analytics Inc's Property Claim Services (PCS) unit.

DHS piloting agile cyber acquisition, CDM for cloud, CISO says (Fedscoop) CISO Jeffery Eisensmith said the agency was developing a new acquisition management directive tailored around agile development, as well as cloud CDM.

Google wants bug hunters to probe popular Android apps for bugs (Help Net Security) Google has started the Google Play Security Reward Program, for bugs in all of Google's Android apps, as well as a short list of other popular ones.

Fidelis Cybersecurity Acquires TopSpin Security (BusinessWire) Fidelis Cybersecurity announces it has acquired TopSpin Security Ltd., a leading provider of deception and detection technologies.

Cisco Systems Acquires New-Gen Application Monitor Perspica (eWEEK) Networker said it will integrate Perspica’s engineers and intellectual property with its new AppDynamics team, which it acquired in January for $3.7 billion.

Intezer Raises $8M in Series A Funding (BusinessWire) Intezer (www.intezer.com), a cyber security startup focusing on malware analysis and detection, today announced it has raised $8 million in series A.

Is It Time for Data Center Managers to Say Goodbye to Kaspersky? (Data Center Knowledge) Experts question the company’s ability to survive allegations that the Russian government has built backdoors into its software.

Kaspersky's KGB links make it a bad choice for U.S. consumers (Philly.com) To some, it's the best antivirus security software. To others, a devil in disguise.

MobileIron CEO out in favor of CFO: Why now? (TechTarget) As the biggest standalone vendor left in the EMM market, MobileIron has faced questions about its future for years. Those will only intensify in light of the surprise departure of CEO Barry Mainz.

Tanium CEO moves forward through hiring a slew of executives and prepping for IPO (San Francisco Business Times) After a rocky start to the year, Emeryville-based security giant Tanium is in rebuilding mode. CEO Orion Hindawi talked about the new executives the company has brought on and how employees and customers reacted to reports earlier this year about alleged missteps.

Egnyte Appoints New Data Protection Officer, Releases First GDPR eBook (Business Insider) Co-Founder Kris Lahiri takes on new role to ensure company-wide data compliance.

Bicoastal bot detection company Distil Networks names new CEO (Technical.ly DC) Tiffany Olson Jones will be based at the company's Arlington office.

Proofpoint Inc. Appoints Kristen Gil to its Board of Directors (GlobeNewswire News Room) Proofpoint, Inc., (NASDAQ:PFPT), a leading next-generation cybersecurity company, today announced its Board of Directors has appointed Kristen Gil as a new independent director, effective October 17, 2017.

Terbium Labs Wins Cybersecurity Breakthrough Award (PRWeb) Terbium's Dark Web monitoring solution, Matchlight, named Data Leak Detection Solution of the Year

Products, Services, and Solutions

New infosec products of the week​: October 20, 2017 (Help Net Security) New infosec products of the week include offerings from Aqua Security, Barracuda, FileCloud, Ntrepid, Optiv Security, Samsung, and Scythe.

Top security tools, 2017: How cutting-edge products fare against the latest threats (CSO Online) We go hands-on with some of the most innovative, useful and, arguably, best security tools from today's most important cybersecurity technology categories.

NSS Labs Announces 2017 Breach Detection Systems Group Test Results (Business Insider) 4 Products Receive Recommended Rating; 1 Receives Neutral Rating; 1 Receives Security Recommended Rating; 1 Receives Caution Rating

Bell and Akamai to offer suite of web security and performance solutions for Canadian businesses (PRNewswire) Bell, Canada's largest communications company, and...

WISeKey blockchain platform allows countries to launch their own cryptocurrencies (BiometricUpdate) WISeKey has introduced World Internet Secure Coin (WISeCoin), a blockchain platform that allows countries to launch their own cryptocurrencies in an environment that provides interoperability in a …

LogRhythm launches cloud-based threat detection analytics (ITP Net) Cyber security vendor enhances threat lifecycle management with advanced analytics that leverage artificial intelligence

Technologies, Techniques, and Standards

7 things you might not know about cybersecurity insurance (JD Supra) The number of cyber attacks and data breaches are increasing, and the costs to respond to such incidents are also increasing. This underscores the...

Top Thoughts for GDPR Third-Party Management (Infosecurity Magazine) Your organization is explicitly responsible for the readiness and conduct of the third parties that store or process your EU citizen’s personal information.

DPP's commitment to cyber security (IBC) The Digital Production Partnership (DPP) has opened its Committed to Security Programme to the entire media industry to help reduce the loss or theft of content.

Design and Innovation

Craig Wright Couldn’t Prove He Invented Bitcoin, But He’s Back Anyway (Motherboard) Wright isn't mad, actually he's laughing.

Research and Development

Stunning AI Breakthrough Takes Us One Step Closer to the Singularity (Gizmodo) Remember AlphaGo, the first artificial intelligence to defeat a grandmaster at Go? Well, the program just got a major upgrade, and it can now teach itself how to dominate the game without any human intervention. But get this: In a tournament that pitted AI against AI, this juiced-up version, called AlphaGo Zero, defeated the regular AlphaGo by a whopping 100 games to 0, signifying a major advance in the field. Hear that? It’s the technological singularity inching ever closer.

Academia

WGU about to launch third year of Tenn-K scholarships (Kingsport Times-News) The Tenn-K is not an athletic road race but a post-high school academic endeavor, part of Gov. Bill Haslam's Drive to 55. Come Nov. 1 and going through March 15, Tennesseeans may apply for the Tenn-K Scholarship with WGU Tennessee. It's a $10,000 award paid out over two years.

Legislation, Policy, and Regulation

China goes looking online for government secrets (CSO Online) China’s president painted a picture of openness and diplomacy, but cyber activity that seems to come from the country indicate Chinese hackers pose a threat.

US, allies grapple with countering Russia’s cyberoffensive (Stars and Stripes) NATO’s long-standing tactical advantage on the battlefield could be at risk as cyber adversaries probe for weak points in the U.S.-led security pact’s networks, a top alliance official said.

So Who Has the Most Advanced Cyber Warfare Technology? (NASDAQ.com) Cyber warfare by definition is the use of computer technology to disrupt activities of a state or organization.

Cryptographic Identity: How Estonia Is Leading The World (Digit) Reliance on old-fashioned and inherently untrustworthy 'wet signatures' how can we move towards trusted cryptographic identity? Estonia is leading the way.

Trump UN envoy: Russia's election interference is 'warfare' (Fifth Domain) Nikki Haley, President Donald Trump’s chief envoy to the United Nations, cast Russian interference in the 2016 election as “warfare” on Thursday, breaking in tone, if not substance, from a president who has consistently downplayed Russian influence in American politics.

CIA director rebuked for false claim on Kremlin's election meddling (POLITICO) Democratic critics accused Mike Pompeo of echoing Trump that the meddling didn't affect the outcome.

How Facebook Will Protect the 'Integrity' of Canada's Next Election (Motherboard) "We don't want anyone to use our tools to undermine democracy."

Canada's 'super secret spy agency' is releasing a malware-fighting tool to the public (CBC News) The Communications Security Establishment acknowledges it needs to do a better job of explaining to Canadians what it does.

Senate Intelligence Committee to debate in secret a bill that would renew a powerful spy tool (Washington Post) The legislation would not impose new limits on data searches to protect privacy.

DoD Just One Piece of Cyberdefense Puzzle, Official Says (U.S. DEPARTMENT OF DEFENSE) Defense of America’s interests in cyberspace took center stage on Capitol Hill as the Senate Armed Services Committee heard testimony from the assistant secretary of defense for homeland defense and

DoD says it shouldn’t protect homeland from cyberthreats; McCain disagrees (Fifth Domain) The chairman of the Senate Armed Services Committee sparred with DoD representatives regarding the Pentagon's role in cyberspace in protecting the nation.

Frustrated senators demand cyber war strategy from Trump (TheHill) The issue has gained greater attention in the wake of Russia’s interference in the election.

Senators criticize White House as cyber adviser is no-show (Fifth Domain) Senators are criticizing the Trump White House for not allowing its senior cybersecurity adviser to testify before the Armed Services Committee.

McCain threatens to subpoena Trump's cybersecurity czar after he skips hacking hearing (ABC News) A clearly frustrated, bipartisan panel of senators today threatened to subpoena the Trump administration’s cyber czar, demanding to know how the White House plans to address "the disarray" that has embodied the U.S. government's response to cyber threats from Russia and other adversaries.

The Dragon Is Winning: U.S. Lags Behind Chinese Vulnerability Reporting (Recorded Future) Organizations need access to the latest vulnerability (CVE) information to manage their exposure to risk. The U.S. National Vulnerability Database (NVD) trails China’s National Vulnerability Database (CNNVD) in average time between initial disclosure and database inclusion (33 days versus 13 days).

Creating A National ID Would Threaten Americans’ Privacy And Security (The Federalist) The proposition that the federal government should be entrusted with even more information on citizens in a National ID is a bit of a high-stakes gamble.

NIST Small Business Cybersecurity Act Passes in the House (Lexology) On October 11, 2017, the House of Representatives passed bill H.R. 2105, the NIST Small Business Cybersecurity Act (NIST Act), which would require the…

Military Aims to Maintain Its Cyber Mission Force Roster (GovTechWorks) What the U.S. military is trying to achieve in building its Cyber Mission Force is akin to building an airplane – as it flies coast to coast. Even before the armed services achieve their goal of building a fully operational elite corps, they’re already putting those teams to work battling it out in cyberspace.

Ohio National Guard organizing volunteer teams to protect businesses from cyberattacks (Columbus Business Journal) The Ohio National Guard wants to introduce volunteer response teams to help businesses and government groups in the state defend from a cyber attack.

EU MEPs want stronger privacy rules for Internet-enabled communication services (Help Net Security) The European Parliament Committee on Civil Liberties, Justice and Home Affairs (LIBE) has backed new privacy protections for EU citizens.

Litigation, Investigation, and Law Enforcement

Germany's domestic intelligence agency warns of 'IS' sympathizers (Deutsche Welle) Germany’s domestic intelligence agency says 'IS' sympathizers returning to the country could pose a security risk. The agency's head also warned of the increasing threat of cyberwarfare.

Equifax Deserves the Corporate Death Penalty (WIRED) Opinion: The company had one job, and it failed. It deserves to be dissolved.

Judge: MalwareTech is no longer under curfew, GPS monitoring (Ars Technica) Marcus Hutchins, awaiting trial, can now live and work unencumbered in LA.

A 'Fortnite' Cheat Maker Duped Players Into Downloading a Bitcoin Miner (Motherboard) And now he's being sued.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Cyber Security Summit Los Angeles (Los Angeles, California, USA, November 30, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Los Angeles. Receive...

Cyber Security, Oil, Gas & Power 2017 (London, England, UK, November 29 - 30, 2017) ACI’s Cyber Security - Oil, Gas, Power Conference will bring together key stakeholders from energy majors and technology industries, to discuss the challenges and opportunities found in the current systems.

INsecurity (National Harbor, Maryland, USA, November 29 - 30, 2017) INsecurity is for the defenders of enterprise security—those defending corporate networks—and offers real-world case studies, peer sharing and practical, actionable content for IT professionals grappling...

INsecurity (National Harbor, Maryland, USA, November 29 - 30, 2017) Organized by Dark Reading, the web’s most trusted online community for the exchange of information about cybersecurity issues. INsecurity focuses on the everyday practices of the IT security department,...

AutoMobility LA (Los Angeles, California, USA, November 27 - 30, 2017) The Los Angeles Auto Show Press & Trade Days and Connected Car Expo have MERGED to form AutoMobility LA, the new auto industry’s first true trade show. Register to join us in Los Angeles this November.

Global Conference on Cyberspace (GCCS) (New Dehli, India, November 23 - 24, 2017) The Global Conference on Cyberspace (GCCS) aims to deliberate on the issues related to promotion of cooperation in cyberspace, norms for responsible behaviors in cyberspace and to enhance cyber capacity...

Aviation Cyber Security (London, England, UK, November 21 - 22, 2017) Join us on November 21/22 in London, England for the Cyber Senate Aviation Cyber Security Summit. We will address key issues such as the importance of information sharing and collaboration, supply chain...

Cyber Security Opportunities in Mexico Webinar (Washington, DC, USA, November 15, 2017) Learn about the cyber security opportunities in Mexico. Mexico is ranked 28th out of 164 countries in the ITU's 2017 Global Cyber Security Index. Companies spend approximately 3.5% of their IT budgets...

Federal IT Security Conference (Columbia, Maryland, USA, November 14, 2017) The Federal IT Security Institute (FITSI) in partnership with Phoenix TS in Columbia, MD is hosting the second annual Federal IT Security Conference. Speakers from NIST, DHS, the Defense Department as...

Sector (Toronto, Ontario, Canada, November 13 - 15, 2017) Illuminating the Black Art of Security. Now entering its 11th year, SecTor has built a reputation of bringing together experts from around the world to share their latest research and techniques involving...

Countermeasure (Ottawa, Ontario, Canada, November 9 - 10, 2017) Now into its sixth year in Ottawa, and consistently advancing in both size and content quality, COUNTERMEASURE continues to be the national capital's premier IT security event. As in years past, attendees...

2017 ICIT Gala & Benefit (Washington, DC, USA, November 9, 2017) The Annual ICIT Gala and Benefit is the year’s most prestigious and intimate gathering of legislative, agency and private sector leaders committed to protecting our Nation’s critical infrastructures. This...

4th Annual Journal of Law & Cyber Warfare Conference (New York, New York, USA, November 9, 2017) Join thought leaders across the industry for a day of collaboration and education with an outstanding group of cyber security experts. In this one-day program, we continue JLCW's 5+ year reputation for...

Fourth Annual JLCW Conference (New York, New York, USA, November 9, 2017) The 2017 Journal of Law and Cyber Warfare symposium speakers represent an unparalleled group of cyber security experts with a wide variety of industry expertise and knowledge. Attendees will hear from...

SINET Showcase 2017 (Washington, DC, USA, November 8 - 9, 2017) SINET – Washington DC provides a platform to identify and highlight “best-of-class” security companies that are addressing the most pressing needs and requirements in Cybersecurity. As always, this event...

Connected Medical Device & IOT Security Summit (Baltimore, Maryland, USA, January 25 - 26, 2018) The Summit will offer practical solutions to many of the daunting security challenges facing medical device and connected health technology companies, healthcare providers, payers and patients. The program...

CyCon US (Washington, DC, USA, November 7 - 8, 2017) The 2017 International Conference on Cyber Conflict U.S. (CyCon U.S.) will take place 7-8 Nov 2017 at the Ronald Reagan Building in Washington D.C. CyCon U.S. facilitates knowledge generation and information...

RSA Conference 2017 Abu Dhabi (Abu Dhabi, UAE, November 7 - 8, 2017) RSA Conference 2017 Abu Dhabi is the leading information security event in the region. This year's Conference will take place 7 to 8 November at the Emirates Palace in Abu Dhabi. Join us for two days of...

National Initiative for Cybersecurity Education Conference and Expo (Dayton, Ohio, USA, November 7 - 8, 2017) Cybersecurity has emerged as one of the leading creators of jobs and opportunity for all economic sectors. The demand for cybersecurity positions in both the public and private sector is large and growing,...

POC 2017 (Seoul, Korea, November 2 - 3, 2017) POC started in 2006 and has been organized by Korean hackers & security experts. It is an international security & hacking conference in Korea. POC doesn't pursue money. POC concentrates on technical and...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.