skip navigation

More signal. Less noise.

Do you know the best practices for applying threat intelligence?

Threat intelligence is one of the most talked about areas of information security today, but how do you actually use it? Learn best practices for applying threat intelligence with Recorded Future's latest white paper. Download your free copy now.

Daily briefing.

The Reaper botnet is still quiescent (for now, at least), but the security sector is keeping a weather eye out for the expected storm. (Ixia has advice for those interested in storm preparation.)

Most attention today, however, has gone to BadRabbit. Experts are increasingly convinced that it’s the work of the same threat actors responsible for NotPetya. The consequences of NotPetya were so heavy that BadRabbit is being watched with considerable concern.

FireEye, ESET, Avira, McAfee and others have noticed something interesting. The servers and sites BadRabbit's controllers used seem to have shut down after just a few hours of activity. The controllers appear to have taken down their own infrastructure. Why they might have done so is a matter of conjecture.

Other ransomware remains active. Iran's Computer Emergency Response Team Coordination Center reports that variants of Tyrant ransomware are circulating in that country. Comodo has been tracking what it characterizes as a fourth wave of IKARUS ransomware using the "Asasin" (sic) file extension. And Phishme notes that Sage ransomware has assumed a more convincing form, with a more "engaging" user interface and easier payment options.

The US Senate has moved closer to enacting a version of Section 702 surveillance authority for NSA.

Kaspersky Lab's transparency and charm counteroffensive may have hit a bump. The company acknowledged that its security software did indeed scoop up some NSA tools (from a machine that should never have had them in the first place). They say they promptly deleted the sensitive files.

Notes.

Today's issue includes events affecting Bulgaria, Germany, Iran, Japan, Kenya, Democratic Peoples Republic of Korea, Russia, Slovakia, Ukraine, United Kingdom, United States.

Maturing a threat intelligence program.

Whether you are getting started with threat intelligence or seeking to expand an existing program, the Threat Intelligence Maturity Model provides a systematic guide to help you understand where your organization resides on the path to a mature threat intelligence program. Download this white paper to learn how to apply threat intelligence to identify adversaries, prioritize your efforts, and take decisive action to keep your business on course.

In today's podcast we hear from our partners at the University of Maryland's Center for Health and Homeland Security, as Ben Yelin talks about the challenges states face as they try to fund upgrades to voting system security. Our two guests are Allegis Capital's Bob Ackerman and FireEye founder Dave DeWalt, who take the occasion of a business announcement to discuss the cybersecurity investment climate.

Earn a master’s degree in cybersecurity from SANS (Online, October 30, 2017) Earn a master’s degree in cybersecurity from SANS, the world leader in information security training. Learn more at a free online information session on Monday, October 30th, at 3:00 pm ET. For complete information on master’s degree and graduate certificate programs, visit www.sans.edu.

Cyber Security Summit: Boston and Los Angeles (Boston, Massachusetts, USA, November 8, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security on November 8 in Boston and November 29 in Los Angeles. Register with promo code cyberwire50 for half off your admission (Regular price $350).

Dateline ICS Cybersecurity Conference

The State of the State: a plea for clarity. (The CyberWire) Joe Weiss's annual State of the State address was a plea for clarity and a warning against the consequences of failure to improve the state of industrial control systems' security.

CrashOverride: its aftermath and its implications. (The CyberWire) Robert M. Lee (of Dragos) began his talk with some skepticism about our capacity to learn. "In the aftermath of each attack, people tend to use it to advocate for the positions they've already held. There's little evidence of people learning and changing their minds." That said, however, he offered a moderately encouraging assessment of the current reality of ICS security.

DHS's Dragonfly ICS campaign alert isn't enough, experts say (SearchSecurity) A DHS alert confirmed cyberattacks in the Dragonfly ICS campaign, but experts said warnings aren't enough and more action needs to be taken.

The Directive on security of network and information systems (NIS Directive) (Digital Single Market) The NIS Directive is the first piece of EU-wide legislation on cybersecurity. It provides legal measures to boost the overall level of cybersecurity in the EU.

NIST Special Publication 800-82 Revision 2: Guide to Industrial Control Systems (ICS) Security (National Institute of Standards and Technology) This document provides guidance on how to secure Industrial Control Systems (ICS), including Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC), while addressing their unique performance, reliability, and safety requirements.

Secure Architecture for Industrial Control Systems (SANS Institute) Industrial Control Systems (ICS) have migrated from stand-alone isolated systems to interconnected systems that leverage existing communication platforms and protocols to increase productivity, reduce operational costs and further improve an organization s support model.

Cyber Attacks, Threats, and Vulnerabilities

Infrastructure for the ‘Bad Rabbit’ Ransomware Appears to Have Shut Down (Motherboard) Most of the servers and sites used by the hackers behind the ransomware are down just a day after the outbreak started.

Bad Rabbit ransomware spreading in Eastern Europe 'with ties to NotPetya' (Computing) Ransomware is installed via a download and can move laterally within a network - but some researchers think that the scale of the problem has been blown out of proportion

An Aftershock of NotPetya Ransomware Sweeps Russia and Ukraine (WIRED) "BadRabbit," linked to the authors of NotPetya, hits hundreds of victims, including subways, an airport, and media firms.

New ransomware attack hits Russia and spreads around globe (Equity Xperts) The U.S. government has issued a warning about a new ransomware attack that spread through Russia and Ukraine and into other countries around the world.

Bad Rabbit malware raises fears of third global ransomware attack (ComputerWeekly) A new ransomware attack that has commonalities with WannaCry NotPeya is reportedly hitting organisations in Russia, Ukraine, Turkey, Bulgaria and Germany

Companies in Ukraine, Russia come under new cyberattack (Fifth Domain) A new strain of malicious software has paralyzed computers at a Ukrainian airport, the Ukrainian capital’s subway and at some independent Russian media.

Bad Rabbit Ransomware Spreads via Network, Hits Ukraine and Russia (TrendLabs Security Intelligence Blog) A ransomware campaign is currently ongoing, hitting Eastern European countries with what seems to be a variant of the Petya ransomware dubbed Bad Rabbit.

BadRabbit: a closer look at the new version of Petya/NotPetya (Malwarebytes Labs) BadRabbit, a new version of NotPetya, also has an infector allowing for lateral movements. However, unlike NotPetya, it does not use EternalBlue and uses a website to drop its payload.

Bad Rabbit: Not-Petya is back with improved ransomware (WeLiveSecurity) A new ransomware outbreak today has hit some major infrastructure in Ukraine including Kiev metro. Here are some details about this new variant of Petya.

‘BadRabbit’ Ransomware Burrows Into Russia, Ukraine (McAfee) McAfee is currently investigating a ransomware campaign known as BadRabbit, which initially infected targets in Russia and the Ukraine. We are also investigating reports of infected systems in Germany, Turkey, and Bulgaria and will provide updates as more information becomes available.

Tracking the BadRabbit Ransomware to an Ongoing Campaign of Target Selection (RiskIQ) A campaign distributing the ‘BadRabbit’ ransomware is claiming victims all around the world. RiskIQ data shows it's been happening longer than you think.

Threat Lab Alert for October 27, 2017: Bad Rabbit is in Season (Comodo News and Internet Security Information) New ransomware threat called “Bad Rabbit” was discovered by Comodo Threat Intelligence Lab’s malware analysts. Learn More.

Bad Rabbit Ransomware Outbreak in Russia and Ukraine (Anomali) OverviewOn October 24, 2017, security firms and media organization began reporting about an active ransomware campaign that, as of this writing, has primarily targeted entities in Russia and Eastern Europe. The infections are believed to have initiated on October 24 at approximately 12:16 UTC, evidenced by an infected company’s tweet as shown in Figure 1. The ransomware, dubbed “Bad Rabbit,” has infected a number of organizations across Russia and eastern Europe,

Experts weigh in on ‘Bad Rabbit’, the potential next WannaCry​ (Security Brief) Ever heard of Bad Rabbit? It’s the newest form of ransomware causing havoc in Eastern Europe that could be coming your way soon.

Bitcoin Gold: Cyber attack mars launch of rival cryptocurrency (The Telegraph) The latest rival to bitcoin has suffered a major cyber attack on its launch, crashing the new cryptocurrency's website.

Tyrant Ransomware Spreads in Iran Disguised as Popular VPN App (BleepingComputer) The Iran Computer Emergency Response Team Coordination Center (Iran CERTCC) has issued a security alert about a ransomware distribution campaign currently active in the country.

Comodo spots Asasin extension used by ransomware - Enterprise Times (Enterprise Times) Comodo Threat Intelligence Labs spot a fourth wave of IKARUSdilapidated Locky ransomware using an unknown file extension of Asasin 

Sage Ransomware Distinguishes Itself with Engaging User Interface and Easy Payment Process (PhishMe) In early 2017, the Sage ransomware distinguished itself with a fresh take on the business model for criminal ransomware operations. Built with an engaging, intuitive user interface for requesting the ransom payment, it also reinforced the fact criminals are willing to invest in developing new versions of established ransomware tools.  Sage has reasserted itself as a relevant player on the already-saturated ransomware threat landscape with version 2.2. The overarching ransomware trend is clearly one that will not subside anytime soon. The criminal business model for ransomware has proven itself viable and profitable in both high-profile crises as well as in...

Special Report: October 2017 – October brings 4th wave of ransomware attacks. (Comodo Threat Intelligence Lab) An October wave of new but related IKARUSdilapidated Locky ransomware attacks has been identified, making this the fourth reincarnation of the attacks discovered by the Comodo Threat Intelligence Lab in August 2017.

The Ransomware Menace (LookingGlass Cyber Solutions Inc.) Cybercrooks love ransomware because it’s a quick and easy way to make money. The victims, whose systems and critical files are now encrypted by malware, ar, October 24, 2017

Many of the world's most famous people are terrified about a new cyber attack (Independent) Many of the world's richest and most powerful people are bracing themselves for a huge leak of their information.

As forces become more connected, are they becoming more vulnerable? (Fifth Domain) IoT is transforming the military, providing greater access to essential information and helping soldiers make decisions faster. But despite all its benefits, IoT comes with its own set of security risks.

Department of Education: Hackers are targeting elementary and high schools (CNBC) Criminals are threatening to release sensitive data from student records.

Bitcoin Gold: Cyber attack mars launch of rival cryptocurrency (The Telegraph) The latest rival to bitcoin has suffered a major cyber attack on its launch, crashing the new cryptocurrency's website.

NHS board 'vulnerable' to cyber-attack (BBC News) A vital security patch had not been fully rolled out on NHS Lanarkshire's computers, a report finds.

Cyber Trends

How Enterprises are Protecting the Endpoint (Cylance) Bad actors focus their energy on developing sophisticated attacks. In fact, 46% of organizations have been the victim of ransomware in the last year.

Seventy Percent of IT Managers Say Feds Will Rely on Hybrid Cloud Environments in 10 Years (BusinessWire) MeriTalk's new study reveals Federal agencies’ challenges associated with managing and securing hybrid cloud environments.

Are smartphones the new cyber threat vector? (Fifth Domain) Smartphones are presenting a unique cybersecurity vulnerability, according to panelists at the annual MilCom conference hosted by AFCEA.

Security can no longer be 'The department of "No"', says Thomas Fischer (Computing) Understanding is key to building better infrastructure,Security Technology ,security-spotlight,IoT,Target,network,Internet of Things

Marketplace

Cyber Insurance Market Expects Sony & Democratic Party Data Breaches to Raise Awareness in the Corporate World (Digital Journal) Cyber Insurance Market, Spurred by Yahoo’s Reduced Valuation by Verizon, Expected to Play A Greater Role in Future M&As.

Virtual Reality and Immersive Technology are Game Changers for Cybersecurity Job Growth (PRNewswire) ProtectWise™, the enterprise security company that delivers pervasive...

Allegis Capital Adds Dave DeWalt—Former FireEye CEO—To Partnership as Managing Director; Firm Also Announces Name Change to AllegisCyber. (Yahoo! Finance) Allegis Capital, an early-stage cybersecurity venture capital firm, announced today that David G. DeWalt, the previous CEO of publicly held FireEye and a highly prominent ...

Maryland's many government contractors could have a big role in creating cybersecurity startups (Technical.ly Baltimore) The area's abundance of talent working around government-center services companies is often cited as an asset. Some cyber leaders see an opportunity to spin out startups directly from those companies.

Civil Announces $5 Million In Funding From ConsenSys (4-Traders) Civil, a decentralized newsmaking platform, today announced $5 million in funding from ConsenSys, the leading global blockchain venture studio.

Pressure from cloud computing giants like Amazon forced Akamai's CEO to shift focus to cybersecurity (CNBC) The Akamai CEO said the Equifax breach helped fuel the growth of the company's own security product as it pushes into cybersecurity.

Dragos, the ICS Community's All Star Cybersecurity Team, Now has Over 100 Years' Combined Experience Securing ICS and Countering Industrial Security Threats (Business Insider) Industrial control system (ICS) cybersecurity company Dragos (https://dragos.com) today announced the addition of several key members to its team.

Cyber Threat Alliance Expands Global Footprint with Addition of Sophos and Saint Security (Cyber Threat Alliance) The Cyber Threat Alliance (CTA) today announced the addition of Sophos and Saint Security to the organization as affiliate members...

Forcepoint Extends Leadership in Securing Global Governments, Appoints New Senior Vice President and General Manager (Business Insider) Global cybersecurity leader Forcepoint today announced the appointment of Sean D. Berg as senior vice president and general manager of Global Governments to further extend the company's leadership and growth in delivering robust, hardened cyber capabilities to government customers worldwide.

Products, Services, and Solutions

Cyxtera Launches Threat Analytics Services (Cyxtera) Cyxtera Technologies, the secure infrastructure company, today announced the immediate availability of a new suite of strategic threat analytics capabilities, designed to help enterprises, service providers and public-sector organizations better predict, detect and prevent cyberattacks.

EdgeWave Launches ThreatCheck Service; Provides Immediate Threat Analysis of Suspected Phishing Emails to End Users with a Single Click (GlobeNewswire News Room) Breakthrough service applies automated machine learning and human analysis to eliminate employee uncertainty over increasingly sophisticated malicious emails

Xero Chooses Imperva to Protect Its Cloud-Based Accounting Platform From Web Application Attacks (Imperva) Imperva, Inc. (NASDAQ:IMPV), committed to protecting business-critical data and applications in the cloud and on-premises, today announced that Xero, a leading global accounting platform provider, is using the Imperva SecureSphere Web Application Firewall (WAF) and the Imperva ThreatRadar service to further safeguard its cloud-hosted applications from malicious web application attacks.

inBay Technologies Kick-Starts Collaboration with VoiceTrust (PRWeb) Cybersecurity firm and voice biometrics company ink a deal to expand their respective markets with a combined solution

Microsoft’s Sonar lets you check your website for performance and security issues (TechCrunch) The team behind Microsoft's Edge browser launched a new open-source tool today that lets you check your website -- or really any other website if you're so..

Technologies, Techniques, and Standards

Ixia on How to Protect Your Network Infrastructure from “Reaper” Botnet (BusinessWire) Ixia on How to Protect Your Network Infrastructure from “Reaper” Botnet

National Defense ISAC Announces Official Formation (PRNewswire) The National Defense Information Sharing and Analysis Center™...

Synack's Jay Kaplan Has a White Hat Hacker Army (PC Magazine) Synack co-founder and CEO Jay Kaplan has a network of white hat hackers available to rent. He talks with us about cybersecurity and how he protects his own security online.

Design and Innovation

Amazon Key will enable drivers to let themselves in to your house to deposit parcels (Computing) Err, I don't think so, thank you very much

Academia

Slovak university to research security threats in cyberspace (spectator.sme.sk) Matej Bel University will analyse potential security threats and unrest funded by a research grant from IBM.

Legislation, Policy, and Regulation

Israel eyes measures to prevent election cyber sabotage (Reuters) Israel is on guard against hacking ahead of the next general election, one of its most senior cyber security officials said, identifying Iran as posing the greatest overall risk to the country's cyber security.

Senate intelligence panel votes to renew surveillance law (Fifth Domain) There is bipartisan support for the surveillance law, which allows U.S. intelligence agencies to collect information on foreigners abroad, but some lawmakers are seeking provisions they claim will better protect Americans’ communications.

US Senate panel approves legislation to renew the National Security Agency's internet surveillance program (Tech2) Senators introduced legislation that would require the NSA to obtain a warrant for queries of data on Americans under an internet surveillance program.

Bill Calls for Cyber Training for House Lawmakers (Nextgov) Staffers are currently required to undergo cybersecurity training, but members aren’t.

DoD's Zangardi to be new DHS CIO (FederalNewsRadio.com) John Zangardi is leaving DoD to become the new chief information officer at the Department of Homeland Security, replacing Richard Starolopi.

Litigation, Investigation, and Law Enforcement

Kaspersky admits filching NSA hacking tool source code via anti-virus software (Computing) Equation Group malware picked up by Kaspersky Anti-Virus in routine scan, company claims,Security,Cloud and Infrastructure ,Kaspersky,Eugene Kaspersky,NSA,National Security Agency,Security

Kaspersky: We uploaded US documents but quickly deleted them (ABC News) Sometime in 2014, a group of analysts walked into the office of Eugene Kaspersky, the ebullient founder of Russian cybersecurity firm Kaspersky Lab, to deliver some sobering news. Kaspersky's anti-virus software had automatically scraped powerful digital surveillance tools off a computer in...

Russian firm says pirated Microsoft Office led to NSA 'backdoor' (NY Daily News) Kaspersky Lab did not say whether it told U.S. authorities about the detection of the sensitive hacking tools on the worker’s computer.

NSA bloke used backdoored MS Office key-gen, exposed secret exploits – Kaspersky (Register) Ooh, IT just got real

Time for the Feds to Say What They Know About Kaspersky (WIRED) If the US government is going to ban Kaspersky's software, it owes it to the rest of the world's security to say why.

Where Are We with Kaspersky Software? Congress Wants to Know (Government Technology) The removal of the Russian-made software from federal systems was ordered in September, but now senators are circling back for more details.

Kenya Is Barreling Toward an 'Illegal' Election (Foreign Policy) Kenya’s election crisis deepened after its Supreme Court punted on a decision to delay Thursday’s troubled rerun election.

Clinton Campaign, DNC Helped Fund Trump-Russia Dossier (Wall Street Journal) Hillary Clinton’s campaign and the Democratic National Committee were among those who paid a firm for research that led to a dossier of unverified allegations about President Trump’s activities and connections in Russia.

Analysis | The Clinton camp and DNC funded what became the Trump-Russia dossier: Here’s what it means (Washington Post) It was previously reported that Clinton supporters helped fund the dossier, but the new finding could still mean appearance problems for Democrats.

10 Things Reporters Need To Understand About The Steele Dossier (The Federalist) There's a lot of misinformation swirling about the shoddy dossier on Trump/Russia compiled by Christopher Steele. Here's what's been reported on the matter.

Dossier fight could be first legal test for Hill Russia probes (POLITICO) Fusion GPS is asking a federal judge in Washington for a restraining order to block the House Intelligence Committee from obtaining the firm's bank records.

New York Times reporters cry foul over 'Trump dossier' pushback (Washington Examiner) 'Folks involved in funding this lied about it, and with sanctimony, for a year.'

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Third International Conference on Information Security and Digital Forensics (ISDF 2017) (Thessaloniki, Greece, December 8 - 10, 2017) A 3 day event, with presentations delivered by researchers from the international community, including presentations from keynote speakers and state-of-the-art lectures.

Cyber Security Indonesia 2017: Shaping National Capacity for Cyber Security (Jakarta, Indonesia, December 6 - 7, 2017) Cyber Security Indonesia 2017 exhibition and conference, brought to you by the organisers of the Indonesia Infrastructure Week, will bring cyber security solutions providers together with key government...

National Insider Threat Special Interest Group Meeting (Virginia Chapter) (Herndon, Virginia, USA, December 5, 2017) The National Insider Threat Special Interest Group (NITSIG) is excited to announce it has established a Virginia Chapter. NITSIG Members and others may attend meetings at no charge. Attendees will receive...

Cyber Security Summit Los Angeles (Los Angeles, California, USA, November 30, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Los Angeles. Receive...

Cyber Security, Oil, Gas & Power 2017 (London, England, UK, November 29 - 30, 2017) ACI’s Cyber Security - Oil, Gas, Power Conference will bring together key stakeholders from energy majors and technology industries, to discuss the challenges and opportunities found in the current systems.

INsecurity (National Harbor, Maryland, USA, November 29 - 30, 2017) INsecurity is for the defenders of enterprise security—those defending corporate networks—and offers real-world case studies, peer sharing and practical, actionable content for IT professionals grappling...

INsecurity (National Harbor, Maryland, USA, November 29 - 30, 2017) Organized by Dark Reading, the web’s most trusted online community for the exchange of information about cybersecurity issues. INsecurity focuses on the everyday practices of the IT security department,...

AutoMobility LA (Los Angeles, California, USA, November 27 - 30, 2017) The Los Angeles Auto Show Press & Trade Days and Connected Car Expo have MERGED to form AutoMobility LA, the new auto industry’s first true trade show. Register to join us in Los Angeles this November.

Global Conference on Cyberspace (GCCS) (New Dehli, India, November 23 - 24, 2017) The Global Conference on Cyberspace (GCCS) aims to deliberate on the issues related to promotion of cooperation in cyberspace, norms for responsible behaviors in cyberspace and to enhance cyber capacity...

Aviation Cyber Security (London, England, UK, November 21 - 22, 2017) Join us on November 21/22 in London, England for the Cyber Senate Aviation Cyber Security Summit. We will address key issues such as the importance of information sharing and collaboration, supply chain...

Cyber Security Opportunities in Mexico Webinar (Washington, DC, USA, November 15, 2017) Learn about the cyber security opportunities in Mexico. Mexico is ranked 28th out of 164 countries in the ITU's 2017 Global Cyber Security Index. Companies spend approximately 3.5% of their IT budgets...

Federal IT Security Conference (Columbia, Maryland, USA, November 14, 2017) The Federal IT Security Institute (FITSI) in partnership with Phoenix TS in Columbia, MD is hosting the second annual Federal IT Security Conference. Speakers from NIST, DHS, the Defense Department as...

Sector (Toronto, Ontario, Canada, November 13 - 15, 2017) Illuminating the Black Art of Security. Now entering its 11th year, SecTor has built a reputation of bringing together experts from around the world to share their latest research and techniques involving...

Countermeasure (Ottawa, Ontario, Canada, November 9 - 10, 2017) Now into its sixth year in Ottawa, and consistently advancing in both size and content quality, COUNTERMEASURE continues to be the national capital's premier IT security event. As in years past, attendees...

2017 ICIT Gala & Benefit (Washington, DC, USA, November 9, 2017) The Annual ICIT Gala and Benefit is the year’s most prestigious and intimate gathering of legislative, agency and private sector leaders committed to protecting our Nation’s critical infrastructures. This...

4th Annual Journal of Law & Cyber Warfare Conference (New York, New York, USA, November 9, 2017) Join thought leaders across the industry for a day of collaboration and education with an outstanding group of cyber security experts. In this one-day program, we continue JLCW's 5+ year reputation for...

Fourth Annual JLCW Conference (New York, New York, USA, November 9, 2017) The 2017 Journal of Law and Cyber Warfare symposium speakers represent an unparalleled group of cyber security experts with a wide variety of industry expertise and knowledge. Attendees will hear from...

SINET Showcase 2017 (Washington, DC, USA, November 8 - 9, 2017) SINET – Washington DC provides a platform to identify and highlight “best-of-class” security companies that are addressing the most pressing needs and requirements in Cybersecurity. As always, this event...

CyCon US (Washington, DC, USA, November 7 - 8, 2017) The 2017 International Conference on Cyber Conflict U.S. (CyCon U.S.) will take place 7-8 Nov 2017 at the Ronald Reagan Building in Washington D.C. CyCon U.S. facilitates knowledge generation and information...

RSA Conference 2017 Abu Dhabi (Abu Dhabi, UAE, November 7 - 8, 2017) RSA Conference 2017 Abu Dhabi is the leading information security event in the region. This year's Conference will take place 7 to 8 November at the Emirates Palace in Abu Dhabi. Join us for two days of...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.