skip navigation

More signal. Less noise.

Do you know the best practices for applying threat intelligence?

Threat intelligence is one of the most talked about areas of information security today, but how do you actually use it? Learn best practices for applying threat intelligence with Recorded Future's latest white paper. Download your free copy now.

Daily briefing.

In a surprise ruling, Kenya's supreme court rules that presidential elections conducted early in August were, in fact, sufficiently tampered with to warrant a do-over within the next sixty days. Incumbent President Kenyatta's reelection is thus nullified, much to the surprise of everyone (including the disappointed challenger who petitioned the court to set the results aside on the grounds that voting had been electronically manipulated). The decision is particularly surprising given the consensus among international observers that the election had been fairly conducted.

FireEye says Chinese cyber operators have increased their attacks on government and business targets in Vietnam. The attacks coincide with increased tension over South China Sea territorial claims.

North Korean operators are more closely tied to raids on South Korean Bitcoin exchanges. The DPRK is expected to make more such attacks as it seeks to compensate for revenue lost from sanctions imposed to constrain its nuclear and ballistic missile programs.

WikiLeaks yesterday dumped documents purporting to describe a CIA implant framework, "Angelfire," said to be effective against Windows 7 and Windows XP machines. Bleeping Computer sniffs that if Angelfire is indeed a CIA product, it doesn't represent Langley's best work. Its discussion characterizes the tools described as crude.

Locky and other ransomware have surged this week. One strain is even reported to have been present in certain US Government websites.

Accused leaker and former NSA contractor Reality Winner tells the court that she wasn't properly Mirandized when she first spoke with FBI Special Agents searching her apartment.

Notes.

Today's issue includes events affecting Canada, China, European Union, Hungary, India, Kenya, Democratic Peoples Republic of Korea, Republic of Korea, Romania, Russia, United Kingdom, United States, and Viet Nam.

A note to our readers: Monday is Labor Day in the US, and the CyberWire won't be publishing. The Week that Was will be out as usual Sunday evening, and normal publication of the Daily News Briefing and the Daily Podcast will resume on Tuesday, September 5th. Enjoy the holiday.

Bank of America needs your cyber security experience.

As one of the world's leading financial institutions, Bank of America has built an extraordinary team of cyber security professionals focused on defending critical financial services infrastructure. That team is growing and needs your experience. Find exciting and rewarding opportunities across the United States for ethical hackers, intrusion analysts, malware analysts, crypto architects and more.

In today's podcast we hear from our partners at the Johns Hopkins University: Joe Carrigan talks about the security issues fitness apps exhibit. Our guest, Charles Henderson from IBM’s X-Force Red Group, discusses automotive cybersecurity.

Incident Response 17: IR17 The First Operational Community-Driven Incident Response Conference (Pentagon City, VA, USA, September 11 - 12, 2017) IR17 is open to both commercial and government professionals. Join us to learn tips and best practices from industry leaders. IR17 features 30+ hours of practical training, 36 breakout sessions designed for all levels of experience, and you will leave the conference with a developed incident response plan.

Cyber Security Summit: New York and Boston (New York, New York, USA, September 15, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Darktrace, Arbor Networks, CenturyLink and more. Register with promo code cyberwire50 for half off your admission (Regular price $350).

3rd European Cybersecurity Forum – CYBERSEC (Krakow, Poland, October 9 - 10, 2017) CYBERSEC is a unique Europe-wide, annual public policy conference dedicated to strategic aspects of cybersecurity. Conference’s mission is to foster the building of a Europe-wide cybsersecurity system and create a dedicated collaborative platform for governments, international organisations, and key private-sector organisations.

Florida’s Annual Cybersecurity Conference (Tampa, Florida, USA, October 27, 2017) Networking the Future, the Florida Center for Cybersecurity's fourth annual conference, will host hundreds of technical and non-technical stakeholders from industry, government, the military, and academia to explore emerging threats, best practices, and the latest research and trends.

Cyber Attacks, Threats, and Vulnerabilities

Chinese cyber spies broaden attacks in Vietnam, security firm says (Reuters) Cyber spies working for or on behalf of China's government have broadened attacks against official and corporate targets in Vietnam at a time of raised tension over the South China Sea, cyber security company FireEye said.

Best Korea fingered for hacks against Bitcoin exchanges in South (Register) Norks planning more raids to cover sanction losses, say intel boffins

Bitcoin's booming valuation is helping attract more cybercriminals (SC Media US) The skyrocketing value of bitcoin and Ethereum may not be the sole reason behind the recent uptick in cybercrimes focused on stealing cryptocurrencies, but industry analysts note that it certainly has given cybercriminals one more good reason to focus their efforts in this area.

How they tried to hack our ICO – Anti Danilevski, CEO KICKICO (Medium) DDOS on preICO stage

CIA sneak undetectable ‘malicious’ implants onto Windows OS - WikiLeaks (RT International) Windows machines are targeted by the CIA under ‘Angelfire,’ according to the latest release from WikiLeaks’ ‘Vault7’ series. The documents detail an implant that can allow Windows machines to create undetectable libraries.

CIA Developed Windows Malware That Alters Boot Sector to Load More Malware (BleepingComputer) WikiLeaks published today documentation on the CIA Angelfire project, a malware framework developed to infect Windows computers.

Observations about the attack on WikiLeaks (Mon Blog) On 30 august, this year, a technical attack was performed against WikiLeaks, leading some visitors of WikiLeaks' Web site to see instead a claim by "OurMine" that they seized control of WikiLeaks' servers. A lot of stupid things, by ignorant people (both WikiLeaks fans and ennemies), have been said on the networks, about this attack.

Twitter bots unleashed in a social media disruption tactic (#BotSpot: The Intimidators) Overnight from August 28 to August 29, a major Twitter botnet opened a new front in its ongoing attempts to intimidate @DFRLab, creating fake accounts to impersonate and attack our team members.

US Government Site Was Hosting Ransomware (Threatpost) As recently as Wednesday, a U.S. government website was hosting a malicious JavaScript downloader that led victims to installations of Cerber ransomware.

Crypto-Ransomware Targets 20 Million Inboxes (Infosecurity Magazine) Crypto-Ransomware Targets 20 Million Inboxes. Latest blitz comes during another week of high profile attacks

Malspam pushing Locky ransomware tries HoeflerText notifications for Chrome and FireFox (SANS Internet Storm Center) During past two weeks or so, we've seen plenty of botnet-based malicious spam (malspam) pushing Locky ransomware. In recent days, I've noticed multiple waves of malspam every weekday. It gets a bit boring after a while, but as 2017-08-31 came to a close, I noticed a different technique from this malspam.

Locky ransomware returns with new tricks up its sleeve (Help Net Security) Locky returns! The ransomware is now delivered with the help of new tricks. The malware arrives attached to emails with vague subject lines.

New Locky ransomware spam campaign uses 'zombie computers' to send over 62,000 emails in just 3 days (International Business Times UK) The ransomware's new variant IKARUSdilapidated used over 11,000 IP addresses in 133 countries to carry out the attacks.

WireX botnet offers glimpse of Android DDoS threat (Naked Security) A group of companies has worked together to target a botnet built via Android malware

Three Hardcoded Backdoor Accounts Discovered in Arris Modems (BleepingComputer) Security researchers have found five gaping holes in the firmware running on Arris modems, three of which are hardcoded backdoor accounts.

Discovering a Session Hijacking Vulnerability in GitLab (Imperva Incapsula) GitLab is a widely used SaaS provider that focuses on developer related issues, including Git repository management, issue tracking and code review. During a recent pen test of GitLab (I wanted to see the service was a good fit to use at Incapsula), I was surprised to come across a vulnerability that leaves users exposed to session hijacking attacks.

Celebs’ phone numbers and e-mail addresses exposed in active Instagram hack (Ars Technica) Hackers exploited app bug, then advertised data in underground forums, researchers say.

New Facebook, Instagram Bugs Demonstrate Social Media Risk (Dark Reading) Security flaws in Facebook Messenger and Instagram let hackers propagate attacks and steal personal data.

House of Cards literary publisher exposed thousands sensitive client files (International Business Times UK) The leaked data includes unpublished books, royalty payments, invoice and contract details.

DDoS attacks on the rise (My Broadband) New data shows that DDoS and web application attacks are on the rise.

Net neutered: When ISPs like Comcast crash the cloud (ZDNet) Upstream service providers should not be breaking basic web service protocol connectivity.

Canadian university scammed out of $11.8 million (Help Net Security) A series of fraudulent emails convinced university staff to change electronic banking information for one of the university’s major vendors.

Nottinghamshire County Council Exposes Elderly, Disabled PII for 5 Years (Infosecurity Magazine) The council has been fined £70,000 by the Information Commissioner’s Office.

Security Patches, Mitigations, and Software Updates

Instagram fixes API blamed for celebrity data leaks (ComputerWeekly) Instagram says it has fixed the API responsible for enabling hackers to access some personal details of high profile users of the service

Cyber Trends

Cyber: Winning the battles, but losing the war? (Insurance & Risk Professional) Cyber risk is now a prominent threat. Brokers can help educate clients on the risk how to tackle it within their organisation.

Payment Security Compliance Improving, Verizon Security Report Finds (eWEEK) Verizon's 2017 Payment Security Report finds that just over half of organizations remain PCI-DSS compliant one year after an initial assessment.

Indian firms yet to realise importance of protecting user data (Business Standard) SC said in Right to Privacy judgment that electronic tracks contain powerful means of information

Tech companies are cracking down on hate speech (Ars Technica) In light of Charlottesville, Silicon Valley revisits its absolute approach to free speech.

Reporter: Google successfully pressured me to take down critical story (Ars Technica) Google allegedly told Forbes "the article was problematic and had to come down."

Google is losing allies across the political spectrum (Ars Technica) Antitrust sentiment grows, so does skepticism about Google on both the left and the right.

Marketplace

How Effective Boards Drive Security Mandates (Dark Reading) The focus on cybersecurity policies must be prioritized from the top down.

IBM bucks trend, calls remote workers back into offices as tech changes (lohud.com) On Labor Day 2017, trends at companies like IBM, Xerox and ADP suggest concerns over skills gap, burnout in the age of smartphones and globalization

Juniper Networks Adds Analytics Startup Cyphort To Its Security Technology Portfolio (CRN) Juniper Networks plans to integrate Cyphort's security technology into its advanced threat prevention product, Sky ATP. The acquisition brings Cyphort CEO Manoj Leelanivas back to Juniper, where he worked for 14 years.

Qualys Completes Asset Purchase of Nevis Networks (Cellular News) Qualys, Inc. (NASDAQ QLYS), a pioneer and leading provider of cloud based security and compliance solutions, today announced that it has completed the purchase of certain assets of Nevis Networks.

Ex-CIA Agent Raises $40M To Find Every 'Thing' On The Web In Just One Hour (Forbes) Qadium, a Peter Thiel-backed cybersecurity start-up from San Francisco, has raised a Series B of $40 million, as it expands its product that CEO and ex-CIA analyst Tim Junio claims can index almost every device connected to the public internet in just an hour.

Basis Set Ventures gets real to get to the heart of AI startups (TechCrunch) Lan Xuezhao has spent the last few months pulling together $136 million for her new machine intelligence-focused venture capital fund, Basis Set Ventures. I..

CACI Lands Task Order for Air Force Cyber Software Support; Ken Asbury Comments (GovCon Wire) CACI International (NYSE: CACI) will provide software development

3 Things to Watch in Palo Alto Networks' Earnings Report (Madison.com) Palo Alto Networks (NYSE: PANW) investors are eagerly anticipating another round of strong results that could help sustain the stock's recent momentum. The cybersecurity specialist has made a terrific comeback

Lessons from the FBI on enterprise security (Enterprise Innovation) David Mahon, Chief Security Officer of CenturyLink, who served 30 years with the FBI, shares on how the pace of regulation keeps up with technological advancement, cooperation amongst good actors vs bad actors, and why enterprises minimize IT and security resources.

Products, Services, and Solutions

New infosec products of the week​: September 1, 2017 (Help Net Security) New infosec products of the week​ include releases from Bitdefender, Great Bay Software, Palo Alto Networks, WatchGuard, CloudBees and Tufin.

HackerOne aims to pay bug bounty hunters $100 million by 2020 (ZDNet) The bug bounty platform predicts that 200,000 vulnerabilities will have been fixed by the same year.

New WatchGuard Wi-Fi Access Point Delivers Top Performance and Security for High-Density Wireless Networks (PRNewswire) WatchGuard® Technologies, a leader in advanced network security solutions,...

Deloitte cyber intelligence center in Hungary will also serve Romania (Romania Insider) Deloitte has opened a new cyber intelligence center in Hungary, which will serve 18 countries in Central and Eastern Europe, including Romania.

PFP Cybersecurity Presents a Unique Approach to IOT Security by Using Power Analysis and AI (PRNewswire) PFP Cybersecurity, a leader in embedded cybersecurity for IoT devices,...

vCISO Services, LLC Launches to Help Secure Small and Medium Businesses (PRNewswire) To combat the growing threat of cyber-attacks to small and medium..

Technologies, Techniques, and Standards

The Ins and Outs of GDPR (Infosecurity Magazine) GDPR will require companies to take truly effective steps to safeguard the data with which their customers have entrusted them.

DNS: Early Warning System for Cyber Attacks (Computerworld) Real-Time Intelligence is Key

Machine learning for malware: what could possibly go wrong? (Naked Security) Relying on labels can make or break machine learning-based malware analysis – here’s how to mitigate that

The "Imitation Game" - The Need for Human Intelligence in Threat Operations (Security Week) “What if only a machine could defeat another machine?”

How the right cyber intelligence can give agencies the upper hand (FederalNewsRadio.com) Tony Cole, vice president and global government chief technology officer for FireEye, said threat intelligence will help agencies mitigate risks by answering some basic questions about who the attackers are and what they are trying…

SolarWinds’ Joe Kim: Federal IT Pros Should Integrate Network Monitoring Into Software-Defined Data Centers (ExecutiveBiz) Joe Kim, a senior vice president and global chief technology officer at SolarWinds, has said federal information technology managers should implement network monitoring tools to address challenges associated with the adoption of software-defined data centers. Kim wrote in a GCN article published Tuesday those SDDC-related challenges include the need to manage service-level agreements and configuration issues. Government...

What's the use of a privacy policy? (Help Net Security) Personal Data as the new oil is the first slide of any presentation related to privacy, so chances are most tech companies understand this.

The strength of networks depends on data center interconnect (CIO) CIOs and CTOs should be spending the money to upgrade their networks.

How to measure cybersecurity effectiveness — before it’s too late (CIO) The majority of organizations don't apply metrics to their cybersecurity efforts, and those that do often measure the wrong things. Here’s how to ensure your cybersecurity projects pay off.

Cheat Sheet for Analyzing Malicious Software (Lenny Zeltser) This cheat sheet presents tips for analyzing and reverse-engineering malware. It outlines the steps for performing behavioral and code-level analysis of malicious software.

Design and Innovation

Apple's biometric identity crisis (CRN Australia) [Comment] Is Apple planning an about-face on its next iPhone's security?

Google’s Transformer solves a tricky problem in machine translation (TechCrunch) Machine learning has turned out to be a very useful tool for translation, but it has a few weak spots. The tendency of translation models to do their work..

Army’s multidomain battle brings manned-unmanned teaming to the fore (C4ISRNET) For future concepts in multidomain battle scenarios and operating environments going forward, manned-unmanned teaming could involve a battlespace in which users can share control of UAS and see unprecedented situational awareness.

New authentication methods help companies to ditch passwords (BetaNews) Most people now recognize that passwords alone are flawed as a means of securing systems. The problem is that there are lots of options when it comes to finding a better way of doing things.

58 Insane Facts About Bitcoin (BitcoinPlay) Satoshi Nakamoto: the mysterious legend...

Research and Development

The first quantum-cryptographic satellite network will be Chinese (Economist) Quantum cryptography’s early birds

Rare-Earth Nanocrystals May Be a Key Component of Building the Quantum Internet (Motherboard) Caltech physicists offer a crucial new technology in quantum computing.

Seeing Is Believing For Artificial Intelligence (SIGNAL Magazine) Geospatial imagery as well as facial recognition and other biometrics are driving the intelligence community’s research into artificial intelligence.

JP Morgan Chase just got a patent on basic app communications (Ars Technica) A simple Google search would have found oodles of prior art.

Legislation, Policy, and Regulation

China’s Cybersecurity Law Gives the Ministry of State Security Unprecedented New Powers Over Foreign Technology (Recorded Future) Foreign companies seeking to conduct business in China now face a host of legal and ethical decisions that might not have been previously considered.

Foreign Firms Should Fear New Chinese Cyber-Law: Report (Infosecurity Magazine) Foreign Firms Should Fear New Chinese Cyber-Law: Report. Source code reviews could generate exploits for Chinese spies

India, EU reaffirm commitment to free, secure cyberspace (The Indian Express) According to the statement, domestic cyber policy landscape, cyber threats and mitigation, internet governance, mechanism on bilateral cooperation and possible cooperation at various international fora and regional for a were among the areas that came up for discussion

Portions of New York DFS Cybersecurity Rules Now in Effect (InsideARM) On Monday, the first of several cybersecurity requirements for entities regulated by the New York Department of Financial Services (DFS) came into effect.

Will Trump and Congress declare war on WikiLeaks? (Thomasville Times-Enterprise) The Senate Intelligence Committee recently passed its Intelligence Authorization Act for 2018 that contains a chilling attack on the First Amendment. Section 623 of the act expresses the “sense of

Is Wikileaks A "Non-state Hostile Intelligence Service" As Some Claim? (Cato Institute) Wikileaks may be many things, but the notion that it is a stateless equivalent to the FSB or Mossad is laughable.

Email marketers call for stricter FTC rules on spam (Cyberscoop) Counter-intuitively, two coalitions of online and email marketing companies are calling for the FTC to tighten restrictions on spam.

Apple's Real Reason for Finally Joining the Net Neutrality Fight (WIRED) Why a strong and open internet became "a top thing" for Tim Cook and co.

Litigation, Investigation, and Law Enforcement

Kenya Supreme Court Nullifies Presidential Election (New York Times) The justices threw out last month’s re-election of President Uhuru Kenyatta, calling the result “null and void” and ordering a new vote.

Former Pentagon Official's Push to Prevent Election Hacking (Real Clear Defense) Up until last year’s presidential election, cybersecurity was an issue relegated to policy wonks and techies. It has since not only become part of the national

SC has kept hackers out of voting systems, but watchdogs want details on the attacks (The State) South Carolina elections officials cite millions of attempts — none successful — to get access to voter registration information or voting data. Election watchdogs in Columbia and Charleston, however, want to see the evidence that no information was compromised.

FBI, Homeland Security warn of more ‘antifa’ attacks (POLITICO) Confidential documents call the anarchists that seek to counter white supremacists "domestic terrorists."

Air Force Vet Admitted To Leaking NSA Documents, But Her Confession Might Not Count In Court (Task & Purpose) An Air Force vet told FBI agents that she had leaked NSA documents, but a legal technicality may prevent prosecutors from using the confession as evidence.

Yahoo must face litigation by data breach victims: U.S. judge (Reuters) A U.S. judge said Yahoo must face nationwide litigation brought on behalf of well over 1 billion users who said their personal information was compromised in three massive data breaches.

James Comey started drafting statement exonerating Hillary Clinton before FBI interviewed her, aides (Washington Examiner) 'The FBI should be held to a higher standard than that, especially in a matter of such great public interest and controversy.'

Ice-cold Kaspersky shows the industry how to handle patent trolls (Register) AV company forces litigator to pay to drop its own case

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

cybergamut Tech Tuesday: The Scary Truth About Online Anonymity (Elkridge, Maryland, USA, September 5, 2017) In this presentation, Zuly Gonzalez of Light Point Security explores the various tools used for anonymous web browsing, the type of information that can be leaked during your online research to reveal...

SANS Network Security 2017 (Las Vegas, Nevada, USA, September 10 - 17, 2017) SANS is recognized around the world as the best place to develop the deep, hands-on cybersecurity skills most in need right now. SANS Network Security 2017 offers more than 45 information security courses...

Finovate Fall 2017 (New York, New York, USA, September 11 - 14, 2017) FinovateFall 2017 will begin with the traditional short-form, demo-only presentations that more than 20,000 attendees from 3,000+ companies have enjoyed for the past decade. After two days of Finovate’s...

Insider Threat Program Management With Legal Guidance Training Course (Laurel, Maryland, USA, September 12 - 13, 2017) Insider Threat Defense will hold a two-day training class, Insider Threat Program (ITP) Management With Legal Guidance (National Insider Threat Policy (NITP), NISPOM Conforming Change 2). For a limited...

PCI Security Standards Council: 2017 North America Community Meeting (Orlando, Florida, USA, September 12 - 14, 2017) Join your industry colleagues for three days of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment industry or showcase a new product, you’ll...

DSEI 2017 (London, England, UK, September 12 - 15, 2017) Defence and Security Equipment International (DSEI) is the world leading event that brings together the global defence and security sector to innovate and share knowledge. DSEI represents the entire supply...

8th Annual Billington CyberSecurity Summit (Washington, DC, USA, September 13, 2017) The 8th Annual Billington CyberSecurity Summit September 13 in Washington D.C. brings together world-class cybersecurity thought leaders for high-level information sharing, unparalleled networking and...

Cyber Security Summit: New York (New York, New York, USA, September 15, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: New York. Receive...

Cyber Security Conference for Executives (Baltimore, Maryland, USA, September 19, 2017) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 4th Annual Cyber Security Conference for Executives on Tuesday, September, 19. It will be held on...

4th Annual Industrial Control Cybersecurity Europe (London, England, UK, September 19 - 20, 2017) Against a backdrop of targeted Industrial Control System cyber attacks against energy firms in the Ukraine power industry, the massive attacks against the Norway oil and gas industry, cyber attacks on...

Cyber Everywhere: Collaboration, Integration, Automatio (Washington, DC, USA, September 20, 2017) We’ve seen all of the cyber headlines this year – new policies emerging, old policies evolving, the cyber workforce is multiplying, and rapidly growing connected devices are complicating governance. While...

10th Cyber Defence Summit (Dubai, UAE, September 20, 2017) Naseba’s 10th Cyber Defence Summit will address the importance of protecting critical infrastructure and sensitive information, help companies procure cyber security solutions and services, and create...

Maine Cyber Safety Institute (Waterville, Maine, USA, September 20 - 21, 2017) The Summit intends to help business protect themselves from possible losses. The Information Security Community, representing cyber professionals, found that 54% of anticipated cyberattacks against their...

2017 Washington, D.C. CISO Executive Leadership Summit (Washington, DC, USA, September 21, 2017) Highly interactive sessions will provide many opportunities for attendees, speakers and panelists to be engaged in both learning and discussion. The objective for the day is to deliver high quality useful...

Connect Security World (Marseille, France, September 25, 2017 - 27, 2014) As IoT solutions are transitioning from hype to real deployments, the “Internet of insecure things” threat is gaining ground. To address unlimited risks, threats and vulnerabilities surrounding IoT, a...

(ISC)2 Security Congress (Austin, Texas, USA, September 25 - 27, 2017) (ISC)² Security Congress cybersecurity conference brings together nearly 1,500 cybersecurity professionals, offers 100+ educational and thought-leadership sessions, and fosters collaboration with forward-thinking...

Connect Security World (Marseille, France, September 25 - 27, 2017) As IoT solutions are transitioning from hype to real deployments, the “Internet of insecure things” threat is gaining ground. To address unlimited risks, threats and vulnerabilities surrounding IoT, a...

SINET61 2017 (Sydney, Australia, September 26 - 27, 2017) Promoting cybersecurity on a global scale. SINET – Sydney provides a venue where international solution providers can engage with leaders of government, business and the investment community to advance...

O'Reilly Velocity Conference (New York, New York, USA, October 1 - 4, 2017) Learn how to manage, grow, and evolve your systems. If you're building and managing complex distributed systems and want to learn how to bake in resiliency, you need to be at Velocity.

24th International Computer Security Symposium and 9th SABSA World Congress (COSAC 2017) (Naas, County Kildare, Ireland, October 1 - 5, 2017) If you thought symposiums on information security and risk were all the same, look again! COSAC is an entirely different experience. Conceived by practising professionals for experienced professionals,...

Cybersecurity Nexus North America 2017 (CSX) (Washington, DC, USA, October 2 - 4, 2017) Be a part of a global conversation with professionals facing the same challenges as you at the nexus—where all things cyber security meet. Cyber security doesn’t take a vacation and it doesn’t sleep. You...

Atlanta Cyber Week (Atlanta, Georgia, USA, October 2 - 6, 2017) Atlanta Cyber Week is a public-private collaboration hosting multiple events during the first week of October that highlight the pillars of the region’s cybersecurity ecosystem and create an opportunity...

4th Annual Industrial Control Cyber Security USA Summit (Sacramento, California, USA, October 3 - 4, 2017) Against a backdrop of targeted Industrial Control System cyber attacks, such as those against energy firms in the Ukraine power industry, the massive attacks against the Norway oil and gas industry, cyber...

4th Annual Industrial Control Cyber Security Summit USA (Sacramento, California, USA, October 3 - 4, 2017) Against a backdrop of continued ICS targeted cyber attacks against energy firms in the Ukraine power industry (CRASHOVERRIDE), the massive attacks against the Norway oil and gas industry, cyber attacks...

CyberSecurity4Rail (Brussels, Belgium, October 4, 2017) Facilitated by Hit Rail, this conference will bring together experts in cybercrime and digital security, plus leaders in ICT and representatives from transport and railway companies, European organisations...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.