skip navigation

More signal. Less noise.

Do you know the best practices for applying threat intelligence?

Threat intelligence is one of the most talked about areas of information security today, but how do you actually use it? Learn best practices for applying threat intelligence with Recorded Future's latest white paper. Download your free copy now.

Daily briefing.

Chaos Computer Club white hats report finding vulnerabilities in voting software used in several German Länder. The Federal Republic's sixteen constituent states will hold elections on September 24th. Berlin has been preparing for Russian interference for a year.

Facebook's discovery that it had been selling ads to Russian catphish prompts a look by the New York Times and others at one prominent influence-operations tactic: the creation of fictitious personae in social media. These were evidently used to cast doubt on the integrity of US political institutions during the last election cycle. Disruption and mistrust were apparently more important than any particular balloting outcome.

The Equifax breach continues to strike observers as arguably the worst of its kind. Speculation about how the hackers got in centers on an Apache Struts vulnerability, although which one and how it may have been exploited remains unclear. State attorneys general and the plaintiff's bar are already queuing up legal action action against the credit bureau, as are the US Congress and any number of regulatory bodies. 

Equifax's stock price continues to drop. (So do the prices of its competitors, uninvolved in any breach.) The consensus advice experts are giving to those affected (pretty much anyone reading this) is to freeze their credit. The company's incident response, particularly its public communications, have been widely excoriated.

Kaspersky Lab remains in bad official US odor. It's also taken a hit in the consumer marketplace, as Best Buy announces it will no longer carry the Russian security company's products.

Notes.

Today's issue includes events affecting Australia, Canada, Germany, Malaysia, Russia, Uganda, United Kingdom, United Nations, United States.

A note to our readers: summaries of various aspects of the Equifax breach, including reaction and commentary from security industry veterans, may be found here. Coverage includes speculation about causes, notes on implications, and discussion of lessons learned.

Third party breaches are here to stay – here’s how to stop the threat.

Threat actors are always looking for the easiest, fastest, and most inexpensive way to get what they want – enter third party breaches. How can organizations prioritize their efforts to reduce third party risk? Learn more in a webinar with LookingGlass Cyber Solutions’ Senior Sales Engineer Ryan Curran on Thursday, September 14 @ 2pm ET. Ryan will discuss how to tell if your vendors are already compromised, and how to use threat intelligence for actionable intelligence on your vendors’ vulnerabilities. Sign up now.

In today's podcast we hear from our partners at Level 3 Communications, as Dale Drew shares some sobering statistics on attack trends.

EAGB Breakfast Series: Leading the Cyber Transformation (Baltimore, Maryland, USA, September 19, 2017) Join us to discuss how the Baltimore-Washington region’s ‘tech hub’ reputation has helped build a solid foundation in cyber activities. Our panelists will discuss the transformation that is underway on the commercial side of cyber.

Maryland Cyber Day Marketplace: Information. Connections. Solutions. (Baltimore, Maryland, USA, October 10, 2017) Register today to participate. Hundreds of cybersecurity providers and buyers in one location on one day. Maryland Cyber Day Marketplace provides the opportunity for CYBERSECURITY BUYERS (commercial businesses, government agencies, academic institutions and non-profit organizations of any size in any industry) to connect with, get to know and purchase cybersecurity solutions from Maryland's CYBERSECURITY PROVIDERS. The day will be a combination of face-to-face meetings, technology demos, brief educational sessions, "Ask an Expert" information stations, networking and a wrap-up luncheon with a keynote speaker. Presented with our program partner the Better Business Bureau of Greater Maryland.

Florida’s Annual Cybersecurity Conference (Tampa, Florida, USA, October 27, 2017) Networking the Future, the Florida Center for Cybersecurity's fourth annual conference, will host hundreds of technical and non-technical stakeholders from industry, government, the military, and academia to explore emerging threats, best practices, and the latest research and trends.

Dateline Intelligence and National Security Summit

The view from the National Security Council (The CyberWire) Tom Bossert (Assistant to the President for Homeland Security and Counterterrorism, National Security Council, Executive Office of the President) addressed the state of the Intelligence Community, recommended some directions he thought it might usefully take, and offered some thoughts on the nature of cyber deterrence.

The view from Congress (The CyberWire) The ranking members of the House and Senate Intelligence Committees shared their perspective on bipartisanship, trust, election hacking, and the future of the Intelligence Community.

Innovation and the Intelligence Community (The CyberWire) Technologists, venture capitalists, and Intelligence Community leaders share their thoughts on emerging technologies (especially artificial intelligence) and how you bring them into the Government market to serve the intelligence mission.

Countering the cyber threat to critical infrastructure (The CyberWire) An approach to protecting critical infrastructure, and the role intelligence plays in that protection. (And by "intelligence" the infrastructure operators don't necessarily mean just what the Intelligence Community can share with them.)

Technology Is a Wonderful Thing--For Terrorists (SIGNAL Magazine) A panel of security and counterterrorism experts shared insights into the ability of terrorist groups to use a variety of technologies to wield destruction around the world.

Anti-Terror Chiefs Want Social Media Help with 'Lone Wolves' (The Bull) As jihadist attacks are increasingly being carried out by home-grown "lone wolves," top counter-terror chiefs of four Western powers said Thursday they need more support from social media companies to detect potential threats.

Staying Ahead of the Threat (Federal Bureau of Investigation) During a meeting of intelligence and national security leaders, FBI Director Christopher Wray stressed the importance of partnerships and intelligence in staying ahead of evolving threats.

Security vs. Privacy: A Looming Showdown in Congress (SIGNAL Magazine) Intelligence officials call for foreign data collection reauthorization.

States Affected by Election Hacking Don't Know What the Feds Know (SIGNAL Magazine) Federal government officials cannot share information on Russian hacking because state officials lack the requisite clearances.

Hacking the human component of cyber readiness (FCW) The DOD knows information-sharing is key to being ready for the next big cyberattack. But attracting and retaining talent to facilitate it proves challenging.

Cyber Attacks, Threats, and Vulnerabilities

UNITEDRAKE and Hacking Under FISA Orders (Empty Wheel) As I noted yesterday, along with the encrypted files you have to pay for, on September 6, Shadow Brokers released the manual for an NSA tool called UNITEDRAKE

German Hackers Say Vote Software a Security 'Write-off' (Security Week) German IT security experts said Thursday that they had found "serious flaws" in the ballot software being used for the September 24 elections in which Chancellor Angela Merkel is seeking a fourth term.

The Fake Americans Russia Created to Influence the Election (New York Times) Posing as ordinary citizens on Facebook and building “warlists” of Twitter accounts, suspected Russian agents intervened last year in the American democratic process.

Gerakan leaders and coordinators told to use social media to win cyber war (NST Online) IPOH: Gerakan leaders and coordinators have been urged to utilise the social media to win the cyber war as part of their preparations to face the 14th general election.

16 years after 9/11: The state of the terrorist threat (CNN) Most attacks by jihadists in the US are by citizens or permanent residents who were inspired by ISIS but had no direct contact with the group, writes Peter Bergen.

Equifax’s Hacking Nightmare Gets Even Worse For Victims (Bloomberg) First one of the biggest hacks ever. Then a delay in revealing who was affected. Now consumers are infuriated about fine print that may bar lawsuits.

Web App vulnerability enables Equifax breach affecting up to 143m in US (SC Media UK) Cyber-criminals gained unauthorised access to Equifax files in a breach that could affect as many as 143 million consumers in the U.S.

The hackers who broke into Equifax exploited a flaw in open-source server software (Quartz) The credit reporting agency Equifax announced on Sept. 7 that hackers stole records containing personal information on up to 143 million American consumers.

The Apache® Software Foundation Issues Statement on Equifax Security Breach (Business Insider) The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, today issued the following statement regarding the Equifax security breach...

Security firm Mandiant said to be helping Equifax in hack aftermath (ZDNet) Equifax earlier on Thursday revealed a massive data breach of 143 million consumers.

Impact of Massive Equifax Breach Will Likely Ripple Into the Future (SurfWatch Labs, Inc.) On Thursday, the consumer credit reporting agency Equifax announced a massive data breach affecting 143 million U.S. consumers, and today several actors on the dark web and Twitter are claiming to …

Credit card fraud spikes after Equifax cyber-attack (New York Post) Thieves appear to have started using the data stolen in the gigantic Equifax cyber-heist, one expert said Friday. Credit card fraud unexpectedly spiked in August — and the expert said the jump was …

Is Equifax Data On The Dark Web? Not Yet, But It Will Be (International Business Times) Despite two noteworthy claims of attempts to sell stolen Equifax data, there is no evidence the hacked database is available yet—though experts warn it's inevitable.

Your social security number probably got leaked and that’s very, very bad (Popular Science) The Equifax hack exposed more than 100 million people to the worst kind of identity theft.

Equifax Inc. (EFX) Announces Significant Data Breach; -13.4% in After-Hours (Baird Equity Research) Significant data breach obviously a material negative, but -13.4% after-hours seems like over-reaction based on our understanding of events

Equifax: Panic Exits After-Hours (Seeking Alpha) Equifax joins the long list of recent massive data breaches. Panicked sellers gave away shares in a rush to exit after-hours. A reality check reveals Much Ado About Nothing.

Equifax Data Breach: Stock Price Falls as Criticism Mounts (Fortune) The market has its say.

Equifax mega-leak: Security wonks smack firm over breach notification plan (Register) A Wordpress site? Really?

Equifax Breach Response Turns Dumpster Fire (KrebsOnSecurity) I cannot recall a previous data breach in which the breached company’s public outreach and response has been so haphazard and ill-conceived as the one coming right now from big-three credit bureau Equifax, which rather clumsily announced Thursday that an intrusion jeopardized Social security numbers and other information on 143 million Americans.

Ten lessons from the Equifax breach (V3) 'Assume you are already hacked. At all times,' warns Carbon Black security strategist Rick McElroy,Security ,Equifax,security,Rick McElroy,data breach

We’re losing the confidence game (NY Daily News) Oops!

A Brief History Of Equifax Security Fails (Forbes) The leak of data on as many as 143 million Americans, announced by Equifax yesterday, was not the first rodeo for the credit monitoring and (irony alert) breach recovery firm. It's had problems protecting its customers' information dating back years.

Industry Reactions to Equifax Hack: Feedback Friday (Security Week) News broke on Thursday that U.S. credit reporting agency Equifax suffered a massive data breach that could impact as many as 143 million customers, including people in the U.K. and Canada.

Unpatched D-Link Router Vulnerabilities Disclosed (Security Week) A researcher has disclosed the details of several unpatched vulnerabilities affecting D-Link DIR-850L routers and mydlink cloud services.

Xafecopy Trojan: A Malware Which Steals Money Through Phones (Criticism News) Xafecopy Trojan: It is a malware identified by Kaspersky Lab in September 2017 which can steal money through mobiles, enters phones with useful applications

Syringe infusion pumps can be fiddled with by remote attackers (Help Net Security) Syringe infusion pumps vulnerabilities can be exploited by remote attackers and impact operations. The product is manufactured by Smiths Medical.

Navy Still Probing Possibility of Cyberattack in Ship Collisions (Defensetech) The service continues to investigate whether a deadly collision involving a destroyer in the Pacific was caused by a cyberattack. Read more.

The U.S. Oil Patch Has A Serious Cybersecurity Problem (OilPrice.com) Cybersecurity heavyweight Symantec has reported that the oil and gas industry has a serious problem that needs to be addressed

Dark Web Explained: Shining a Light on Dark Web Activity (Recorded Future) Stephen E. Arnold, the author of the “Dark Web Notebook" shares some little-known facts about the dark web as well as tips on how to safely explore it.

Apple suffers 'major iPhone X leak' (BBC News) The operating system of unreleased iPhones is leaked to two websites, revealing secret details.

Security Patches, Mitigations, and Software Updates

Patch your Android device to foil Toast Overlay attacks (Help Net Security) Overlay attacks are nothing new for Android users, and Palo Alto Networks Unit 42 researchers have found yet another way for attackers to perpetrate them.

Security update for the Linux Kernel (important) (Vulners) The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.

Security update for xen (important) (Vulners) This update for xen to version 4.7.3 fixes several issues.

Google Chrome to warn users when application tries to hijack internet connection (Computing) Users will be alerted when a 'man-in-the-middle' attack is attempted

Cyber Trends

The False Prophecy of Hyperconnection (Foreign Affairs) Network theory, too often overlooked, reveals that the connections that increasingly rule the world are not as benign as advertised.

Defy Gravity and Rise Above the Bias of Belief (SecurityInfoWatch.com) Physical security industry needs to take its cues from IT side

Marketplace

Best Buy Stops Selling Security Software Made by Russian Firm (Apps for PC Daily) U.S. electronics retailer Best Buy has stopped selling products by leading computer security firm Kaspersky Lab amid concerns the company has links to Russian intelligence, the two companies confirmed Friday.

Despite making peace with Microsoft storm clouds continue to gather for Kaspersky (MSPoweruser) Last year Kaspersky was at the giving and receiving end of two very different government complaints…

Insurers increasingly concerned about silent cyber exposure (Help Net Security) Around half of industry practitioners see the risk of silent cyber exposure, as growing over the coming year, according to Willis Re.

Cyber tops reinsurers’ concerns for first time (Intelligent Insurer) Cyber risk has topped the list of concerns for reinsurers for the first time, reflecting the anxieties around underwriting a risk that’s constantly changing and the rising threat to reinsurers themselves, according to a new report by PwC.

TransUnion, Experian shares not immune to Equifax hack news (The Times of India) BUZZ-TransUnion, Experian shares not immune to Equifax hack news:BUZZ-TransUnion, Experian shares not immune to Equifax hack news

Equifax hack lifts cybersecurity stocks (TheStreet) Shares of the huge credit reporting agency plunged, but cybersecurity stocks rallied.

Sandvine shareholders approve sale to U.S. firm (The Record) Sandvine Corporation shareholders have overwhelmingly approved the sale of the Waterloo tech company to an American private equity firm.

Cloudera acquires artificial intelligence firm (Computer Business Review) Cloudera’s facing stiff competition in the big data Hadoop market, with Hortonworks piling on the pressure with collaboration deals with IBM.

Rhino Raises $1.94 Million Seed Round to Launch the First Smart Alternative to Security Deposits for Renters and Landlords (BusinessWire) Rhino Raises $1.94 Million Seed Round to Launch the First Smart Alternative to Security Deposits for Renters and Landlords

Recent IPO That Is Still Under The Radar (NASDAQ) Last night Okta ( OKTA) reported earnings for just the second time in company history.

For this company, online surveillance leads to profit in Washington’s suburbs (Washington Post) Babel Street helped the Pentagon track trouble online. Then the private sector took notice.

Computer Security Firm CounterFlow AI, Inc., Starts Up in Crozet (Crozet Gazette) Randy Caldejon of Crozet and Peter Shaw, his partner in founding nPulse Technologies, have formed a new company that will use machine learning, also called artificial intelligence, to help protect computer networks from intruders.

ViaSat wins wearable network cyber contract (C4ISRNET) The company's ViaSat Mobile Dynamic Defense cybersecurity software will protect Tactical Local Area Network Field Computing Device - Wearable platforms.

Samsung offers up to $200,000 for bugs in its devices, services (Help Net Security) South Korean giant Samsung Electronics is now offering bounties for reported bugs in its mobile devices, software and services.

IBM offers free cyber security training to military veterans (BetaNews) We've seen quite a bit recently about the difficulties of recruiting cyber security personnel, and how the skills needed for the role have changed.

Products, Services, and Solutions

New infosec products of the week​: September 8, 2017 (Help Net Security) Vectra introduces attack campaign detection and prediction Vectra is advancing automated threat hunting with the introduction of Attack Campaigns. The Vect

Trustonic Completes FIPS 140-2 Certification (Trustonic) Certified cryptographic library enables service providers to secure applications on devices in line with world-leading security standard

Orfox app brings Tor’s security slider to Android (Naked Security) Adding a slider means users can dial up the privacy settings without having to dig into the settings, making security that much easier – and better

Iron Bow Technologies Completes SOC 2 Type 1 Certification for Call Center Services (BusinessWire) Iron Bow Technologies, an IT services provider that serves commercial, healthcare and government customers, today announced that it has successfully c

Technologies, Techniques, and Standards

Why patch management to protect against ransomware is easier said than done (IT Pro Portal) You can’t secure what you can’t see.

How I Learned to Stop Worrying and Embrace the Security Freeze (KrebsOnSecurity) If you’ve been paying attention in recent years, you might have noticed that just about everyone is losing your personal data.

The Equifax Breach: Former White House CIO Believes Marketers Need To Be Engaged In Cybersecurity (Forbes) From the Target breach to the Sony intrusion to the recent WannaCry global ransomware attack, the frequency and scale of cyberattacks is increasing.

The DNC Begins Cybersecurity Effort To Try To Make Sure 2016 Doesn’t Happen Again (BuzzFeed) Phishing drills, top Silicon Valley hires, constant cybersecurity education, emails in the cloud, Tom Perez on Signal, and end-to-end encryption apps like Wickr, which the rest of the Democratic party

Democrats Are Ramping Up Cybersecurity. But They're Still Not Encrypting Their Emails. (BuzzFeed) The DNC's new CTO hopes to usher in a more secure party after 2016's hacks. But email encryption is low on his list of priorities.

Nobody But Us: The Rise and Fall of the Golden Age of Signals Intelligence (Lawfare) Ben Buchanan's new Aegis paper examines how the NOBUS approach works, its limits, and what comes next.

Design and Innovation

In an engineering paper, bunnie Huang and Ed Snowden describe a malware-resistant hardware Iphone privacy overlay (BoingBoing) In July 2016, Andrew "bunnie" Huang and Edward Snowden presented their research on journalist-friendly mobile surveillance resistance at the first MIT Media Lab Forbidden Research conference; a little over a year later, they have published an extensive scholarly paper laying out the problems of detecting and interdicting malware in a mobile device

AT&T, Sprint, T-Mobile and Verizon Team to Develop Mobile Authentication Solution (AT&T) Mobile users are faced with the challenge of managing dozens of difficult-to-remember passwords for many applications. Even with the best user practices, hackers can social engineer passwords from users, leaving consumers and enterprises vulnerable to identity theft, bank fraud, fraudulent purchases and data theft.

Before trying robot judges, let's learn from robot referees (Popular Science) Automated rulings in sports can help inform the development of criminal justice tech.

Ugandan Government Obtains Mysterious, South Korean-Built Anti-P0rn Machine (TechDirt) At long last, Uganda's anti-p0rn "machine" has arrived.

Research and Development

Researchers turn to the universe in the name of quantum cryptography (Tech News | The Star Online) Researchers in Germany are looking to route sensitive information through space as a way of encrypting it in light of advances made in quantum computing that could threaten critical infrastructures.

Industry explores cyber defense specific to Navy ships at sea (Defense Systems) As an investigation into the collision involving the Navy’s USS John McCain moves forward, industry innovators have sharpened their focus on technologies designed to secure ships from cyberattack.

DHS awards $8.6 million in mobile cybersecurity grants (Inside Cybersecurity) The Department of Homeland Security’s Science and Technology Directorate has awarded five research and development grants for projects to enhance mobile application security for the federal government.

NSF Funds Project to Enhance Cybersecurity of Electronic Circuits (University of Arkansas News) Jia Di, professor of computer science and computer engineering, has received $349,551 from the National Science Foundation to support his research into security issues in computing hardware.

Academia

Students seen as increasingly capable of school hackings (EdScoop) Americans believe it would be "easy" for over half of high school and college students to carry out a cyberattack on schools and colleges, a recent Radware survey found.

Legislation, Policy, and Regulation

Give (cyber) peace a chance (Policy Forum) The recent collapse of United Nations negotiations on cyberwarfare should worry everyone concerned with preventing the next world war, Dan Svantesson writes.

Artificial Intelligence Fuels New Global Arms Race (WIRED) Russia, China, US rush to weaponize artificial intelligence.

Markets, GPS could be first to go in the event of global cyber conflict (TheHill) OPINION | In its effort to respond to the North Korean nuclear threat, America would do well to remember the havoc a cyberattack could cause.

The Islamic State’s Foreign Policy (Modern Diplomacy) The ideology of the so-called Islamic State of Iraq and the Levant (ISIL) that conquered substantial parts of Syria and Iraq has been described as based on Salafi-jihadism.

India’s Need to Guard Its Cyberspace (Siliconeer) The Silicon Valley - India Connection

Tensions with North Korea present a test for key US cyber program (Washington Examiner) The possibility that cyber aggression with North Korea raises the question of how well a centerpiece of U.S. cybersecurity policy is actuall...

Equifax Data Breach Prompts Calls For Tougher Security Requirements On Data Aggregators (Dark Reading) Credit report bureau discloses breach that exposed data on 143 million US consumers.

Report: How federal agencies can improve data security, decision-making (Federal Times) The Commission on Evidence-Based Policymaking has unveiled its comprehensive final report, offering federal agencies recommendations for data security, privacy and service.

National Infrastructure Advisory Council (NIAC) Contains No Recognizable Cybersecurity Luminaries (Security Week) In August, eight out of 28 members of President Trump's National Infrastructure Advisory Council (NIAC) resigned -- seven en masse on the day before publication of the council's draft report 'Addressing Urgent Cyber Threats to Critical Infrastructure', and an eighth at the end of the same week.

Moving cyber security centre from ASIO building creates opportunity: adviser (Canberra Times) Relocating the Australian Cyber Security Centre will boost knowledge sharing, adviser says.

Litigation, Investigation, and Law Enforcement

Lieu Calls for Investigation into Equifax Breach (Meritalk) After the credit monitoring company Equifax announced that it had detected a data breach affecting potentially 143 million U.S. consumers, Rep. Ted Lieu, D-Calif., is calling for a House Judiciary Committee hearing to investigate the breach.

One Thing Government Agrees on: Equifax Deserves a Grilling (Bloomberg) Equifax Inc. faces multiple state and federal investigations, and congressional grillings, over its disclosure that the personal consumer data of more than 140 million Americans may have been compromised in a cyberattack.

Here comes the class action lawsuit after Equifax’s massive hack (TechCrunch) Yesterday, Equifax announced that a hacker obtained information about 143 million consumers. This data included Social Security numbers, birth dates,..

Mueller Is Right to Follow the Money (Foreign Policy) Ignoring financial evidence would severely hamstring most federal criminal investigations.

Five major revelations from Congress's Russia probes (TheHill) A new wrinkle emerged in the congressional investigations into Russian election interference this week as Facebook found evidence that it had sold political ads to fake Russian accounts in the lead up to the 2016 vote.

Media Obsession with Fake Russia Scandal a ‘Historic Con Job’ - GOP Congressman (Sputnik) Washington’s new rule of thumb is ‘When something goes wrong, blame the Russians.’

Another 'Cracka' sentenced for hacking feds' personal accounts (Fifth Domain) Liverman hacked into government databases to obtain personal details that could be used to harass them. More than 10 people were victimized, causing at least $1.5 million in damage.

Feds indict Buster Hernandez on 26 counts in 'Brian Kil' cyber threats case (RTV6) Buster Hernandez, the man accused of terrorizing juvenile victims across the country under the online moniker “Brian Kil,” was formally indicted Thursday on 26 federal charges in U.S. district court.

Just Say No To Verizon's New Discriminatory Behavioral Advertising Program (Shear on Social Media & Technology) According to The Wall Street Journal, Verizon Communications has a new rewards program, Verizon Up, that provides credits that wireless subscribers can use for concert [...]

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Plan B Tech S3: Security Solutions Summit (National Harbor, Maryland, USA, October 13, 2017) Join Plan B Technologies, Inc. on Friday, the 13th of October for this highly anticipated half-day security seminar! Hear the latest cybersecurity research, stats, and insights from IDC Program Director...

Upcoming Events

Finovate Fall 2017 (New York, New York, USA, September 11 - 14, 2017) FinovateFall 2017 will begin with the traditional short-form, demo-only presentations that more than 20,000 attendees from 3,000+ companies have enjoyed for the past decade. After two days of Finovate’s...

Insider Threat Program Management With Legal Guidance Training Course (Laurel, Maryland, USA, September 12 - 13, 2017) Insider Threat Defense will hold a two-day training class, Insider Threat Program (ITP) Management With Legal Guidance (National Insider Threat Policy (NITP), NISPOM Conforming Change 2). For a limited...

PCI Security Standards Council: 2017 North America Community Meeting (Orlando, Florida, USA, September 12 - 14, 2017) Join your industry colleagues for three days of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment industry or showcase a new product, you’ll...

DSEI 2017 (London, England, UK, September 12 - 15, 2017) Defence and Security Equipment International (DSEI) is the world leading event that brings together the global defence and security sector to innovate and share knowledge. DSEI represents the entire supply...

8th Annual Billington CyberSecurity Summit (Washington, DC, USA, September 13, 2017) The 8th Annual Billington CyberSecurity Summit September 13 in Washington D.C. brings together world-class cybersecurity thought leaders for high-level information sharing, unparalleled networking and...

Cyber Security Summit: New York (New York, New York, USA, September 15, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: New York. Receive...

Cyber Security Conference for Executives (Baltimore, Maryland, USA, September 19, 2017) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 4th Annual Cyber Security Conference for Executives on Tuesday, September, 19. It will be held on...

4th Annual Industrial Control Cybersecurity Europe (London, England, UK, September 19 - 20, 2017) Against a backdrop of targeted Industrial Control System cyber attacks against energy firms in the Ukraine power industry, the massive attacks against the Norway oil and gas industry, cyber attacks on...

Cyber Everywhere: Collaboration, Integration, Automatio (Washington, DC, USA, September 20, 2017) We’ve seen all of the cyber headlines this year – new policies emerging, old policies evolving, the cyber workforce is multiplying, and rapidly growing connected devices are complicating governance. While...

10th Cyber Defence Summit (Dubai, UAE, September 20, 2017) Naseba’s 10th Cyber Defence Summit will address the importance of protecting critical infrastructure and sensitive information, help companies procure cyber security solutions and services, and create...

Maine Cyber Safety Institute (Waterville, Maine, USA, September 20 - 21, 2017) The Summit intends to help business protect themselves from possible losses. The Information Security Community, representing cyber professionals, found that 54% of anticipated cyberattacks against their...

2017 Washington, D.C. CISO Executive Leadership Summit (Washington, DC, USA, September 21, 2017) Highly interactive sessions will provide many opportunities for attendees, speakers and panelists to be engaged in both learning and discussion. The objective for the day is to deliver high quality useful...

Connect Security World (Marseille, France, September 25, 2017 - 27, 2014) As IoT solutions are transitioning from hype to real deployments, the “Internet of insecure things” threat is gaining ground. To address unlimited risks, threats and vulnerabilities surrounding IoT, a...

(ISC)2 Security Congress (Austin, Texas, USA, September 25 - 27, 2017) (ISC)² Security Congress cybersecurity conference brings together nearly 1,500 cybersecurity professionals, offers 100+ educational and thought-leadership sessions, and fosters collaboration with forward-thinking...

Connect Security World (Marseille, France, September 25 - 27, 2017) As IoT solutions are transitioning from hype to real deployments, the “Internet of insecure things” threat is gaining ground. To address unlimited risks, threats and vulnerabilities surrounding IoT, a...

SINET61 2017 (Sydney, Australia, September 26 - 27, 2017) Promoting cybersecurity on a global scale. SINET – Sydney provides a venue where international solution providers can engage with leaders of government, business and the investment community to advance...

O'Reilly Velocity Conference (New York, New York, USA, October 1 - 4, 2017) Learn how to manage, grow, and evolve your systems. If you're building and managing complex distributed systems and want to learn how to bake in resiliency, you need to be at Velocity.

24th International Computer Security Symposium and 9th SABSA World Congress (COSAC 2017) (Naas, County Kildare, Ireland, October 1 - 5, 2017) If you thought symposiums on information security and risk were all the same, look again! COSAC is an entirely different experience. Conceived by practising professionals for experienced professionals,...

Cybersecurity Nexus North America 2017 (CSX) (Washington, DC, USA, October 2 - 4, 2017) Be a part of a global conversation with professionals facing the same challenges as you at the nexus—where all things cyber security meet. Cyber security doesn’t take a vacation and it doesn’t sleep. You...

Atlanta Cyber Week (Atlanta, Georgia, USA, October 2 - 6, 2017) Atlanta Cyber Week is a public-private collaboration hosting multiple events during the first week of October that highlight the pillars of the region’s cybersecurity ecosystem and create an opportunity...

4th Annual Industrial Control Cyber Security USA Summit (Sacramento, California, USA, October 3 - 4, 2017) Against a backdrop of targeted Industrial Control System cyber attacks, such as those against energy firms in the Ukraine power industry, the massive attacks against the Norway oil and gas industry, cyber...

4th Annual Industrial Control Cyber Security Summit USA (Sacramento, California, USA, October 3 - 4, 2017) Against a backdrop of continued ICS targeted cyber attacks against energy firms in the Ukraine power industry (CRASHOVERRIDE), the massive attacks against the Norway oil and gas industry, cyber attacks...

CyberSecurity4Rail (Brussels, Belgium, October 4, 2017) Facilitated by Hit Rail, this conference will bring together experts in cybercrime and digital security, plus leaders in ICT and representatives from transport and railway companies, European organisations...

Infosecurity North America (Boston, Massachusetts, USA, October 4 - 5, 2017) Organized by Infosecurity Group, which has provided the global information security community with some of the largest, longest established conferences and expos over the past 22 years including Infosecurity...

Hacker Halted (Atlanta, Georgia, USA, October 9 - 10, 2017) The theme for Hacker Halted 2017 is The Art of Cyber War: Lessons from Sun Tzu. 2,500 years ago, Sun Tzu wrote 13 chapters on military strategy. Fast forward to today and we are still learning from those...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.