skip navigation

More signal. Less noise.

Do you know the best practices for applying threat intelligence?

Threat intelligence is one of the most talked about areas of information security today, but how do you actually use it? Learn best practices for applying threat intelligence with Recorded Future's latest white paper. Download your free copy now.

Daily briefing.

Here's something out of the ordinary: WikiLeaks has posted documents purporting to describe the Russian state surveillance apparatus and some of its operations. This dump has received a very mixed reception: WikiLeaks has looked to many observers like a Russian cat's paw, so why this dump, now? Some read it as a refutation of the Russian connection. Many others see it as dragging a red herring across the path that leads back to Moscow.

Some lessons on how wage information operations come from Ukraine, as Germany continues to look for the signs of Russian activity they've long expected as they prepare for Sunday's elections. 

In other news on state-sponsored cyber operations, North Korean cryptocurrency raids draw more attention. Chinese intelligence services are being considered possible suspects in the cyber attacks against Scotland's parliament. And from the company's perch in Mountain View, California, a senior Google executive says they think of the US NSA as a nation-state threat actor.

The compromise of Avast's CCleaner with a backdoor prompts discussion and concerns about software supply chains.

It seems clearer that Equifax was aware of the Apache Struts vulnerability and the patch was available for the bug. The credit bureau is seen by some as finally getting a handle on its messaging, but the breach is drawing more law suits.

In industry news, Mantech has bought InfoZen for $180 million. Threat Stack has raised a $45 million investment. And the US Senate attached an amendment to the Defense Authorization bill banning Kaspersky products.

Notes.

Today's issue includes events affecting China, Germany, Japan, Russia, Singapore, Ukraine, United Kingdom, United States.

Worried About Third Party Data Breaches?

We all know the consequences of a third party data breach; one vulnerability can cost your organization millions. But do you know what security measures to implement to successfully reduce your attack surface and prevent third party risk? Learn how in LookingGlass Cyber Solutions' webinar featuring VP of Intelligence Operations Eric Olson and Forrester Senior Analyst Nick Hayes on Wednesday, October 18, 1:30pm ET. Sign up now.

In today's podcast, we talk with our partners at Lancaster University, as Awais Rashid explains why security is the responsibility of everyone in an organization, not just the IT folks. Our guest, Mike Kail from Cybric, takes us through the DevSecOps trend.

And be sure to listen to Recorded Future's latest podcast, produced in partnership with the CyberWire. It's a conversation with BT about the challenges of protecting a global telecommunications company.

Earn a master’s degree in cybersecurity from SANS (Online, September 28, 2017) Earn a master’s degree in cybersecurity from SANS, the world leader in information security training. Learn more at a free online information session on Thursday, September 28th, at 12:00 pm (noon) ET. For complete information on master’s degree and graduate certificate programs, visit www.sans.edu.

3rd European Cybersecurity Forum – CYBERSEC (Krakow, Poland, October 9 - 10, 2017) CYBERSEC is a unique Europe-wide, annual public policy conference dedicated to strategic aspects of cybersecurity. Conference’s mission is to foster the building of a Europe-wide cybsersecurity system and create a dedicated collaborative platform for governments, international organisations, and key private-sector organisations.

CyberMaryland Job Fair, October 11, Baltimore visit ClearedJobs.Net or CyberSecJobs.com for details. (Baltimore, Maryland, USA, October 11, 2017) Cleared and non-cleared cybersecurity pros make your next career move at the CyberMaryland Job Fair, October 11 in Baltimore. Meet leading cyber employers including Delta Risk, Choice Hotels, Lockheed Martin, the NSA and more. Visit ClearedJobs.Net or CyberSecJobs.com for info.

Florida’s Annual Cybersecurity Conference (Tampa, Florida, USA, October 27, 2017) Networking the Future, the Florida Center for Cybersecurity's fourth annual conference, will host hundreds of technical and non-technical stakeholders from industry, government, the military, and academia to explore emerging threats, best practices, and the latest research and trends.

The International Information Sharing Conference on October 31 and November 1 in Washington, D.C. (Washington, DC, USA, October 31 - November 1, 2017) Join us for the inaugural International Information Sharing Conference hosted by the ISAO SO. This two-day event, a first of its kind, will convene practitioners from small businesses to multi-national corporations and from information sharing newcomers to well-established cybersecurity organizations.

Cyber Attacks, Threats, and Vulnerabilities

Wikileaks releases documents it claims detail Russia mass surveillance apparatus (TechCrunch) Wikileaks has released a new cache of documents which it claims detail surveillance apparatus used by the Russian state to spy on Internet and mobile users...

Was China Behind the Recent Holyrood Cyber Attack? (Digit) China has been accused by senior Holyrood figures of being behind the recent 'brute force' cyber attack on the Scottish Parliament. 

North Korea's nefarious links to cryptocurrency theft (Security Brief) North Korean state-sponsored actors may be behind campaigns to steal virtual currencies in order to fund the state’s activities.

'Mother' Merkel, who knows how to deal with Russian hacking, set to win German elections (Philly.com) In "Mutti" Merkel, Germany has a leader who can handle Putin and his shenanigans, and is set to win a fourth term.

As Germans prepare to vote, a mystery grows: Where are the Russians? (Washington Post) The country braced for leaks, bots and disinformation. But evidence of meddling has been scant.

How to Wage an Information War (VOA) West needs to avoid losing credibility as it counters Russian disinformation, says former Ukrainian minister, and not trade propaganda for propaganda

Information Warfare: Russia’s “Active Measures.” (Global Security Review) Conceptually, Information warfare is by no means a new concept. However, the broad reach of social media has created an entirely new and highly effective avenue for Russian ‘active measures’ to penetrate into and influence the minds of the American public.

A Google security chief considers the NSA a state-sponsored threat (TechCrunch) Today at TechCrunch Disrupt SF 2017 Google's Manager of Information Security Heather Adkins sat down for a fireside chat. Among the varying topics discussed,..

Equifax - UK impact 'minimal', Argentina hit, execs quit, Co culpable (SC Media UK) In contradictory reports, Equifax Ltd (UK) issued a statement on Friday confirming that UK systems are not affected but some data is

Heads roll, as it's revealed Equifax's IT team knew about web app vulnerability (Graham Cluley) Patches should have been in place, but Equifax's music-loving CSO has been unfairly vilified.

Equifax Exec Departures Raise Questions About Responsibility for Breach (Dark Reading) Disclosed details suggest a failure by the technology team but senior executives and the board are not above responsibility as well, experts say.

Is Equifax starting to get a grip? (Enterprise Times) Is Equifax finally getting a grip as it looks to deal with its data breach, other security incidents and senior officers with poor security awareness 

Misleading headlines about Equifax's *earlier* hack (Graham Cluley) Woah! Calm down media. Equifax *did* go public about the earlier incident, and it was reported in the security press.

Equifax Victim? Now What? (Inside Indiana Business) I'm frustrated and mad! I do everything I can to protect my personal information by changing passwords and keeping them secure. Then a major bank, insurance company or credit agency gets hacked! An...

Three Lessons IBM i Shops Can Learn From The Equifax Hack (IT Jungle) The recent Equifax data breach exposed extremely sensitive data of 143 million consumers, putting more than half of Americans at risk. While an IBM i server was likely not involved here, Equifax’s actions – and more importantly, its inactions – can teach IBM i shops something about data security. Just when you thought the string

Red Alert 2.0: New Android Banking Trojan for Sale on Hacking Forums (StormInfoSec) The Recent discoveries of dangerous variants of the Android banking Trojan families, including Faketoken, Svpeng, and BankBot, present a significant threat to online users who may have their login …

Hackers hid malware on CCleaner for a month: Over 2 million infected (CSO Online) The 32-bit version of CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 were infected with malware. Affected systems need to be restored to a state before Aug. 15, 2017.

Hackers compromised free CCleaner software, Avast's Piriform says (Reuters) Hackers broke into British company Piriform Ltd's free software that optimizes computer performance last month, potentially allowing them to control the devices of millions of users, the company and independent researchers said on Monday.

Software Has a Serious Supply-Chain Security Problem (WIRED) Hackers have targeted software's supply chain in three high profile attacks discovered over the summer.

Attackers Use Undocumented MS Office Feature to Leak System Profile Data (Threatpost) An undocumented Microsoft Office feature allows for spying via specially crafted Word documents—no macros, exploits or any other active content needed.

Locky Ransomware Pushed Alongside FakeGlobe in Upgraded Spam Campaigns (TrendLabs Threat Intelligence Blog) In the beginning of September, a sizeable spam campaign was detected distributing the latest Locky variant.

Pirate Bay Spotted Hosting Monero Cryptocurrency Miner (Threatpost) A cryptocurrency miner surfaced on The Pirate Bay for a day over the weekend.

IBM: Crypto-Mining Attacks Increased Six-Fold in 2017 (Infosecurity Magazine) IBM: Crypto-Mining Attacks Increased Six-Fold in 2017. Vulnerable enterprise servers increasingly targeted

Report: Government among most targeted for web application attacks (Fifth Domain) At 1,184 average attacks per day, government followed only the IT sector (1,346) as the most targeted industry for web application attacks.

Quantum Computing – Risk for Cryptography And Bitcoin? (LeapRate) Quantum computing may be the next big thing. The concept of quantum computing comes from the fact that unlike the...

Infosec weakest links: Negligent employees and poor password policies (Help Net Security) 54% of respondents to a Ponemon Institute study that involved 1,000 IT professionals said negligent employees were the root cause of a data breach.

Security Patches, Mitigations, and Software Updates

‘NBA 2K18’ gets emergency patch to fix data-wiping Xbox One bug (Engadget) 'NBA 2K18' gets an emergency patch to fix a data-deleting bug for Xbox One users hours before the game officially launches.

Cyber Trends

The future of advertising is AI or die (VentureBeat) In today's consumer market, every company needs to be a tech company, and retailers are no exception. Giants like Amazon, Walmart, and Alibaba are racing to redefine the retail experience. They're quickly proving that advancements in both brick-and-mortar and ecommerce capabilities are needed. The problem is, many retailers haven’t implemented the technology necessary to compete. I hear a lot of buzzwords in the tech startup field, but the term that seems to be thrown around most frequently of late is "artificial intelligence."

Marketplace

Worldwide security appliance revenue increased to $3 billion (Help Net Security) Worldwide security appliance revenue increased 9.2% year over year to $3 billion and shipments grew 7.0% year over year to 706,186 units.

U.S. Senate votes to oust Russian security software vendor Kaspersky from federal use (TechCrunch) Following a directive from the Department of Homeland Security last week banning the use of Kaspersky Lab security software in the executive branch, the U.S...

Threat Stack snares $45 million investment as spotlight shines brightly on security (TechCrunch) Threat Stack, the Boston-based security startup that helps companies stay protected in the cloud, reeled in a $45 million investment today. It seems that they..

ManTech International snaps up InfoZen in $180M ‘perfect storm’ (Washington Business Journal) ManTech International Corp. is acquiring InfoZen for $180 million in cash in a deal that brings together two government technology contractors with an eye on the IT modernization business.

$50m deal to keep government websites going in a cyber attack (The Straits Times) Singtel and StarHub are among six firms that have won a multimillion-dollar bulk tender as Singapore further tightens its defence against sophisticated attacks that aim to disable government websites.. Read more at straitstimes.com.

Put Silicon Valley in D.C. With a Cyber Workforce Incubator (Lawfare) It is no secret that Silicon Valley and Washington have dramatically different workplace cultures and attitudes toward risk and technology. In the valley, savvy entrepreneurs look to disrupt the status quo. Meanwhile in Washington, many of our elected representatives and government personnel are stuck decades in the digital past, forced to use equipment that would be better housed in a museum

Former U.S. Department of Defense Special Agent and InfoSec Leader Joins BakerHostetler's Globally Ranked Privacy and Data Protection Team (Baker Hostetler) Former state and federal law enforcement officer Andreas Kaltsounis brings more than 18 years of high-profile government and private consulting experience

Products, Services, and Solutions

Aruba Unveils Security Framework (IT Business Edge) The primary point of any cybersecurity attack is usually an endpoint that in one way or another has been comprised by malware. Aruba, a unit of Hewlett-Packard Enterprise, today announced it has developed a security framework for networks designed to thwart such attacks.

Technologies, Techniques, and Standards

Protecting a Global Telecommunications Company (Recorded Future) Learn about the challenges BT faces when it comes to protecting itself and its clients and the affect upcoming GDPR regulations may have on the company.

Four Key Takeaways from GlobalPlatform’s TEE Seminar (Trustonic) After a busy day hearing from the industry’s trusted execution environment (TEE) experts at GlobalPlatform’s TEE Seminar in Beijing, I’m back to business as usual. Amid the varied use cases, new deployments and vast potential for the TEE to provide security for digital services and devices, there were several stand-out themes and important takeaways for organisations involved in delivering digital services.

Addressing security concerns around connected ecosystems (Help Net Security) The convergence of IoT applications with emerging technologies could help address current security concerns around connected ecosystems.

How Can Data Forensics Help The Fight Against Malware? (Infosecurity Magazine) IT teams need better intelligence, that insight can come from remediation in the form of network forensics.

Cybersecurity training programs your employees won't hate (CSO Online) Training providers offer unique twists to help engage employees on security awareness education and make the process less painful.

Design and Innovation

How Encryption Will Survive the Crypto-Apocalypse (Motherboard) Quantum computing poses a mortal threat to computer security as we know it.

Research and Development

Can the US Military Re-Invent the Microchip for the AI Era? (Defense One) As conventional microchip design reaches its limits, DARPA is pouring money into the specialty chips that might power tomorrow’s autonomous machines.

Embedded security for IoT lies in the chip (IoT Agenda) Embedded security for IoT gives connected devices the smarts they need to recognize rogue data or instructions before they execute.

Toshiba speeds quantum key beyond 10 Mb/s (Optics) Engineers at the Japanese firm push single-photon encryption method with new high-speed detectors.

New Analysis Suggests That Commercial Quantum Computers Are Kinda Slow (Motherboard) D-Wave's quantum annealers face a fundamental limitation when it comes to scaling: temperature.

Academia

Missoula College gains national recognition for cyber defense education (KECI) Missoula College is now the first and only higher education institution in Montana to be designated as a National Center of Academic Excellence in Cyber Defense.

Legislation, Policy, and Regulation

Singapore’s Cybersecurity Bill delayed to 2018 (Channel NewsAsia) The Government has extended the public consultation period in response to the interest in the formulation of the Bill, says Minister for Communications and Information Yaacob Ibrahim.

ISI to have more civilians at the top (Dawn) PM approves three new DG posts in grade 21, seven deputy director slots in grade 20.

NY Proposes Regulating Credit Reporting Agencies (New York Law Journal) Following the massive security breach at Equifax Inc. disclosed earlier this month, New York Gov. Andrew Cuomo on Monday proposed new regulations that would ...

DOJ lets itself off the privacy hook (Naked Security) The Department of Justice has excused its insider threat database from multiple provisions of the 1974 Privacy Act

National Guard could be America's next cyber defenders (Washington Examiner) A bill would make Air and Army National Guard members part of the cybersecurity civil support teams to aid states.

Litigation, Investigation, and Law Enforcement

US government wiretapped Trump campaign chair (CNN) US investigators wiretapped former Trump campaign chairman Paul Manafort under secret court orders before and after the election, sources tell CNN.

John Podesta meets Senate investigators involved in Russia probe (POLITICO) Podesta was seen leaving the secure Intelligence Committee spaces on Monday afternoon.

U.K. police make second arrest in London subway attack case (NBC News) The 21-year-old was arrested in Hounslow in West London just before midnight Saturday, the Metropolitan police said in a statement Sunday.

May: Not 'helpful' for Trump to speculate on London attack (POLITICO) Britain's prime minister was dubious of the president's speculation.

Preventing terrorism: What powers do German security forces have? (Deutsche Welle) In the wake of deadly attacks in Germany and across Europe, the federal government has boosted its security and anti-terror laws. DW looks at the powers German authorities have at their disposal to combat terrorism.

Investors Jumping Into Legal Fray Over Equifax Data Breach (New York Law Journal) Among the lawsuits piling up against Equifax Inc. stemming from the massive data breach that put approximately 143 million consumers' data at risk are propos...

Equifax Hit with Lawsuit (Dark Reading) Victims living or doing business in Florida can send a certified letter to seek relief and still remain in compliance with the state's credit laws, attorney says.

Equifax Executives' Stock Sales Raise 'Fundamental Questions' Tied to Breach (National Law Journal) Equifax Inc. has maintained that three executives were unaware of a massive data breach when they made stock trades on Aug. 1-worth more than $1 millio...

Browser Beware: Second Circuit Sizes Up 'Reasonable Smartphone User' in Uber Dispute (New York Law Journal) In the summer of 2017, over 20,000 people in the United Kingdom agreed to perform unpaid community service—tasks such as picking up animal waste from local parks, cleaning portable toilets, providing hugs to stray cats and dogs, and painting snail shells.

Interview with Edward Snowden: 'There Is Still Hope - Even for Me' (Spiegel) In an interview, whistleblower Edward Snowden discusses his life in Russia, the power of the intelligence apparatuses and how he will continue his battle against all-encompassing surveillance by governments.

Justice official: Feds have expanding role in fighting abusive cybercrime (Fifth Domain) Acting Assistant Attorney General Kenneth A. Blanco delivered the 2017 Cybercrime Symposium Keynote address, with the symposium’s topic being “When Cybercrime Turns Violent and Abusive.” Blanco spent much of the speech calling for more federal and private sector involvement in combating cyberbullying, cyber harassment, cyberstalking, sextortion, doxing and non-consensual pornography.

China arrests yet another alleged Japanese spy (The Japan Times) Chinese authorities arrest Japanese citizen suspected of spying, local state media said.

Former Whistleblower, Lawyer Start Free Law Firm for Federal Workers (National Law Journal) National security lawyer Mark Zaid and former State Department employee John Tye launched Whistleblower Aid on Monday.

Web Cam Child Exploitation Gang Get 171 Years in Jail (Infosecurity Magazine) Web Cam Child Exploitation Gang Get 171 Years in Jail. Final four were sentenced on Friday

“Fake” net neutrality comments at heart of lawsuit filed against FCC (Ars Technica) Lawsuit: FCC ignored public records request for data on mass comment uploads.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Cyber Security Conference for Executives (Baltimore, Maryland, USA, September 19, 2017) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 4th Annual Cyber Security Conference for Executives on Tuesday, September, 19. It will be held on...

4th Annual Industrial Control Cybersecurity Europe (London, England, UK, September 19 - 20, 2017) Against a backdrop of targeted Industrial Control System cyber attacks against energy firms in the Ukraine power industry, the massive attacks against the Norway oil and gas industry, cyber attacks on...

Cyber Everywhere: Collaboration, Integration, Automatio (Washington, DC, USA, September 20, 2017) We’ve seen all of the cyber headlines this year – new policies emerging, old policies evolving, the cyber workforce is multiplying, and rapidly growing connected devices are complicating governance. While...

10th Cyber Defence Summit (Dubai, UAE, September 20, 2017) Naseba’s 10th Cyber Defence Summit will address the importance of protecting critical infrastructure and sensitive information, help companies procure cyber security solutions and services, and create...

Maine Cyber Safety Institute (Waterville, Maine, USA, September 20 - 21, 2017) The Summit intends to help business protect themselves from possible losses. The Information Security Community, representing cyber professionals, found that 54% of anticipated cyberattacks against their...

2017 Washington, D.C. CISO Executive Leadership Summit (Washington, DC, USA, September 21, 2017) Highly interactive sessions will provide many opportunities for attendees, speakers and panelists to be engaged in both learning and discussion. The objective for the day is to deliver high quality useful...

Connect Security World (Marseille, France, September 25, 2017 - 27, 2014) As IoT solutions are transitioning from hype to real deployments, the “Internet of insecure things” threat is gaining ground. To address unlimited risks, threats and vulnerabilities surrounding IoT, a...

(ISC)2 Security Congress (Austin, Texas, USA, September 25 - 27, 2017) (ISC)² Security Congress cybersecurity conference brings together nearly 1,500 cybersecurity professionals, offers 100+ educational and thought-leadership sessions, and fosters collaboration with forward-thinking...

Connect Security World (Marseille, France, September 25 - 27, 2017) As IoT solutions are transitioning from hype to real deployments, the “Internet of insecure things” threat is gaining ground. To address unlimited risks, threats and vulnerabilities surrounding IoT, a...

SINET61 2017 (Sydney, Australia, September 26 - 27, 2017) Promoting cybersecurity on a global scale. SINET – Sydney provides a venue where international solution providers can engage with leaders of government, business and the investment community to advance...

O'Reilly Velocity Conference (New York, New York, USA, October 1 - 4, 2017) Learn how to manage, grow, and evolve your systems. If you're building and managing complex distributed systems and want to learn how to bake in resiliency, you need to be at Velocity.

24th International Computer Security Symposium and 9th SABSA World Congress (COSAC 2017) (Naas, County Kildare, Ireland, October 1 - 5, 2017) If you thought symposiums on information security and risk were all the same, look again! COSAC is an entirely different experience. Conceived by practising professionals for experienced professionals,...

Cybersecurity Nexus North America 2017 (CSX) (Washington, DC, USA, October 2 - 4, 2017) Be a part of a global conversation with professionals facing the same challenges as you at the nexus—where all things cyber security meet. Cyber security doesn’t take a vacation and it doesn’t sleep. You...

Atlanta Cyber Week (Atlanta, Georgia, USA, October 2 - 6, 2017) Atlanta Cyber Week is a public-private collaboration hosting multiple events during the first week of October that highlight the pillars of the region’s cybersecurity ecosystem and create an opportunity...

4th Annual Industrial Control Cyber Security USA Summit (Sacramento, California, USA, October 3 - 4, 2017) Against a backdrop of targeted Industrial Control System cyber attacks, such as those against energy firms in the Ukraine power industry, the massive attacks against the Norway oil and gas industry, cyber...

4th Annual Industrial Control Cyber Security Summit USA (Sacramento, California, USA, October 3 - 4, 2017) Against a backdrop of continued ICS targeted cyber attacks against energy firms in the Ukraine power industry (CRASHOVERRIDE), the massive attacks against the Norway oil and gas industry, cyber attacks...

CyberSecurity4Rail (Brussels, Belgium, October 4, 2017) Facilitated by Hit Rail, this conference will bring together experts in cybercrime and digital security, plus leaders in ICT and representatives from transport and railway companies, European organisations...

Infosecurity North America (Boston, Massachusetts, USA, October 4 - 5, 2017) Organized by Infosecurity Group, which has provided the global information security community with some of the largest, longest established conferences and expos over the past 22 years including Infosecurity...

Hacker Halted (Atlanta, Georgia, USA, October 9 - 10, 2017) The theme for Hacker Halted 2017 is The Art of Cyber War: Lessons from Sun Tzu. 2,500 years ago, Sun Tzu wrote 13 chapters on military strategy. Fast forward to today and we are still learning from those...

European Cybersecurity Forum – CYBERSEC (Krakow, Poland, October 9 - 10, 2017) The Fourth Industrial Revolution is in full swing, giving a strong impulse to the growth of Europe’s innovation-driven economy that can compete with world’s economic superpowers. Let’s start the dialogue...

2017 ISSA International Conference (San Diego, California, USA, October 9 - 11, 2017) Each day, cyber threats become increasingly intricate and difficult to detect. Over the past year, we saw that with the rise of device connectivity came boundless opportunities for malicious hackers to...

Maryland Cyber Day Marketplace (Baltimore, Maryland, USA, October 10, 2017) Hundreds of cybersecurity providers and buyers in one location on one day. Maryland Cyber Day Marketplace provides the opportunity for cybersecurity buyers to connect with, get to know and purchase cybersecurity...

Cyber at the Crossroads (Adelphi, Maryland, USA, October 10, 2017) Join the Cyber Center for Education & Innovation (CCEI), Home of the National Cryptologic Museum (NCM) for a one-day symposium of renowned national cybersecurity leaders, including experts from past and...

ManuSec USA (Chicago, Illinois, USA, October 11 - 12, 2017) This series will bridge the gap between the process control and corporate IT senior level professionals, allowing them to discuss challenges, critical issues and debate best practice guidelines.

CyberMaryland (Baltimore, Maryland, USA, October 11 - 12, 2017) Maryland is recognized as a cybersecurity leader - nationally and internationally. The state has developed cybersecurity experts, education and training programs, technology, products, systems and infrastructure.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.