skip navigation

More signal. Less noise.

Do you know the best practices for applying threat intelligence?

Threat intelligence is one of the most talked about areas of information security today, but how do you actually use it? Learn best practices for applying threat intelligence with Recorded Future's latest white paper. Download your free copy now.

Daily briefing.

Things are tense in the Korean peninsula, but not that tense. US Forces Korea says that the text and social media messages that yesterday appeared to be a Noncombatant Evacuation Order telling US civilians to leave South Korea at once was a hoax. Responsibility has not been determined. It could be a state-actor (with Pyongyang the obvious suspect) but a freelancing skid doing for the sick lulz is just as likely.

The breach of the US Securities and Exchange Commission's EDGAR system has spooked investors and legislators alike. It's being called a blow to confidence in the US financial system; how serious a blow remains to be seen.

It now seems that whoever hit Equifax spent several months carefully establishing their presence in its systems. And, with the Equifax breach, closer scrutiny of its competitors will turn up issues there as well: Experian's site allows anyone to request your credit freeze PIN.

ESET warns that ongoing campaigns distributing FinFisher spyware have features suggesting some Internet service providers may have been compromised to distribute the lawful intercept product to its targets.

Investigation into the supply chain's insinuation of a backdoor into Avast's CCleaner security product moves toward the conclusion that the effort was more closely targeted than initially believed. Cisco thinks the hackers were after a relatively small number of large companies: Intel, Microsoft, Linksys, Dlink, Google, Samsung, Cisco, O2,  Vodafone, and Gauselmann.

GCHQ warns that bigger attacks than WannaCry are coming, particularly if Britain doesn't get its security act together.

Notes.

Today's issue includes events affecting China, European Union, Ghana, Democratic Peoples Republic of Korea, Republic of Korea, Russia, United Kingdom, United States.

Worried About Third Party Data Breaches?

We all know the consequences of a third party data breach; one vulnerability can cost your organization millions. But do you know what security measures to implement to successfully reduce your attack surface and prevent third party risk? Learn how in LookingGlass Cyber Solutions' webinar featuring VP of Intelligence Operations Eric Olson and Forrester Senior Analyst Nick Hayes on Wednesday, October 18, 1:30pm ET. Sign up now.

In today's podcast, we hear from our partners at Accenture Labs, as Malek Ben Salem describes a new attack vector that uses power management systems. Our guest, Robert Sell, shares his experiences participating in a DEFCON capture the flag competition.

And don't forget Research Saturday tomorrow: it's all about pacifiers...

Earn a master’s degree in cybersecurity from SANS (Online, September 28, 2017) Earn a master’s degree in cybersecurity from SANS, the world leader in information security training. Learn more at a free online information session on Thursday, September 28th, at 12:00 pm (noon) ET. For complete information on master’s degree and graduate certificate programs, visit www.sans.edu.

3rd European Cybersecurity Forum – CYBERSEC (Krakow, Poland, October 9 - 10, 2017) CYBERSEC is a unique Europe-wide, annual public policy conference dedicated to strategic aspects of cybersecurity. Conference’s mission is to foster the building of a Europe-wide cybsersecurity system and create a dedicated collaborative platform for governments, international organisations, and key private-sector organisations.

CyberMaryland Job Fair, October 11, Baltimore visit ClearedJobs.Net or CyberSecJobs.com for details. (Baltimore, Maryland, USA, October 11, 2017) Cleared and non-cleared cybersecurity pros make your next career move at the CyberMaryland Job Fair, October 11 in Baltimore. Meet leading cyber employers including Delta Risk, Choice Hotels, Lockheed Martin, the NSA and more. Visit ClearedJobs.Net or CyberSecJobs.com for info.

Florida’s Annual Cybersecurity Conference (Tampa, Florida, USA, October 27, 2017) Networking the Future, the Florida Center for Cybersecurity's fourth annual conference, will host hundreds of technical and non-technical stakeholders from industry, government, the military, and academia to explore emerging threats, best practices, and the latest research and trends.

The International Information Sharing Conference on October 31 and November 1 in Washington, D.C. (Washington, DC, USA, October 31 - November 1, 2017) Join us for the inaugural International Information Sharing Conference hosted by the ISAO SO. This two-day event, a first of its kind, will convene practitioners from small businesses to multi-national corporations and from information sharing newcomers to well-established cybersecurity organizations.

Dateline Cyber Security Conference for Executives

Cybersecurity for executives (including deans and small business owners). (The CyberWire) This week's conference at the Johns Hopkins University covered ground of interest to business leaders, especially with respect to the implications cyber risk has for their legal and contracting activities. The executives for whom the conference was organized were expansively and quite properly defined to include not just the denizens of a Fortune 500 C-suite, but small business owners, partners in medical and accounting practices, college deans, and so on.

Motivation: recognizing the magnitude of the problem. (The CyberWire) What do organizations face in cyberspace, and how should they understand their risk?

Preparation: Don't be like Equifax, and don't think it can't happen to you. (The CyberWire) What should you consider doing to prepare your organization for an incident? In the first place, understand your value proposition, and manage your risk accordingly.

Attribution: AI and big data will help, but a lot of art remains. (The CyberWire) The possibilities and limitations of attribution: a lot of science, but a lot of art, too.

Communication: Storytelling for security. (The CyberWire) Sometimes, in establishing an effective security program, the most important steps are imaginative ones.

Cyber Attacks, Threats, and Vulnerabilities

U.S. Forces Korea: Evacuation message is fake (Military Times) Families of service members and other DoD civilians received a fake message to evacuate the Korean Peninsula.

Hack of Wall St regulator rattles investors, lawmakers (Reuters) Wall Street's top regulator came under fire on Thursday over its cyber security and disclosure practices after admitting hackers had breached its database of corporate announcements in 2016 and may have used it for insider trading.

SEC reveals it was hacked, information may have been used for illegal stock trades (Washington Post) The agency detected the breach last year, but didn't learn until last month that it may have been used for improper trading.

Hack of U.S. Regulator a Blow to Confidence in Financial System (Security Week) The hack disclosed at the U.S. Securities and Exchange Commission deals a fresh blow to confidence in the security of the financial system weeks after news of a potentially catastrophic breach at a major U.S. credit bureau.

Massive Equifax hack reportedly started 4 months before it was detected (Ars Technica) Attackers likely spent months escalating their intrusion into Equifax's network.

Exclusive: U.S. Homeland Security found SEC had 'critical' cyber weaknesses in January (Reuters) The U.S. Department of Homeland Security detected five "critical" cyber security weaknesses on the Securities and Exchange Commission's computers as of January 23, 2017, according to a confidential weekly report reviewed by Reuters.

Experian Site Can Give Anyone Your Credit Freeze PIN (KrebsOnSecurity) An alert reader recently pointed my attention to a free online service offered by big-three credit bureau Experian that allows anyone to request the personal identification number (PIN) needed to unlock a consumer credit file that was previously frozen at Experian.

Internet Providers Possibly Involved in FinFisher Surveillance Operations: Report (Security Week) New campaigns featuring the infamous FinFisher spyware are using a previously unseen infection vector, strongly suggesting that Internet service providers (ISPs) might be involved in the distribution process, ESET security researchers warn.

Hackers behind CCleaner compromise were after Intel, Microsoft, Cisco (Help Net Security) There is a new twist in the CCleaner hack saga: the attackers apparently didn't set out to compromise as many machines as possible.

CLKSCREW Attack Can Hack Modern Chipsets via Their Power Management Features (BleepingComputer) A team of three scientists from Columbia University has discovered that by attacking the combo of hardware and software management utilities embedded with modern chipsets, threat actors can take over systems via an attack surface found in almost all modern electronic devices.

DroidJack is back! This time as a fake Sarahah app (TEISS) Masquerading as a fake Sarahah app, DroidJack helps hackers view contact lists, GPS locations, SMSs and WhatsApp data in targeted devices.

Undocumented Word feature could lead to system information theft (SearchSecurity) An undocumented Word feature can be abused by attackers and lead to system information theft on both PCs and mobile devices.

What is a fileless attack? How hackers invade systems without installing software (CSO Online) Cyber criminals don't need to place malware on your system to get in. Fileless or zero-footprint attacks use legitimate applications or even the operating system.

When the Breach Wears a Suit and Tie (Digital Guardian) A foiled “black bag” job at the Boston firm Medrobotics underscores the varied nature of threats to sensitive data.

How Malware Keeps Sneaking Past Google Play’s Defenses (WIRED) A rash of malware hit the Google Play store this summer. And while Google has taken big steps to improve Android security, there's no clear end in sight.

Don't Rely On an Unlock Pattern To Secure Your Android Phone (WIRED) A new study found test subjects could mostly spot the patterns from five or six feet away on the first try.

How BitPaymer ransomware covers its tracks (Naked Security) This BitPaymer malware variant uses tricks that you don’t usually see in ransomware – but it still scrambles your files in the end.

This Ransomware Demands Nudes Instead of Bitcoin (Motherboard) It was inevitable.

A Song of Ice and Ransomware: Game of Thrones References in Locky Phishing (PhishMe) We rarely find out the identities of online attackers...

Ransomware Analysis Promises Bleak Future with No Recovery (Infosecurity Magazine) The future of ransomware does not offer any good news, as analysis shows new tactics and advancements by operators

Hackers hold entire school district to ransom (Naked Security) The hacking group stole personal information and sent explicit death threats against children to their parents.

Communications Ongoing with Overseas Hackers as Schools Regain Normalcy (Flathead Beacon) Schools are once again brimming with students as the Flathead Valley begins to emerge from the storm of cyber threats that shook the community over the last week. Average attendance... more

46,000 new phishing sites are created every day (Help Net Security) 1.385 million new, unique phishing sites are created each month, with a high of 2.3 million sites created in May 2017, Webroot has found.

The Imperative Of Cybersecurity For Houses Of Worship And Not-For-Profit Organizations (BIZCATALYST 360°) Over the past year, cyber threats and attacks have emerged as a prime concern, particularly with regard to homeland and transnational security.

Three things to know about the dark web (Help Net Security) CISOs have to stay ahead of what’s likely to come. With this in mind, here are three things you need to know about the dark web.

Bigger than WannaCry: A giant cyber attack will happen unless we rethink security, says GCHQ (ZDNet) A huge attack which makes WannaCry look like small fry will occur in the not to distant future - unless something changes.

Security Patches, Mitigations, and Software Updates

Critical VMware vulnerability, patch and update now (Naked Security) The impact of this critical vulnerability has the potential to be great.

Cyber Trends

Cyber Expertise Evolves with the Times Even as Skills Gap Widens (Infosecurity Magazine) More than half of IT pros look for network monitoring, IT fundamentals and vulnerability management.

Legacy networks holding back cloud and digital transformation (Help Net Security) What's holding back digital transformation and cloud adoption? 1,000 IT decision makers agree that it's legacy infrastructures.

Why Size Doesn't Matter in DDoS Attacks (Dark Reading) Companies both large and small are targets. Never think I'm not big enough for a hacker's attention.

Ghana lost 50 million dollars to cyber-attack in 2016 (Ghana Web) Mr Dele Aden, the Managing Director of Delta3 International, an Informational Security...

Marketplace

Kaspersky Raises the Question: Are Companies Loyal to Customers or Their Governments? (Government Technology) The recent ban on all Moscow-based Kaspersky Lab products throughout the federal government signals a shift in thinking about where company loyalties lie.

Bastille Confirms $27M in Series B Funding Round (BusinessWire) Bastille, the leader in enterprise threat detection through software-defined radio, has raised $27M in its latest round of funding. The Series B fundi

Cygilant Raises $7M in Growth Funding (FinSMEs) Cygilant, a Boston, MA-based developer of hybrid security as a service, raised an additional $7m in growth funding

Database provider MongoDB has filed to go public (TechCrunch) MongoDB, a database software company based in New York, has filed to go public with the Securities and Exchange Commission as it continues to burn a ton of..

Navy delays NGEN contract award (C4ISRNET) The Navy has delayed contract awards for its multibillion-dollar NGEN program.

Kaspersky provides security software for Brazil military (Telecompaper) Kaspersky Lab will provide cyber security products for the Brazilian Armed Forces, specifically virus protection, reports Folha de Sao Paulo.

Products, Services, and Solutions

Microsoft Intune Gets Security Boost with Zimperium Support (Redmond Channel Partner) The Microsoft Intune mobile management solution, part of the Microsoft Enterprise Mobility + Security (EMS) suite, can now integrate with Zimperium, bringing added security protections for iOS and Android users.

ThreatQuotient and Phantom Partner to Leverage Threat Intelligence (ThreatQuotient) ThreatQuotient™, a trusted threat intelligence platform innovator, today announced a strategic partnership with Phantom to enable defenders...

tCell Delivers Universal DevOps-Friendly AppSec Solution (Marketwired) Support for web servers further simplifies enterprise deployment and bolsters comprehensive attack protections for widest range of new and legacy apps

Clones begone: Dashlane Business 2.0 improves duplicate password spotting (Neowin) The password manager has unveiled its latest update to its Business offering, which brings Active Directory integration, group sharing, one-click provisioning via SAML, and much more.

Forcepoint NIST 800-171 Supply Chain Solution Speeds Path to DoD Compliance (PRNewswire) Global cybersecurity leader Forcepoint today announced it has partnered...

Cypherium Announces Development Scalable Hybrid Blockchain (NEWSBTC) Lead blockchain cryptographers have banded together with experts from companies such as Google, Amazon & Microsoft to create Cypherium.

RapidScale Launches Imperva Incapsula Service as Part of CloudSecurity Offerings (HostReview.com) RapidScale, a leader in managed cloud services, has launched a new CloudSecurity offering powered by Imperva Incapsula. RapidScale added the Incapsula

Anomali Announces Real Time Forensics to Give Organizations Instant Visibility Into Newly Discovered and Existing Threats (Marketwired) Adds new automation and detection capabilities to threat intelligence product lines...

NTT launches security services for industrial control systems (Telecompaper) NTT Security, the specialized security company of NTT Group, has launched ‘IT/OT Integrated Security Services’.

KoolSpan and GO-Trust Announce a Strategic Partnership and the General Availability of TrustCall microSD (Sys-Con Media) KoolSpan, Inc., the leading provider of interoperable secure call and messaging solutions for mobile devices and GO-Trust, a global leader in hardware based encryption solutions, today announced their strategic global partnership, and the General Availability of TrustCall microSD.

WISeKey Unveils its Digital Identity BlockChain Platform CertifyID in NYC; (GlobeNewswire News Room) WISeKey International Holding Ltd ("WISeKey", SIX: WIHN), a leading cybersecurity and IoT company announced that it unveiled its CertifyID integrating Digital Identity with Blockchain technology, in several major Sustainable Developments Events held in New York City this week.

Sword & Shield Enterprise Security Aims to Improve Mobile App Security (markets.businessinsider.com) Sword & Shield Enterprise Security, a leading national cybersecurity firm based in Knoxville, Tennessee, now offers detailed mobile application security assessments for Android, iOS, and Windows phone or tablet-based apps to determine their vulnerabilities and how sensitive information can be compromised through them.

Walmart partners with smart lock maker August to test in-home delivery of packages and groceries (TechCrunch) Walmart announced today it will begin testing a new service that will allow customers with August smart home devices, like the August doorbell and security..

Technologies, Techniques, and Standards

A Robotics Expert Explains the Future of Standards in the Industry (Security Sales & Integration) The Robotic Industries Association’s director of standards development discusses key trends affecting the industry’s tactics, trajectory and traction.

Should You Underwrite A Company That’s Been Breached Before? (BitSight) Find out why cyber insurers should take on the risk of companies that have experienced a data breach or security event in the past.

Track to the Future (ThreatConnect) How to use historical intelligence to get back to the future and defend your organization

Recent hurricanes have the Coast Guard rethinking social media's role in rescue and response (FederalNewsRadio.com) The Coast Guard says agencies need a national protocol for using social media in rescue and response efforts for future weather disasters.

Supporting Healthcare Organizations Through IT Recovery (Trend Micro Simply Security) As we all return to work from the summer holidays, we at Trend Micro reflect on what we have seen in the threat landscape over the first six months of 2017 with the release of our 2017 Mid-Year Security Roundup. It takes me back to the two major attacks that we witnessed, and I was...

Meet the 17-Year-Old Who Hacked the U.S. Air Force (Nextgov) Chicago high school senior Jack Cable moonlights as an ethical hacker.

Design and Innovation

A Surgical Approach to Software Security: Protecting Software from the Inside Out (Infosecurity Magazine) We must focus on a preemptive diagnosis and cure designed to eliminate the opportunity for problems both today and in the future.

Research and Development

China’s Quantum Net Advance Offers a Glimpse into the Future of Enterprise Security (Data Center Knowledge) Chinese companies actively productizing quantum key distribution, which pushes communications security to a new level

Electronic camouflage will be the new war paint, says Marine intel official (C4ISRNET) With advanced sensing equipment, physical camouflage is no longer sufficient against future threats, says an intel official.

What Triggers HTTPS Chrome Browser Warnings? (Threatpost) Researchers combed through 2,000 Chrome error reports to better classify HTTPS error warnings.

Academia

Navy hosting hackathon at MIT to attract tech-savvy millennials (Metro US) The Navy needs tech experts to protect the country against cyber attacks, so MIT is hosting the event.

Cybersecurity Becomes a Career Choice (InformationWeek) Young people can't ignore the news. Data breaches are everywhere and they're beginning to realize that it's up to them to keep our personal and national information private.

Legislation, Policy, and Regulation

‘Cyber Defense Is Very Much About Political Decisions’ (Defense One) When European defense ministers played a tabletop cyber defense exercise, things got hard very quickly.

China’s security boss wants AI to ‘predict and prevent’ terrorism (South China Morning Post) Artificial intelligence can complete tasks with a ‘precision and speed unmatchable by humans’, official says

At U.N., Leaders Tell Tech Industry to Do More to Fight Terrorism (Foreign Policy) Online radicalization drives calls for a tougher crackdown on propaganda and encrypted messages.

Thoughts on Facebook’s 9 plans to curb election interference (TechCrunch) Election meddling is Facebook's next adversary, and it's got a plan to attack it just like it did with fake news. Solutions to both these scourges come too..

DoD to bring more employees with ‘critical positions’ under continuous evaluation (FederalNewsRadio.com) Daniel Payne, the director of the Defense Security Services, said the continuous evaluation program will have 1 million employees by 2018.

IoT introducing new cyber risks, redrawing federal CISO role (FederalNewsRadio.com) Amid the "chaos and complexity" of the Internet of Things are basic cybersecurity rules agencies can follow to secure devices but not suffocate innovation.

Litigation, Investigation, and Law Enforcement

Facebook and Twitter play bigger role in Congressional election-hacking probe (TechCrunch) As Congressional investigations into Russia's role in manipulating the election for U.S. president deepens, tech companies are assuming a more central role in..

Skadden in DOJ's Sights Over Manafort Work: Report (New York Law Journal) The New York Times reported that the Department of Justice wants files related to Trump campaign manager Paul Manafort's work in Ukraine.

Another court tells police: Want to use a stingray? Get a warrant (Ars Technica) DC Court of Appeals: Even if you know the police can track you doesn’t mean they should.

Trader Accused of Running Bitcoin Ponzi Scheme (New York Law Journal) A Brooklyn-based trader was charged with securities violations Thursday for allegedly running a bitcoin Ponzi scheme, the U.S. Commodity Futures Trading Comm...

“Admin from Hell” holds company to ransom with porn makeover (Naked Security) The IT admin demanded $10,000, when he didn’t get it things got X-rated

An Alleged Ethereum Hacker Gave Back $3 Million And Nobody Knows Why (Motherboard) This is unheard of.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Cyber Security Summit 2017 (Minneapolis, Minnesota, USA, October 23 - 25, 2017) Cyber Security Summit is a public-private collaboration with support from industry, government, and university leaders who gather to discuss security trends and solutions. The 7th Annual Summit will bring...

Upcoming Events

Connect Security World (Marseille, France, September 25, 2017 - 27, 2014) As IoT solutions are transitioning from hype to real deployments, the “Internet of insecure things” threat is gaining ground. To address unlimited risks, threats and vulnerabilities surrounding IoT, a...

(ISC)2 Security Congress (Austin, Texas, USA, September 25 - 27, 2017) (ISC)² Security Congress cybersecurity conference brings together nearly 1,500 cybersecurity professionals, offers 100+ educational and thought-leadership sessions, and fosters collaboration with forward-thinking...

Connect Security World (Marseille, France, September 25 - 27, 2017) As IoT solutions are transitioning from hype to real deployments, the “Internet of insecure things” threat is gaining ground. To address unlimited risks, threats and vulnerabilities surrounding IoT, a...

SINET61 2017 (Sydney, Australia, September 26 - 27, 2017) Promoting cybersecurity on a global scale. SINET – Sydney provides a venue where international solution providers can engage with leaders of government, business and the investment community to advance...

Enterprise Cyber Security Even (London, England, UK, September 28, 2017) Cyber-attacks are increasing in both frequency and sophistication. Whitehall Media’s leading-edge Enterprise Cyber Security conference brings together hundreds of thought leaders, practitioners, specialists...

O'Reilly Velocity Conference (New York, New York, USA, October 1 - 4, 2017) Learn how to manage, grow, and evolve your systems. If you're building and managing complex distributed systems and want to learn how to bake in resiliency, you need to be at Velocity.

24th International Computer Security Symposium and 9th SABSA World Congress (COSAC 2017) (Naas, County Kildare, Ireland, October 1 - 5, 2017) If you thought symposiums on information security and risk were all the same, look again! COSAC is an entirely different experience. Conceived by practising professionals for experienced professionals,...

Cybersecurity Nexus North America 2017 (CSX) (Washington, DC, USA, October 2 - 4, 2017) Be a part of a global conversation with professionals facing the same challenges as you at the nexus—where all things cyber security meet. Cyber security doesn’t take a vacation and it doesn’t sleep. You...

Atlanta Cyber Week (Atlanta, Georgia, USA, October 2 - 6, 2017) Atlanta Cyber Week is a public-private collaboration hosting multiple events during the first week of October that highlight the pillars of the region’s cybersecurity ecosystem and create an opportunity...

4th Annual Industrial Control Cyber Security USA Summit (Sacramento, California, USA, October 3 - 4, 2017) Against a backdrop of targeted Industrial Control System cyber attacks, such as those against energy firms in the Ukraine power industry, the massive attacks against the Norway oil and gas industry, cyber...

4th Annual Industrial Control Cyber Security Summit USA (Sacramento, California, USA, October 3 - 4, 2017) Against a backdrop of continued ICS targeted cyber attacks against energy firms in the Ukraine power industry (CRASHOVERRIDE), the massive attacks against the Norway oil and gas industry, cyber attacks...

CyberSecurity4Rail (Brussels, Belgium, October 4, 2017) Facilitated by Hit Rail, this conference will bring together experts in cybercrime and digital security, plus leaders in ICT and representatives from transport and railway companies, European organisations...

Infosecurity North America (Boston, Massachusetts, USA, October 4 - 5, 2017) Organized by Infosecurity Group, which has provided the global information security community with some of the largest, longest established conferences and expos over the past 22 years including Infosecurity...

Hacker Halted (Atlanta, Georgia, USA, October 9 - 10, 2017) The theme for Hacker Halted 2017 is The Art of Cyber War: Lessons from Sun Tzu. 2,500 years ago, Sun Tzu wrote 13 chapters on military strategy. Fast forward to today and we are still learning from those...

European Cybersecurity Forum – CYBERSEC (Krakow, Poland, October 9 - 10, 2017) The Fourth Industrial Revolution is in full swing, giving a strong impulse to the growth of Europe’s innovation-driven economy that can compete with world’s economic superpowers. Let’s start the dialogue...

2017 ISSA International Conference (San Diego, California, USA, October 9 - 11, 2017) Each day, cyber threats become increasingly intricate and difficult to detect. Over the past year, we saw that with the rise of device connectivity came boundless opportunities for malicious hackers to...

Maryland Cyber Day Marketplace (Baltimore, Maryland, USA, October 10, 2017) Hundreds of cybersecurity providers and buyers in one location on one day. Maryland Cyber Day Marketplace provides the opportunity for cybersecurity buyers to connect with, get to know and purchase cybersecurity...

Cyber at the Crossroads (Adelphi, Maryland, USA, October 10, 2017) Join the Cyber Center for Education & Innovation (CCEI), Home of the National Cryptologic Museum (NCM) for a one-day symposium of renowned national cybersecurity leaders, including experts from past and...

ManuSec USA (Chicago, Illinois, USA, October 11 - 12, 2017) This series will bridge the gap between the process control and corporate IT senior level professionals, allowing them to discuss challenges, critical issues and debate best practice guidelines.

CyberMaryland (Baltimore, Maryland, USA, October 11 - 12, 2017) Maryland is recognized as a cybersecurity leader - nationally and internationally. The state has developed cybersecurity experts, education and training programs, technology, products, systems and infrastructure.

ISSA CISO Executive Forum: Payment Strategies: The Game Has Changed (San Diego, California, USA, October 11 - 12, 2017) From the water cooler to the boardroom, daily conversations discuss the most recent incursions, the staggering numbers, and speculation about the thieves’ next target. Recent attacks against Target, PF...

National Information Security Conference (Glasgow, Scotland, UK, October 11 - 13, 2017) NISC is a highly focused cyber security event designed to encourage peer-to-peer collaboration and thought-leading discussions in a relaxed but professional environment. It provides the proven practices...

SecureWorld Twin Cities (Minneapolis, Minnesota, USA, October 12, 2017) Join your fellow security professionals for high-quality, affordable training and education. Attend featured keynotes, panel discussions, and breakout sessions—all while networking with local peers. Earn...

Cyber Georgia 2017 (Augusta, Georgia, USA, October 12 - 13, 2017) Cyber Georgia 2017 will focus on convening industry, academia, and government to examine cyber threats and discuss how to better prepare for a cyberattack or denial of service in the hospital and public...

Plan B Tech S3: Security Solutions Summit (National Harbor, Maryland, USA, October 13, 2017) Join Plan B Technologies, Inc. on Friday, the 13th of October for this highly anticipated half-day security seminar! Hear the latest cybersecurity research, stats, and insights from IDC Program Director...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.