skip navigation

More signal. Less noise.

Do you know the best practices for applying threat intelligence?

Threat intelligence is one of the most talked about areas of information security today, but how do you actually use it? Learn best practices for applying threat intelligence with Recorded Future's latest white paper. Download your free copy now.

Daily briefing.

North Korea's got a lot of coal it can't sell. Anyone whose got anything worth stealing online should look to their defenses. Pyongyang's especially interested in cryptocurrency wallets these days.

Deloitte continues to deal with the consequences of its recently disclosed breach. Many of those consequences are foreseeable piling on, as lawyers see, with some justification, regulatory gaps exposed by the incident, and as security researchers put the Big Four consultancy under the microscope and find all sorts of places where the company hasn't following its own advice. These include proxy login credentials out on Google+ (they've now been taken down), VPN credentials on Github, thousands of hosts exposed on the Internet (as seen via Shodan searches), etc. Such results are practically inevitable for an organization as big as Deloitte, which may or may not be comforting. There's no further word on whether the breach is more damaging than Deloitte's initial minimalist characterization makes it out to be.

Turning to the other two high-profile breaches, the Equifax incident produces fresh waves of hand-wringing and learned helplessness over the use of Social Security Accounts Numbers as elements of identity management approaches. It's also prompted what Palo Alto Networks deplores as "ambulance chasing." The US Senate, after giving the Securities and Exchange Commission a wire-brushing over the EDGAR breach, has told the SEC to go out and regulate harder.

McAfee reports an uptick in Faceliker malware, malicious code that gooses Facebook "likes." 

Bloggers and others note: WordPress has a new patch out.

Notes.

Today's issue includes events affecting Australia, China, European Union, Indonesia, Democratic Peoples Republic of Korea, Republic of Korea, Pakistan, Russia, United Kingdom, United States.

A note to our readers: Today marks a milestone for the CyberWire. It's the fifth anniversary of our Daily News Briefing: our first issue went out on this day in 2012. A lot of you have been with us from the start, and we'd like to say thanks to all of you for reading, and thanks for listening.

Compliance risk can be a business killer.

Regulations, laws, and the standards of care that follow them are shifting rapidly, struggling to keep up with new technologies and a continually changing threat landscape. In this increasingly complex environment, how can organizations manage risk systematically and effectively? Learn more about how organizations are achieving situational awareness, while automating the labor-intensive tasks associated with managing IT risk and compliance.

In today's podcast we hear from our partners at Level 3 Communications, as Dale Drew talks about attack patterns and attack lulls. Our guest, Comodo's Trip Nine, gives us the skinny on trends in credential theft.

3rd European Cybersecurity Forum – CYBERSEC (Krakow, Poland, October 9 - 10, 2017) CYBERSEC is a unique Europe-wide, annual public policy conference dedicated to strategic aspects of cybersecurity. Conference’s mission is to foster the building of a Europe-wide cybsersecurity system and create a dedicated collaborative platform for governments, international organisations, and key private-sector organisations.

CyberMaryland Job Fair, October 11, Baltimore visit ClearedJobs.Net or CyberSecJobs.com for details. (Baltimore, Maryland, USA, October 11, 2017) Cleared and non-cleared cybersecurity pros make your next career move at the CyberMaryland Job Fair, October 11 in Baltimore. Meet leading cyber employers including Delta Risk, Choice Hotels, Lockheed Martin, the NSA and more. Visit ClearedJobs.Net or CyberSecJobs.com for info.

UMBC Cybersecurity Graduate Info Session (Rockvale, Maryland, USA, October 11, 2017) Learn how UMBC’s graduate programs in Cybersecurity can elevate your career at our upcoming Info Session. Led by industry experts, our programs combine hands-on technical training with unparalleled opportunity.

The International Information Sharing Conference on October 31 and November 1 in Washington, D.C. (Washington, DC, USA, October 31 - November 1, 2017) Join us for the inaugural International Information Sharing Conference hosted by the ISAO SO. This two-day event, a first of its kind, will convene practitioners from small businesses to multi-national corporations and from information sharing newcomers to well-established cybersecurity organizations.

Cyber Attacks, Threats, and Vulnerabilities

With $9.7 trillion of untradeable coal, North Korea turns to bitcoin (Crypto Insider) With an abundance of coal it can’t sell and a strong appetite for bitcoin, could Kim Jong-Un be experimenting with a new form of mining?

After hack, security researchers probe Deloitte's security posture (Help Net Security) We expect companies that advise other companies on information security to be better that most at protecting themselves. But is that expectation misplaced?

Deloitte Hack Reveals Email Vulnerabilities and Regulatory Gaps (New York Law Journal) The hack represents a breach of Deloitte’s ‘crown jewels,’ experts say, and large financial organizations and multinational corporations are likely among tho...

With Equifax, the Fiction about Hacking Becomes a Reality (CGMagazine) The Equifax data breach is a wakeup call to everyone that hacks that can circumvent cybersecurity are no longer a work of fiction.

Deloitte hacked, a brown trousers moment? (Diginomica) Deloitte was hacked while holding the world's leading cyber security consulting firm position as assessed by Gartner. That's quite a feat.

Op-Ed: Equifax hack reveals how absurdly at risk Americans are with their Social Security numbers (CNBC) Dumping the Equifax CEO was the easy part of dealing with the massive hack. Dumping your old Social Security number? Much harder.

Your head could roll in next cyber breach (FederalNewsRadio.com) Massive database will be the child of the Securities and Exchange Commission and contractor, Delaware LLC, and a dozen exchanges.

Sudden Rise Detected in Faceliker Malware That Manipulates Facebook "Likes" (BleepingComputer) Cyber-security firm McAfee is reporting about a sudden surge in detections for Faceliker, a malware strain that can take over browsers and manipulate Facebook "likes" on the behest of a remote party in order to promote social media trends, fake news, and other content.

Hajime IoT worm: Is it pure malware or vigilante malware? (SearchSecurity) The Hajime IoT worm posing as vigilanteware may not be entirely benevolent -- or safe. Expert Nick Lewis explained.

Internet Explorer Bug Leaks What Users Type in the URL Address Bar (BleepingComputer) Microsoft's Internet Explorer browser is affected by a serious bug that allows rogue sites to detect what the user is typing in his URL address bar.

Sonic Investigates Breach, 5 Million Cards For Sale on Cybercriminal Market (SurfWatch Labs, Inc.) The fast-food chain Sonic said yesterday that it is investigating a possible payment card breach at its stores, and security blogger Brian Krebs reported that the incident may be tied to a batch of…

Flagship Killer: USBKILL V3 Demonstrates iPhone 8 & Samsung Note 8 Vulnerable to USB Surge Attacks (Sys-Con Media) USBKill.com, the Hong-Kong based technology company that developed the "USB Killer" demonstrated this week that 2017's Flagship Phones are vulnerable to power surge attacks.

Linux Kernel Bug Reclassified as Security Issue After Two Years (BleepingComputer) Multiple Linux distros are issuing security updates for OS versions that still use an older kernel branch after it recently came to light that a mild memory bug was in reality much worse, and the bug was recently categorized as a security flaw.

Zeus is Still the Base of Many Current Trojans (Panda Security Mediacenter) When it first appeared in 2007, no one expected ZeuS to have such a brutal impact on security. But this Trojan's offshoots have become incredibly dangerous.

TfL denies misleading the public, says has no plans to sell Wi-Fi tracking data (Computing) Tracking scheme promoted service improvements, with no mention of sale of data to advertisers.

Security Patches, Mitigations, and Software Updates

WordPress 4.8.2 is out, update your website now (Naked Security) The first rule of running WordPress is always use the latest version

This month's Windows and Office security patches: Bugs and solutions (Computerworld) It’s been a rocky month, with buggy security patches and patches-of-patches that never should’ve seen light of day. Is this the new normal?

New Chrome 61 Update Takes Care of Two High-Risk Security Vulnerabilities (News4C) We have some great news for Chrome 61 users. Google started rolling out the new 61.0.3163.100 version of the browser which takes care of three major security flaws. This new version can already be downloaded by Mac, Linux and Windows OS users. Google is very adamant about how much it cares about user security and

Cyber Trends

How cyber impacts the full spectrum of terror threats (FCW) Cybersecurity still ranks near the top of threats that worry the nation's security agencies.

New Research Shows Cyber Criminals Increasingly Focused on Credential Theft (PRNewswire) WatchGuard® Technologies, a leader in advanced network security solutions,...

Woefully Inadequate IT Processes for Managing User Accounts and Access Continue to Create Major Security and Compliance Risks, One Identity Survey Reveals (Marketwired) Global study indicates disgruntled former employees or other threat actors still have widespread opportunity to cause harm because their IT accounts remain active

Why DDoS Attacks are on the Rise (Data Center Knowledge) Attacks are growing in size, and “everyone has a target on their back.”

Report: Assessing the Cybersecurity Performance of the Finance Supply Chain (BitSight) Download this BitSight Insight report to learn how the cybersecurity performance of financial organizations compare to companies in their supply chain.

Only 45% of organizations have a structured plan for GDPR compliance (Help Net Security) Only 45% of organizations have a structured plan in place for compliance and 58% indicate that they are not fully aware of noncompliance consequences.

Is your device part of an illegal hacking group? (Information Age) New research reveals London, Manchester and Maidenhead are the leading UK cities fuelling botnet enabled attacks

Marketplace

'Don't chase the ambulance:' Palo Alto Networks CEO speaks out on the epic Equifax breach (CNBC) Jim Cramer sits down with cybersecurity chief Mark McLaughlin to hear his take on recent high-profile hacks.

Myth busted: Contract security companies are definitely worth the money (Healthcare IT News) With staff shortages opening the door to hackers, contract security can help an organization protect its reputation and image.

3 Hot Cybersecurity Stocks to Focus on for the Rest of 2017 (NASDAQ.com) The Cybersecurity industry has been on a bullish trend, of late, thanks to the series of cyber attacks over the last few months.

Sky and Space signs Check Point for satellite cybersecurity (ZDNet) Check Point has been signed on to provide cybersecurity services for nano-satellite telecommunications provider Sky and Space Global's space and ground communication platforms.

Cisco will slash 310 San Jose headquarters jobs (The Mercury News) Cisco Systems will chop 310 jobs from its headquarters in San Jose, the tech titan confirmed Tuesday.

Leonardo eyes work on NATO cyber command (Fifth Domain) Leonardo is looking at further work if and when NATO stands up a fully fledged cyber command.

Critical Survey: Radware (NASDAQ:RDWR) and Its Competitors (Dispatch Tribunal) Radware (NASDAQ: RDWR) is one of 65 publicly-traded companies in the “Application Software” industry, but how does it weigh in compared to its competitors? We will compare Radware to related businesses based on the strength of its institutional ownership, analyst recommendations, profitability, dividends, earnings, valuation and risk. Earnings and Valuation This table compares Radware and […]

7 Startups Working to Secure Communications (Nanalyze) Secure communications are what keep us from disclosing our secrets to bad people. We look at 7 startups that are using technology to secure digital assets.

Cyber flavoured delegation to head to San Francisco (Computerworld) A delegation of Australian cyber security start-ups will be heading to San Francisco in January next year, as part of a Austrade and AustCyber backed initiative.

CyberX Strengthens Management Team to Support Explosive Demand for Industrial and Critical Infrastructure Security (PRNewswire) CyberX, provider of the most widely-deployed industrial cybersecurity platform...

Products, Services, and Solutions

Cyber Defense Network announced for Financial Services Industry (PRNewswire) NC4®, the leading company providing cyber and physical threat...

#StayCurrent: 1E announces comprehensive Windows Servicing Suite Update at Microsoft Ignite (Marketwired) Today at Microsoft Ignite and Envision 2017, 1E, which provides the only software lifecycle automation solutions that can handle both routine IT tasks and emergency actions in real time, announced four major enhancements to its Windows management solution, Windows Servicing Suite (WSS).

Why FireEye’s Helix matters to security professionals (CSO Online) Its Sandbox will be the core product for FireEye into the foreseeable future, but Helix will be an important adjacent market for the company and its customers. Here's why.

Sqrrl ferrets out network traffic anomalies to find hidden threats (CSO Online) Using a threat hunting platform like Sqrrl may take a little bit of a shift in thinking for cybersecurity teams. It’s less like being a beat cop and more like being a consulting detective, but arguably much more effective at catching the really dangerous, hidden threats before they can strike.

Demisto Partners with CrowdStrike to Accelerate Threat Detection and Incident Investigation and Response (BusinessWire) Demisto, Inc., an innovator in Security Automation and Orchestration technology, today announced a partnership with CrowdStrike®, the leader in cl

Threatcare plants Alexalike interface atop its attack simulation service (SiliconANGLE) Threatcare plants Alexalike interface atop its attack simulation service - SiliconANGLE

Gemalto launches payment hardware security module SafeNet Luna EFT Payment HSM (Software Testing News) Gemalto announced the launch of the industry’s first payment hardware security module, SafeNet Luna EFT Payment HSM.

WISeKey partners with Sigfox to launch Secure Element (Buisness Insider) WISeKey International Holding Ltd ("WISeKey", SIX: WIHN), a leading cybersecurity and IoT company, today announced in partnership with Sigfox its new Secure Element for Sigfox-enabled connected devices at the Sigfox World IoT Expo in Prague.

Zimperium Collaborates with Oracle to Offer a Leading Mobile Threat Defense Solution Hosted on Oracle Cloud Infrastructure (Business Insider) Zimperium, a global leader in enterprise mobile threat defense (MTD) and a leading provider of real-time, on-device protection against known and unknown threats, today announced an integration with Oracle Cloud to detect and thwart advanced mobile attacks.

Technologies, Techniques, and Standards

Can Our Identities Ever be Reclaimed? (Security Week) It’s been 22 years since Sandra Bullock struggled to reclaim her identity from cyber-terrorists in The Net, a movie that opened our eyes to the risks of digital identity theft way ahead of its time.

The 'hack back' is not a defense strategy (CSO Online) The urge to strike back against bad actors is getting stronger in the wake of global attacks like Mirai, WannaCry and NotPetya. But while the hack back seems to put power back into victims' hands, it's actually not so simple.

Collaboration Will Solve Security Woes, HackerOne CEO Says (International Business Times) HackerOne CEO Marten Mickos believes its time for organizations to stop making the same mistakes and start allowing outside sources help improve security.

The Three Pillars of Hypothesis-Driven Threat Defense (Security Week) There are two possible outcomes: if the result confirms the hypothesis, then you've made a measurement. If the result is contrary to the hypothesis, then you've made a discovery. - Enrico Fermi

Not sure which ransomware has infected your PC? This free tool could help you find the right decryption package (ZDNet) A new tool analyses the ransom note and the encrypted file in order to offer the appropriate decryption tool -- if it exists.

How to Protect PC from Ransomware malware Attack (ComputerGK.com) How to Protect PC from Ransomware malware Attack You have heard about popular Ransomware attack on computers via Internet

What's on Your Cybersecurity Wish List? (SIGNAL Magazine) "I have yet to see an agency that has fully implemented a risk-based cybersecurity program."

Design and Innovation

The Four Hurdles to Blockchain Adoption (Legaltech News) Until solutions to usability, interoperability, scalability, and privacy are developed, widespread adoption will be hampered.

Research and Development

Computer Scientists Address Gap In Messaging Privacy (Fraud Net) Researchers have developed a solution to a longstanding problem in the field of end-to-end encryption, a technique that ensures that only sender and recipient can read a message.

Firewalls Don't Stop Hackers. AI Might. (WIRED) A startup founded by former spies uses machine learning to tackle the newest cybersecurity threats.

Waiting for Skynet? Don’t hold your breath (Naked Security) AI run amuck is good TV, but is it likely?

Academia

NSA Invites Students to 'Hack Us!' (VOA) Undergraduate and grad students who compete to master six tasks receive small token of appreciation for being among first 50 finishers

Thomas Nelson Community College's cybersecurity program gets national designation (Virginian-Pilot) In order to qualify for the designation, there are several criteria the college had to meet.

New Major Offered in Tech Field (The Pine Log Online) SFA’s College of Sciences and Mathematics recently re- ceived approval to offer a master’s degree in cybersecurity.

Scholarship will help two UAH students achieve goal of career in cybersecurity (The University of Alabama in Huntsville) One student each from the Colleges of Business and Engineering at UAH has been awarded a prestigious Department of Defense Information Assurance Scholarship: Jessica Eason, who is currently pursuing a Master of Science in Cybersecurity – Business Track, and Victoria Van, who is working toward her Bachelor of Science in Computer Engineering.

Norwich proclaims October as Cybersecurity Month, joining national effort (Vermont Business) Vermont Business Magazine Norwich University, a national leader in cybersecurity and digital forensics education, has proclaimed October as cybersecurity awareness month and has joined the National Cybersecurity Awareness Month (NSCAM) effort as an official “Champion.”

Legislation, Policy, and Regulation

SEC Launches Cybersecurity Initiatives (PYMNTS.com) The U.S. Securities and Exchange Commission (SEC) announced it is launching two enforcement initiatives to boost efforts to address cyber threats and protect retail investors. The move comes in the wake of the massive Equaifax hack, which exposed the personal data of 143 million Americans. The SEC suffered its own breach of its corporate filing […]

GSA touts anti-hacker support services (Fifth Domain) The General Services Administration has awarded Highly Adaptive Cybersecurity Services SINs to more than 70 vendors to address potential vulnerabilities of high-value assets.

Audit finds weaknesses in DOE cybersecurity (Fifth Domain) Despite longstanding federal requirements for multifactor authentication, the Department of Energy’s procedures still have weaknesses, according to the department’s Office of Inspector General.

DOJ (sort of) releases FBI insider threat audit (Fifth Domain) The Justice Department’s Office of Inspector General won't reveal how successful the FBI is at tackling leaks, but it has released recommendations for the FBI’s insider threat program.

Some in administration use personal phones, despite advice (Federal Times) The inquiries into private communication could prove uncomfortable for President Donald Trump, who relentlessly attacked Democratic opponent Hillary Clinton for her use of a private email account and server during her time as secretary of state.

ACLU Lawyer Blasts NSA Programs: 'Nothing to Do With National Security' (Newsmax) Many of the National Security Agency's surveillance programs collect vast amounts of data on Americans, data that is never used to combat the threat of terrorism, a lawyer for the American Civil Liberties Union said Wednesday.

Litigation, Investigation, and Law Enforcement

Prosecution Launches Probe into Cyber Command's Election Scandal (KBS) The prosecution has launched an investigation into allegations that the military cyberwarfare command posted illegal political comments during the 2012 Presidential election.

Woman, 65, hired by civil service is held over ‘spying’ (Times) A female contractor to a government department was arrested by counterterrorism officers yesterday on suspicion of spying for an enemy state. The 65-year-old woman was detained in north London...

House Panel Receives Classified Briefing on Kaspersky (Bloomberg) The House Science Committee received a classified briefing Tuesday related to Kaspersky Lab Inc., according to a person familiar with the matter who spoke about the Moscow-based security firm believed to have links to Russian intelligence.

House Republicans renew call for 2nd special counsel, amid fresh Comey concerns (Fox News) House Republicans on Tuesday formally renewed their call for a second special counsel to probe 2016 controversies involving Hillary Clinton and the Obama administration – following allegations that former FBI director James Comey drafted an “exoneration statement” for Clinton weeks before interviewing her.

The Entire Russian Hacking Narrative Is Invalidated In This Single Assange Tweet (Medium) WikiLeaks editor-in-chief Julian Assange has been very active on Twitter lately, even for him. Between his frequent posts about the fight…

Awan Funneling ‘Massive’ Data Off Congressional Server, Dems Claim It’s Child’s HOMEWORK (The Daily Caller) Democratic congressional aides made unauthorized access to a House server 5,400 times and funneled "massive" amounts of data off of it. But there's nothing to see here, Democrats told The Washington P

Defenders of the CFPB's Newest Financial Regulation Are Ignoring Crucial Facts (Reason) Senate Republicans could vote as soon as this week to repeal the CFPB's ban on arbitration clauses.

Lawyers Discuss 'What's Next' After China Shuts Down Cryptocurrency Exchange (Legaltech News) ‘Many industry people believe the government’s ban will effectively extinguish the hope that China becomes a global center of cryptocurrency,’ attorney Pingh...

Alleged leaker hid NSA documents in pantyhose, report says (Fox News) A former National Security Agency contractor has reportedly told federal authorities that she smuggled classified documents out of the NSA office where she worked by stuffing them in her pantyhose.

Defense seeks reduced sentence for former cyber command officer (Augusta Chronicle) The former deputy director of the Cyber Center for Excellence at Fort Gordon will ask the federal judge for a shorter prison term when he is sentenced for possession of child pornography.

Campaigner who refused to hand over passwords found guilty (Naked Security) Muhammad Rabbani was found guilty of obstructing justice after refusing to unlock his laptop and smartphone

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Countermeasure (Ottawa, Ontario, Canada, November 9 - 10, 2017) Now into its sixth year in Ottawa, and consistently advancing in both size and content quality, COUNTERMEASURE continues to be the national capital's premier IT security event. As in years past, attendees...

2017 ICIT Gala & Benefit (Washington, DC, USA, November 9, 2017) The Annual ICIT Gala and Benefit is the year’s most prestigious and intimate gathering of legislative, agency and private sector leaders committed to protecting our Nation’s critical infrastructures. This...

4th Annual Journal of Law & Cyber Warfare Conference (New York, New York, USA, November 9, 2017) Join thought leaders across the industry for a day of collaboration and education with an outstanding group of cyber security experts. In this one-day program, we continue JLCW's 5+ year reputation for...

CyCon US (Washington, DC, USA, November 7 - 8, 2017) The 2017 International Conference on Cyber Conflict U.S. (CyCon U.S.) will take place 7-8 Nov 2017 at the Ronald Reagan Building in Washington D.C. CyCon U.S. facilitates knowledge generation and information...

RSA Conference 2017 Abu Dhabi (Abu Dhabi, UAE, November 7 - 8, 2017) RSA Conference 2017 Abu Dhabi is the leading information security event in the region. This year's Conference will take place 7 to 8 November at the Emirates Palace in Abu Dhabi. Join us for two days of...

National Initiative for Cybersecurity Education Conference and Expo (Dayton, Ohio, USA, November 7 - 8, 2017) Cybersecurity has emerged as one of the leading creators of jobs and opportunity for all economic sectors. The demand for cybersecurity positions in both the public and private sector is large and growing,...

POC 2017 (Seoul, Korea, November 2 - 3, 2017) POC started in 2006 and has been organized by Korean hackers & security experts. It is an international security & hacking conference in Korea. POC doesn't pursue money. POC concentrates on technical and...

Cyber Security Summit: Boston (Boston, Massachusetts, USA, November 1, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Boston. Receive...

2017 International Information Sharing Conference (Washington, DC, USA, October 31 - November 1, 2017) Join us for the inaugural International Information Sharing Conference hosted by the Information Sharing and Analysis Organization Standards Organization (ISAO SO), with participation from the Department...

2017 International Information Sharing Conference (Washington, DC, USA, October 31 - November 1, 2017) Join us for the inaugural International Information Sharing Conference hosted by the Information Sharing and Analysis Organization Standards Organization (ISAO SO), with participation from the Department...

2017 Annual Conference: Networking the Future (Tampa, Florida, USA, October 27, 2017) Networking the Future is the Florida Center for Cybersecurity's fourth annual conference and will host hundreds of cybersecurity technical and non-technical stakeholders from industry, government, the...

RETR3AT Cybersecurity Conference (Montreat, North Carolina, USA, October 27, 2017) Each year, Montreat College’s Center for Cybersecurity Education and Leadership hosts RETR3AT, a conference designed to engage, educate, and raise awareness about cybersecurity in Western North Carolina...

RETR3AT Cybersecurity Conference (Montreat, North Carolina, USA, October 27, 2017) Each year, Montreat College’s Center for Cybersecurity Education and Leadership hosts RETR3AT, a conference designed to engage, educate, and raise awareness about cybersecurity in Western North Carolina...

Digital Risk Summit (Washington, DC, USA, October 25 - 27, 2017) Hosted by Neustar, the Digital Risk Summit is a forward-looking educational conference packed with actionable intelligence and best practices for all types of organizations. If you interact with consumers,...

European Smart Homes 2017 (London, England, UK, October 25 - 26, 2017) ACI’s European Smart Homes 2017 will will bring together key industry stakeholders from the energy industry, IT, telecoms operators, retailers, solution distributors utilities, insurance and property management...

PCI Security Standards Council: 2017 Europe Community Meeting (Barcelona, Spain, October 24 - 26, 2017) Three days of networking and one-of-a-kind partnership opportunities await you. Whether you want to learn more about updates in the payment industry or showcase a new product, you’ll find it all at the...

Cyber Security Summit 2017 (Minneapolis, Minnesota, USA, October 23 - 25, 2017) Cyber Security Summit is a public-private collaboration with support from industry, government, and university leaders who gather to discuss security trends and solutions. The 7th Annual Summit will bring...

Workplace Violence Prevention - Active Shooter / Assailant Response Workshop (Laurel, Maryland, USA, October 23, 2017) The National Insider Threat Special Interest Group (NITSIG) has partnered with Law Enforcement (Maryland State Police), OSHA, Maryland Emergency Management Agency and and other Workplace Violence Prevention...

Cyber Security Chicago (Chicago, Illinois, US, October 18 - 19, 2017) Cyber Security Chicago offers invaluable security insight for both IT managers & security decision makers. Hear from industry experts on how you can build stronger defenses against cyber-attacks & how...

QuBit Conference Belgrade 2017 (Belgrade, Serbia, October 18 - 19, 2017) A Cyber Security Community Event in the SEE Region. QuBit Conference is a cyber security event gathering all levels of security professionals, industry experts, academics and government officials. QuBit...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.