skip navigation

More signal. Less noise.

Check out the Cyber Job Fair, April 19 in San Antonio.

Cleared and non-cleared cybersecurity pros make your next career move at the Cyber Job Fair, April 19 in San Antonio. Meet leading cyber employers including Bank of America, Parsons, Engility, Fulcrum and more. Visit ClearedJobs.Net or CyberSecJobs.com for details. 

Daily briefing.

Late Friday and into the weekend what's thought to be a group of hacktivists defaced Iranian and Russian websites with a crudely rendered American flag and the message, "Don't mess with our elections." The defacements were relatively crude (the flag is old-school skid-work ASCII art, for one thing) but disruptive nonetheless. 

The hackers exploited the recently disclosed Cisco CVE-2018-0171 Smart Install vulnerability to reset routers to their defaults and display their message. Most observers are so far inclined to accept the hackers' claims at face value—patriots who took advantage of unpatched routers to mess with Russia and Iran. 

The Cisco vulnerability has been exploited elsewhere, not just in Russia and Iran (and not just for hacktivist purposes), since it became known.

As Facebook prepares to face its inquisitors on Capitol Hill this week, the platform's recent upgrades get generally poor reviews. The company has suggested more data misuse may come to light. 

Britain's NCSC warned late last week that Russian actors were harvesting NT LAN Manager credentials in apparent preparation for an attack on the UK's critical infrastructure.

Sergey Skripal, former GRU officer and MI6 spy, victim of an attempted assassination with the Novichok nerve agent, has regained consciousness and is out of critical condition. His daughter Yulia, also out of critical condition, has refused to talk to the Russian consulate that sought to check on her welfare. British sources say the Skripals may be relocated with new identities to one of the other Five Eyes (probably the US).

Notes.

Today's issue includes events affecting Australia, Canada, China, European Union, India, Iran, Israel, Democratic People Republic of Korea, Russia, Saudi Arabia, United Kingdom, United States.

Headed to RSA? Get a free pass expo pass on LookingGlass!

RSA can be hectic, but we’ll make putting together your schedule easy for you. If want to know the latest trends and technology in cybersecurity and threat intelligence, look no further than LookingGlass Booth #100 in the South Hall. We offer solutions – not more work – for your toughest security challenges. Come meet with us on the Expo floor or at our meeting suite in the Marriott – enjoy the discussion, demos, and refreshments. Get your free pass here.

In today's podcast, we speak with our partners at Dragos, as Rob Lee discusses US naming and shaming policy, and offers his take on why indicting foreign hackers is a bad move.

Wombat Security at RSA Conference 2018 (San Francisco, California, United States, April 16 - 20, 2018) Cyberthreats lurk around every corner. Visit our booths at RSA to ensure you are providing your team with the tools they need to be cybersecurity heroes in your organization: South Expo 1033 and North Expo 4701. We’ll be presenting: a sneak peek at our new superhero-themed Awareness Video Campaigns; a free copy of our security awareness comic book, and previews of our newest training modules, including GDPR, Insider Threats, and Password Policy.

XM Cyber is coming to RSA (San Francisco, California, United States, April 16 - 20, 2018) Visit XM Cyber at the Israeli Pavilion, South Hall booth 635, to experience the first automated APT simulation platform to expose, assess and amend every attack path to organizational critical assets.

Cyber Job Fair, April 19, San Antonio visit ClearedJobs.Net or CyberSecJobs.com for details. (San Antonio, Texas, United States, April 19, 2018) Cleared and non-cleared cybersecurity pros make your next career move at the Cyber Job Fair, April 19 in San Antonio. Meet leading cyber employers including Bank of America, Parsons, Engility, Fulcrum and more. Visit ClearedJobs.Net or CyberSecJobs.com for details.

HackNYC2018 (New York, New York, United States, May 8 - 10, 2018) Cyber attacks are often called non-violent or non-kinetic attacks, but the simple truth is that there is a credible capability to use cyber attacks to achieve kinetic effects. Kinetic Cyber refers to a class of cyber attacks that can cause direct or indirect physical damage, injury or death solely through the exploitation of vulnerable information systems and processes. Use code CWIRE20 for 20% off the $50.00 individual ticket price.

Cyber Attacks, Threats, and Vulnerabilities

Iran hit by global cyber attack that left U.S. flag on screens (Reuters) Hackers have attacked networks in a number of countries including data centers in Iran where they left the image of a U.S. flag on screens along with a warning: "Don't mess with our elections", the Iranian IT ministry said on Saturday.

"Don’t Mess With Our Elections": Vigilante Hackers Strike Russia, Iran (Motherboard) Vigilante hackers have left American flags and messages on machines in Russia and Iran. The hackers tell Motherboard why they did it.

Ex-NSA man says unlikely that US involved in Iran, Russia hacks (iTWire) A former member of the NSA's elite Tailored Access Operations unit has played down what appear to be revenge attacks in the last 10 days on sites belo...

What happened to the Internet: attack on Cisco switches (Kaspersky Lab Daily) Malefactors are massively exploiting a vulnerability in Cisco switches, taking down entire segments of the Web.

Iranian & Russian Networks Attacked Using Cisco's CVE-2018-0171 Vulnerability (BleepingComputer) Last night, a hacker group going under the name "JHT" attacked foreign network infrastructure, including Russian and Iranian networks, using the Cisco CVE-2018-0171 Smart Install vulnerability. Using this vulnerability the hackers were able to reset the routers back to their default configuration and display a message to the victims.

‘A shot across the bow’: Iran’s growing cyberwar threat (Arab Weekly) US security authorities in New York have indicted nine Iranian hackers on charges of penetrating the computer systems of hundreds of US and foreign universities to steal data worth at least $3.4 billion that was sold to the Tehran regime.

Israeli websites come under cyber attack (Anadolu Agency) Hackers post images of Palestinian flags on websites, local media reports

Russia is targeting UK infrastructure through supply chains, NCSC warns (NS Tech) Russian state actors are targeting the UK's critical infrastructure by infiltrating supply chains, the National Cyber Security Centre has warned. In an advisory note published last night, NCSC confirm

Taiwanese under siege from blitz of Chinese cyberattacks (Asia Times) The island’s cyber chief revealed there were as many as 40 million attacks each month, with even President Tsai Ing-wen reportedly being targeted

Researchers Link New Android Backdoor to North Korean Hackers (SecurityWeek) The recently discovered KevDroid Android backdoor is tied to the North Korean hacking group APT37, Palo Alto Networks researchers claim.

Flashpoint - Fraudsters Leverage HTTP Injectors to Steal Internet Access (Flashpoint) Threat actors are seeking and exchanging HTTP injectors in order to gain unpaid mobile access to the internet, defrauding service providers and telecommunications companies in the process.

BSF website down, malware sending fake e-mails detected (The Times of India) India News: The website bsf.gov.in is currently offline, and a BSF spokesperson told TOI that the website has been under security audit for little over a month no

DC's Stingray Mess Won't Get Cleaned Up (WIRED) DHS this week confirmed that Washington, DC is littered with fake cell tower surveillance devices, but nothing will likely be done to fix it.

Homeland Security says it can’t counter a popular spy tool. Really? (C4ISRNET) StingRays gather information from cellphones by sending out a signal that tricks them into connecting to it, but the Department of Homeland Security says it has no solution to countering the technology.

Misconfigured cloud storage leaves 1.5b sensitive files exposed (Computer Business Review) Exposed Amazon S3 buckets, rsync, SMB, FTP servers, misconfigured websites, and NAS drives all to blame, says report by Digital Shadows

Necurs Botnet to Erupt This Month? (SecurityWeek) Historical patterns and recent activity, including three small-volume test attacks, it's looking extremely likely that another major Necurs malware outbreak may happen soon.

Data firm that worked on Brexit suspended by Facebook (Ars Technica) But the company says all allegations are untrue.

Facebook secretly tried to get hospitals to share patient data (CSO Online) More fallout from the Facebook privacy scandal includes the fact that the social media company has been talking with hospitals about sharing patient data with it.

Malicious actors used Facebook's own tools to scrape most users' public info (Help Net Security) Facebook has disabled a search tool that allowed anyone to enter a person’s phone number or email address into Facebook and find their account and has announced changes to its account recovery tool. The reason behind this decision? "Malicious actors" have abused these features to scrape public profile information.

Facebook's Sandberg Says Other Cases of Data Misuse Possible (SecurityWeek) Facebook was aware more than two years ago of Cambridge Analytica's harvesting of the personal profiles of up to 87 million users and cannot rule out other cases of abuse of user data.

Facebook COO Sheryl Sandberg says the company is not a surveillance operation (MarketWatch) Sandberg did say the company was ‘way too idealistic’ about privacy and data protection.

Facebook To Tighten Grip On Political Ads, As Zuckerberg Heads To Hill (Roll Call) Facebook CEO Mark Zuckerberg endorsed bipartisan legislation to regulate digital ads and will take internal steps to curb toxic political advertisements.

T-Mobile Stores Part of Customers' Passwords In Plaintext, Says It Has 'Amazingly Good' Security (Motherboard) A T-Mobile Austria customer representative made a shocking admission in a Twitter thread.

Beware of Bing Chrome Download Ads Pushing Adware/PUP Installers (BleepingComputer) When using a search engine to search for software download links, be sure to go directly to the developer's site rather than clicking on an advertisement as you may not get what you are expecting. Such is the case with an advertisement currently being displayed in Bing for the search phrase "chrome download", which instead of bringin

Raróg Crypto-Miner Allows Affordable Criminality (Infosecurity Magazine) It mines unsuspecting victim machines for Monero and other virtual currencies, but its most unusual characteristic is how cheap it is.

Kaspersky Warns Of Cryptocurrencies’ Mining Using Legal Applications (Forbes Middle East) Kaspersky Lab has warned of a new trend by cyber criminals who are mining cryptocurrencies through legitimate applications without user’s knowledge.

Consumer Crypto-miners Soar 4000% in Q1 (Infosecurity Magazine) Consumer Crypto-miners Soar 4000% in Q1. Malwarebytes sees nefarious mining activity continue to hit users and businesses

Bots on Twitter share two-thirds of links to popular websites: Pew (TechCrunch) It’s official: Bots are doing a lot of PR grunt work on Twitter — especially when it comes to promoting porn websites. That perhaps unsurprising conclusion about what automated Twitter accounts are link sharing comes courtesy of a new study by the Pew Research Center which set out to qu…

Disinfo News: Doing the Kremlin’s Work: A Fake Twitter Troll Pushes Many Opinions (POLYGRAPH.info) On one day in late March, Twitter followers curious about Syria, Yemen and Libya could find a tweeter who calls himself “Ian56” tweeting about all those topics and more. “Ian56” also had things to say

Beware the human aspect of social engineering attacks (SecurityInfoWatch.com) The motivations for social engineering range from espionage and competitive research to electronic crimes and data theft

New Strain of ATM Jackpotting Malware Discovered (SecurityWeek) ATMJackpot malware appears to be still under development, and to have originated in Hong Kong, but are no current details of any deployment or use.

Jbifrost Is Back Phishing Emails Spread A Version Of Adwind Rat (Spyware.Techie) Over the last few months we have seen several cases of Remote Access Trojan (RAT) infections, and here we would like to cover at least two cases that stood out

Atlanta takes down water department website two weeks after cyber attack (Business Insider) Atlanta took down its water department website indefinitely on Thursday, two weeks after a ransomware cyber attack tore through the city's computer systems in one of the most disruptive hacks ever to strike a U.S. local government.

Don’t Give Away Historic Details About Yourself (KrebsOnSecurity) Social media sites are littered with seemingly innocuous little quizzes, games and surveys urging people to reminisce about specific topics, such as “What was your first job,” or “What was your first car?”

One of the country’s biggest publishers of fake news says he did it for our own good (Boston Globe) Experts say he’s one of the largest publishers of fake news on the Internet. Christopher Blair says he’s a satirist. The truth, in the Internet age, is hard to define.

Critical Flaws Expose Natus Medical Devices to Remote Attacks (SecurityWeek) Critical vulnerabilities expose neurodiagnostic devices from Natus to remote hacker attacks, Cisco warns

Two overlooked healthcare areas vulnerable to cyberattacks (MedCity News) A research paper from Trend Micro and HITRUST looked at exposed medical devices and supply chains, both of which are neglected network risks in hospitals.

Security Patches, Mitigations, and Software Updates

April Patch Tuesday forecast: Expect updates for Adobe Flash, others (Help Net Security) Chris Goettl, Manager of Product Managment, Security, Ivanti offers an April 2018 Patch Tuesday forecast covering Microsoft, Adobe and Oracle.

Hours after Zuck deletion scandal, Facebook announces new unsend feature (Ars Technica) How stupid does Facebook think we are?

Cyber Trends

SECURITY: Attack on natural gas network shows rising cyberthreat (E&E News) A cyberattack on a natural gas service provider late last month has spilled into the electricity sector, underscoring the growing threat hackers pose to critical energy systems.

Hayden: A World Both Dangerous and More Complicated (The Cipher Brief) “The world has been more dangerous, but it has never been more complicated," Hayden said as he introduced The Cipher Brief's 2018 Annual Threat Report.

GDPR Privacy Policy Fail: Only 34% of EU Sites Compliant (Infosecurity Magazine) GDPR Privacy Policy Fail: Only 34% of EU Sites Compliant. Firms need to crack on ahead of deadline next month

Marketplace

Cyberinsurance Tackles the Wildly Unpredictable World of Hacks (WIRED) Insuring against hacks and breaches can be a lucrative business—but also presents unique challenges.

Armis raises $30 million Series B as enterprise IoT security heats up (TechCrunch) When Armis launched in 2015, the company founders looked over the horizon and they saw the Internet of Things requiring a strong security layer. Today, the IoT security startup announced a $30 million Series B. The company has attracted a strong group of venture capitalists. The round was led by Ba…

Jim Cramer: Cybersecurity Stocks Are the Ultimate Winners (Real Money) Here's why these stocks have replaced the semis as the group to go to.

Clearwater cybersecurity company is a funding standout in Florida (Tampa Bay Business Journal) KnowBe4, a cybersecurity training company in Clearwater, is the best-funded cybersecurity firm in Florida.

Products, Services, and Solutions

Facebook urged to make GDPR its “baseline standard” globally (TechCrunch) Facebook is facing calls from consumer groups to make the European Union’s incoming GDPR data protection framework the “baseline standard for all Facebook services”. The update to the bloc’s data protection framework is intended to strengthen consumers’ control over ho…

What Search Engines Really Provide a “Private” Browsing Experience? (InCyberDefense)

Google knows almost everything about you. Even if anonymity is not your priority, there are other search engines that can help you hide your queries.

New Professional Services From SentryOne (PR Newswire) SentryOne today launched new Professional Services offerings aimed at...

Technologies, Techniques, and Standards

How the Facebook fallout could hurt intel agencies (C4ISRNET) Many government organizations have come to rely on social media aggregators for mission critical Open Source Intelligence. What happens if new legal restrictions are put in place?

LockCrypt Ransomware Cracked Due to Bad Crypto (BleepingComputer) The team at Malwarebytes has identified a weakness in the encryption scheme utilized by the LockCrypt ransomware that they can exploit to recover a victim's data.

5 common browser security threats, and how to handle them (TechRepublic) Web browsers are designed to store information for your convenience, but that information can also fall into the wrong hands. Here are some simple tips for preventing that situation.

New Army, Navy Cyber Mission teams deploy ahead of schedule (FederalNewsRadio.com) The Army and Navy have begun releasing these Cyber Mission Forces (CMF) into the wilds of their network protection efforts.

The first tests for the Marines’ information warfare teams (C4ISRNET) Through a variety of exercises, the Marine Corps continues to integrate the Marine Expeditionary Force Information Groups and information-related capabilities with traditional forces.

Design and Innovation

Any Hope for Cyber Deterrence Goes Out the Window with AI (TechNative) As all things cyber rise to the forefront of the collective conscious, talk of cyber deterrence continues to be debated in state capitals as well as among thought leaders, politicians, and military officials.

Even if governments backdoor crypto, they still won't be able to spy on terrorists (Boing Boing) Even if governments backdoor crypto, they still won't be able to spy on terrorists

Academia

University of New Haven Offers Annual Free, GenCyber Security and Forensics Camp for Teens (University of New Haven) The University of New Haven's Tagliatela College of Engineering will offer, for the second year in a row, Connecticut's only GenCyber security and forensics camp for high school students, the GenCyber Agent Academy.

These are the folks who will protect the nation from hackers. They did battle Saturday in Richland (tri-cityherald) Students from across the nation competed to protect the nation’s energy grid at PNNL. These students are learning how to protect the nations computer systems.

Hood announces launch of cybersecurity program (The Frederick News-Post ) Hood College officially launched its master’s degree program in cybersecurity Thursday evening with an inaugural lecture from former National Security Agency Director Gen. Keith Alexander.

Legislation, Policy, and Regulation

U.S. Orders Americans to Leave Blacklisted Russian Firms (Wall Street Journal) The Trump administration's latest round of sanctions on Russian oligarchs will echo through the U.S., as well as Moscow: Americans at blacklisted companies — or on their boards of directors — will have to leave their roles.

Russia Readies Telegram Ban After App Refused to Hand Over Encryption Keys to FSB (BleepingComputer) Roskomnadzor, Russia's telecommunications watchdog, has filed today a lawsuit against instant messaging app Telegram, asking a Moscow court to rule in favor of restricting access to the service inside Russia's borders.

As Zuckerberg Prepares to Testify, Questions Grow Over How to Protect Data (Wall Street Journal) CEO Mark Zuckerberg’s testimony in Congress about Facebook’s recent data-privacy scandal will likely prompt a raft of questions over how the government might best regulate social-media platforms.

The Facebook Debacle Makes it Clear: The US Needs Stronger Privacy Laws (WIRED) Opinion: The Cambridge Analytica scandal makes it clear: The US should pass a privacy law that gives consumers the protections they deserve.

Government throws support behind new US data law (ARN) Australian Government backs new US legislation, designed to enable law enforcement agencies to access domestic or overseas data with a warrant.

Cyberbullying law to be proclaimed soon, justice minister says (The Chronicle Herald) By most accounts, a lot has changed since the 2013 death of Rehtaeh Parsons.

Federal funds to bolster election cybersecurity may not be enough (Fifth Domain) Last summer, with an important Illinois election season months away, Shelby County officials in central Illinois feared that their outdated voting equipment wouldn’t be approved for use by the State Board of Elections.

OMB seeks comment on draft cyber credential policy (Fifth Domain) The policy would require agencies to develop and coordinate on identity management and access protocols that could be used across the federal government.

Forget the Trade War. China Wants to Win the Computing Arms Race (Bloomberg.com) As the U.S. and China threaten to impose tariffs on goods from aluminum to wine, the two nations are waging a separate economic battle that could determine who owns the next wave of computing.

Which States Have Net Neutrality Laws? (Motherboard) The varied reaction to the FCC’s decision to repeal federal protections has been tough to follow. Here’s our breakdown of the current status of each state’s response.

Litigation, Investigation, and Law Enforcement

Former Russian Spy No Longer in Critical Condition After Poisoning (Wall Street Journal) Former Russian double agent Sergei Skripal’s recovery offers U.K; investigators an opportunity to shed light on crucial details about the attack.

Sergei and Yulia Skripal offered new identities with CIA help (Times) Sergei and Yulia Skripal will be offered new identities and a new life in America in an attempt to protect them from further murder attempts. Intelligence officials at MI6 have had discussions with...

SEC Halts $27M in Stock Sales Tied to Crypto Company Longfin (New York Law Journal) Longfin chief executive Venkat Meenavalli and three others are charged with illegal sales of the crypto company's stock.

FBI Seizes Backpage.com, a Site Criticized for Sex-Related Ads (Wall Street Journal) Federal law enforcement agencies have seized Backpage.com, a controversial classified-ads website known for its numerous sex-related postings.

Ground zero in Russia's hack of U.S. election infrastructure (60 Minutes) 60 Minutes investigates Russia’s widespread cyberattack against state voting systems

Texts, Spies, And Audiotapes: A Shadowy Operative In His Own Words (RadioFreeEurope/RadioLiberty) Before he was dubbed the elusive 'Person A' by U.S. prosecutors investigating Kremlin interference, a Russian-Ukrainian political operative and alleged spy spoke exclusively on the record to RFE/RL about Paul Manafort and more.

Mark Zuckerberg is confirmed to testify in front of Congress (Quartz) This is Zuckerberg's first confirmed appearance in front of lawmakers.

Mark Zuckerberg’s Washington Mission: Stay Cool in a Very Hot Seat (Wall Street Journal) Facebook CEO Mark Zuckerberg faces lawmakers this week in what are likely to be contentious hearings about privacy that will be a broader test of how effectively he can guide his social-media giant.

Zuckerberg Gets a Crash Course in Charm. Will Congress Care? (New York Times) Mark Zuckerberg, Facebook’s chief, faces his biggest test yet: two days in the hot seat on Capitol Hill. The company has pulled out the stops to make sure he’s ready.

Groups Allege YouTube Is Violating Law That Protects Kids (WIRED) In complaint to the FTC, child-health, privacy, and consumer groups say YouTube is targeting kids improperly.

Sue internet giants over 'online crime', urges chief constable (Computing) Chief constable of Devon and Cornwall Police urges victims of crime to sue Facebook, Google and others over crimes facilitated via their platforms

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Sea-Air-Space: The Navy League’s Global Maritime Exposition (National Harbor, Maryland, USA, April 9 - 11, 2018) Join us this April for Sea-Air-Space, the largest maritime exposition in the U.S., with 275+ exhibitors displaying the latest in maritime, defense and energy technology. This year’s theme, “Learn. Compete.

2018 Mississippi College Cybersecurity Summit (Clinton, Mississippi, USA, April 10 - 11, 2018) The 2018 Mississippi College Cybersecurity Summit is a conference designed to engage, educate, and raise awareness about cybersecurity across the nation. The 2018 Cybersecurity Summit will provide valuable...

ISC West 2018 (Las Vegas, Nevada, USA, April 11 - 13, 2018) ISC West is THE largest security industry trade show in the U.S. At ISC West, you will have the chance to network with over 30,000 security professionals through New Products & Technologies encompassing...

Decompiling the Government: Getting Technologists and Policymakers to Speak the Same Language (Arlington, Virginia, USA, April 12, 2018) With the support of the Hewlett Foundation, the National Security Institute is excited to host “Decompiling the Government: Getting Technologists and Policymakers to Speak the Same Language.” This networking...

CYBERTACOS San Francisco (San Francisco, California, USA, April 16, 2018) CYBERTACOS is back and becoming one of the biggest cybersecurity networking events! Register today and join us for networking, food and drinks. This event includes a 45-minute meet the press panel made...

RSA Conference 2018 (San Francisco, California, USA, April 16 - 20, 2018) Take this opportunity to learn about new approaches to info security, discover the latest technology and interact with top security leaders and pioneers. Hands-on sessions, keynotes and informal gatherings...

Our Security Advocates (San Francisco, California, USA, April 17, 2018) OUR Security Advocates highlights a diverse set of experts from across information security, safety, trust, and other related fields. OURSA is a single-track, one-day conference with four topic sessions.

5th Annual Cybersecurity Summit (McLean, Virginia, USA, April 24, 2018) Join the Potomac Officers Club for the Fifth Annual Cybersecurity Summit to hear from public and private sector leaders on how federal agencies can improve their respective data security measures.

Secutech (Taipei, Taiwan, April 25 - 27, 2018) To meet the rising demand for intelligent and customised solutions, Secutech converges security and safety, ICT, IoT, artificial intelligence, big data, edge computing, intelligent video analytics and...

Industrial Control Systems (ICS) Cyber Security Conference Asia (Singapore, April 25 - 27, 2018) The Central ICS/SCADA Cyber Security Event of the Year for the APAC Region. Three days of multi-track training & workshops for days for operations, control systems and IT security professionals to connect...

INFILTRATE (Miami Beach, Florida, USA, April 26 - 27, 2018) INFILTRATE is a "pure offense" security conference aimed at the experienced to advanced practitioner. With the late-90s hacker con as its inspiration, the event has limited attendance in order to foster...

Automotive Cybersecurity Summit 2018 (Chicago, Illinois, USA, May 1 - 8, 2018) Smart Vehicles. Smart Infrastructures. The 2nd annual Automotive Cybersecurity Summit brings together public and private-sector manufacturers, suppliers, assemblers, technology providers and V2X partners...

Application of the Law of War to Cyber Operations (Washington, DC, USA, May 3, 2018) Cyber law experts meeting at the George Washington University will cover Title 10 vs. Title 32 vs. Title 50 and the lawful and operational restrictions related to these authorities. The panelists will...

Global Cyber Security in Healthcare & Pharma Summit (London, England, UK, May 3 - 4, 2018) The number of cyber-attacks in healthcare is on the rise, and the industry must do more to prevent and respond to these incidents. The Global Cyber Security in Healthcare & Pharma Summit 2018 will bring...

Secure Summit DC (Washington, DC, USA, May 7 - 8, 2018) (ISC)² Secure Summit DC will assemble the best minds in cybersecurity for two days of insightful discussions, workshops and best-practices sharing. The goal of the event is to equip security leaders to...

HACKNYC (New York, New York, USA, May 8 - 10, 2018) The recent flood of data breach news may numb us to the threat of attacks with kinetic effects--direct or indirect physical damage, injury, or death. Hack NYC focus’ on our preparation for, and resilience...

Insider Threat Program Management With Legal Guidance Training Course (Herndon, Virginia, USA, May 8 - 9, 2018) This training will provide the ITP Manager, Facility Security Officer, and others (CIO, CISO, Human Resources, IT, Etc.) supporting an ITP, with the knowledge and resources to develop, manage, or enhance...

SecureWorld Kansas CIty (Kansas City, Missouri, USA, May 9, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Cyber Investing Summit (New York, New York, USA, May 15, 2018) Now in its third year, the Cyber Investing Summit is an all-day conference focusing on investing in the cyber security industry, which is predicted to exceed $1 trillion in cumulative spending on products...

Third Annual Cyber Investing Summit (New York, New York, USA, May 15, 2018) Renowned cyber security executive David DeWalt will deliver the keynote address at the Third Annual Cyber Investing Summit. The Cyber Investing Summit is a unique all-day conference focused on the financial...

The Cyber Security Summit: Dallas (Dallas, Texas, USA, May 15, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Digital Utilitites Europe (Amserdam, the Netherlands, May 16 - 17, 2018) The conference will bring together key industry stakeholders to address the current challenges of the digitisation in the utilities sector. Join us in Amsterdam to hear latest business case studies and...

SecureWorld Houston (Houston, Texas, USA, May 17, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Ignite18 (Anaheim, California, USA, May 21 - 24, 2018) Palo Alto Networks' sixth annual conference features highly technical insights based on firsthand experiences with next-generation security technologies, groundbreaking new threat research, or innovative...

PCI Security Standards Council’s Asia-Pacific Community Meeting (Tokyo, Japan, May 23 - 24, 2018) Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes and industry expert speakers. The PCI Security Standards Council’s 2018...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.