skip navigation

More signal. Less noise.

Looking for an introduction to AI for security professionals?

Your wait is over. A new book is out from the Cylance data science team, covering artificial intelligence and machine learning techniques in practical situations to improve the security professional’s ability to thrive in a data driven world. Whether you are reviewing logs or analyzing malware, being able to derive meaningful results and improve productivity is key. Order your free copy today.

Daily briefing.

A ransomware attack has hit Ukraine's Energy Ministry. The ransom screens are written in English (with the appearance of something produced by a non-native speaker). Preliminary indications are that it's a criminal attack, and unlikely to be the work of a nation-state.

Kaspersky says that it's uncovered infrastructure used by the Crouching Yeti threat group, also known as Energetic Bear, for attacks against industrial concerns.

A surge in anonymous Twitter accounts in Southeast and East Asia has prompted speculation about the formation of bots to influence public opinion through the social media platform. Twitter doesn't believe it's yet seen anything out-of-order.

Symantec and others are tracking Orangeworm, a cyberespionage campaign that's hitting healthcare organizations. X-ray and MRI devices are most often affected. Many researchers doubt that the group behind the campaign is a nation-state, but the attackers' goals are obscure. They seem to be after either personal information about patients, or intellectual property about the medical devices themselves.

Google's Project Zero has disclosed a vulnerability in Windows 10: it's possible to bypass Windows Lockdown Policy in a way that can result in arbitrary code execution. Microsoft missed Google's 90-day deadline for addressing reported vulnerabilities, so Google has gone public with the unpatched issue.

As the US Government weighs sanctions against Russia, one of its targets may be Kaspersky. Officials say they're considering banning all operations in the US. Any such sanctions would be imposed after Kaspersky's suit alleging it’s the victim of an unconstitutional bill of attainder is resolved.

Notes.

Today's issue includes events affecting Australia, Cambodia, Canada, China, European Union, India, Israel, Myanmar, NATO/OTAN, Portugal, Russia, Sri Lanka, Taiwan, Thailand, Ukraine, United Kingdom, United States, and Vietnam.

There's a better way to stop data loss. Learn more!

Data loss is a big problem. Every organization that deals with electronic data needs to have a data loss prevention strategy in place. ObserveIT’s white paper, Building a Strategy for the Post-DLP World, explores how organizations have been dealing with data loss to date, why these strategies are failing, and what a better path forward looks like. Get information you need to build a data loss prevention strategy that works for the modern organization. Download your free copy.

In today's podcast, we talk with our partners at the Johns Hopkins University, as Joe Carrigan describes devices that unlock iPhones. Our guest, Jerry Caponera from Nehemiah Security, discusses the quantification of cyber risk.

HackNYC2018 (New York, New York, United States, May 8 - 10, 2018) Cyber attacks are often called non-violent or non-kinetic attacks, but the simple truth is that there is a credible capability to use cyber attacks to achieve kinetic effects. Kinetic Cyber refers to a class of cyber attacks that can cause direct or indirect physical damage, injury or death solely through the exploitation of vulnerable information systems and processes. Use code CWIRE20 for 20% off the $50.00 individual ticket price.

8th Annual (ISC)2 Security Congress (New Orleans, Louisiana, United States, October 9 - 11, 2018) The (ISC)2 Security Congress brings together the sharpest minds in cyber and information security for over 100 educational sessions covering 17 tracks. Join us to learn from the experts, share best practices, and make invaluable connections. Your all-access conference pass includes educational sessions, workshops, keynotes, networking events, career coaching, expo hall and pre-conference training. Save your seat at congress.isc2.org.

Dateline RSA 2018

RSA: Cyber conflict and cyber restraint. (The CyberWire) An overview of what we saw at RSA 2018, with particular emphasis on deterrence and appeals for international restraint.

RSA: Innovation Sandbox (The CyberWire) A herd of ten incipient unicorns gathers in the annual sandbox.

RSA: Resilience, and the imposition of consequences (The CyberWire) A conversation with Adam Isles, Principal at the Chertoff Group, on US options in responding to nation-state cyberattacks.

Quick take-away from #RSAC 2018 (CSO Online) Last week's RSA Security Conference had good discussions and industry focus, but there was too much hype -- and there's lots of work ahead.

CyberArk warns of 'shadow admins' in cloud environments (SearchCloudSecurity) At RSA Conference 2018, CyberArk researchers showed how threat actors can use cloud IAM systems to create shadow admins within enterprise environments.

Cyber Attacks, Threats, and Vulnerabilities

Kaspersky Lab Identifies Infrastructure Of Crouching Yeti Known For Attacks On Industrial Companies - Information Security Buzz (Information Security Buzz) Kaspersky Lab has uncovered infrastructure used by the well-known Russian-speaking APT group Crouching Yeti, also known as Energetic Bear, which includes compromised servers across the world. According to the research, numerous servers in different countries were hit since 2016, sometimes in order to gain access to other resources. Others, including those hosting Russian websites, were used …

Ransomware infects Ukraine government site (BBC News) Hackers have taken Ukraine's energy ministry website offline, demanding a Bitcoin ransom to release encrypted files.

Sounding The Alarm About A New Russian Cyber Threat (NPR.org) The U.S. and U.K. governments say Russia is targeting infrastructure in the West with cyberattacks. Department of Homeland Security cybersecurity chief Jeanette Manfra explains stay safe.

Kremlin: US, Russia aiming 'cyber' pistols at each other (Washington Examiner) Russia and the United States are a pair of “cowboys [who] are aiming ‘cyber’ pistols at each other,” a Kremlin adviser warned Monday.

Surge in Anonymous Asia Twitter Accounts Sparks Bot Fears (SecurityWeek) A surge in new, anonymous Twitter accounts across swathes of Southeast and East Asia has deepened fears the region is in the throes of US-style mass social media manipulation.

Google Discloses Windows Lockdown Policy Zero-Day (SecurityWeek) A Windows 10 vulnerability that could bypass Windows Lockdown Policy and result in arbitrary code execution remains unpatched 90 days after Microsoft has been informed on the bug’s existence.

Threat Actors Turn to Blockchain Infrastructure to Host & Hide Malicious Activity (Dark Reading) .bit domains are increasingly being used to hide payloads, stolen data, and command and control servers, FireEye says.

Zelle's Growing Pains With Fraud (PYMNTS.com) While Zelle’s business is booming, many people are reporting that hackers have used it to clean out their bank accounts. Zelle was created as the result of banks wanting to compete with other mobile payment apps, such as Venmo and PayPal. Last June, Early Warning Services, a consortium owned by seven large banks, launched Zelle. But […]

'Orangeworm' Cyberspies Target Healthcare Sector in US, Europe, Asia (SecurityWeek) A cyber espionage group tracked as Orangeworm has been targeting healthcare organizations in the U.S., Europe and Asia, but it does not appear to be a state-sponsored operation

Orangeworm Hackers Infect X-Ray and MRI Machines In Their Quest for Patient Data (BleepingComputer) Security researchers can't explain how and why malware has infected computers that control MRI and X-ray machines at countless of healthcare organizations across the world.

HooToo TripMate Routers are Cute But Insecure (IOActive) It has been a while since I published something about a really broken router. To be honest, it has been a while since ...

Microsoft Sees 24% Rise in Tech Support Scam Complaints (BleepingComputer) Tech support scams are bigger than ever, according to Microsoft, the company revealing last week that it received over 153,000 reports from customers who were the victims of a tech support scam in 2017, a number that went up 24 percent compared to complaints the OS maker received in 2016.

How many threats hit the mainframe? No one really knows (Help Net Security) No one knows exactly how vulnerable the mainframe really is. It’s hard to put a handle around the number and significance of mainframe vulnerabilities because threats aren't made public the way they are on other platforms.

How porn bots abuse government websites (Naked Security) Bots run by shady websites are creating thousands of phantom pages

Nintendo Switch Permanent Hardware Hack Released, Related To Full System Exploit (GearNuke) Nintendo Switch was confirmed to have a large security exploit with its origin tied to the Nvidia Tegra hardware that powers it. This exploit was demonstrated in action by the hacking team failOverflow, who also promised to release this exploit free of cost later. They have now delivered on their promise and the

Facebook Hit with Two More Data Breaches (Total Security Daily Advisor) This has not been a great year for social media giant Facebook: the Cambridge Analytica scandal, congressional hearings over privacy practices, and the lead-up to the European Union’s General Data Protection Regulation rollout have thrust the company’s data collection practices into the spotlight. Not an enviable position for a company whose revenue model is based …

What's Not Included in Facebook's 'Download Your Data' (WIRED) Facebook says users own their data and touts its "download your data" tool. But the download doesn't include everything Facebook knows about you.

City of Atlanta Ransomware Attack Proves Disastrously Expensive (SecurityWeek) The City of Atlanta, Georgia, has paid out nearly $3 million dollars in contracts to help its recovery from a ransomware attack on March 22, 2018.

DJI Releases Security Findings It Hopes Will Quash 'Chinese Spying' Fears (Gizmodo) The world’s largest consumer drone maker is pushing back amid swelling concerns that its applications may be insecure, as well as rumors that it may be transmitting sensitive user data to China, where the company was founded more than a decade ago.

Red Bull's website hacked twice during a breach (Tapscape) The popular canned energy drink maker Red Bull‘s website has been hacked. The main pages don’t appear to be affected but if looked closely, the site has newly created pages. The pages seem to have been created by the hackers. One of the page reads “Hacked by Prosox” which is followed by a link to …

Dubai's Careem hit by cyber attack affecting 14 million users (Reuters) Careem, Uber's main ride-hailing app rival in the Middle East, was hit by a cyber attack that compromised the data of 14 million users, it said on Monday.

Security Patches, Mitigations, and Software Updates

LinkedIn patches serious leak in its AutoFill plugin (Naked Security) Anyone could have drained their users’ LinkedIn profile data

Cyber Trends

2018 Beyond the Phish Report (Wombat Security) There’s more to security awareness and training than simulated phishing. Explore end-user knowledge levels across 12 key cybersecurity topics.

Survey Finds Majority of Enterprises Value Human Expertise in Security Automation to Defend Hacks, Despite Increasing Alert Fatigue Leading to Undetected Breaches (PR Newswire) A survey conducted by LogicHub at the 2018 global information...

Human-Centered Vulnerabilities Now Outpace Automated Cyberattacks (Security Intelligence) According to a new report, cybercriminals now prefer to leverage human-centered vulnerabilities rather than launching automated attacks.

What the IRS computer crash can tell us about cybersecurity (TheHill) Based on what’s public information so far, we have no reason to believe that the Tax Day computer crash which prompted the Internal Revenue Service to delay its filing deadline was the work of hackers, foreign or domestic.

​Reported breaches not painting complete picture of Australian security landscape (ZDNet) Although 63 data breaches were reported to the Office of the Australian Information Commissioner in less than six weeks, FireEye's Mandiant has warned the figure is higher, but organisations are unsure if their breach fits the brief.

Internet pioneer on tech in 2018: 'Not a world I would've signed up for' (Silicon Valley Business Journal) DNS creator and Farsight Security CEO Paul Vixie says data privacy revelations from Facebook and Google has caused some deep soul searching for the internet he helped create.

Marketplace

U.S. government weighing sanctions against Kaspersky Lab (Cyberscoop) The U.S. government is considering sanctions against Kaspersky Lab as part of a wider round of action carried out against the Russian government.

China's Hikvision downplays US risks amid ZTE woes (Nikkei Asian Review) Top surveillance camera maker cites alternatives if banned from American parts

How Europe’s New Privacy Rules Favor Google and Facebook (Wall Street Journal) Big tech companies gain while smaller online ad firms are squeezed under the European Union’s General Data Protection Regulation, which takes effect in May.

Israel Accounts for 7 Percent of All Cybersecurity Deals Worldwide (Algemeiner) Israel, the country with the world’s 100th-largest population, signed the second-largest number of cybersecurity deals internationally, according to a...

Raytheon, Virsec establish alliance to protect government and critical infrastructure from advanced cyberattacks (PR Newswire) Raytheon Company (NYSE:RTN) announced an alliance with Virsec to bring...

Two DMV Startups Are Updating an Open Source Security System to Prevent Data Hacks (AmericanInno) Two D.C.-area startups, Virgil Security and Atomicorp, have teamed up to rejuvenate OSSEC, an open source hack detection system that acts as the underlying security foundation for several Fortune 500 companies like Netflix and Facebook.

Products, Services, and Solutions

Fire district mitigates the risk of ransomware and saves up to $190,000 per year (Netwrix) With Netwrix Auditor, Clackamas Fire District #1 significantly reduces its attack surface to protect critical systems and data and ensure regulatory compliance

GlobalSign's Cloud-Based, Highly Scalable PKI Solution Integrated with Arm Mbed Cloud (Yahoo! Finance) Enables third-party Arm developers to quickly and easily automate the issuance of digital certificates...

Snort, Suricata and Bro: 3 Open Source Technologies for Securing... (Bricata) Open source technology for network security and intrusion detection is evolving to meet new threats. This post reviews the history, alongside the advantages and drawbacks of three popular open source technologies for IDS in Snort, Suricata, and Bro.

Logikcull Announces Slack Integration Amid Incursion of Chat Into Legal Discovery, Investigations (BusinessWire) Logikcull.com has announced a groundbreaking feature that allows legal and compliance professionals to search content created and stored in Slack.

Technologies, Techniques, and Standards

Massive cyber attack targets mid-Atlantic nation 'Berylia' (Register) NATO exercise offers the chance to test full chain of cyber-defence command

Next generation of SCADA industrial controls will protect against cyber attack (ComputerWeekly) Oil refineries, paper companies and pharmaceuticals companies are developing a new generation of secure industrial control technology that will offer better protection against attacks on critical manufacturing infrastructure from malware and sate sponsored hackers.

Q & A: What does blockchain actually mean for manufacturers? (The Engineer) Blockchain is the new buzzword on the block. But what does it actually mean for manufacturers? Fujitsu's Graeme Wright explains

CIA rethinks how to protect operatives’ digital lives (C4ISRNET) The interconnectedness of today's world is forcing the CIA to operate differently. Here's how.

NSA Develops Cyber Threat Intelligence Collaboration Platform, Tools (Executive Gov) The National Security Agency has developed a suite of tools meant to provide wider access to insight

How to Choose the Right Malware Classification Scheme (Security Intelligence) Analysts can improve and automate their incident response processes by adopting the right malware classification scheme according to specific threat management goals.

How cybercriminals get in, and what to do to stop them (CIO Dive) No matter how good password management gets, hackers always seem to be one step ahead. Here's how they do it and steps businesses can take to stop it.

How to protect your business from the real risk of a social media takeover (TechRepublic) By not following basic security practices on social media, individuals and businesses increase the risk of attack, said Mike Price, CTO of security firm ZeroFox.

Russians Want to Hack Your Election? Call Out the National Guard (Bloomberg.com) When floods swept through West Virginia polling places during the 2012 presidential election, the National Guard came to the rescue with tents and electrical connections. For the state’s congressional primaries next month, the Guard will be on the lookout for another disaster: Russian interference.

Deception Tech: High-Fidelity Alerts If Hackers Take Bait (BankInfo Security) Deception technology - which involves tricking hackers into lurking on bogus IT assets - can provide crucial intelligence on methods and motives - that is, if the

Cyber response should not involve ‘running around panicking’ (Canadian Underwriter) Clients buying cyber insurance can only be prepared for the risk of a computer security breach if senior executives practice beforehand, a commercial insurer executive told Canadian Underwriter Friday. Corporate clients need to hold “table top exercises,” meaning they gather…

What infosec pros need to know before conducting a bug bounty program (Healthcare IT News) While more organizations are warming to the concept of paying hackers to discover and report on security vulnerabilities, there's still some confusion and ambiguity about the idea.

Why Australian businesses must secure guest access and IoT devices (Security Brief) Everyone, including third parties, must comply with company security policies and practices."

Coast Guard begins transition to joint regional security stacks (FCW) The Coast Guard has recently embarked on DOD-wide initiative to increase security by 2019.

Common Sense Security Tips for IoT in the Office (GlobalSign) Common sense is not so common they say. When it comes to the Internet of Things, nothing is common these days. So here's some expert tips from Mark Dacanay on keeping your office secure from the IoT vulnerabilities.

Design and Innovation

Quantum Blockchains Could Act Like Time Machines (IEEE Spectrum: Technology, Engineering, and Science News) Quantum blockchain systems could resist hacks by quantum computers

Microsoft developers hid a secret puzzle in Windows backgrounds as they knew images would leak (BetaNews) Microsoft developers working on Windows 8 created a puzzle and embedded it in the wallpapers used for internal builds of the operating system.

Research and Development

DARPA Wants to Merge Human and Computer Cyber Defenders (Defense One) The CHESS program would build on DARPA’s autonomous cybersecurity contest and traditional hacking competitions.

KeyW Taking on a DARPA Research Project (SIGNAL) The KeyW Corp. of Hanover, Maryland, was awarded a $17,365,667 cost-plus-fixed-fee completion contract for a Defense Advanced Research Projects Agency research project.

Academia

Naval Academy sees big boost in cybersecurity majors (Fifth Domain) The U.S. Naval Academy has seen a big increase in cyber operations majors, and a U.S. senator said Monday that midshipmen could be useful in working on cyber challenges before they graduate.

Legislation, Policy, and Regulation

Portugal, Australia to join NATO cyber center (Fifth Domain) The center is NATO's multinational and interdisciplinary hub of cyber defence expertise.

G7 to study Russia's 'malign behavior' (Deutsche Welle) The G7 is to examine more closely Russia's attempts to sow "doubt and confusion" abroad, Britain's foreign secretary has said. The announcement was made on the sidelines of a ministerial meeting in Canada.

Europe Rolls Out Plan for Whistleblower Law (Wall Street Journal) The European Commission moved Monday to build upon a hodgepodge of national whistleblower-protection laws with a broad approach spanning areas including tax evasion, health, consumer protection and nuclear safety.

State Reauthorization Elevates Cyber Office Tillerson Once Shuttered (Nextgov.com) The House bill closely tracks a standalone bill to restore and elevate the cyber coordinator’s office.

Lawmakers Want Answers on FDIC Data Breaches and Stingrays (Nextgov.com) And a new bill pushes for the naming and shaming of foreign hackers and government officials who attack the U.S.

The Top 3 cyber priorities for DOD’s incoming CIO (CSO Online) The DOD’s new top IT executive Dana Deasy will be an important cog in DOD’s big push toward universal defense cloud adoption, facilitating organizational changes that will make the military’s cyber defense more streamlined and effective and actively promoting an expansive cyber workforce.

108 retired military officers urge Senate to probe CIA nominee Gina Haspel's ties to torture (Washington Examiner) More than 100 retired military officers sent a letter to the Senate Monday saying they are “deeply concerned” by the nomination of Gina Haspel to lead the CIA.

AP Govt to unveil Cyber Security Policy soon (The Hans India) AP government is bringing a new cyber security policy in order to provide security to the government websites and information apart from attracting large quantum of investments in this sector, said Minister for IT Nara Lokesh

Litigation, Investigation, and Law Enforcement

Yahoo mega-breach hacker faces nearly 8 years in prison (Naked Security) The hacker exposed half a billion Yahoo accounts on behalf of Russia’s FSB

Is scraping files from a Freedom of Information website ‘hacking’? (Naked Security) A teen is being charged for downloading 7k records, 250 of which weren’t properly redacted. Who’s to blame?

But keeping up with criminals' tech innovation can be challenging. (Nextgov) New technology can be tough to navigate, and the Federal Trade Commission is out to make sure conmen don’t use blockchain to steer you in the wrong direction.

DNC told to preserve servers after lawsuit against Trump campaign, Russia and WikiLeaks (The Washington Times) Roger Stone, a former Trump campaign ally, responded to the Democratic National Committee’s Russia collusion lawsuit Monday, telling it to preserve its databases, records and servers for inspection.

Trump is Close to Being Right on the Attorney-Client Privilege—But for All the Wrong Reasons (New York Law Journal) Although for an entirely wrong reason the president wasn’t too far away from being right about the present condition of the privilege.

YouTube star faces prison time for cruel prank on homeless man (New York Post) A Chinese YouTube star faces up to two years in prison after a cruel prank involving an Oreo cookie, toothpaste and a homeless man went wrong. Kanghua Ren, 20, who goes by ReSet on his YouTube chan…

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

5th Annual Cybersecurity Summit (McLean, Virginia, USA, April 24, 2018) Join the Potomac Officers Club for the Fifth Annual Cybersecurity Summit to hear from public and private sector leaders on how federal agencies can improve their respective data security measures.

Secutech (Taipei, Taiwan, April 25 - 27, 2018) To meet the rising demand for intelligent and customised solutions, Secutech converges security and safety, ICT, IoT, artificial intelligence, big data, edge computing, intelligent video analytics and...

Industrial Control Systems (ICS) Cyber Security Conference Asia (Singapore, April 25 - 27, 2018) The Central ICS/SCADA Cyber Security Event of the Year for the APAC Region. Three days of multi-track training & workshops for days for operations, control systems and IT security professionals to connect...

INFILTRATE (Miami Beach, Florida, USA, April 26 - 27, 2018) INFILTRATE is a "pure offense" security conference aimed at the experienced to advanced practitioner. With the late-90s hacker con as its inspiration, the event has limited attendance in order to foster...

Automotive Cybersecurity Summit 2018 (Chicago, Illinois, USA, May 1 - 8, 2018) Smart Vehicles. Smart Infrastructures. The 2nd annual Automotive Cybersecurity Summit brings together public and private-sector manufacturers, suppliers, assemblers, technology providers and V2X partners...

Application of the Law of War to Cyber Operations (Washington, DC, USA, May 3, 2018) Cyber law experts meeting at the George Washington University will cover Title 10 vs. Title 32 vs. Title 50 and the lawful and operational restrictions related to these authorities. The panelists will...

Global Cyber Security in Healthcare & Pharma Summit (London, England, UK, May 3 - 4, 2018) The number of cyber-attacks in healthcare is on the rise, and the industry must do more to prevent and respond to these incidents. The Global Cyber Security in Healthcare & Pharma Summit 2018 will bring...

Decompiling the Government: Getting Technologists and Policymakers to Speak the Same Language (New York, New York, USA, May 3, 2018) This event brings together technologists and leading policymakers, lawyers, and journalists to bridge the gap between non-technical and technical cyber professionals and features Lisa Monaco, former Assistant...

Secure Summit DC (Washington, DC, USA, May 7 - 8, 2018) (ISC)² Secure Summit DC will assemble the best minds in cybersecurity for two days of insightful discussions, workshops and best-practices sharing. The goal of the event is to equip security leaders to...

HACKNYC (New York, New York, USA, May 8 - 10, 2018) The recent flood of data breach news may numb us to the threat of attacks with kinetic effects--direct or indirect physical damage, injury, or death. Hack NYC focus’ on our preparation for, and resilience...

Insider Threat Program Management With Legal Guidance Training Course (Herndon, Virginia, USA, May 8 - 9, 2018) This training will provide the ITP Manager, Facility Security Officer, and others (CIO, CISO, Human Resources, IT, Etc.) supporting an ITP, with the knowledge and resources to develop, manage, or enhance...

SecureWorld Kansas CIty (Kansas City, Missouri, USA, May 9, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Cyber Ready 2018 Cybersecurity/Intel Conference (MacDill Air Force Base, Florida, USA, May 14, 2018) Major General Mike Ennis (USMC, ret), CIA National Clandestine Service's first Deputy Director for Community Human Intelligence (HUMINT), will deliver the keynote. The conference will also feature an all-audience...

Cyber Investing Summit (New York, New York, USA, May 15, 2018) Now in its third year, the Cyber Investing Summit is an all-day conference focusing on investing in the cyber security industry, which is predicted to exceed $1 trillion in cumulative spending on products...

Third Annual Cyber Investing Summit (New York, New York, USA, May 15, 2018) Renowned cyber security executive David DeWalt will deliver the keynote address at the Third Annual Cyber Investing Summit. The Cyber Investing Summit is a unique all-day conference focused on the financial...

The Cyber Security Summit: Dallas (Dallas, Texas, USA, May 15, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Digital Utilitites Europe (Amserdam, the Netherlands, May 16 - 17, 2018) The conference will bring together key industry stakeholders to address the current challenges of the digitisation in the utilities sector. Join us in Amsterdam to hear latest business case studies and...

SecureWorld Houston (Houston, Texas, USA, May 17, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Ignite18 (Anaheim, California, USA, May 21 - 24, 2018) Palo Alto Networks' sixth annual conference features highly technical insights based on firsthand experiences with next-generation security technologies, groundbreaking new threat research, or innovative...

AFCEA/GMU Critical Issues in C4I Symposium (Fairfax, Virginia, USA, May 22 - 23, 2018) The AFCEA/GMU Critical Issues in C4I Symposium brings academia, industry and government together annually to address important issues in technology and systems research and development. The agenda for...

3rd Annual Nuclear Industrial Control Cybersecurity and Resilience Overview (Warrington, England, UK, May 22 - 23, 2018) Now in its 3rd year, the Cyber Senate Nuclear Industrial Control Cyber Security and Resilience Conference will take place on May 22/23rd in Warrington United Kingdom. This two day executive forum will...

PCI Security Standards Council’s Asia-Pacific Community Meeting (Tokyo, Japan, May 23 - 24, 2018) Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes and industry expert speakers. The PCI Security Standards Council’s 2018...

North American Financial Information Summit (New York, New York, USA, May 23, 2018) Data is the most vital asset of any financial services firm. With volumes increasing exponentially, and the complexity and structure continuously changing, it is more vital than ever to keep on top of...

SecureWorld Atlanta (Atlanta, Georgia, USA, May 30 - 31, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

RISKSEC (New York, New York, USA, May 31, 2018) Welcome to the 2018 New York City RiskSec Conference. As SC Media approaches our 30th anniversary, we fully understand the avalanche of cybersecurity-related problems, responsibilities and aspirations...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.