skip navigation

More signal. Less noise.

Looking for an introduction to AI for security professionals?

Your wait is over. A new book is out from the Cylance data science team, covering artificial intelligence and machine learning techniques in practical situations to improve the security professional’s ability to thrive in a data driven world. Whether you are reviewing logs or analyzing malware, being able to derive meaningful results and improve productivity is key. Order your free copy today.

Daily briefing.

Finland joins the ranks of countries who've found Russian cyber activity targeting their industrial and energy infrastructure.

Flashpoint describes a cut-rate crimeware kit, "Rubella," that offers some "point-and-click builder functionality" and generates malicious payloads for spam. It's not sophisticated, but skid criminals can rent it for $40 a month.

GrayShift, the iPhone unlocking specialists who've sold their GrayKey to law enforcement agencies, has been the victim of code theft. Unknown parties apparently got the source code snippets from a customer site where GrayShift's user-interface was briefly exposed to the Internet. The hackers demanded ransom, which GrayShift refused. The company thinks the software that was lost, judging from what the hackers have posted, is just code used to show messages to a user.

A piece about online inspiration in the New York Times concludes that by their nature social media tend to breed extremism—"attention, praise and a sense of importance and agency" are easy to come by online. And the algorithmically discerned rate of engagement is self-reinforcing.

The UK's Snooper's Charter suffered a setback today, as the High Court directed that the law be revised to require prior independent review before it can access retained metadata.

The Federal Network Protection Act, S. 2743, would fast-track the US Department of Homeland Security's ability to pull compromised software and systems from Federal networks.

Experts who've reviewed Ray Ozzie's proposed modus vivendi in the Crypto Wars tend to conclude that it's a form of key escrow. (Some compare it to the Clipper chip.)

Notes.

Today's issue includes events affecting China, European Union, Finland, France, Germany, Pakistan, Russia, United Kingdom, United States.

There's a better way to stop data loss. Learn more!

Data loss is a big problem. Every organization that deals with electronic data needs to have a data loss prevention strategy in place. ObserveIT’s white paper, Building a Strategy for the Post-DLP World, explores how organizations have been dealing with data loss to date, why these strategies are failing, and what a better path forward looks like. Get information you need to build a data loss prevention strategy that works for the modern organization. Download your free copy.

In today's podcast, we hear from our partners at Virginia Tech's Hume Center, as Charles Clancy reviews the 5G mobile network rollout. Our guest is Merike Kaeo from Farsight Security, discussing DNS data as an early warning system for cyber threats.

HackNYC2018 (New York, New York, United States, May 8 - 10, 2018) Cyber attacks are often called non-violent or non-kinetic attacks, but the simple truth is that there is a credible capability to use cyber attacks to achieve kinetic effects. Kinetic Cyber refers to a class of cyber attacks that can cause direct or indirect physical damage, injury or death solely through the exploitation of vulnerable information systems and processes. Use code CWIRE20 for 20% off the $50.00 individual ticket price.

8th Annual (ISC)2 Security Congress (New Orleans, Louisiana, United States, October 9 - 11, 2018) The (ISC)2 Security Congress brings together the sharpest minds in cyber and information security for over 100 educational sessions covering 17 tracks. Join us to learn from the experts, share best practices, and make invaluable connections. Your all-access conference pass includes educational sessions, workshops, keynotes, networking events, career coaching, expo hall and pre-conference training. Save your seat at congress.isc2.org.

Cyber Attacks, Threats, and Vulnerabilities

Finnish R&D and utilities in line of cyber espionage fire, say security police (ComputerWeekly) Finnish research and development, as well as critical infrastructure, are being targeted by state-backed cyber espionage attacks, says report.

Cyber-attacks: Pakistani websites might get hacked ahead of elections (Samaa TV) Abbas Shabbir All the websites of Pakistan, including those of the government and media groups, might get hacked ahead of the general elections. According to a handout sent by a government body to Pakistan Telecommunication Authority, Russia and...;

How Everyday Social Media Users Become Real-World Extremists (New York Times) Most believe that provocateurs are responsible for kindling hate on Facebook. But the evidence suggests that the platform itself may encourage ill will.

The British Hacker Who Became the Islamic State's Chief Terror Cybercoach: A Profile of Junaid Hussain (Combating Terrorism Center at West Point) Abstract: Until his death in a U.S. drone strike in August 2015, Junaid Hussain was the Islamic State’s most prolific English-language social media propagandist, working to incite and guide sympathizers in the United Kingdom, United States, and beyond to launch terrorist attacks. Before joining the jihad in Syria, Hussain was part of a hacking collective in … Continued

Concern Rises About Cyber-Attacks Physically Damaging Industries (eWEEK) A number of high-profile cyber-attacks that have caused physical damage to computer and industrial controls systems demonstrate why enterprises have to take responsibility for defending their networks.

Malware of Mass Disruption: The weapon of tomorrow, today? (WeLiveSecurity) At RSA 2018, Tony Anscombe, ESET’s Global Security Evangelist, took to the stage to discuss his theory that malware evolution has led to the latest development in cyberweapons. A movement that he has coined as Malware of Mass Disruption.

iPhone crackers GrayShift become victim of extortion after code Leak (HackRead) The iPhone unlocking specialist GrayShift is now being extorted for paying 2 bitcoin, the price of one GrayKey box.

Rubella Crimeware Kit: Cheap, Easy and Gaining Traction (Threatpost) Taking a “dirty deeds done dirt cheap” approach, the kit generates an initial malware payload for social-engineering spam campaigns for just $40 per month.

New C# Ransomware Compiles itself at Runtime (BleepingComputer) A new in-development ransomware was discovered that has an interesting characteristic. Instead of the distributed executable performing the ransomware functionality, the executables compiles an embedded encrypted C# program at runtime and launches it directly into memory.

Ransomware warning: This phishing campaign delivers new malware variants (ZDNet) Tens of thousands of messages are being sent each day in an effort to trick people into installing this particular form of ransomware, say researchers.

Think You Know Ransomware? Think Again (Infosecurity Magazine) Where did ransomware come from, is it a new threat, how is it evolving and what steps can organizations take to protect against it?

World's Largest Spam Botnet Finds a New Way to Avoid Detection... For Now (BleepingComputer) Necurs, the world's largest spam botnet, with millions of infected computers under its control, has updated its arsenal and is currently utilizing a new technique to infect victims.

Bezop in the Line of Fire After Reports That It Leaked a Quarter of a Million Investors’ Personal Info (Cryptovest) Bezop is learning the hard way about shoring up its database to the hilt to avoid leaks that expose its users’ private information.

Ski Lift in Austria Left Control Panel Open on the Internet (BleepingComputer) Officials from the city of Innsbruck in Austria have shut down a local ski lift after two security researchers found its control panel open wide on the Internet, and allowing anyone to take control of the ski lift's operational settings.

Atlanta's recovery highlights the costly mistake of being unprepared (CSO Online) The Samsam attack against the city of Atlanta in March was chaotic and crippling. The ransomware, named for the group responsible for development and deployment, left the city scrambling to deal with critical systems that were forced offline, hampering civil services including utility payments and municipal court appointments.

Atlanta was not prepared to respond to a ransomware attack (StateScoop) Aging IT and a new mayor made the city a ripe target. Now there are questions about where to place the blame, and how to prepare for another attack.

The Free 'Fortnite' Money Scams Are So Stupid They Probably Work (Motherboard) New websites are promising 'Fortnite' fans free in-game currency, but it’s an old scam for a new game.

20 years ago today! What we can learn from the CIH virus… (Naked Security) The 20-year-old CIH virus, aka “Chernobyl”, isn’t just a museum curiosity. It still has plenty of lessons to teach us today.

Security Patches, Mitigations, and Software Updates

The next major Windows 10 update is launching on Monday (TechCrunch) After a brief delay (though Microsoft won’t confirm or deny this), Microsoft today announced that the Windows 10 April 2018 Update will be available as a free download to users worldwide on Monday, April 30, with the broader rollout starting May 8. As with every Windows release, there’s…

Microsoft Releases More Microcode Patches for Spectre Flaw (SecurityWeek) Microsoft has released another round of software and microcode updates designed to address the Spectre Variant 2 vulnerability

Apple’s latest updates are out – APFS password leakage bug squashed (Naked Security) Two critical browser patches for iPhones and Macs – plus a quiet patch for a Mac password disclosure glitch we wrote about recently.

Amazon has fixed a bug that allowed hackers to listen in on Alexa devices (Digital Trends) Amazon has fixed a bug that made it possible for hackers to listen in on you via Amazon Alexa by creating an Alexa skill. By manipulating a specific Alexa feature, researchers were able to prove the hack was possible, and that it could be used to obtain a word-for-word transcript of users' conversations.

Cyber Trends

What’s the Next Step in Nation State Cyber Operations? (TechNative) Suspected nation state cyber activity commands attention in the news, particularly as governments, as well as private vendors, feel compelled to call out foreign governments for being behind a range of operations ranging from destructive malware, cryptocurrency theft, traditional and commercial espionage, and disruptive attacks.

GDPR compliance requirements don't come cheap (SearchCloudComputing) GDPR compliance requirements come with a hefty price tag and a fair amount of confusion just weeks before the rules kick in. Cloud vendors say they're ready, but many of their customers lack the types of controls needed to avoid an even more expensive fine.

12 Trends Shaping Identity Management (Dark Reading) As IAM companies try to stretch 'identity context' into all points of the cybersecurity market, identity is becoming 'its own solar system.'

Only half of CI/CD workflows include appsec testing elements (Help Net Security) Only half of CI/CD workflows include application security testing elements despite respondents citing awareness of the importance and advantages of doing so, according to a new 451 Research report.

Adoption of security ratings platforms is on the rise (Help Net Security) While the threat landscape is growing more complex and dangerous, security ratings platforms are becoming a key component to address those threats while delivering a strong return on investment.

Small merchants are not effectively engaging with PCI programs (Help Net Security) All acquirers believe small merchants are not effectively engaging with PCI programs, with many identifying the challenges small merchants face, including a lack of knowledge, a lack of urgency and a lack of time to dedicate to security and compliance – a worrying trend.

More Than 1 Million US Children Fell Victim to Identity Fraud in 2017 (Security Intelligence) A recent study revealed that more than 1 million children living in the U.S. fell victim to identity fraud in 2017, costing families $540 million.

Marketplace

China's biggest tech companies have reason to be worried (CNNMoney) Could Alibaba, Tencent and Lenovo go the way of Huawei and ZTE?

How Microsoft, Amazon, Alphabet Are Reshaping Security (Dark Reading) Tech's biggest giants are shifting the cybersecurity landscape as they incorporate security into their products and services.

Shearwater makes second Cardiff cyber security acquisition (Insider Media Ltd) Digital resilience company Shearwater has acquired a second cyber security company in Cardiff following the purchase of GeoLang earlier this month.

Facebook Launches a New Ad Campaign With an Old Message (WIRED) Facebook ads will appear on TV, online, in movie theaters, and on public transit and billboards.

Nasdaq is open to becoming cryptocurrency exchange, CEO says (CNBC) Once the space matures, Nasdaq would consider becoming a digital currency exchange, according to the company's CEO.

Rappers, Ravens and Lord of the Rings: The Race for 'Dope' Coin Names Is On (CoinDesk) A 'Lord of the Rings' reference in several crypto projects illustrates a coming land grab on the finite amount of "cool" names.

3 Ways Palo Alto Networks Has Secured Long-Term Growth (The Motley Fool) These promising acquisitions will boost the cybersecurity specialist's capabilities in three fast-growing areas.

H1-415 Recap: Oath Pays Over $400,000 to Hackers in One Day (HackerOne) It was 70 degrees, sunny and a Saturday, but everyone was inside. Forty-one hackers representing 11 countries. More than $400,000 paid in bounties. All in nine hours. HackerOne’s second annual live-hacking event in San Francisco broke multiple records on Saturday, April 14, 2018. The target? Oath, a media and tech company, under which Yahoo, AOL, Verizon Digital Media Services, TechCrunch and many more dynamic brands fall.  

JASK Appoints Recognized Cyber Market Maker Greg Fitzgerald as CMO and Unveils HQ2 in Austin (BusinessWire) JASK, the provider of the industry’s first Autonomous Security Operations Center (ASOC) platform, today announced the appointment of Greg “Fitz” Fitzg

Mimecast Appoints French and Levesque (SIGNAL) Mimecast Limited, Lexington, Massachusetts, has appointed Marc French as chief trust officer and Janet Levesque as senior vice president of systems, risk and security.

Products, Services, and Solutions

Meltdown and Spectre: Design security (New Electronics) While Meltdown and Spectre identified and exploited significant design flaws in CPUs some systems were prepared and protected.

Dynamic Data Protection key to protect advanced data threats: Forcepoint (ETCIO.com) The new Dynamic Data Protection (DDP) solution harnesses the power of human-centric behaviour analytics and is the most effective data protection meth..

Fortanix Runtime Encryption: Protect sensitive applications and data in use (Help Net Security) Fortanix Runtime Encryption enables your application to process and work with encrypted data. Fortanix uses Intel SGX and creates a portable security envelope that runs signed applications in completely protected states.

Calligo Selects Corent SurPaaS® to Accelerate Privacy-Aware Clients’ Migration to Appropriate Clouds, including Azure Stack (GlobeNewswire News Room) Corent Technology, a leader in Azure cloud migration, optimization and SaaSification technology, today announced it has entered into a partnership with Calligo, a world-leading cloud solution provider.

Technologies, Techniques, and Standards

12 big encryption trends that will keep data more secure (The Next Web) As cybercriminals become more sophisticated, it becomes easier for them to circumvent security measures and access sensitive personal data. While businesses and consumers are ultimately responsible for protecting themselves and following best practices, developers are on the frontlines of the ever-evolving cyber security battle, as they’re the ones building the solutions that keep data encrypted …

Routing Security Gets Boost with New Set of MANRS for IXPs (Dark Reading) The Internet Society debuts a new mutually agreed norms initiative for IXPs.

'Zero Login:' The Rise of Invisible Identity (Dark Reading) Will new authentication technologies that recognize users on the basis of their behaviors finally mean the death of the despised password?

How to get the most value out of the security tools your company already has (TechRepublic) Buying the latest and greatest tools won't necessarily make your company more secure. Here's how to to get the most value from the security investments you've already made.

How a Ransomware Incident Response Case Fascinated Our Investigators (Trustwave) A tidbit from our 2018 Trustwave Global Security Report turned up something fascinating that ransomware attackers are doing.

The NSA wants its algorithms to be a global IoT standard. But they're simply not trusted (Bitdefender BOX Blog) We all should know by now that the state of security of many Internet of Things devices is a shocking mess. Time and time again security holes are found in IoT devices, providing an opportunity for hackers to spy on unsuspecting users, steal information, or even hijack gadgets to perform internet attacks on others. The …

UK SMBs Urged to Test Cyber-Resilience (Infosecurity Magazine) UK SMBs Urged to Test Cyber-Resilience. New Would You Be Ready? Campaign is backed by NCSC

The 5 Point Cyber Attack Protection That Lawyers Need to Use Now (LawFuel) Cyber attack is a major risk for today’s law firms as cybercriminals target law firms in a multi-billion dollar industry that has lead to a fast-growing cyber industry, which remains a sensitive area to talk about for lawyers and businesses alike. But as the cyber crime business grows, the urgent need for law firms to …

Ray Ozzie’s plan for unlocking encrypted phones gets a chilly reception (Ars Technica) Critics say Clear suffers same fatal shortcomings as previous key-escrow plans.

Know what Instagram knows – here’s how you download your data (Naked Security) Thank you GDPR.

CISSP Exam Changes (Security Boulevard) Are you thinking about earning your CISSP in 2018? One thing you need to consider is there have been changes made to the exam. The new exam went live on April 15th, 2018 and this quick blog post will detail the CISSP exam changes and how they may affect you. CISSP Certification Background CISSP, Certified The post CISSP Exam Changes appeared first on Phoenix TS.

Regardless of your Office 365 tier, layered security is the best way to protect your business email (Computing) Office 365 is popular, but experts agree that even the top tier should be bolstered by third party systems

Design and Innovation

Beyond the hype on artificial intelligence: The reality of intelligent infrastructure and human augmentation (American Enterprise Institute) The current wave of popular interest in artificial intelligence (AI) began with warnings from Elon Musk, the late Stephen Hawking, and several alarmist books, such as “Our Final Invention” by James Barrat, which argued that once we invent AI, it will invent everything else

Research and Development

Blockpass Partners with Edinburgh Napier University to Build the World's First Advanced Blockchain Identity Laboratory | Markets Insider (Business Insider) A pioneering new research lab, the Blockpass Identity Lab, will explore ways in which blockchain t...

The AI Cybersecurity Arms-Race: The Bad Guys Are Way Ahead (Forbes) Who will win the race to adopt artificial intelligence for cyber warfare--the defenders of vulnerable corporate networks or the cyber criminals constantly inventing new ways to attack them?

Legislation, Policy, and Regulation

Meet Badass, the Grassroots Activists Hitting Revenge Porn Where It Lives (WIRED) Victims of nonconsensual pornography are fighting back.

Opportunities and risks for China's cyberspace (China.org.cn) As China changes, the attention its administration directs toward new technologies grows.

What the latest defense bill has to say about cyber (FCW) After a key subcommittee markup, the 2019 National Defense Authorization Act is now headed for the full House Armed Services Committee.

Politics: The Mostly Unspoken Hurdle to a Government Supported Cryptocurrency (Payments Journal) This article in ComputerWorld provides a great snapshot on government adoption of anonymous cryptocurrencies. Technologists here argue that deployment of an anonymous cryptocurrency is in our future, yet none explain how existing anti-money laundering legislation will be addressed.

DHS cyber strategy to land by mid-May (FCW) Homeland Security Secretary Kirstjen Nielsen told lawmakers the agency was looking at how to get into the bug bounty business.

DHS chief on unfilled cybersecurity positions: We’re working on it (TheHill) The head of the Department of Homeland Security (DHS) on Thursday told Congress that the agency continues to look for ways to recruit and retain a skilled cyber workforce, even as the federal government struggles...

Senate bill would give DHS new authority to remove corrupted software from federal systems - Homeland Preparedness News (Homeland Preparedness News) With the volume of cyber attacks on government computer systems jumping from 5,500 in 2006 to more than 77,000 in 2015, legislation introduced in the U.S. Senate on Tuesday would give the U.S. Department of Homeland Security (DHS) tools to …

Merkel to Press Trump on Russia Sanctions (Foreign Policy) Merkel and Macron are focused on European business when pushing back on Russia sanctions. Their concern for the Iran deal is different.

Is the U.S. headed toward a cashless economy through blockchain? (Computerworld) The Fed and other nations' central banks are exploring the creation of state-backed digital currencies that would allow consumers and businesses to have digital wallets from which they could buy, sell and trade.

Litigation, Investigation, and Law Enforcement

Privacy International Files ICO Complaint Over Police Mobile Phone Extraction (Infosecurity Magazine) Privacy International Files ICO Complaint Over Police Mobile Phone Extraction. UK cops data slurping could break GDPR, warns rights group

UK surveillance regime dealt another blow in court (TechCrunch) The UK government has suffered yet another defeat in the courts over a surveillance regime that critics have dubbed a ‘Snooper’s charter’. Today the UK High Court agreed with several aspects of digital and civil rights group Liberty’s crowdfunded legal challenge to a portion…

Internet Sleuths Are Harassing the Family of the Golden State Killer Suspect (Motherboard) Joseph James DeAngelo was arrested in connection to the 1978 murders of Brian and Katie Maggiore. Now, his family's information is being posted online.

Technology a double-edged sword for human traffickers: Europol head (Reuters) Modern technologies, from messaging services such as WhatsApp to cryptocurrencies, are fuelling the rise of modern slavery across Europe yet new digital tools are also helping police to fight back against traffickers, the head of Europol said on Thursday.

The Crypto Crime Wave Is Here (Wall Street Journal) From stickups and drug deals to white-collar scams, cryptocurrency-related crime is soaring—and law enforcement is scrambling to keep up.

Facebook is investigating whether secretive firm Palantir had 'improper' access to user data (CNBC) CTO Mike Schroepfer makes the disclosure to U.K. lawmakers investigating the Cambridge Analytica data scandal.

Do You Know Where Your Russian Oligarchs Are? (Foreign Policy) Democratic senators ask major banks to review individuals tied to Putin.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

2018 ICS Cyber Security Conference USA (Atlanta, Georgia, USA, October 22 - 25, 2018) SecurityWeek’s Industrial Control Systems (ICS) Cyber Security Conference is the largest and longest-running event series focused on industrial cybersecurity. Since 2002, the conference has gathered ICS...

Upcoming Events

Cyber Investing Summit (New York, New York, USA, May 15, 2018) Now in its third year, the Cyber Investing Summit is an all-day conference focusing on investing in the cyber security industry, which is predicted to exceed $1 trillion in cumulative spending on products...

Campaign Cyber Defense Workshop (Boston, Massachussetts, USA, June 4, 2018) The Campaign Cyber Defense Workshop brings together experts from the region’s industry, university, and government organizations to address campaign security and effective practices for maintaining campaign...

Cyber:Secured Forum (Denver, Colorado, USA, June 4 - 6, 2018) Cyber:Secured Forum will feature in-depth content on cybersecurity trends and best practices as related to the delivery of physical security systems and other integrated systems. Content is being collaboratively...

RISKSEC (New York, New York, USA, May 31, 2018) Welcome to the 2018 New York City RiskSec Conference. As SC Media approaches our 30th anniversary, we fully understand the avalanche of cybersecurity-related problems, responsibilities and aspirations...

SecureWorld Atlanta (Atlanta, Georgia, USA, May 30 - 31, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

PCI Security Standards Council’s Asia-Pacific Community Meeting (Tokyo, Japan, May 23 - 24, 2018) Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes and industry expert speakers. The PCI Security Standards Council’s 2018...

North American Financial Information Summit (New York, New York, USA, May 23, 2018) Data is the most vital asset of any financial services firm. With volumes increasing exponentially, and the complexity and structure continuously changing, it is more vital than ever to keep on top of...

3rd Annual Nuclear Industrial Control Cybersecurity and Resilience Overview (Warrington, England, UK, May 22 - 23, 2018) Now in its 3rd year, the Cyber Senate Nuclear Industrial Control Cyber Security and Resilience Conference will take place on May 22/23rd in Warrington United Kingdom. This two day executive forum will...

AFCEA/GMU Critical Issues in C4I Symposium (Fairfax, Virginia, USA, May 22 - 23, 2018) The AFCEA/GMU Critical Issues in C4I Symposium brings academia, industry and government together annually to address important issues in technology and systems research and development. The agenda for...

Ignite18 (Anaheim, California, USA, May 21 - 24, 2018) Palo Alto Networks' sixth annual conference features highly technical insights based on firsthand experiences with next-generation security technologies, groundbreaking new threat research, or innovative...

SecureWorld Houston (Houston, Texas, USA, May 17, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Digital Utilitites Europe (Amserdam, the Netherlands, May 16 - 17, 2018) The conference will bring together key industry stakeholders to address the current challenges of the digitisation in the utilities sector. Join us in Amsterdam to hear latest business case studies and...

Gartner Security and Risk Management Summit 2018 (National Harbor, Maryland, USA, June 4 - 7, 2018) Prepare to meet the pace and scale of today’s digital business at Gartner Security & Risk Management Summit 2018. Transform your cybersecurity, risk management and compliance strategies and build resilience...

Third Annual Cyber Investing Summit (New York, New York, USA, May 15, 2018) Renowned cyber security executive David DeWalt will deliver the keynote address at the Third Annual Cyber Investing Summit. The Cyber Investing Summit is a unique all-day conference focused on the financial...

The Cyber Security Summit: Dallas (Dallas, Texas, USA, May 15, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Cyber Ready 2018 Cybersecurity/Intel Conference (MacDill Air Force Base, Florida, USA, May 14, 2018) Major General Mike Ennis (USMC, ret), CIA National Clandestine Service's first Deputy Director for Community Human Intelligence (HUMINT), will deliver the keynote. The conference will also feature an all-audience...

SecureWorld Kansas CIty (Kansas City, Missouri, USA, May 9, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

HACKNYC (New York, New York, USA, May 8 - 10, 2018) The recent flood of data breach news may numb us to the threat of attacks with kinetic effects--direct or indirect physical damage, injury, or death. Hack NYC focus’ on our preparation for, and resilience...

Insider Threat Program Management With Legal Guidance Training Course (Herndon, Virginia, USA, May 8 - 9, 2018) This training will provide the ITP Manager, Facility Security Officer, and others (CIO, CISO, Human Resources, IT, Etc.) supporting an ITP, with the knowledge and resources to develop, manage, or enhance...

Secure Summit DC (Washington, DC, USA, May 7 - 8, 2018) (ISC)² Secure Summit DC will assemble the best minds in cybersecurity for two days of insightful discussions, workshops and best-practices sharing. The goal of the event is to equip security leaders to...

Decompiling the Government: Getting Technologists and Policymakers to Speak the Same Language (New York, New York, USA, May 3, 2018) This event brings together technologists and leading policymakers, lawyers, and journalists to bridge the gap between non-technical and technical cyber professionals and features Lisa Monaco, former Assistant...

Application of the Law of War to Cyber Operations (Washington, DC, USA, May 3, 2018) Cyber law experts meeting at the George Washington University will cover Title 10 vs. Title 32 vs. Title 50 and the lawful and operational restrictions related to these authorities. The panelists will...

Global Cyber Security in Healthcare & Pharma Summit (London, England, UK, May 3 - 4, 2018) The number of cyber-attacks in healthcare is on the rise, and the industry must do more to prevent and respond to these incidents. The Global Cyber Security in Healthcare & Pharma Summit 2018 will bring...

Automotive Cybersecurity Summit 2018 (Chicago, Illinois, USA, May 1 - 8, 2018) Smart Vehicles. Smart Infrastructures. The 2nd annual Automotive Cybersecurity Summit brings together public and private-sector manufacturers, suppliers, assemblers, technology providers and V2X partners...

Integrated Cyber (Laurel, Maryland, USA, May 1 - 2, 2018) Integrated Cyber is the premier cyber event bringing together the Integrated Adaptive Cyber Defense (IACD), Automated Indicator Sharing (AIS), and cyber information-sharing communities. This two-day event...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.