skip navigation

More signal. Less noise.

Get the top 10 vulnerabilities used by cybercriminals.

Recorded Future researchers have scoured open web, dark web, and technical sources to discover which vulnerabilities are being actively exploited by cybercriminals. Download the report now.

Daily briefing.

On Sunday Finland sustained a major distributed denial-of-service attack (the country's information and communications technology center, Valtori, called it "the biggest attack we've had in the past few months," implying a relatively high rate of attack). Several citizen-facing websites were unavailable, including the national online identity verification service Suomi.fi. The defense ministry was unaffected. There's no attribution yet, but earlier DDoS attacks have been ascribed to unnamed foreign actors.

Concerns about state-sponsored attacks on industrial and consumer Internet-of-things devices remain high. In the US, these concerns continue to center on Russian activity. There have been recent warnings about GRU compromise of home routers—known about for some time but only imperfectly redressed, such devices being notoriously easy to ignore when patching. Other concerns focus on the power grid, where GRU probes of utility business networks have been widespread. Congress continues to push the Administration about grid security.

Smart city technology presents an especially attractive attack surface. There's a growing concern about the sensors that technology deploys.

A patch for NetComm 4G LTE Light industrial M2M routers is out, addressing a critical vulnerability. Users are advised to patch quickly.

Oracle has addressed a vulnerability that could compromise an Oracle Database and grant shell access to underlying servers.

It's Patch Tuesday, with Microsoft and others expected to roll out fixes over the course of the day.

President Trump has signed legislation barring ZTE and Huawei devices from Federal enterprises. Other sanctions, particularly against Russia and Iran, are widely expected to prompt cyber-retaliation.

Notes.

Today's issue includes events affecting Australia, China, Finland, Iran, Israel, Russia, Turkey, United Kingdom, United States.

Don’t let threats SOC you where it counts.

Protecting your organization from an attack involves much more than the traditional “block & tackle” tactics of the past. A good boxer doesn’t just block the punch they see coming, they move against the next anticipated punch. The modern Security Operations Center (SOC) requires a combination of automation and human tradecraft to successfully repel the adversary. Learn more about the modern SOC in LookingGlass’ webinar featuring guest IDC, August 29 @ 2pm ET.

In today's podcast, we hear from our partners at Accenture, as Justin Harvey explains threat hunting. Our guest, Bob Stevens from Lookout, discusses the problem of app-based malware on mobile devices.

And Recorded Future's latest podcast is up, too. This episode, produced in partnership with the CyberWire, is A CISO’s Journey From the City to the Private Sector. in it, Webroot's  Gary Hayslip shares his thoughts on team building, recruiting talent in a competitive market, and the importance of threat intelligence.

Cyber Security Summits: August 29 in Chicago & in NYC on September 25 (Chicago, Illinois, United States, August 29, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The NSA, Darktrace, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com

Wombat Wisdom Conference, September 18 to 20, 2018, Pittsburgh, PA (Pittsburgh, Pennsylvania, United States, September 18 - 20, 2018) Gain expert insights for strengthening your security awareness program at the Wombat Wisdom Conference, Sept. 18-20, 2018. Ideal for CISOs and infosec professionals looking to share ideas and actionable concepts for improving security awareness and training.

5th Annual Cyber Security Conference for Executives (Baltimore, Maryland, United States, October 2, 2018) The 5th Annual Cyber Security Conference for Executives, hosted this year by The Johns Hopkins University Information Security Institute and Ankura, will be held on Tuesday, October 2nd, in Baltimore, Maryland. This year’s theme is cybersecurity compliance and regulatory trends, and the conference will feature discussions with thought leaders across a variety of sectors. Join the discussion and learn about current and emerging cyber security threats to organizations, and how executives can better protect their enterprises. To receive the early-bird rate, register now!

Cyber Attacks, Threats, and Vulnerabilities

Cyber attack shuts down many government websites in Finland (Yle Uutiset) Sunday's DDoS attack was the "biggest we've had in the past few months," according to the head of Finland's Government ICT Centre.

Russian Military Spy Software is on Hundreds of Thousands of Home Routers (Defense One) In May, the Justice Department told Americans to reboot their routers. But there's more to do — and NSA says it's up to device makers and the public.

InfoSec Professionals Predict More IoT Attacks (armis) To find out what people in the enterprise security trenches think about IoT attacks, we surveyed IT security professionals at Black Hat.

The Sensors That Power Smart Cities Are a Hacker's Dream (WIRED) The IoT security crisis is playing out on a macro scale too, putting critical infrastructure at risk.

Senator Markey Demands Answers About Russian Cyberattacks on Electric Utilities (Senator Ed Markey) Official website of Senator Ed Markey. A consumer champion, national leader on energy, environmental protection and telecommunications policy, and a deep commitment to improving the lives of the people of Massachusetts and our country. Senator Markey stands up for the priorities and values of Massachusetts.

Threats to Electric Grid are Real; Widespread Blackouts are Not (Dragos) Threats to Electric Grid are Real; Widespread Blackouts are Not

Connecting the dots to North Korea as a threat adversary (Help Net Security) The security community needs to avoid the traditional approach of quickly determining attribution based on initial indicators.

Bugs in Mobile Credit Card Readers Could Expose Buyers (WIRED) Card readers used by popular companies like Square and PayPal have several security flaws that could result in customers getting majorly ripped off.

Hacking a Brand New Mac Remotely, Right Out of the Box (WIRED) Researchers found a way to compromise a Mac the first time it connects to Wi-Fi, potentially putting scores of enterprise customers at risk.

Google accused of tracking users even with 'location tracking' turned off (Computing) Google claims it's all part of improving the user experience

Process Doppelgänging meets Process Hollowing in Osiris dropper (Malwarebytes Labs) Process doppleganging, a rare technique of impersonating a process, was discovered last year, but hasn't been seen much in the wild since. It was an interesting surprise, then, to discover its use in a dropper of the Osiris banking Trojan. We unpack the code to show how malware authors used this process.

Denial of Service Attack on DNS and LDAP server (Vulners Database) All versions of Samba from 4.8.0 onwards are vulnerable to a denial of service attack when Samba is an Active Directory Domain Controller. Missing input sanitization checks on some of the input parameters to LDB database layer cause the LDAP server and DNS server to crash when...

Pacemaker controllers still vulnerable 18 months after flaws reported (Naked Security) A popular brand of heart pacemaker is still vulnerable to compromise more than a year and a half after the company that makes them was told of weaknesses in its security, researchers have claimed.

Cash machines could be mass-hacked in global cyber attack, FBI warns (The Telegraph) Banks have been warned of an imminent threat that their cash machines could be mass-hacked by cyber criminals.

Trojans Merge With Phishing Attacks (Credit Union Times) Also experts show mPOS devices are vulnerable to remote code execution attacks.

ACMA warns of fake Optus emails asking for credit card information (CRN Australia) Scammers claiming to be Optus are phishing for credit card info.

Analysis | The Cybersecurity 202: Def Con hackers couldn't crack a mock voter database. It's a rare bright spot for election security. (Washington Post) It should bring state election officials some relief.

Venafi Election Research (Venafi) Venafi conducted of a study on the security of our election infrastructure.

R.I. needs to shore up cyber defenses for election, officials say (providencejournal.com) U.S. Sens. Jack Reed and Sheldon Whitehouse met with Rhode Island Secretary of State Nellie Gorbea Monday to discuss ways to keep the state’s

How a cryptocurrency-destroying bug almost didn’t get reported (Naked Security) A researcher recently revealed how he found a bug that could have brought the fourth largest cryptocurrency to its knees – and how he was almost unable to report it.

Facebook news feed changes – it’s a hoax! (Naked Security) One scoop of “copy & paste to screw with the algorithm” between two slices of “limiting news feed posts to 25 friends”. A baloney sandwich!

PCs still infected with Andromeda botnet malware, despite takedown (ZDNet) One of the largest botnets was taken out by the authorities last year - but large numbers of PCs remain infected.

Cryptojacking is still “a bit of a black box” for 71% of CISOs (Coin Insider) While cryptojacking is a newer trend , Chief Information Security Officers have struggled to prepare for threats facing their businesses. #monero

Monero (XMR) Would Be The Target Of More Crypto Mining Malware In 2019, IT Security Experts Think (Oracle Times) A recent report from the Cyber Threatscape states that hackers boosted the deployment of crypto mining malware in 2018, but the cryptojacking tendency is set to increase even more in 2019 with Monero (XMR) being the leading target due to its privacy and anonymous transactions properties. The most troublesome result of the investigation is that 71% of …

Former Pentagon cyber chief says hackers could exploit My Health Record flaws (Financial Review) A leading expert in cyber security policy has warned the manipulation of health data by hackers is a risk for politicians and business leaders.

The New Style Ransomware Attacks In India Is Quite Alarming: eScan (Dazeinfo) GandCrab is fast spreading new style of Ransomware attacks in India that people must be worry about. Maharastra is the most affected state.

Security Patches, Mitigations, and Software Updates

Critical vulnerability in Oracle Database, patch without delay! (Help Net Security) A critical security issue (CVE-2018-3110) can result in complete compromise of the Oracle Database and shell access to the underlying server.

Critical Flaws Found in NetComm Industrial Routers (SecurityWeek) NetComm patches critical vulnerabilities in 4G LTE Light industrial M2M routers. The flaws can be exploited remotely to completely compromise a device

Dropbox Will Only Support the Ext4 File System In Linux in November (BleepingComputer) Dropbox has announced that starting on November 7th 2018, only the ext4 filesystem will be supported in Linux for synchronizing folders in the Dropbox desktop app. Those Linux users who have synch on other filesystems such as XFS, ext2, ext3, ZFS, and many others will no longer have working Dropbox synchronization after this date.

Cyber Trends

10,644 vulnerabilities disclosed in the first half of 2018 (Help Net Security) There have been 10,644 vulnerabilities disclosed through June 30th, according to Risk Based Security's 2018 Mid Year VulnDB QuickView report.

Cyber-Security Failure Brings Societal Risks: Black Hat Researchers (eWEEK) NEWS ANALYSIS: Security researchers speaking at Black Hat 2018 express concern that the IT industry and connected device makers don’t pay enough attention to fixing security vulnerabilities in their products.

Nobody minding the store: security in the age of the lowest bidder (TechCrunch) So, to recap: Satellite communication systems worldwide are “protected” by easily cracked hard-coded passwords. The private internet connecting the world’s mobile phone operators remains replete with vulnerabilities. Russia has successfully hacked into American power-plant control…

Network complexity makes it hard to protect the low-hanging fruit, says Just Eat CISO (Computing) Multiple points of entry, third party contractors, external code and virtualisation make protecting a modern network a difficult task

GDPR Consent Management Platform (CMP) adoption across top US and UK sites | Adzerk - Build Your Own Ad Server In Just Weeks (Adzerk) A breakdown of who uses CMPs and who they work with

96+ Articles, Blogs and Links that Summarize the Black Hat 2018... (Bricata) The Black Hat USA conference generates an enormous amount of cybersecurity coverage. This post neatly categorizes many pieces and serves as a summary of the 2018 conference, including studies, presentations, tools and vulnerabilities.

UK firms concerned about cyber arms race (ComputerWeekly.com) Continuous investment and activity are key in the cyber arms race, according to Databarracks, as research shows UK firms are worried about keeping up with security challenges.

Marketplace

Giving digital diligence its due (Mergers & Acquisitions) In today’s M&A landscape, the definition of due diligence must expand beyond conventional financial metrics to include a company’s digital strategy and capabilities strengths and weaknesses as well.

Pentagon is rethinking its multibillion-dollar relationship with U.S. defense contractors to boost supply chain security (Washington Post) A new strategy would seek to protect sensitive weapons and technology from foreign theft and sabotage.

Army-Backed Consortium Seeks to Accelerate Tech Delivery to Cyber Ops Force (Executive Gov) The U.S. Army’s defensive cyberspace operations office established a consortium in late July to supp

Defense and Silicon Valley: Don’t let Google’s folly set the tone (Defense News) We could bemoan Google’s narrow vision or wrestle with cultural questions forever, but we are interested in pragmatic solutions for the rest of the innovation ecosystem.

What To Expect In A Private Security Career As A Veteran (Task & Purpose) Moving into a security career can make for a smooth jump for veterans transitioning out of the military. Given the skill-sets, it makes total sense.

The Creative Ways Your Boss Is Spying on You (WIRED) The most common snooping techniques are relatively subtle, but trouble emerges when employers invest too much significance in these metrics.

Exabeam Raises $50 Million in Series D Funding to Disrupt SIEM Market (Exabeam) Funding round led by Lightspeed Venture Partners; two years of explosive growth at Exabeam highlights significant demand for[...]

Imperva Completes the Acquisition of Prevoty (MarketWatch) Imperva, Inc. IMPV, +0.87% a leading global provider of best-in-class cybersecurity solutions on premises, in the cloud, and across hybrid environments, announced it completed its acquisition of Prevoty, Inc. a leader in Runtime Application Self-Protection, on Thursday, August 9.

Accenture forms strategic alliance, invests in Chinese AI start-up Malong Technologies (Help Net Security) Accenture and Malong partnership extends Accenture’s computer vision and product recognition capabilities to clients worldwide.

Increased Global Demand for Online Content and Services Drive Pulse Secure Application Delivery Business to Record Growth (Pulse Secure) Pulse Secure provides a consolidated offering for access control, SSL VPN, and mobile device security. Contact Pulse Secure at 408-372-9600 to get a free demo.

Gigamon Security Solutions Drive Continued Performance and Market Share Leadership (PRNewswire) Company sustains year-over-year growth and achieves sixteenth successive quarter of operating profit

Symantec Receives Notification of Deficiency from Nasdaq Related to Delayed Quarterly Report on Form 10-Q (BusinessWire) Symantec Corp. (NASDAQ: SYMC) received on August 10, 2018 a standard notice from Nasdaq stating that, as a result of not having timely filed its quart

KnowBe4 Opens New Office in Singapore Expanding Presence Into Asia-Pac (PRWeb) KnowBe4, the world’s largest security awareness training and simulated phishing platform, today announced it has opened a new office in Singapore, expanding...

Menlo Security hunts for distributors to expand A/NZ business (ARN) US-headquartered Menlo Security is on the lookout for two distributors to help the vendor to expand its presence across A/NZ.

FireEye appoints Chris Barton to lead ANZ channel (CRN Australia) Chris Barton to focus on local channel community.

Former CSRA CEO Larry Prior Appointed to Novetta Board (WashingtonExec) CSRA's former President and CEO Larry Prior has joined the board of directors at Novetta. Prior is a public and private sector veteran with more...

Products, Services, and Solutions

Illusive Networks Expands FirstMove Services to Drive Adoption of Deception-based Security (Dark Reading) Cyber security's comprehensive news site is now an online community for security professionals, outlining cyber threats and the technologies for defending against them.

Zscaler Becomes the First Cloud Services Provider to Receive FedRAMP Authorization for a Dedicated Zero Trust Remote Access Platform (BusinessWire) Zscaler, Inc. (NASDAQ: ZS), the leader in cloud security, today announced that Zscaler Private Access-Government (ZPA™-Government), its application ac

Samsung announces new SmartThings mesh Wi-Fi system (Help Net Security) Samsung SmartThings Wifi with a built-in SmartThings Hub delivers an optimized whole home network and smart home control.

Technologies, Techniques, and Standards

For Effective Patch Management, Don’t Overlook Risk (SecurityWeek) Patch management has always been an evergreen topic for security practitioners.

SEC's New Toughness On Breach Reporting And What It Means For Your IT Compliance (Forbes) To meet the SEC’s call for improved disclosure controls and procedures, many companies will need to up their game.

Collaboration means more businesses survive cyber attacks (Financial Review) The greater the number of organisations that share threat information, the less likely fraudsters will be to succeed, so in many cases experts urge collaboration.

Four Ways to Mitigate Cyber Risks for ERP Applications (SecurityWeek) Recommendations to help improve the cyber security posture of your organization’s ERP applications, whether deployed on premise or in public, private and hybrid cloud environments.

One Agency Plans to Lock Employees In a Room Until They Learn Cyber Hygiene (Nextgov.com) The National Geospatial-Intelligence Agency will be locking employees in escape rooms to test their knowledge of cybersecurity.

A quick guide to machine learning in cybersecurity (Security Brief) Beyond the numbers and the terminology, there is a simple question: What does machine learning do for cybersecurity, anyway?

Pentagon invites researchers to hack the Marine Corps (Fifth Domain) The Pentagon kicked off its Hack the Marine Corps bug bounty program in Las Vegas, awarding $80,000 for discovered vulnerabilities on the first day.

Deep dive: How AI empowers today’s security operations analysts (IT Brief) “The biggest impact that AI is making in the SOC is faster time to triage.”

Are Companies Doing Enough to Prevent Software Supply Chain Attacks? (Spend Matters) Software supply chains are at ever higher risk of cyberattacks, a recent report from the U.S. National Counterintelligence and Security Center (NCSC) has warned. With seven significant events repor…

How Will You Solve the Data Classification Conundrum? (Security Intelligence) Data classification takes on even greater importance today in the context of regulatory compliance mandates and debates over data privacy. Here's what you need to know.

Five key security tips to avoid an IoT hack (Help Net Security) Malicious IoT hacking incidents are a norm today. Homes and enterprises using legacy security measures are in danger because of the ever-growing IoT.

How to deal with cyber blackmail? (Security Boulevard) Cyber blackmail scams are coming back into fashion as criminals look to make a quick buck. Here’s what you should do if you ever receive online blackmail. The post How to deal with cyber blackmail? appeared first on Emsisoft | Security Blog.

An ounce of prevention: how the healthcare industry can fight cybercrime (Healthcare Global) The healthcare industry is under siege. Cyber attacks are exposing personal health data, ransomware is disrupting essential health services and shutting down emergency rooms, and fraudulent emails are defrauding partners, patients and staff.

Design and Innovation

Cybersecurity is failing us – and will continue to do so unless we act (New Scientist) Our current model of internet security is too vulnerable to the mistakes of individual programmers. Better alternatives exist – and should be deployed

The key to the intelligence in the future (C4ISRNET) Moving forward, intelligence should be more predictive and help potentially help prevent crises.

Legislation, Policy, and Regulation

When China Rules the Web (Foreign Affairs) China is set to remake cyberspace in its own image. That will make the Internet less open and allow Beijing to reap vast economic, diplomatic, and security benefits that once flowed to Washington.

Microsoft's National Cybersecurity Policy Framework: Practical Strategy or Non-Starter? (SecurityWeek) Microsoft believes that the solution to transnational cyber threats will be found in the generation of mutually compatible national cybersecurity policies across the globe.

Erdogan threatens US goods boycott as Turkey, Russia and Iran wilt under sanctions (Times) President Erdogan today threatened to boycott American electronic goods if Washington’s sanctions against Turkey continue. Mr Erdogan also urged Turkish manufacturers to work overtime to boost the...

Trump signs bill banning government use of Huawei and ZTE tech (The Verge) Senate Republicans voted for an even tougher ban.

Election systems should be considered critical infrastructure (Help Net Security) 93 percent of security professionals are concerned about cyber-attacks targeting election infrastructure and data, a recent study by Venafi has revealed.

Govt unveils proposed encryption legislation (CRN Australia) Includes a wide range of methods to access encrypted communications.

Cryptologic Warfare Group 6 Stands Up New Commands (US Navy) Cryptologic Warfare Group (CWG) 6 stood up three new commands, Cryptologic Warfare Activities (CWA) 65, 66 and 67, during a ceremony at McGill Training Center, Aug. 10.

UK's data watchdog picks privacy man from IBM arm as new tech policy exec (Register) Simon McDougall bags top innovation role at Information Commish

Litigation, Investigation, and Law Enforcement

F.B.I. Agent Peter Strzok, Who Criticized Trump in Texts, Is Fired (New York Times) Mr. Strzok was one of the F.B.I.’s top counterintelligence officials. But his disparaging texts about President Trump handed a weapon to conservatives assailing the Russia investigation.

FBI agent Peter Strzok fired over anti-Trump texts (Washington Post) The president suggested in tweets that in the wake of his dismissal the Russia investigation should be dropped and the Clinton case redone.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

4th International Cybersecurity Forum, HackIT 4.0: Exploit Blockchain (Kiev, Ukraine, October 8, 2018) The 4th International Cybersecurity Forum, HackIT 4.0: Exploit Blockchain will be held October 8 – 11, CEC Parkovy, Kyiv, Ukraine. The annual Hacken Cup – the onsite bug bounty marathon – happens on October...

Upcoming Events

CyberTexas 2018 (San Antonio, Texas, USA, August 14 - 15, 2018) The 2018 CyberTexas Conference will bring members of the CyberUSA community together with industry and government members of Texas to create long-term values for the cybersecurity ecosystem in San Antonio...

SecureWorld Bay Area (Santa Clara, California, USA, August 21, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

The Air Force Information Technology & Cyberpower Conference (Montgomery, Alabama, USA, August 27 - 29, 2018) As the premiere Air Force cyber security annual event, the Air Force Information Technology & Cyberpower Conference (AFITC) returns to Montgomery, Alabama in August of 2018. As a critical intersection...

The Cyber Security Summit: Chicago (Chicago, Illinois, USA, August 29, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Intelligence & National Security Summit (National Harbor, Maryland, USA, September 4 - 5, 2018) The Intelligence & National Security Summit is the premier forum for unclassified, public dialogue between the U.S. Government and its partners in the private and academic sectors. The 2018 Summit will...

Cyber Resilience & Infosec Conference (Abu Dhabi, UAE, September 5 - 6, 2018) Interact with the top-notch cyber security specialists, learn new strategies and protect your company's future efficiently

Incident Response 18 (Arlington, Virginia, USA, September 5 - 6, 2018) If you work for a vendor or product company, please understand this is not a sales event. IR18 is a community-driven event that aims to disrupt the traditional approach and is more focused on community,...

9th Annual Billington CyberSecurity Summit (Washington, DC, USA, September 6, 2018) An opportunity to hear, meet, and interact with cybersecurity leaders from Government and industry.

9th Annual Billington CyberSecurity Summit (Washington, DC, USA, September 6, 2018) The mission of Billington CyberSecurity is to bring together thought leaders from all sectors to examine the state of cybersecurity and highlight ways to enhance best practices and strengthen cyber defenses...

SecureWorld Twin Cities (Minneapolis, Minnesota, USA, September 6, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

CornCon IV: Quad Cities Cybersecurity Conference & Kids' Hacker Camp (Davenport, Iowa, USA, September 7 - 8, 2018) CornCon is a 2-day conference held in Davenport, Iowa including a professional development workshop on Friday and a full-day cybersecurity conference on Saturday. The workshop covers enterprise risk, privacy...

2018 International Information Sharing Conference (Tysons Corner, Virginia, USA, September 11 - 12, 2018) Join representatives from fellow information sharing groups with all levels of expertise, security practitioners, major technology innovators, and well-established cybersecurity organizations, as they...

SecureWorld Detroit (Detroit, MIchigan, USA, September 12 - 13, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Cybersecurity for Small & Medium Sized Businesses (Gaithersburg, Maryland, USA, September 13, 2018) Learn about technical, legal, cultural and policy cybersecurity issues facing small and medium sized businesses. Panelists include: Markus Rauschecker, J.D. University of MD. Center for Health and Homeland...

FutureTech Expo (Dallas, Texas, USA, September 14 - 16, 2018) With over 2,000 expected attendees, 70 top-notch speakers and 100+ exhibitors from the Blockchain & Bitcoin, Artificial Intelligence, Cyber Security / Hacking, Quantum Computing, 3D Printing, and Virtual...

Insider Threat Program Development-Management Training Course (San Antonio, Texas, USA, September 17 - 18, 2018) Insider Threat Defense will hold its highly sought-after Insider Threat Program Development-Management Training Course, in San Antonio, Texas, on September 17-18, 2018. This two-day training course will...

International Consortium of Minority Cybersecurity Professionals (ICMCP) 3rd Annual National Conference (Atlanta, Georgia, USA, September 17 - 19, 2018) The International Consortium of Minority Cybersecurity Professionals (ICMCP) 3rd Annual National Conference continues to elevate the national dialogue on the very necessary strategic, tactical and operational...

Air Space & Cyber Conference (National Harbor, Maryland, USA, September 17 - 19, 2018) Gain new insights and skills to advance your career. Be among the first to see the latest innovations in airpower, space, and cyber capabilities all the while bonding with your fellow Airmen. Inspiring...

Global Cybersecurity Innovation Summit (London, England, UK, September 18 - 19, 2018) Advancing global collaboration and innovation. SINET – London creates a forum to build and maintain international relationships required to foster vital information sharing, broad awareness and the adoption...

SecureWorld St. Louis (St. Louis, Missouri, USA, September 18 - 19, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

SINET Global Cybersecurity Innovation Summit (London, England, UK, September 18 - 19, 2018) SINET, an organization focused on advancing cybersecurity innovation through public-private collaboration, today announced that its annual Global Cybersecurity Innovation Summit (GCIS), will take place...

5th Annual Industrial Control Cyber Security USA (Sacramento, California, USA, September 18 - 19, 2018) Now in its 5th year, this two day executive forum will include presentations, roundtable working groups and panel sessions. Together we will address the escalating cyber risk and resilience challenges...

Security in our Connected World (Beijing, China, September 19, 2018) This year’s seminar will not only examine critical security technologies, such as the Trusted Execution Environment (TEE) and Secure Element (SE), but will also delve into their associated business and...

Detect 18 (National Harbor, Maryland, USA, September 19 - 21, 2018) Detect '18 is the single largest conference dedicated to threat intelligence. This year we're calling on fellow "Threatbusters" to wage a high-tech battle against apparitions (aka bad actors) and learn...

Cyber Beacon (Washington, DC, USA, September 20, 2018) Cyber Beacon is the flagship event of the National Defense University's College of Information and Cyberspace (NDU CIC). The conference brings together cyber experts from across the national security community,...

IT Security Leadership Exchange (Phoenix, Arizona, USA, September 23 - 25, 2018) IT Security Leadership Exchange is an invitation-only, strategic business summit that gathers Chief Information Security Officers (CISOs), senior decision-makers, and industry experts to address the unique...

Global Security Exchange (Las Vegas, Nevada, USA, September 23 - 27, 2018) Global Security Exchange—formerly the ASIS Annual Seminar and Exhibits—delivers new opportunities to exchange key ideas and best practices, expand global connections, and experience innovations. The GSX...

Merging of Cyber Criminal and Nation State Techniques: A Look at the Lazarus Group (Loudon, Virginia, USA, September 24, 2018) This presentation on North Korea's Lazarus Group as a case study of the convergence of organized cyber crime and nation-state intelligence services will be led by Allan Liska, a solutions architect at...

Connect Security World 2018 (Marseilles, France, September 24 - 26, 2018) While the number of IoT devices predicted by 2020 varies within tens of billions, all analysts agree that security is now the top concern of organizations looking at deploying IoT solutions. To address...

The Cyber Security Summit: New York (New York, New York, USA, September 25, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

5th Cyber Operations for National Defense Symposium (Washington, DC, USA, September 25 - 26, 2018) The 2018 Cyber Operations for National Defense Symposium will focus on the evolving nature of US Cyber policies and strategies. Cyber leaders from throughout the federal government will come together to...

PCI Security Standards North America Community Meeting (Las Vegas, Nevada, USA, September 25 - 27, 2018) The PCI Security Standards Council’s 2018 North America Community Meeting is THE place to be. We provide you the information and tools to help secure payment data. We lead a global, cross industry effort...

Hack the Capitol (Washington, DC, USA, September 26 - 27, 2018) The National Security Institute is partnering with the Wilson Center and ICS Village to host Hack the Capitol, a two-day event focused on Industrial Control Systems (ICS) and security. ICS are used throughout...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.