skip navigation

More signal. Less noise.

2017 cyberattacks proved more numerous, sophisticated, and ruthless than in years past.

WannaCry, NotPetya, ransomware-as-a-service, and fileless attacks abounded. And, that’s not everything. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. Read The Cylance Threat Report: 2017 Year in Review Report and learn about the threat trends and malware families their customers faced in 2017.

Daily briefing.

Trend Micro, seconded by Qihoo 360, reports that North Korean operators are exploiting a vulnerability in the VBScript engine to compromise targets in Pyongyang's DarkHotel campaign. DarkHotel is related to DarkSeoul, and thence to the 2014 Sony Pictures hack.

Researchers at Proofpoint warn against a new malware strain, "Marap," which is being distributed in a large spam campaign run through the Necurs botnet. Marap is a malware dropper. The current campaign seems directed largely against the financial sector.

Two interesting proofs-of-concept have been reported. Researchers at Secarma describe a PHP exploit usable against content management systems. And Georgia Tech researchers demonstrate a new side-channel attack that can extract encryption keys from mobile devices.

Industry seems not to be buying the Australian government's contention that the country's new cybersecurity regulations won't amount to the equivalent of mandatory backdoors.

Dissatisfied with voluntary moderation, the EU is preparing anti-terror measures that will require social networks to yank radical content within an hour of notification.

Russia appears likely to continue its attempt to influence US elections, as the Atlantic Council and others warn. US National Security Advisor Bolton says it's not just Russia, either—the other three members of the Familiar Four (China, Iran, and North Korea) are interested in elections, too. Techniques vary. Russia favors media amplification of disruptive memes, China seeking influence through think tanks and universities, and Iran and North Korea probably building on past hacking successes.

Smart cars know lots about their drivers, and companies want to monetize those data.

Notes.

Today's issue includes events affecting Australia, China, European Union, India, Iran, Democratic Peoples Republic of Korea, Republic of Korea, New Zealand, Rumania, Russia, United Kingdom, United States.

Don’t let threats SOC you where it counts.

Protecting your organization from an attack involves much more than the traditional “block & tackle” tactics of the past. A good boxer doesn’t just block the punch they see coming, they move against the next anticipated punch. The modern Security Operations Center (SOC) requires a combination of automation and human tradecraft to successfully repel the adversary. Learn more about the modern SOC in LookingGlass’ webinar featuring guest IDC, August 29 @ 2pm ET.

In today's podcast we speak with our partners at Dragos, as Robert M. Lee talks about whether some forms of energy are inherently more susceptible to disruption by cyberattack than others, and about whether "cyberattacks" are often invoked in a way that renders the discussion a distraction.

Cyber Security Summits: August 29 in Chicago & in NYC on September 25 (Chicago, Illinois, United States, August 29, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The NSA, Darktrace, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com

IR18: Don’t Forget to Register for the first and only community-driven IR conference! Built by the community, for the community. (Arlington, Virginia, United States, September 5 - 6, 2018) IR18 is a conference for cybersecurity professionals to learn and develop playbooks to improve incident response processes. Receive 20+ hours of practical training on today’s best practices in IR topics, including 36 breakout sessions designed for all levels of experience.

Rapid Prototyping Event: The Chameleon and the Snake (Columbia, Maryland, United States, September 17 - 20, 2018) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event that specifically targets malware signature diversity and signature measurement for Microsoft Windows in a simulated operational environment at a realistic pace. Join us September 17-20, 2018 at UMBC Training Center in Columbia, MD.

5th Annual Cyber Security Conference for Executives (Baltimore, Maryland, United States, October 2, 2018) The 5th Annual Cyber Security Conference for Executives, hosted this year by The Johns Hopkins University Information Security Institute and Ankura, will be held on Tuesday, October 2nd, in Baltimore, Maryland. This year’s theme is cybersecurity compliance and regulatory trends, and the conference will feature discussions with thought leaders across a variety of sectors. Join the discussion and learn about current and emerging cyber security threats to organizations, and how executives can better protect their enterprises. To receive the early-bird rate, register now!

Dragos Industrial Security Conference (DISC) 11/5/18 (Hanover, Maryland, United States, November 5, 2018) Reserve your spot now for the Dragos Industrial Security Conference (DISC) on November 5th, 2018. DISC is a free, annual event for our customers, partners, and those from the ICS asset community. Visit https://dragos.com/disc/ for more information.

Cyber Attacks, Threats, and Vulnerabilities

We Regret to Inform You That Russia Is (Probably) At It Again (Defense One) For Putin and company, election season in America is open season for meddling.

Bolton says four foreign adversaries may try to interfere in U.S. midterms (Washington Post) U.S. officials are concerned not only about Russia, but also Iran, China and North Korea. Bolton also said Secretary of State Mike Pompeo will go to Pyongyang “soon.”

'China's MIT' Linked to Espionage Campaign Against Alaska, Economic Partners (Threatpost) The targets were scanned millions of times, and are all in some way linked to China's ongoing economic development activities, according to Recorded Future.

China is hacking the same countries is trades with (Fifth Domain) The Chinese government is matching its aggressive cyber skills with an ambitious Belt and Road Initiative.

In fight against ISIS’s propaganda machine, raids and online trench warfare (Washington Post) Targeted in police action, ISIS’s news agency ‘went down fast,’ but it came back again and again.

Researchers Find New Fast-Acting Side-Channel Vulnerability (Dark Reading) A group of researchers from Georgia Tech have discovered a method for pulling encryption keys from mobile devices without ever touching the phones, themselves.

Severe PHP Exploit Threatens Wordpress Sites with Remote Code Execution (Threatpost) The issue impacts several content management systems, including Typo3 and WordPress, as well as widely-used PDF generation library TCPDF.

Zero-Day In Microsoft's VBScript Engine Used By Darkhotel APT (BleepingComputer) A vulnerability in the VBScript engine has been used by hackers working for North Korea to compromise systems targeted by the Darkhotel operation.

Necurs Botnet Pushing New Marap Malware (BleepingComputer) Security researchers from Proofpoint have discovered a new malware strain that they named Marap and which is currently distributed via massive waves of spam emails carrying malicious attachments (malspam).

Highly Flexible Marap Malware Enters the Financial Scene (Threatpost) A new downloader, which has been spotted in an array of recent email campaigns, uses anti-analysis techniques and calls in a system fingerprinting module.

New AZORult variant being used by hacker Oktropys to spread Aurora ransomware (Cyware) A new variant of the AZORult data-stealing malware has been discovered in a new phishing campaign, targeting computers across the globe. The malware is being used by a malware actor (MalActor) called Oktropys to spread the Aurora ransomware.

Rotten EGGs spread ransomware in South Korea (Graham Cluley) Researchers report that online criminals are spamming out ransomware to potential victims in South Korea disguised as.… .EGGs.

Smart homes can be easily hacked via unsecured MQTT servers (Help Net Security) The Internet of Things is full of security holes, and the latest one has been pointed out by Avast researcher Martin Hron: unsecured MQTT servers.

Cybercriminals Shift to More Private Cryptocurrencies (BankInfo Security) Cybercrime investigators will face increasing difficulties if bad actors being accepting more privacy-centric cryptocurrencies rather than bitcoin, says Andrei

SRI: Many Romanian banks under cyber attack this summer (Business Review) The Romanian Intelligence Service (SRI) announced that its cyberintelligence unit, the Cyberint National Center (CNC), possesses certain data and

Customers on front line of defense to prevent ATM cash-out heists worth millions (USA TODAY) Consumers can help prevent cybercriminals from committing multi-faceted heists called ATM cash-outs, where thieves simultaneously withdraw millions from scores of banks.

SuperProf private tutor site massively fails password test, makes accounts super easy to hack (Graham Cluley) Superprof, which claims to be “the world’s largest tutoring network”, has made its newest members’ passwords utterly predictable… leaving them wide open to hackers.

Maine college says malware may have exposed personal data (AP News) Eastern Maine Community College in Bangor is warning of a possible data breach that could've exposed current and former staff and students.

Don't sleep on laptop security, safeguard your data (Help Net Security) You should think about laptop sleep security. Simply shutting the lid and putting the laptop into sleep mode can leave it vulnerable to cyber-attacks.

The Curious Case of a Revolutionary (But Imaginary?) Superconductor (WIRED) If the unconfirmed claims of a room temperature superconductor are real, this is bonkers.

Security Patches, Mitigations, and Software Updates

2 undocumented patches from Microsoft may solve the 1803 TLS 1.2 blocking problem (Computerworld) Earlier this week, Microsoft announced that it wouldn’t push Win10 1803 upgrades onto 1709 machines if the machine has a .Net app (such as QuickBooks Desktop) that relies on TLS 1.2 security. Now it looks as if there’s a fix — but there’s no documentation.

Google Starts Pushing Confidential Mode to All Gmail Users: Here’s How to Turn On (Telecom Talk) In its most significant revamp ever, Gmail introduced a host of new features to the people’s favourite email client a few months back. Notably, Google added a lot of features to the new Gmail some …

Cyber Trends

BlueApache: New regulations will drive big security investments (CRN Australia) With technology general manager Michael Zuppa.

Why are massive data breaches still occurring? (CRN) Cybersecurity specialists claim that some generalist VARs are failing their customers

Cyber is the new front line in modern economic warfare (Global Banking and Finance Review) The challenge from underground activists, organised criminals, state-sponsored actors and have-a-go hackers is gargantuan. When your enemy has a global recruitingground, fast-evolving weaponry and the abilit

British watchdog says cryptocurrency scams on the rise (Reuters) Cryptocurrency scams are using images of celebrities and upmarket London addresses to hoodwink consumers into parting with cash, Britain's Financial Conduct Authority has said.

Ever Wondered Why Governments Tend to Bully Cryptocurrencies? (CoinCentral) Many governments loathe cryptocurrencies. From strict regulations to bullying statements, find out why.

Marketplace

Cybersecurity Training Sees Flood Of M&A (Forbes) Companies play catch-up with employee education after big spending on IT solutions.

Guest Column: Augusta should be mindful of 'charlatans' as cyber industry booms (The Augusta Chronicle) The completion of the Augusta Canal in 1847 ignited this city's industrial revolution. The mills and industries that sprung up along the waterway quickly

Google Executives Misled Staff in Meeting on China Censorship. Here Are 13 Questions They Must Answer. (The Intercept) Co-founder Sergey Brin said he didn’t know about the China plans, which CEO Sundar Pichai said are “in an exploration stage” — despite previous reports.

Thales, Gemalto Make Progress On Regulatory Front Ahead of Merget (Mobile ID World) Thales and Gemalto are reporting progress in their efforts to secure regulatory approval for their proposed merger. The companies have announced...

Shiver me timbers: Symantec spots activist investor Starboard side (Register) Time for cyber-security firm to pull up the baggywrinkle?

Carbon Black channel chief Marco Corrent opens up about security vendor's Australian strategy (CRN Australia) Vendor operates 100 percent through the channel.

Hilltop Cybersecurity Announces a New CISO (GlobeNewswire) Hilltop Cybersecurity Inc, ("Hilltop" or the "Company") (CSE:CYBX) (OTC:BGGWF), is pleased to announce Pete Herzog as the new CISO (Chief Information Security Officer).

Products, Services, and Solutions

Hackers beware: These stealthy cybersecurity hunters speak your slang (Fast Company) Recorded Future, which recently made news for spotting military docs on the dark web, talks about how it scours hacker forums to hunt for threats.

ESET Launches EDR, Threat Hunting Enterprise Cyber-Security Tools (eWEEK) ESET is expanding its enterprise offering with a series of new technologies that provide EDR, threat hunting, sandbox and management capabilities.

Thycotic is First to Make Least Privilege and Application Control Simple to Deploy, Manage and Analyze at Enterprise Scale (PRNewswire) Newest Privilege Manager Capabilities Enable Massive Scale While Saving Time and Resources

Technologies, Techniques, and Standards

Why you should follow the 1-10-60 rule of cybersecurity (Fifth Domain) Agencies that follow this 1-10-60 rule are much more likely to eradicate the adversary before a cyberattack leaves its initial entry point.

DHS Asks Industry’s Help in Major Supply Chain Security Upgrade (Nextgov.com) The department wants industry’s input on how to detect malicious and counterfeit tech in the government’s supply chain.

How to inoculate the tech herd from IoT cyber-infections (TechRepublic) We invite insecurity and hacking, says Scythe CEO Bryson Bort, by pushing millions of insecure IoT devices into the environment.

Under threat: How Hawaii's electric utilities deal with cyberattacks (Pacific Business News) Hawaiian Electric said that in the last quarter alone it blocked over 26 million different attempts to penetrate its various security layers.

Cyber security of control systems is not well understood even by the FBI (Control Global) Many of the unique issues of cyber security of control systems is not well understood even by the FBI.

ROI at Hacker Inc.: How They Make Money, and How To Change the Equation (CSO) Business is good for hackers. By 2021, according to researchers, returns will have doubled – gaining them $6 trillion, up from $3 trillion in 2015, all coming from the companies they rip off.

Lessons Learned at DEF CON 26 (eSecurity Planet) Some key security takeaways from the world's largest hacker conference.

The Economics of AI-Enabled Security (Dark Reading) While AI greatly enhances security, Securonix CTO Tanuj Gulati points out the need for predictable cost models that insulate SOCs from the variables of massive data volume and intense real-time processing.

ROI at Hacker Inc.: How They Make Money, and How To Change the Equation (CSO) Business is good for hackers. By 2021, according to researchers, returns will have doubled – gaining them $6 trillion, up from $3 trillion in 2015, all coming from the companies they rip off.

Filtering the Threat Intelligence Tsunami (Dark Reading) Reversing Labs CEO Mario Vuksan contends that SOCs are overwhelmed by global threat intelligence, and can benefit more from a targeted pull model that focuses on YARA-type binary pattern matching.

Threat Analyst Insights: How to Avoid Drowning in a Sea of Cybersecurity News (Recorded Future) Staying on top of constant cyber news can be a challenge for security professionals, but it can be made easier by simply asking the right questions.

Corporate pre-crime: The ethics of using AI to identify future insider threats (CSO Online) Remember “Minority Report”? Artificial intelligence can spot employee behavior that suggests a future risk. Here’s how to use that data ethically and effectively.

Schools Are Mining Students' Social Media Posts for Signs of Trouble (WIRED) But should they?

How to Protect Yourself Against a SIM Swap Attack (WIRED) Your phone number is increasingly tied to your online identity. You need to do everything possible to protect it.

Design and Innovation

Meet the Man With a Radical Plan for Blockchain Voting (WIRED) A new movement says that crypto-voting can purify democracy—and eventually eliminate the need for governments altogether.

What Your Car Knows About You (Wall Street Journal) Auto makers can now collect large amounts of data from internet-connected vehicles, from location to driving habits.

As Cars Collect More Data, Companies Try to Move It All Faster (New York Times) It’s been three decades since cars’ internal networks got an update. With autonomous vehicles on the horizon, quick decisions will rely on a faster network.

We must be wary of tech that could turn on us (Times) Caesar’s Palace, Las Vegas: once home to the boozing, carousing Rat Pack; now frequented by the rather stranger Hack Pack. Last week the hotel hosted DefCon, the world’s top hacking convention...

Jack Dorsey admits Twitter hasn’t ‘figured out’ approach to fake news (TechCrunch) Jack Dorsey is hedging his bets. In an interview with CNN’s Brian Stelter, the beard-rocking CEO said Twitter is reluctant to commit to a timetable for enacting policies aimed at curbing heated political rhetoric on the site. The executive’s lukewarm comments reflect an embattled social network tha…

Research and Development

Tech Giant IBM Applies for Blockchain Patent for Development of Transaction Data via Nodes (CoinFrenzy | Blockchain News in Shorts) IBM has applied for a blockchain patent to ensure transaction compliance through nodes data, according to a patent application published by the U.S. Patent and Trademarks Office (USPTO) on Thursday, August 16.

Legislation, Policy, and Regulation

EU Set to Legislate on Terror Content (Infosecurity Magazine) Crackdown could force social networks to remove material within an hour

Tech giants warn Coalition bill opens customers up to cyber attack (the Guardian) Law to force companies such as Facebook to assist security services in decryption of private data goes too far, peak body says

​China aims to narrow cyberwarfare gap with US (ZDNet) While US blames China for cyber attacks on networks.

Ramifications of Trump revoking Obama’s cyber offense order (POLITICO) Intel official: Trump foreign policy hasn’t forced adversaries to strike online — States ramp up fall voting defenses as Senate alters election security bill

Pentagon’s artificial intelligence programs get huge boost in defense budget (Fast Company) The controversial Project Maven received a 580% funding increase in this year’s bill. As AI and machine learning algorithms are integrated into defense tech, spending is only going to increase in years to come.

Here are the intelligence community’s top 6 priorities (C4ISRNET) The IC has developed a new vision called IC 2025.

Trump appointee recommends NSA, Cyber Command remain under same leader (TheHill) Gen. Paul Nakasone, who leads both the National Security Agency (NSA) and U.S. Cyber Command, reportedly told top Pentagon officials that he believes both organizations should remain under the same leader for at least two more years.

Analysis | The Cybersecurity 202: Google's location tracking could bring scrutiny from Congress, regulators (Washington Post) Some lawmakers are already voicing concerns.

Blunt-Klobuchar 'Secure Elections Act' revisions make state funding contingent on establishing cyber response plan (Inside Cybersecurity) The revised version of the “Secure Elections Act” unveiled today by Senate Rules Chairman Roy Blunt (R-MO) and ranking member Amy Klobuchar (D-MN) would amend the Help America Vote Act to require states to establish a “response and communications plan for cybersecurity incidents,” in order for states to receive funding from the Election Assistance Commission.

Litigation, Investigation, and Law Enforcement

China Is Going to New Lengths to Surveil Its Own Citizens (Defense One) New tech—including drones disguised as birds—can be a nightmare for Muslims in particular.

Exclusive: U.S. government seeks Facebook help to wiretap Messenger... (Reuters) The U.S. government is trying to force Facebook Inc to break the encryption in its popular Messenger app so law enforcement may listen to a suspect's voice conversations in a criminal probe, three people briefed on the case said, resurrecting the issue of whether companies can be compelled to alter their products to enable surveillance.

HUD Secretary Carson accuses Facebook of enabling housing discrimination (Washington Post) The Department of Justice on Friday formally opposed an effort by Facebook to dismiss a lawsuit by several housing groups, arguing that the social media platform may be held legally responsible if advertisers violate fair-housing laws by using its ad-targeting tools.

Exclusive: FBI probing cyber attack on congressional campaign in... (Reuters) The U.S. Federal Bureau of Investigation is investigating a cyber attack on the congressional campaign of a Democratic candidate in California, according to three people close to the campaign.

Florida election officials seek info as support builds for Nelson’s Russian-hack claim (Miami Herald) Florida officials have been unable to confirm a potential Russian hack into the state’s voter systems, though leaders of the Senate Intelligence Committee told Sen. Bill Nelson recently that operatives working for Russia penetrated some county voter registration databases.

White House drafts more clearance cancellations demanded by Trump (Washington Post) While some aides see a welcome distraction from bad news, some worry about the appearance of an “enemies list.”

Brennan says he’s willing to take Trump to court over security clearances (Washington Post) “I am going to do whatever I can personally to try to prevent these abuses,” the former CIA director said.

John Bolton: Brennan, other Obama officials were ‘politicizing intelligence’ (Washington Examiner) National security adviser John Bolton on Sunday defended President Trump’s decision to revoke former CIA Director John Brennan’s security clearance, saying he and other former Obama administration officials have politicized intelligence.

How Important Is the Protest Against Trump from the National-Security Establishment? (The New Yorker) The former military commander William McRaven penned an open letter to Donald Trump, in solidarity with John Brennan, saying it would be an honor to have his security clearance revoked.

Nahan admits staffer photographed confidential Huawei security advice (The Sydney Morning Herald) Premier Mark McGowan accused the Liberal opposition of trying to turn controversial Chinese telco Huawei's $136 million contract into "Watergate".

Apple Pulls Illegal Apps Targeted by Chinese State Media (Wall Street Journal) Apple said it removed illegal gambling apps from its App Store in China as it came under fire from state media—a move that could help quell the latest challenge for the tech giant in its most important market outside the U.S.

SentinelOne makes YouTube delete Bsides vid 'cuz it didn't like the way bugs were reported (Register) Research silenced amid copyright, trademark claim

Adams County clerk under scrutiny for suspected data breach exposing up to 250,000 people (Daily Tribune Media) Adams County Clerk Cindy Phillippi says she was following procedures established by previous clerks.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

SecureWorld Bay Area (Santa Clara, California, USA, August 21, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

The Air Force Information Technology & Cyberpower Conference (Montgomery, Alabama, USA, August 27 - 29, 2018) As the premiere Air Force cyber security annual event, the Air Force Information Technology & Cyberpower Conference (AFITC) returns to Montgomery, Alabama in August of 2018. As a critical intersection...

The Cyber Security Summit: Chicago (Chicago, Illinois, USA, August 29, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Intelligence & National Security Summit (National Harbor, Maryland, USA, September 4 - 5, 2018) The Intelligence & National Security Summit is the premier forum for unclassified, public dialogue between the U.S. Government and its partners in the private and academic sectors. The 2018 Summit will...

Cyber Resilience & Infosec Conference (Abu Dhabi, UAE, September 5 - 6, 2018) Interact with the top-notch cyber security specialists, learn new strategies and protect your company's future efficiently

9th Annual Billington CyberSecurity Summit (Washington, DC, USA, September 6, 2018) The mission of Billington CyberSecurity is to bring together thought leaders from all sectors to examine the state of cybersecurity and highlight ways to enhance best practices and strengthen cyber defenses...

SecureWorld Twin Cities (Minneapolis, Minnesota, USA, September 6, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

CornCon IV: Quad Cities Cybersecurity Conference & Kids' Hacker Camp (Davenport, Iowa, USA, September 7 - 8, 2018) CornCon is a 2-day conference held in Davenport, Iowa including a professional development workshop on Friday and a full-day cybersecurity conference on Saturday. The workshop covers enterprise risk, privacy...

2018 International Information Sharing Conference (Tysons Corner, Virginia, USA, September 11 - 12, 2018) Join representatives from fellow information sharing groups with all levels of expertise, security practitioners, major technology innovators, and well-established cybersecurity organizations, as they...

SecureWorld Detroit (Detroit, MIchigan, USA, September 12 - 13, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

FutureTech Expo (Dallas, Texas, USA, September 14 - 16, 2018) With over 2,000 expected attendees, 70 top-notch speakers and 100+ exhibitors from the Blockchain & Bitcoin, Artificial Intelligence, Cyber Security / Hacking, Quantum Computing, 3D Printing, and Virtual...

Insider Threat Program Development-Management Training Course (San Antonio, Texas, USA, September 17 - 18, 2018) Insider Threat Defense will hold its highly sought-after Insider Threat Program Development-Management Training Course, in San Antonio, Texas, on September 17-18, 2018. This two-day training course will...

International Consortium of Minority Cybersecurity Professionals (ICMCP) 3rd Annual National Conference (Atlanta, Georgia, USA, September 17 - 19, 2018) The International Consortium of Minority Cybersecurity Professionals (ICMCP) 3rd Annual National Conference continues to elevate the national dialogue on the very necessary strategic, tactical and operational...

Air Space & Cyber Conference (National Harbor, Maryland, USA, September 17 - 19, 2018) Gain new insights and skills to advance your career. Be among the first to see the latest innovations in airpower, space, and cyber capabilities all the while bonding with your fellow Airmen. Inspiring...

Global Cybersecurity Innovation Summit (London, England, UK, September 18 - 19, 2018) Advancing global collaboration and innovation. SINET – London creates a forum to build and maintain international relationships required to foster vital information sharing, broad awareness and the adoption...

SecureWorld St. Louis (St. Louis, Missouri, USA, September 18 - 19, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

5th Annual Industrial Control Cyber Security USA (Sacramento, California, USA, September 18 - 19, 2018) Now in its 5th year, this two day executive forum will include presentations, roundtable working groups and panel sessions. Together we will address the escalating cyber risk and resilience challenges...

Security in our Connected World (Beijing, China, September 19, 2018) This year’s seminar will not only examine critical security technologies, such as the Trusted Execution Environment (TEE) and Secure Element (SE), but will also delve into their associated business and...

Detect 18 (National Harbor, Maryland, USA, September 19 - 21, 2018) Detect '18 is the single largest conference dedicated to threat intelligence. This year we're calling on fellow "Threatbusters" to wage a high-tech battle against apparitions (aka bad actors) and learn...

Cyber Beacon (Washington, DC, USA, September 20, 2018) Cyber Beacon is the flagship event of the National Defense University's College of Information and Cyberspace (NDU CIC). The conference brings together cyber experts from across the national security community,...

IT Security Leadership Exchange (Phoenix, Arizona, USA, September 23 - 25, 2018) IT Security Leadership Exchange is an invitation-only, strategic business summit that gathers Chief Information Security Officers (CISOs), senior decision-makers, and industry experts to address the unique...

Global Security Exchange (Las Vegas, Nevada, USA, September 23 - 27, 2018) Global Security Exchange—formerly the ASIS Annual Seminar and Exhibits—delivers new opportunities to exchange key ideas and best practices, expand global connections, and experience innovations. The GSX...

Merging of Cyber Criminal and Nation State Techniques: A Look at the Lazarus Group (Loudon, Virginia, USA, September 24, 2018) This presentation on North Korea's Lazarus Group as a case study of the convergence of organized cyber crime and nation-state intelligence services will be led by Allan Liska, a solutions architect at...

Connect Security World 2018 (Marseilles, France, September 24 - 26, 2018) While the number of IoT devices predicted by 2020 varies within tens of billions, all analysts agree that security is now the top concern of organizations looking at deploying IoT solutions. To address...

The Cyber Security Summit: New York (New York, New York, USA, September 25, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.