skip navigation

More signal. Less noise.

2017 cyberattacks proved more numerous, sophisticated, and ruthless than in years past.

WannaCry, NotPetya, ransomware-as-a-service, and fileless attacks abounded. And, that’s not everything. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. Read The Cylance Threat Report: 2017 Year in Review Report and learn about the threat trends and malware families their customers faced in 2017.

Daily briefing.

Shamoon 3 seems to have affected a wider range of targets than at first believed. McAfee says the attacks affected victims in the oil, gas, telecommunications, energy and government sectors in the Middle East and southern Europe. Symantec reports more signs that this Shamoon infestation came from Iranian threat actors, including its association with attacks that used Stonedrill malware (SecurityWeek).

Shamoon 3, as well as Charming Kitten's reappearance with 2FA-defeating attacks (Threatpost), have led some observers to conclude that the long-expected Iranian cyber-retaliation for reimposed sanctions is underway (WIRED).

The Czech government's CERT has issued an unambiguous warning that Huawei and ZTE equipment represents a security threat. The NÚKIB report specifically cites Chinese laws requiring companies to cooperate with intelligence and security services.

The US Senate-commissioned reports on Russian influence operations point out extensive trolling via Instagram, much directed toward African-American voters. The NAACP has, in response to the news, called for a boycott of Facebook (Telegraph).

We've seen many sound cautions against placing too much importance on attribution of attacks to specific actors, but here's one way it matters: your cyber insurance policy might not cover an act of cyberwar. Mondelez International, hit hard by NotPetya, submitted a claim for more than $100 million, but Zurich Insurance is disputing the claim on the grounds that their policy excluded coverage for a "hostile or war like act" by any "government or sovereign power" (Reinsurance News). NotPetya has generally been attributed to Russia, convincingly enough for Zurich to hold its payout.

Notes.

Today's issue includes events affecting Australia, China, Czech Republic, Holy See, Russia, Saudi Arabia, United Arab Emirates, United Kingdom, United States.

How Are You Responding to Threats? Find Out Now in the SANS 2018 Incident Response Survey

What new and continuing threats were uncovered in investigations and how are organizations dealing with those threats? In this SANS 2018 Incident Response Survey, learn how IR teams are coping with organizational structures, resources and IR implementation in an ever-changing threat environment. Find out how they have structured their incident response functions, what systems they’re conducting investigations on, the threats they’re uncovering and how they're uncovering them. Then apply these findings in your 2019 programs.

In today's podcast, up later this afternoon, we speak with our partners at Cisco Talos, as Craig Williams takes a look back at 2018. And our UK correspondent Carole Thieriault speaks with Rapid7's Tod Beardsley about their Industry Cyber Exposure report.

And the latest edition of the Recorded Future podcast, produced in cooperation with the CyberWire, is up. This episode, "The Leadership and Buy-In Help Protect BT's Global Networks," features a talk with Mark Hughes, the CEO of BT Security from 2013 to 2018. He shares how he earns buy-in from his board of directors, the importance of threat intelligence, and more.

Cyber Security Summits: 2019 (United States, January 1 - December 31, 2019) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from the FBI, Darktrace and more at the 2019 Cyber Security Summits. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350).

DreamPort Event: The Red Hat OpenShift Container Platform Bootcamp (Columbia, Maryland, United States, January 3, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting the Red Hat OpenShift Container Platform Bootcamp. This is all about Containers, DevOps, & Agile Development. Attendees will learn, hands on, how to create, develop, use, deploy, and access containers as DevOps & Agile Development tools.

Rapid Prototyping Event: The Wolf in Sheep's Clothing (Columbia, Maryland, United States, January 29 - 31, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event which is interested in identifying UAM solutions that employ advanced real-time analysis of multiple data sources for detecting unauthorized activities.

Cyber Attacks, Threats, and Vulnerabilities

Shamoon 3 Attacks Targeted Several Sectors (SecurityWeek) Several Shamoon 3 samples have been identified and there appear to be targets in more sectors than initially believed. Researchers also found some links to Iran.

Shamoon Disk Wiper Returns with Second Sample Uncovered this Month (BleepingComputer) Shamoon's comeback early last week was not marked by one, but two occurrences of the data-wiping malware. The second sighting observed a different sample that could indicate a follow-up to the initial attack.

Disk-Wiping 'Shamoon' Malware Resurfaces With File-Erasing Malware in Tow (Dark Reading) As with previous attacks, organizations in the Middle East appear to be main targets, Symantec says.

Charming Kitten Iranian Espionage Campaign Thwarts 2FA (Threatpost) The campaign targets politicians involved in economic and military sanctions against Iran, along with various journalists and human rights activists.

Sneaky phishing campaign beats two-factor authentication (Naked Security) Protecting an account with multi-factor authentication (MFA) is a no-brainer, but that doesn’t mean every method for doing this is equally secure.

Saipem-like cyber-attack numbers 'will climb', former hacker warns (Energy Voice) The number of cyber-attacks to hit the servers of oil and gas firms “will climb”, a former computer hacker has warned. Last week’s attack on oil services firm Saipem hit the firm’s servers in Aberdeen, India and the Middle East, with some servers attacked in Italy. Mike Jones, a former hacker with the Anonymous hacktivist group, …

The Iran Hacks Cybersecurity Experts Feared May Be Here (WIRED) An uptick in potentially Iran-related hacking since the nuclear deal collapsed spells trouble for the US and allies.

Czech cyber watchdog calls Huawei, ZTE products a security threat (Reuters) The Czech cyber watchdog warned network operators on Monday against using softwa...

Software and hardware of Huawei and ZTE is a security threat (NÚKIB) National Cyber and Information Security Agency (NCISA) has issued a WARNING against the use of both software and hardware of Huawei Technologies Co., Ltd., and ZTE Corporation. Use of these devices presents a security threat.

Why the US thinks Huawei has been a massive national security threat for years (CNBC) Huawei has been under scrutiny since at least 2011 for its allegedly close ties to the Chinese government.

Code Execution Flaw in SQLite Affects Chrome, Other Software (SecurityWeek) SQLite vulnerability dubbed Magellan can be exploited for remote code execution, information leaks and DoS attacks. Chrome and other popular applications using SQLite are affected.

URSNIF, EMOTET, DRIDEX and BitPaymer Gangs Linked by a Similar Loader (TrendLabs Security Intelligence Blog) We analyzed samples of EMOTET, URSNIF, DRIDEX and BitPaymer and found similar payload loaders and internal data structures, possibly implying that these different groups are familiar with and are working closely together.

Facebook photo API bug exposed users’ unpublished photos (Naked Security) It affected up to 6.8 million users and up to 1,500 apps. “We’re sorry this happened,” said Facebook with what must be acute apology fatigue.

Twitter API Bug Exposes Users’ Country Codes (Infosecurity Magazine) Twitter API Bug Exposes Users’ Country Codes. Phone number info could allow governments to track dissidents

Twitter warned of phone country code leak two years ago — but did nothing, security researcher says (TechCrunch) A security researcher found a bug in Twitter’s support form two years ago that exposed the country codes of phone numbers attached to user’s accounts. At the time, his bug report was closed as it did “not appear to present a significant security risk.” Twitter now says that …

Inspectors Find Big Cyber Vulnerabilities in US Missile Defense System (Defense One) The managers of the nation’s missile defense system aren’t implementing basic cybersecurity practices, according to a new inspector report.

US govt’s biological warfare response team may be leaking its secrets (The Nation) The US government’s program for coordinating responses to bioterrorism is still suffering from a number of security vulnerabilities, despite efforts to

Malspam links to password-protected Word docs that push IcedID (Bokbot) - SANS Internet Storm Center (SANS Internet Storm Center) Malicious spam (malspam) using some form of password protection is nothing new. I've blogged about it before, and yesterday Didier Stevens posted an example.

Dozens of companies impersonated in evolving 'Three Questions Quiz' scam (SC Media) Researchers from Akamai Technologies have identified 78 unique brand variations of the "Three Questions Quiz" online phishing scheme.

Sony inadvertently leaks player counts for PS4 titles (Ars Technica) Personalized PSN videos and trophy data combine for massive data dump.

Hacker Talks to Arizona Man Directly Through His IoT Security Camera (Motherboard) The man identified himself as a “white hat hacker” and part of the “Anonymous Calgary Mindhive.”

PewDiePie fans hack the Wall Street Journal (The Verge) First printers, now the Wall Street Journal

PewDiePie Hackers Deface Wall Street Journal (Infosecurity Magazine) PewDiePie Hackers Deface Wall Street Journal. Supporters continue with unconventional publicity campaign

Security Patches, Mitigations, and Software Updates

Logitech flaw fixed after Project Zero disclosure (Naked Security) The flaw offered attackers a way of executing keystroke injection to take control of a Windows PC running Logitech Options.

Twitter fixes bug that lets unauthorized apps get access to DMs (Naked Security) “You authorise it – whereupon it promptly leaks to the world all your sexts, inappropriate jokes, and dank memes. Tragic!” said the researcher.

Cyber Trends

Amid AI and Machine Learning, the Human Touch Remains Crucial to... (Bricata) Amid the fervor over artificial intelligence (AI) and machine learning, it’s easy to lose sight of just how important human involvement is in cybersecurity, a new survey finds. We know network security is complicated and becoming... #cybersecuritystatistics #cybersecuritytrends #networksecurity

Insight into the growing problem of highly sophisticated fraud (Help Net Security) Sophisticated fraud campaigns are beginning to outwit machine learning solutions especially the ones that only detect known fraud patterns based on

Top Five Cybersecurity Trends to Expect in 2019 (Portnox.com) Ransomware, zero-day exploits, and phishing attacks, were among the biggest threats facing IT security teams in 2018. Lets look at what coming in 2019. Read More Here.

Hackers have become increasingly deft at stealing student data (Help Net Security) The lack of resources for cybersecurity in schools and universities should be a cause for serious concern among students, parents, school boards.

Kaspersky: 13 Million Cryptojacking Incidents in 2018, up 400% From Last Year (CryptoGlobe) Cryptojacking, a malicious activity which involves mining cryptocurrencies by hijacking the computing resources of unsuspecting users, recently overtook ransomware as the the biggest cybersecurity threat in Africa, Turkey, and the Middle East.

GAO Report on Emerging Threats Highlighted by Dual-Use Technologies (Meritalk) Federal agencies identified 26 long-range emerging threats to U.S. national security, including emerging technologies and foreign cybersecurity threats, a new report by the Government Accountability Office (GAO) found.

Marketplace

Facebook faces 'log out' boycott on Tuesday over black voter suppression (The Telegraph) Facebook is facing a boycott on Tuesday after a report showed it failed to stop black voter suppression.

As NAACP kicks off boycott, Facebook says content moderation, infrastructure changes are coming in 2019 (TechCrunch) Facebook’s ongoing efforts to repair its image as a greedy, neglectful accessory to the spread of misinformation and other nefarious practices has taken a turn to civil rights and specifically how it serves non-white users, which proportionately account for the social network’s most act…

How Instagram got to one billion users: being the anti-Facebook (The Telegraph) In late March, at the height of the Cambridge Analytica scandal that threw Facebook’s management into crisis and sent its share price plummeting, Elon Musk announced he was deleting the Facebook pages of his two companies, Tesla and SpaceX.

Google’s Secret China Project “Effectively Ended” After Internal Confrontation (The Intercept) Google reassigned several groups of engineers away from a planned censored search engine after a rift over its use of real internet queries in China for testing.

Google's apparent climbdown over censored China search welcomed by Amnesty (Computing) But charity demands a clear statement that Project Dragonfly will not be restarted.

Huawei says it is victim of geopolitical attacks (Financial Times) US has lobbied several countries to ban Chinese telecoms group over security concerns

Atheist podcaster Sam Harris says he’s done with Patreon because of deplatforming (Fast Company) The contrarian neuroscientist and author says he won’t be part of a site that silences even the people whose views he does not share.

Mondelez's NotPetya cyber attack claim disputed by Zurich: Report (ReinsuranceNe.ws) A significant cyber insurance claim related to the Petya / NotPetya malware attack is being disputed by insurer Zurich, as the policy language includes an

Government looks inside to fill cybersecurity needs (Washington Post) Pilot project to test retraining current federal employees to move into cybersecurity roles.

Egress Secures $40 Million Growth Equity Funding Led by FTV Capital (BusinessWire) Egress, a leading provider of data privacy and compliance software designed to secure unstructured data, today announced it has raised $40 million in

Identity Intelligence Firm 4iQ Lands $18 Million in Series B Funding (SecurityWeek) 4iQ, which describes its self as the "identity intelligence company", has secured $18 million in Series B funding, bringing the total raised by the company to date to $32 million.

Avanan Raises $25 Million in Series B Funding (SecurityWeek) Avanan, a company that provides security solutions for SaaS-based email and collaboration platforms, has raised $25 million in a Series B funding round.

US gov't torpedoed Fifth Dimension sale to NSO (Globes) Fifth Dimension, whose chairman is former IDF chief of staff Benny Gantz, is closing down and laying off its 32 employees.

Thoma Bravo in talks to acquire McAfee from TPG, Intel: report (CRN Australia) Speculation knocks Symantec stock.

Market News: Will Intel Sell McAfee to Thoma Bravo? (Best Endpoint Security Protection Software and Vendors) Dominating the conversation in endpoint security: the possible acquisition of endpoint security solution provider McAfee by private equity firm Thoma Bravo.

DataTribe’s Start-Up Model Pays Big Dividends (I95 Business) DataTribe is barely three years old – but already the start-up studio has helped launch several companies that have the cybersecurity industry taking notice.

Zscaler: Unrealistic Valuation (Seeking Alpha) Shares of Zscaler have ripped higher and shaken off lockup expiration weakness after reporting strong Q1 results. The company's revenue growth accelerated five

Okta Is The Emerging Identity Verification Standard (Seeking Alpha) Their simple platform interfaces with all kinds of applications, leveraging the value of these for their clients and hence creating some network effects.

Products, Services, and Solutions

Acuant Chosen by XIXOIO as Identity Verification Provider in Innovative Blockchain Solution (Acuant) Acuant's AssureID with Facial Recognition will power XIXOIO's AMLSystem for real-time AML and KYC

Delta Risk Achieves Amazon Web Services (AWS) Advanced Partner Status (Delta Risk) AWS Recognizes Delta Risk’s Cloud Security Services for Proven Customer Value and Technical Expertise

Zscaler awarded FedRAMP authorization for secure internet and web gateway solution (Help Net Security) As the FedRAMP authorized secure internet and web gateway provider, the Zscaler platform enables government agencies to route traffic straight to the cloud.

StrongVPN Increases Simultaneous Connection Support (Benzinga) StrongVPN announced an increase to its number of simultaneous VPN connections, expanding the allotted amount from five to 12 per account....

Be The Hunter, Not The Prey - LMNTRIX and Openlogix Partner to Delivery Next-Generation Cybersecurity (PR Newswire) Openlogix Corporation, a Michigan based valued added reseller and technology services ...

dramds Announces Enterprise GDPR App for Mobile Phones & Tablets (PR Newswire) dramds.com ltd., a British technology company, announces the release of the world's most comprehensive enterprise mobile...

Milan Bergamo Airport protects digital infrastructure with Darktrace cyber AI (Cambridge Network) Darktrace, the world’s leading AI company for cyber defence, has today announced that SACBO, operator of Milan Bergamo Airport has deployed Darktrace’s AI technology to defend its 13 million yearly customers from cyber-threats.

Technologies, Techniques, and Standards

New guidelines for responding to cyber attacks don't go far enough (The Conversation) Austraia's first Cyber Incident Management Arrangements are a good start, but the government needs to better engage with private companies to prevent and manage cyber attacks.

How these cybersecurity standards could make life easier for contractors (Fifth Domain) New standards presented by the Aerospace Industries Association make it easier for contractors to explain their cybersecurity standards to different contractors.

Fear and loathing defending ICS security at DoE's CyberForce Competition (CSO Online) Defending critical infrastructure from determined attackers is not an easy task, CSO reporter J.M. Porup learned competing in the Department of Energy's CyberForce Competition 2018, a cyber security training initiative.

Denmark Hires Hackers to Test If Bank Systems Are Sitting Ducks (Bloomberg) Denmark's central bank and the country's lenders plan to enlist "ethical hackers" to test the resilience of the country's financial industry to cyberattacks.

How to Engage Your Cyber Enemies (Dark Reading) Having the right mix of tools, automation, and intelligence is key to staying ahead of new threats and protecting your organization.

The Expanding Role (and Importance!) of Corporate Security (ZeroFOX) CorpSec needs to proactively identify and protect against risks and threats to VIPs, executives, employees and locations originating online.

What is cybersecurity culture, and why is it important in the workplace? (Silicon Republic) Promoting cybersecurity culture in the workplace is a growing trend, but should employees be wary of the increased responsibility?

New Cyber Readiness Program Launched for SMBs (SecurityWeek) The Cyber Readiness Institute (CRI) has launched a Cyber Readiness Program designed to provide assistance to small and medium businesses who may not have the resources to give security the priority it needs and deserves.

Warding off security vulnerabilities with centralized data (Help Net Security) Having a system that lets you set the proper permissions and prevents unauthorized people from accessing files is important.

8 Security Tips to Gift Your Loved Ones For the Holidays (Dark Reading) Before the wrapping paper starts flying, here's some welcome cybersecurity advice to share with friends and family.

Design and Innovation

Google isn’t the company that we should have handed the Web over to (Ars Technica) Analysis: Microsoft adopting Chromium puts the Web in a perilous place.

Simplifying Blockchain Security Using Hyperledger Ursa (InfoQ) In a recent blog post, the Hyperledger project announced that their latest project, Hyperledger Ursa, has been accepted by the Technical Steering Committee (TSC). Ursa’s primary objective is to simplify and consolidate cryptographic libraries in a trusted, consumable manner for use in distributed ledger technology projects in an interoperable way.

Data Security is Receiving A lot of Hype within Blockchain Community, Reports iTrue Limited (PR Newswire) It's easy to lose sight of the underlying purpose of any new technology when the hype reaches a level that blockchain...

AI Has Started Cleaning Up Facebook, but Can It Finish? (WIRED) Artificial intelligence has proved effective at keeping nudity and pornography off of Facebook. But recognizing hate speech and bullying is a much tougher task.

Research and Development

Conservation of energy used to parallelize quantum key distribution (Ars Technica) Entangled photons provide key, conservation of energy provides address.

Legislation, Policy, and Regulation

Paris Cyber Agreement – Déjà Vu All Over Again? (Foreign Policy Journal) Failing to get the major cyber aggressors on board with the Paris Cyber Agreement risks the agreement becoming nothing more than a paper tiger.

Russia Is the Biggest Backer of Cybercrime. The US Must Get Serious About Deterrence (Defense One) Convincing Putin that further attacks will trigger automatic, severe responses is the best way to start.

Can America’s Countering Violent Extremism Efforts be Salvaged? (War on the Rocks) The United States has good reason to be worried about domestic extremism: from the far right, far left, and Islamism. It should not be hard to make a

Russian Foreign Ministry To Establish Special Cybersecurity Department (UrduPoint) A special department for information security will be established within the Russian Foreign Ministry, Russias Permanent Representative to International Organizations in Vienna Mikhail Ulyanov told Sputnik on Monday.

UK must prepare to fight wars with artificial intelligence and in space, defence secretary says (The Independent) ‘We must keep pace’ with nation-state competitors, Gavin Williamson warns

Analysis | The Cybersecurity 202: Senate Democrats launch new privacy effort to protect consumer data (Washington Post) But some think it's too vague.

FCC forces California to drop plan for government fees on text messages (Ars Technica) FCC said texts aren't telecommunications, causing California to ditch fee plan.

Litigation, Investigation, and Law Enforcement

Italy: FBI helped us take down ISIS plot against the Vatican (Hot Air) Under the radar?

Terrorismo, il 20enne arrestato a Bari progettava un attentato a San Pietro per Natale: "Mettiamo bombe nelle chiese" (Repubblica) Il fermo d'urgenza si era reso necessario per alcune fotografie relative al Vaticano che il cittadino somalo aveva scaricato da internet. Anas Khalil fa

Russia social media influence efforts ongoing, report says (Fifth Domain) Russia's sweeping political disinformation campaign on U.S. social media was more far-reaching than originally thought, with troll farms working to discourage black voters and "blur the lines between reality and fiction" to help elect Donald Trump in 2016, according to reports released Monday by the Senate intelligence committee.

Massive scale of Russian election trolling revealed in draft Senate report (Ars Technica) Data shows messages tuned to support Trump, discourage opposition.

How Instagram Became the Russian IRA's Go-To Social Network (WIRED) A Senate report finds that Russia's Internet Research Agency was far more active, and more successful, on Instagram in 2017 than on Facebook or Twitter.

Russian disinformation teams targeted Robert S. Mueller III, says report prepared for Senate (Washington Post) The operatives unloaded on the special counsel via fake accounts on Facebook, Twitter, Instagram and beyond.

Targeting Black Americans, Russia's IRA Exploited Racial Wounds (WIRED) A new report documents how Russian online propaganda had a much more sustained, deliberate focus on black Americans.

Russia waged web campaign to swing US election result (Times) Russian internet activity to divide and polarise American society was aimed at electing Donald Trump and has grown across Facebook, Google and Twitter since the 2016 vote, according to analysis for...

Silicon Valley's 'belated and uncoordinated' efforts at dealing with Russian fake news revealed (The Telegraph) The Kremlin's effort to undermine the 2016 US presidential election was wider than previously thought, involved every major social media platform, and was especially targeted at suppressing black voters, two new reports have found.

Irish Data Authority Probes Facebook Photo Breach (SecurityWeek) The Irish data watchdog on Friday launched an investigation into Facebook, after the social media titan admitted a "bug" may have exposed unposted photos from up to 6.8 million users.

MP Damian Collins' emails to be handed to Facebook (The Telegraph) A judge in Silicon Valley has ordered emails between an MP and lawyers for a company suing Facebook to be handed over to the social media giant.

Equifax, others must secure apps as part of New York settlement (CyberScoop) The New York attorney general’s office said five apps made by well-known companies could have leaked user data. The firms – Western Union, Priceline, Equifax, Spark Networks and Credit Sesame – have agreed to revamp the security of their apps as part of a settlement announced Friday.

Police investigate 'reprehensible' behavior of Camp fire cleanup workers who posted offensive photos (Los Angeles Times) Police are investigating whether the PG&E contractors broke any laws when they took inappropriate photos of the devastation in Paradise that were later posted on social media.

Australian Federal Court penalises another dodgy domain reseller (CRN Australia) Ordered to publish embarrassing ads in major newspapers.

Met Slammed for Using Dodgy Facial Recognition Cameras (Infosecurity Magazine) Met Slammed for Using Dodgy Facial Recognition Cameras. Cameras are 100% inaccurate, claims rights group

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

CYBERSEC Brussels Leaders' Foresight 2019 (Brussels, Belgium, May 15 - 16, 2019) The aim of the CYBERSEC Brussels Leaders' Foresight 2019 is to give proactive guidance on how to lead, encourage evidence-based desision-making, and develop cybersecurity policy statecraft in the EU and...

5th European Cybersecurity Forum – CYBERSEC 2019 (Krakow, Poland, October 29 - 30, 2019) CYBERSEC Forum is an unique opportunity to meet and discuss the current issues of cyber disruption and ever-changing landscape of cybersecurity related threats. Our mission is to foster the building of...

Upcoming Events

SINET Global Institute CISO Series (Scottsdale, Arizona, USA, January 15 - 16, 2019) By invitation only. These intimate CISO workshops address the challenges that Board of Directors are placing on security and risk executives, and how to successfully manage and communicate today’s enterprise...

CPX Asia 360 2019 (Bangkok, Thailand, January 21 - 23, 2019) CPX 360 - the industry’s premier cyber security summit and expo - brings together the world’s leading cyber security experts to one venue. Gain a deep understanding of current challenges cyber security...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.