skip navigation

More signal. Less noise.

Daily briefing.

EternalSynergy, EternalRomance, and EternalChampion, leaked last year by the Shadow Brokers and used in the NotPetya pseudoransomware attacks, have been found to work on all unpatched versions of Windows from Windows 2000 on. RiskSense researchers determined the three alleged Equation Group exploits may be just as easy for attackers to use as the hitherto more popular EternalBlue bug. This discovery should spur laggards (there are many) who have yet to apply patches Microsoft issued last March. 

On February 1st and 2nd the MacUpdate was briefly infested with cryptomining malware. MacUpdate has expelled the malicious software, but users who downloaded updates at the beginning of the month should check their systems.

Qihoo 360 NetLab warns that a new Monero cryptomining botnet affects Android devices in the wild. It infects through port 5555, which is used by the legitimate debugging tool Android Debug Bridge. 

T-Mobile has issued a warning of an active SIM-hijacking campaign. The warning takes the unusual form of a mass text message. In the "phone number port out scam," the crook impersonates the victim in either a phone call or a visit to a phone store and request a new SIM card for the victim’s phone number. Phone passcodes or PINs can help ward off the scam.

Apple and Cisco have partnered with insurance giant Allianz in an arrangement that will give Allianz customers lower cyber insurance rates if they use certain Apple and Cisco products.

US Federal agencies and their contractors prepare to implement NIST information-sharing guidelines.

Notes.

Today's issue includes events affecting Australia, Canada, China, European Union, Finland, France, Germany, NATO/OTAN, New Zealand, Palestinian Authority, Russia, United Kingdom, United States.

The board and cyber-risk oversight: Crown Jewels Risk Assessments.

Corporate directors want to review cybersecurity risk and assist security leaders in protecting critical assets. Learn how to identify what matters the most and how to collaboratively assess and treat cyber risk using Crown Jewels Risk Assessments.

In today's podcast we hear from our partners at Terbium Labs, as Emily Wilson talks about online tax fraud. Our guest, Woody Shea from Covata, discusses S3 bucket leaks.

Cyber Security Summits: February 13 in Silicon Valley & Atlanta on February 28 (Silicon Valley, California, USA, February 13, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Darktrace, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350) https://CyberSummitUSA.com

Compete to win prize money plus the chance to be DataTribe’s next big investment (Online, March 23 - April 25, 2018) The DataTribe Inaugural Cyber Funding Competition: We put real firepower behind every idea. If you're part of a entrepreneurial technology team with a vision to disrupt cybersecurity and data sciences — we want to enhance your growth prospect with the opportunity for a DataTribe-financed seed capital of $2,000,000. Plus possible millions more in a Series A Venture Capital Round. The top three finalists will share $20,000 in prize money.

Cyber Attacks, Threats, and Vulnerabilities

3 leaked NSA exploits work on all Windows versions since Windows 2000 (CSO Online) The EternalSynergy, EternalRomance, and EternalChampion exploits have been reworked to work on all vulnerable Windows versions: Windows 2000 -- Server 2016.

WannaMine and Smominru: The cryptocurrency botnets causing havoc (Silicon Republic) Two botnets that hijack machines to mine the cryptocurrency Monero are causing major problems around the world.

Smominru Botnet Infected Over 500, 000 Windows Machines (Information Security Buzz) News broke yesterday that over 526,000 Windows computers —mainly Windows servers— have been infected with Monero mining software by a group that operates the biggest such botnet known to date. This group’s operations have been known to security researchers since last year, and various companies have published reports on its activity. Because the botnet is so massive …

Bot Hacked Over $3m Worth of Monero from 500m Computers (The Market Mogul) A bot which infected 500,000 computers has earned the hackers responsible over $3m from mining cryptocurrency. Since last May, the crypto-botnet Smominru has infected computers and hijacked their processing power to generate as much as $3.6m of altcoin Monero, according to a researcher’s blog post published by security firm, Proofpoint. The researcher, who went under the name […]

Mac crypto miner distributed via MacUpdate, other software download sites (Help Net Security) Software download site/aggregator MacUpdate has been spotted delivering a new Mac crypto miner to users. The malware has been bundled with decoy copies of Firefox, OnyX, and Deeper.

MacUpdate Hacked to Distribute Mac Cryptocurrency Miner (HackRead) Another day, another cryptocurrency miner targeting users - This time, MacUpdate site has been hacked to drop cryptocurrency miner on Mac devices.

New Monero Crypto Mining Botnet Leverages Android Debugging Tool (Threatpost) The botnet uses port scanning code from Mirai, a first for Android-related attacks, according to researchers.

Fake Adobe Flash Update Sites Pushing CPU Miners (BleepingComputer) Sites telling you that Flash Player is out dated and then offering an update are installing CPU Miners are unsuspecting visitors.

How Cryptocurrency Mining Software Is Turning Into Malware (247wallst.com) Software designed for mining cryptocurrencies is also being used by cybercriminals to create botnets of PCs from unsuspecting victims. The only thing stolen -- so far -- is processing power from which the crook makes money and the victim gets nothing but a computer that runs more slowly.

Few Meltdown, Spectre Malware Attacks Are Being Reported (eWEEK) Meltdown and Spectre malware samples emerge, though few attacks follow; the new Cisco Container Platform will support Kubernetes Orchestrator; threats to industrial control systems grow as vulnerabilities increase; and Microsoft Azure cloud revenue nearly doubles in Q2 2018.

Covert Data Channel in TLS Dodges Network Perimeter Protection (Threatpost) Researchers have found a new covert data exchange technique that abuses the TLS protocol that can circumvent traditional network perimeter protections.

Did the government’s acquisition training website have a cyber incident? (FederalNewsRadio.com) The Federal Acquisition Institute Training Application System (FAITAS) has been unavailable for civilian agencies for more than a month.

NHS Trusts Have All Failed Cyber Essentials — Report (Infosecurity Magazine) NHS Trusts Have All Failed Cyber Essentials — Report. Best practice security still eluding UK healthcare

Boomerang spam bombs Malwarebytes forum—not a smart move (Security Boulevard) Boomerang Tech solutions had trouble configuring their spambots, thus dropping a few spam bombs on Malwarebytes forums. Watch us catch them red-handed in a scammer call. Categories: Cybercrime Social engineering Tags: BoomerangforumsMBAMspamTSS (Read more...) The post Boomerang spam bombs Malwarebytes forum—not a smart move appeared first on Malwarebytes Labs.

T-Mobile Is Sending a Mass Text Warning of ‘Industry-Wide’ Phone Hijacking Scam (Motherboard) Cybercriminals are increasingly targeting people’s phone numbers, hijacking and then using them to access people’s bank or social media accounts.

Over 12,000 Business Websites Leveraged for Cybercrime (Dark Reading) Attackers exploit trust in popular websites to launch phishing campaigns and spread malware.

Facebook Is Investigating Bitcoin Ads Bypassing Its New Ban (Motherboard) It appears some ads have already found simple workarounds.

Would You Have Spotted This Skimmer? (KrebsOnSecurity) When you realize how easy it is for thieves to compromise an ATM or credit card terminal with skimming devices, it’s difficult not to inspect or even pull on these machines when you’re forced to use them personally — half expecting something will come detached.

Security Patches, Mitigations, and Software Updates

Cisco issues new, complete fixes for critical flaw in enterprise security appliances (Help Net Security) Cisco researchers have identified additional attack vectors and features that are affected by the "perfect 10" remote code execution and denial of service vulnerability they attempted to patch last Tuesday.

Oracle patches POS vulnerability affecting 300,000 systems (SC Media US) Oracle recently patched a Micros point-of-sale vulnerability which could have allowed an unauthenticated attacker to read any file and receive information.

Flaw in Grammarly's extensions opened user accounts to compromise (Help Net Security) A vulnerability in the Grammarly Chrome and Firefox extensions allowed websites to read users' authentication tokes and use to them to log in to the users' Grammarly accounts and access all the (potentially sensitive) information held in them.

Cyber Trends

IT Security TCO: Uncovering the Hidden Costs of Detection-based Security (Bromium) Do you know what your detection-based cybersecurity is really costing your enterprise? Bromium uncovers hidden costs—$16.7M per year—for a 2,000-person organization.

Over 5,200 Data Breaches Make 2017 An Exceptional Year For All The Wrong Reasons (Risk-Based Security) In an all too common refrain, 2017 claims the dubious record of the most breaches and most records compromised in a year.

2017 Smashed World's Records for Most Data Breaches, Exposed Information (Dark Reading) Five mega-breaches last year accounted for more than 72% of all data records exposed in 2017.

Identity Fraud Hits All-Time High in 2017 (Dark Reading) Survey reports that the number of fraud victims topped 16 million consumers last year, and much of that crime has moved online.

How Much Do Healthcare Data Breaches Cost Organizations? (HealthITSecurity) Disaster recovery planning, employee training, and DLP solutions are key ways to prevent and respond to healthcare data breaches.

Data and analytics maturity: Most organizations should be doing better (Help Net Security) 91 percent of organizations have not yet reached a transformational level of maturity in data and analytics, despite this area being a number one investment priority for CIOs in recent years.

Marketplace

MY TAKE: Epiphany strikes Amazon, Google, Microsoft about who bears burden for cloud security - Security Boulevard (Security Boulevard) Amazon and Google last week very quietly made some moves that signal they’ve been hit by the identical epiphany: they each need to do a helluva lot more to secure cloud computing. Microsoft was hit by this lightning bolt about a year ago. The Redmond giant all through 2017 took pronounced steps to relieve users

Buyouts, Product Launches to Fuel FireEye (FEYE) Q4 Earnings (NASDAQ.com) FireEye Inc. FEYE is slated to release fourth-quarter 2017 results on Feb 8. The question lingering in investors' minds is if this cybersecurity.

IGEL Marks Record Software Sales Growth for the Year Ended 2017 (IGEL) IGEL announced record results for 2017 with 74% revenue growth in the U.S., year-over-year. Growth was significantly driven by record software sales, which were up 589% in the U.S., specifically, including sales for IGEL’s Universal Desktop Converter™ (UDC) and UD Pocket™ solutions.

Tracking Tenable's Growth To IPO-Sized Revenue (Crunchbase News) Now we all know that not only can SaaS transitions work, but they can work at scale. That and the cybersecurity sector is hardly dead.

3 Firewall Stocks to Consider Buying (The Motley Fool) Fortinet, Palo Alto Networks, and Check Point Software will be protecting data for years to come, and demand for their services is only growing.

Booz Allen takes on growth and the talent challenge (Washington Technology) Booz Allen Hamilton's employee mix is shifting as the company moves deeper into its Vision 2020 strategy.

Why Bitcoin and other cryptos can't scale like Silicon Valley tech (TheStreet) Cryptocurrencies and their underlying technology can't be compared to other industries, Coindesk's head of research tells TheStreet.

Business Update: Forcepoint Global Governments & Critical Infrastructure (Forcepoint) Forcepoint continues its focus on the unique needs and challenges found in the most highly regulated and mission-critical sectors. After over 20 years of protecting US and Five-Eyes critical classified information and networks, Forcepoint expanded the government business charter to bring human-centric cybersecurity to governments around the world in 2017.

Startup Studio DataTribe Launches Inaugural Cyber Funding Competition - The DataTribe Cyber Crucible (TheStreet) Winners Will Be Eligible For Up To $2 Million in Seed Financing, Potentially Millions More in Series A Venture Capital

Willis Towers Watson bolsters UK cyber offering with new cyber leader appointment (GlobeNewswire News Room) Leading global advisory, broking and solutions company, Willis Towers Watson (NASDAQ:WLTW), today announced the appointment of Tim Rees as Client Engagement and Strategy Leader for the UK Cyber Risk Solutions business.

Products, Services, and Solutions

SonicWall Invents New Real-Time Deep Memory Inspection Technology (RTDMITM) Also Effective Against Meltdown Processor Vulnerability (SonicWall) New Capture Cloud Platform engine builds on SonicWall’s extensive history and innovation in machine learning, artificial intelligence

Businesses with Apple and Cisco products may now pay less for cybersecurity insurance (TechCrunch) Apple and Cisco announced this morning a new deal with insurer Allianz that will allow businesses with their technology products to receive better terms on..

Apple, Cisco team up with insurance companies to offer cyber policy di (Reuters) Apple Inc and Cisco Systems Inc have teamed up with insurer Allianz SE to offer discounts on cyber insurance to businesses that primarily use equipment from both technology companies, they said on Monday.

SecValMSP Releases Risk as a Service to Hospitality (PR Newswire) SecValMSP a leading managed security services provider is pleased to...

Orange Cyberdefense Launches “Mobile Threat Protection”, A New Offer to Protect Mobile Device Fleets from Cyberattacks - Press Release - Digital Journal (Digital Journal) Point Software Technologies have teamed up to deliver a new Orange

Thales Highlights Integrated Aviation Cybersecurity (Aviation Week) Thales is keen to emphasize the importance of integrating cybersecurity thinking across all parts of the aviation ecosystem - civil and military, in the air or on the ground.

Visuality Systems Releases Java Client 'Server Message Block' (SMB) Supporting The Latest SMB Dialects (Yahoo! Finance) Visuality Systems has taken the initiative to develop and provide Java developers with the latest implementation of the Microsoft SMB file sharing connectivity, jNQ™.

What does the MobileIron and Google Orbitera partnership mean? (BrianMadden.com) MobileIron and Google Cloud Orbitera are partnering to provide white label cloud commerce and service management.

How a company founded by ex-spies uses AI to fight hackers (CNN) Cybersecurity firm Darktrace uses artificial intelligence to stop cyber attacks before they even start.

Technologies, Techniques, and Standards

Defense, civilian contractors laying groundwork to implement NIST information-sharing framework (FederalNewsRadio.com) It's a long road ahead, but federal agencies and contractors are laying the groundwork to implement NIST'S latest framework to protect federal information.

Phishing attacks: How hunting down fake websites is making life harder for hackers (ZDNet) A new approach to phishing URLs and scam emails is helping to reduce the window of opportunity for cyber-attackers -- but the fight isn't over yet.

Threat Hunting and Defensive Tools Government Could Use (Nextgov.com) New tech designed for cyber defense could help the government make up for lack of personnel.

NATO’s Crossed Swords exercise preps cyber warriors (Fifth Domain) NATO members are concerned their networks will be vulnerable to increasingly dynamic cyberthreats.

What You Should Know Before You Put Your GDPR Program in Motion (Security Intelligence) Organizations should take these steps to put their GDPR readiness plans in motion and make the transition as smooth as possible once the regulation takes effect in May.

Invest in the First Line of Defence (Infosecurity Magazine) How to create a culture of an informed, empowered and committed workforce, fully appreciative of the threat and knowledgeable of the signs of concerning behaviors.

Design and Innovation

French intelligence agency wants AI to help sort masses of raw data (C4ISRNET) The challenge is to assess, acquire and integrate those offerings into existing systems.

Health tech and open source– what should manufacturers do to keep medical devices safe? (Medical Plastics News) Mike Pittenger, Black Duck Software, advises device manufacturer on how way medical device security can be extended to open source.

Research and Development

Scilla: a Smart Contract Intermediate-Level LAnguage (Arxiv) Automata for smart contract implementation and verification

DARPA’s $200 Million JUMP Into Future Microelectronics (The Next Platform) DARPA has always been about driving the development of emerging technologies for the benefit of both the military and the commercial world at large. The De

Academia

10 schools stand out in latest Military Times ranking of cybersecurity programs (Navy Times) Syracuse University topped the list of Military Times’ latest batch of rankings of the best cybersecurity programs for veteran and military-connected students.

ERAU adds graduate cybersecurity program (The Daily Courier) Responding to an increased demand for cybersecurity professionals in Arizona and across the country, the College of Security and Intelligence at Embry-Riddle Aeronautical University’s Prescott campus has announced plans to offer a Master of Science in cyber intelligence and security.

Legislation, Policy, and Regulation

China's Surveillance State Should Scare Everyone (Defense One) The country is perfecting a vast network of digital espionage as a means of social control—with implications for democracies worldwide.

Battle for data rages between China and US- Nikkei Asian Review (Nikkei Asian Review) In the future there will be no concept of "made in China" or "made in America," because everything will be "made on the interne

French official details intelligence-sharing relationship with Five Eyes (Defense News) France joined that high-level group about a year ago, reflecting a strengthening of ties between Paris and Washington.

Why the Russian Government Turns a Blind Eye to Cybercriminals (Slate Magazine) Russia doesn’t just ignore cybercrime—it supports it, in many cases.

Why DoD leaders are increasingly worried about the ‘gray zone’ (C4ISRNET) The wide availability of commercial technologies to militaries and nonstate groups provides ample openings for competitive actions below the threshold of war, escalating the opportunities for a more traditional conflict.

DOD's nuclear posture review includes tougher cyber defenses (InsideDefense.com) The Pentagon's updated Nuclear Posture Review includes steps for strengthening the military's cyber defenses, as President Trump is calling for an increase in spending to modernize the nation's nuclear arsenal, Inside Cybersecurity reports.

‘The Hairs Really Went Up on the Back of Our Necks’ (POLITICO Magazine) Former top diplomat Victoria Nuland tells the story of how she pushed the Obama administration to do more to stop Russian hacking.

McCaul calls on the Senate to act on cyber bills (FCW) House Homeland Security Committee Chairman Michael McCaul (R-Texas) urged the Senate to move on restoring the State Department's cyber office and reorganizing DHS' National Protection and Programs Directorate.

Lawmakers: Cyber warfare skills critical for future military, homeland security (Stars and Stripes) Several lawmakers on Monday agreed skills for cyber warfare, such as developing artificial intelligence, will be key for the military and other domains charged with protecting the homeland in the future.

Army announces new cyber policy head (Fifth Domain) Brig. Gen. Jennifer Buckner has been selected to lead the Army’s cyber directorate within the G-3/5/7.

The threat to Finland's cyberdefense? Private-sector salaries (Fifth Domain) The Finnish Armed Force’s cyber unit is struggling to recruit the top-tier expertise it needs largely due to the prospect of lower salaries in government than in the private sector.

Here’s Ajit Pai’s “proof” that killing net neutrality created more broadband (Ars Technica) Pai's FCC takes credit for broadband deployments that began under Obama.

ISPs must follow net neutrality in New Jersey, governor declares (Ars Technica) ISPs can’t block or throttle traffic if they sell broadband to state agencies.

Litigation, Investigation, and Law Enforcement

China launches salvo against “network navy” of trolls who spread fake news (Ars Technica) More than 200 arrests, thousands of accounts and websites seized for "illegal speculation."

Mystery of suspected China-CIA spy draws lawmaker scrutiny (POLITICO) "We need answers from the FBI about why this wasn’t prevented," Senate Judiciary Chairman Charles Grassley says.

Bob Mueller’s Investigation Is Larger—and Further Along—Than You Think (WIRED) We speak about the “Mueller probe” as a single entity, but it’s important to understand that there are no fewer than five separate investigations under the broad umbrella of the special counsel’s office.

Nunes memo raises question: Did FBI violate Woods Procedures? (TheHill) The bureau may have violated the protocols for obtaining a FISA warrant to spy on Trump's campaign staffer.

Opinion | The Nunes memo revealed a damning omission (Washington Post) It will have long-term consequences for the warrant application process.

Dossier author Steele wrote another anti-Trump memo; was fed info by Clinton-connected contact, Obama State Department (Washington Examiner) The newly released document is an unclassified and heavily redacted version of the criminal referral targeting Steele filed on Jan. 4 by Rep...

Edward Snowden takes on Joe Scarborough over Nunes memo (Newsweek) The pair entered into an unexpected Twitter debate.

This May Be the Most Important Federal Judge You've Never Heard Of (LifeZette) He's refusing to let Americans see former FBI Director James Comey's memos about his talks with President Donald Trump

Newsweek Guts Its Top Edit Staff Amid Legal Turmoil (The Daily Beast) Staffers who spoke to The Daily Beast on condition of anonymity pointed out that the fired editors had all published pieces reporting on the company’s recent troubles.

UK data protection authority issues record fines (Help Net Security) Since August 2015, The UK's independent authority, The Information Commissioner's Office, has fined 104 organisations a total of £8.7 million for breaches in data security and anti-spam regulations.

An ‘Iceberg’ of Unseen Crimes: Many Cyber Offenses Go Unreported (Mew York Times) The country’s crime classification system is antiquated. Police commanders struggle with no data on an array of technology-based crimes.

Ex-Brooklyn Prosecutor Convicted of Illegal Wiretaps Sentenced to Prison Time (New York Law Journal) A former Brooklyn prosecutor who admitted to forging judicial orders to run illegal wiretaps on a fellow prosecutor and a New York City police detective has been sentenced to one year in prison.

Former PA intel chief files complaint against security forces, phone companies (The Jerusalem Post) Tawfiq al-Tirawi said the PA security services have no reason to wiretap his phone and have not received legal permission to undertake such a measure.

Super Bowl national security docs left on plane (CNN) Sensitive DHS reports about protecting the Super Bowl from terrorism were found in the seat-back pocket on a commercial airplane flight.

Two Suspects Arrested in 'Jackpotting' Attack in Connecticut (Dark Reading) The men were charged in federal court for alleged bank fraud using malware that empties cash from ATM machines.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Connect Security World 2018 (Marseilles, France, September 24 - 26, 2018) While the number of IoT devices predicted by 2020 varies within tens of billions, all analysts agree that security is now the top concern of organizations looking at deploying IoT solutions. To address...

Upcoming Events

SecureWorld Charlotte (Charlotte, North Carolina, USA, February 8, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Women in Data Protection, Securing Medical Devices and Health Records (Washington, DC, USA, February 9, 2018) Join some of the top cyber and privacy professionals as they talk about the landscape of the medical device and electronic health records market. They will also talk about the dangers to patients' health...

Cyber Security Summit: Silicon Valley (San Jose, California, USA, February 13, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts.

Security Titans (Scottsdale, Arizona, USA, February 23, 2018) Security Titans is a ground-breaking event, bringing the biggest names in Information Security together - all in one day, on a single stage to give the nation's cyber security industry access to the very...

CyberThreat 18 (Westminster, England, UK, February 27 - 28, 2018) Hosted by the UK’s National Cyber Security Centre, a part of GCHQ, and the SANS Institute, CyberThreat18 brings together a packed schedule of talks on a broad range of familiar and less familiar topics...

Midlands Cyber: US Cyber Market Workshop (Lutterworth, England, UK, February 27, 2018) We are delighted to announce that we will be running two workshops, led by Andy Williams, the International Director of the iCyber Centre @bwtech, Maryland. The workshops have been tailored by the team...

European Cybersecurity Forum – CYBERSEC Brussels (Brussels, Belgium, February 27, 2018) CYBERSEC Forum is an unique opportunity to meet and discuss the current issues of cyber disruption and ever-changing landscape of cybersecurity related threats. Our mission is to foster the building of...

The Cyber Security Summit: Atlanta (Atlanta, Georgia, USA, February 28, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Insider Threat Program Management With Legal Guidance Training Course (Herndon, Virginia, USA, March 6 - 7, 2018) The course will cover current regulations like National Insider Threat Policy NITP and NISPOM Conforming Change 2, and more. The course will provide the ITP Manager and Facility Security Officer with the...

SINET ITSEF 2018 (Silicon Valley, California, USA, March 7 - 8, 2018) Bridging the gap between Silicon Valley and the Beltway. SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment...

PCI Security Standards Council Middle East and Africa Forum (Cape Town, South Africa, March 14 - 15, 2018) Don’t miss the data security event of the year for the payment card industry. Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes...

SecureWorld Boston (Boston, Massachussetts, USA, March 14 - 15, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Cyber 9-12 (Washington, DC, USA, March 16 - 17, 2018) Now entering its fifth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges...

3rd Annual Billington International Cybersecurity Summit (Washington, DC, USA, March 21, 2018) With confirmed speakers from Estonia, Romania, Singapore, Sweden, the United States, and Kuwait, and with attendees from many more countries, this summit brings together world-class cybersecurity thought...

Infosecurity Magazine North America Virtual Conference (Online, March 21 - 22, 2018) Tune in on Wednesday March 21 for day two of our two-day online event to learn what’s going on at the heart of the industry. Our easy to digest format offers a mix of short sessions, panel debates and...

The Cyber Security Summit: Denver (Denver, Colorado, USA, March 22, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.