skip navigation

More signal. Less noise.

Daily briefing.

Three quick updates on investigations into apparent state-sponsored cyber operations. The US Department of Homeland Security's cybersecurity lead Jeanette Manfra said that Russia's GRU (Fancy Bear) targeted voter registration data in twenty-one states, and succeeded in "a few" cases. She said data were not manipulated during the incidents, which have been discussed on-and-off since late 2016. 

An AP report describes another Fancy Bear campaign, this one a phishing expedition against mostly US Defense contractors for technical intelligence.

And the third is an update on North Korea's exploitation of a Flash Player zero-day against South Korean targets. Investigators believe Pyongyang purchased the zero-day from some third-party.

Netskope has a report on a newly discovered strain of malware, "ShortJSRAT," that uses cloud apps to deliver malicious Windows scriptlets.

Cylance offers a report on the URSNIF family of information stealers.

Researchers at Radiflow report finding a cryptominer infestation in a European water utility, marking cryptojacking's long-expected approach to the industrial Internet-of-things.

A malicious Reddit spoof site has been found-it's engaged in credential harvesting.

If you thought the Nigerian prince scam was exposed and over, think again: a variant is using Twitter to inveigle marks out of cryptocurrency.

A US-led international effort has taken down the long-running "Infraud" carding gang, thought responsible for more than $530 million in losses to consumers over the last seven years. Thirty-six alleged hoods have been indicted; thirteen of them are in custody, the rest on the lam. 

Intel has issued another Spectre patch, this for its Skylake chips.

Notes.

Today's edition of the CyberWire reports events affecting Australia, France, Israel, Italy, Japan, Democratic Peoples Republic of Korea, Republic of Korea, Kosovo, Poland, Russia, Serbia, Ukraine, United Kingdom, United States.

The board and cyber-risk oversight: Crown Jewels Risk Assessments.

Corporate directors want to review cybersecurity risk and assist security leaders in protecting critical assets. Learn how to identify what matters the most and how to collaboratively assess and treat cyber risk using Crown Jewels Risk Assessments.

In today's podcast we hear from our partners at the SANS Institute, as Johannes Ullrich talks us through what they've learned about cryptocurrency theft. He offers some advice for protecting your wallets. Our guest is Christopher Doman from AlienVault, who describes their discovery of a Monero cryptocurrency miner linked to North Korea.

Cyber Security Summits: February 13 in Silicon Valley & Atlanta on February 28 (Silicon Valley, California, USA, February 13, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Darktrace, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350) https://CyberSummitUSA.com

Compete to win prize money plus the chance to be DataTribe’s next big investment (Online, March 23 - April 25, 2018) The DataTribe Inaugural Cyber Funding Competition: We put real firepower behind every idea. If you're part of a entrepreneurial technology team with a vision to disrupt cybersecurity and data sciences — we want to enhance your growth prospect with the opportunity for a DataTribe-financed seed capital of $2,000,000. Plus possible millions more in a Series A Venture Capital Round. The top three finalists will share $20,000 in prize money.

Cyber Attacks, Threats, and Vulnerabilities

DHS cybersecurity head says Russian hackers penetrated U.S. voting system (Seeking Alpha) The Department of Homeland Security’s head of cybersecurity tells NBC News that Russian hackers successfully penetrated the voter registration rolls of several U.S. states ahead of the last pre

'Fancy Bear' hackers took aim at US defense contractors (Fifth Domain) The hackers known as Fancy Bear, who also intruded in the U.S. election, went after at least 87 people working on militarized drones, missiles, rockets, stealth fighter jets, cloud-computing platforms or other sensitive activities.

North Korean APT Group Employed Rare Zero-Day Attack (Dark Reading) Recent Adobe Flash exploit discovered against South Korean targets likely purchased, not developed by the hacking group.

North Korea Might Be Behind The World's Largest Crypto Heist (ValueWalk) January’s Coincheck hack was the biggest crypto heist since the 2014 disappearance of about $470 million worth of Bitcoins from the Mt. Gox exchange. Coincheck, which halted withdrawals after detecting the infiltration on Jan. 26, said it was bolstering its security systems and that it would be resuming

McAfee Advanced Threat Research Warns of 2018 Winter Games Cyberattacks (BusinessWire) As the 2018 Winter Games quickly approach, McAfee, the leading device-to-cloud cybersecurity company, forewarns global fans, consumers, athletes and o

ShortJSRAT leverages cloud with scriptlets (Netskope) Netskope Threat Research Labs has identified a new malware named “ShortJSRAT” which uses a Windows script component scriptlet file with a .sct extension. The scripts we observed used cloud apps for delivering the next stage payloads. These payloads are executed using the “Squiblydoo” technique which use native windows applications to bypass application whitelisting solutions like...

Threat Spotlight: URSNIF Infostealer Malware (Cylance) URSNIF (Gozi) is a multifaceted malware family with an emphasis on information stealing that has been leveraged to exfiltrate sensitive data from targets, and has been particularly pervasive throughout 2016 and 2017.

Business Wire under sustained DDoS attack, traffic slowed (SC Media US) No client data is believed to have been compromised during a week-long DDoS attack on the Business Wire portal, the company's COO said in an alert.

BusinessWire Cyber-Attack (Information Security Buzz) In response to today’s Reuters report that global news distribution service BusinessWire, owned by Warren Buffett’s Berkshire Hathaway Inc., has been hit with a sustained distributed denial of service (DDoS) cyberattack that continued as of February 6, 2018, experts with Corero and Juniper Networks commented below. Stephanie Weagle, VP of Marketing at Corero Network Security: “Cyber attackers can quickly and easily launch a …

Kaspersky: Accidental DDoS attacks among top threats (CSO Online) Kaspersky Lab's Q4 2017 DDoS Intelligence Report found most DDoS attacks were sabotage and attempts to cash in on Bitcoin, but some were accidental attacks.

BrickerBot: Internet Vigilantism Ends Don't Justify the Means (Dark Reading) However noble the intention, obtaining unauthorized access to devices and making them unusable is illegal and undermines the work of ethical researchers.

Credential phishing kits target victims differently depending on location (Help Net Security) Credential phishing kits pose a serious risk. Not only can credential phishing scams easily impersonate another entity, but they can also lead to access to, and subsequent theft of, an organization's private data.

Hotspot Shield VPN flaw can betray users' location (Help Net Security) A Hotspot Shield VPN flaw can be exploited by attackers to obtain sensitive information that could be used to discover users' location and, possibly and ultimately, their real-world identity.

How to track smartphone users when they've turned off GPS (Help Net Security) As it turns out, turning off location services (e.g., GPS) on your smartphone doesn't mean an attacker can't use the device to pinpoint your location.

Malicious Reddit Clone Tricking Users Into Handing Over Logins - Information Security Buzz (Information Security Buzz) A malicious Reddit spoof site (Reddit.co) is convincing users to hand over their usernames and passwords. What’s particularly dangerous about this site is that it actually shows up as secure in your browser (image attached), as it has a valid SSL Certificate. Security experts at Venafi and RSA Security commented below. Azeem Aleem, Director, Advanced Cyber Defence Practice …

Reddit users, beware its evil twin (Naked Security) Unbeknownst to Reddit users, the site recently acquired an unwanted, evil twin

Water Utility in Europe Hit by Cryptocurrency Malware Mining Attack (eWEEK) Unauthorized cryptocurrency mining attacks come to industrial control systems for the first time, as cryptojacking attacks continue to expand.

When crypto-mining malware hits a SCADA network (Help Net Security) Radiflow has recently discovered Monero-mining malware on five servers of a water utility company. These servers included the HMI (Human Machine Interface), which was also the control server of the physical processes of the company.

Source code for iOS 9's 'iBoot' component reportedly leaks online (AppleInsider) Source code for what is claimed to be the iBoot component of Apple's iOS, software that handles secure booting of the operating system, was published on GitHub by an unknown party on Wednesday, a development that could lead to the discovery and exploitation of currently unknown vulnerabilities.

Tether critic's Twitter account suspended under questionable circumstances (Mashable) Was @Bitfinexed silenced by a powerful cryptocurrency exchange?

A Classic Scam Finds New Life Stealing Bitcoin on Twitter (WIRED) A new twist on the classic Nigerian Prince scheme has jumped from gaming communities to Twitter. And now it's spreading.

This Researcher Steals Data With Noise and Light (WIRED) Researcher Mordechai Guri has spent the last four years exploring practically every method of stealthily siphoning data off of a disconnected computer.

Twitter Is the Latest Platform to Ban AI-Generated P[0]rn (Motherboard) Deepfakes are in violation of Twitter’s terms of use.

YouTube Kids hasn’t cleaned up its act (Naked Security) YouTube is apologizing, again, uttering the tried-and-true “we have to do better.”

Kaspersky uncovers risks that expose gas stations to takeover (East African Business Week) Kaspersky Lab researchers have helped uncover a number of unknown vulnerabilities that have left gas stations around the world exposed to remote takeover, often for years

Updated: Harvey County target of cyber attack (The Kansan) Harvey County officials are not sure where a cyber attack against the county's computer network was launched from — nor exactly what attackers

Security Patches, Mitigations, and Software Updates

Intel releases new Spectre microcode update for Skylake; other chips remain in beta (Ars Technica) Previous microcode update was reported to cause unwanted system reboots.

XSS, SQL Injection Flaws Patched in Joomla (SecurityWeek) Joomla 3.8.4 includes over 100 bug fixes and improvements, and patches four XSS and SQL injection vulnerabilities

What Google’s Decision to Remove Trust from Symantec Certificates Will Mean for Certificate Authorities in 2018 (Venafi Media Alert) Venafi Media Alert: What Google’s Decision to Remove Trust from Symantec Certificates Will Mean for Certificate Authorities in 2018

Cyber Trends

Third party cyber breach risk set to rise (ComputerWeekly) Third party cyber security risk should always have been a priority, but this has never been more important than it is now in light of new technology risks and data protection regulations.

Questionable Interpretation of Cybersecurity's Hidden Labor Cost (SecurityWeek) Vendor report claims that a 2,000 employee organization spends roughly $16 million annually on Triaging threats.

Server-Side Exploits Dominate Threat Landscape and OT Vulnerabilities Rise 120 Percent Says Skybox Security's Inaugural Vulnerability and Threat Trends Report (Globe Newswire) Analysis of 2017 threat landscape trends shows that assets most difficult to patch are increasingly vulnerable

iovation Releases 2018 Gambling Industry Report (GlobeNewswire News Room) Analysis of 450 Million Online Gambling Transactions Offers Data-Driven Insights and Recommendations to iGaming Operators and Platform Providers

Businesses fail to close the gap on exploits (ITWeb Technology News) The median total cost of a ransomware attack in SA is around R1.7 million.

Agari and Farsight Security Reveal Global Domains Vastly Vulnerable to Phishing and Fraud (BusinessWire) Agari Email Threat Center indicates 90 percent of brands beset by domain name fraud; Farsight Security finds 99 percent of domains are not protected by DMARC

Over half of Polish companies have suffered cyber attack: report (Polskie Radio dla Zagranicy) More than half of Polish companies have been hit by a cyber attack at some stage, while only one in three say they have a sufficient level of security, according to a study.

Washington, New Hampshire, and Virginia Were the Most Malware Infected States in 2017 (Enigma Software Group USA LLC) The states of Washington, New Hampshire, and Virginia had the highest malware infection rates in the United States in 2017...

Marketplace

The Simulated Phishing Market Enters Early Adolescence (KnowBe4) The Simulated Phishing Market enters early adolescence

Microsoft CEO Satya Nadella: The technology industry can't shrug off possible job losses from A.I. (CNBC) Nadella has refocused the company on high-growth businesses like the Surface computer and Azure cloud, and has made splashy acquisitions.

Ukraine Power Distro Plans $20 Million Cyber Defense System (Dark Reading) After NotPetya and severe blackouts, Ukrenergo responds with an investment in cybersecurity.

Crypto prices mount a comeback following huge losses (TechCrunch) What goes up, must go down... what does down, must go up...? After a big and bloody plunge this week -- which saw the price of bitcoin touch a two-month low..

Post-Holiday Crash: The crypto questions we're all asking (International Business Times UK) Brave New Coin CEO Fran Strajnar announces the General Taxonomy for Cryptographic Assets, a framework that will make it easier to analyse data.

European Cops Welcome Spy Vendor That Sold to Assad Regime (Motherboard) A company fined for exporting surveillance tools to Syria was invited to speak at a European police conference.

How a Tiny Startup Became the Most Important Hacking Shop You’ve Never Heard Of (Motherboard) Inside the secretive industry that helps government hackers get around encryption.

Fulcrum buys PTR to expand R&D, intell work (Washington Technology) Fulcrum IT Services acquires The PTR Group to grow research-and-development work and services to intelligence agencies.

Singtel Innov8 backs 'deception tech' firm Attivo Networks for APAC expansion (Security Brief) Singtel Group’s venture capital arm Singtel Innov8 is backing US ‘deception technology’ firm Attivo Networks through an undisclosed amount of funding.

Akamai Targets Rising: CEO Leighton Discusses Diversification (Barron's) Shares of Akamai, which facilitates the movement of bandwidth-heavy content, are on the march as analysts raise their price targets following the company's better-than-expected quarterly report. CEO Tom Leighton makes the case for Akamai's increasing diversification in its lines of business, especially security, though bearish observers insist the business is still "structurally challenged."

Cisco or FireEye: Which Is the Better Cybersecurity Play? (The Motley Fool) There is a clear winner in this David vs. Goliath showdown.

CrowdStrike Expands Partner Footprint On the Heels of Record Growth in APJ (Digital Journal) CrowdStrike today announced massive expansion of its partner ecosystem, operations,

Infoblox Appoints Brad Bell as Chief Information Officer (PR Newswire) Infoblox Inc., the network control company that provides...

SlashNext Expands Executive Leadership Team with Security and SaaS Industry Sales Veteran Ed Greene (Business Insider) SlashNext, provider of fourth-generation Internet security solutions, today announced Ed Greene is joining its executive team to lead its sales organization as Senior Vice President of Worldwide Sales.

Eric Trexler Joins Forcepoint as Global Governments & Critical Infrastructure Sales VP (GovCon Wire) Eric Trexler, formerly executive director for civilian and national security programs at McAfee, has

Keysight chooses new head of Ixia Group (RCR Wireless News) Keysight Technologies has made its choice for the new president of its Ixia Group, and interim group President Mark Pierpoint will officially take the role of president for the long term.

Managing cyber risk: Cyber deception company Cymmetria announces the appointment of Marcus Alldrick as Chief Risk Officer (ResponseSource Press Release Wire) Cymmetria, a developer of comprehensive cyber deception solutions, today announced the appointment of Marcus Alldrick, who is joining Cymmetria as Head of Risk. Alldrick comes to the position with yea...

EFF founder and internet activist John Perry Barlow has died (TechCrunch) John Perry Barlow has one of those resumes that seems too surreal to possibly be true. Entertainment sites are lamenting the loss of a poet turned Grateful..

Products, Services, and Solutions

Cylance Releases New Prevention-Focused Security Solutions (Cylance) Cylance is pleased to announce new releases of their prevention-focused security products, CylancePROTECT® and CylanceOPTICS™, delivering capabilities designed to further decrease the noise and clutter of the security stack.

French cyber security arms itself with a new threat intelligence (ThreatQuotient) ThreatQuotient's threat intelligence management platform has been operational since the summer. Usage of its output has yet to become standard, but the first benefits can already be seen.

Dimension Data | Dimension Data Adopts Cisco Umbrella in Its Cybersecurity Strategy (RealWire) Umbrella proactively stop threats before they happen on Dimension Data’s internal systems and any mobile device used by its employees

Hacker-Powered Security without Compromise (Synack) Security Testing - Powered by Hackers - Without Compromise. We don't compromise trust, consistency, or incentives. For the customer's and the hacker's sake.

Fordham IT Announces Plans to Add Another Layer to Password Protection (Rival) Last March, Fordham Information Technologies launched Multi-Factor Authentication to provide an additional layer of security to all password-protected online ac…

Google Expands Play Marketplace Bug Bounty Program (Threatpost) The move adds to Google's efforts against malicious apps on the Play store.

Technologies, Techniques, and Standards

Navy’s new weapon of choice? Information (C4ISRNET) Three Navy leaders explain how the service prepares to stitch together operational domains and train next-gen information warriors.

What Cloud Storage Providers Offer Small Businesses (Clutch) Cloud storage offers small businesses new features, better security, and greater access to data.

Too Busy To Train? The Navy’s Cyber Dilemma (Breaking Defense) The Navy’s overworked IT teams need new “virtual training tools” and more time to train, especially for all-out cyber/electronic warfare against a high-end adversary, the commander of Naval Information Forces said here Tuesday.

Air Force to begin cyber squadron roll out in 2018 (Fifth Domain) The Air Force is rolling out the next phase of its initiative that aims to protect the critical Air Force-specific missions that ensure cyber threats are thwarted.

5G Network – Will The USG Throw It’s Hat into the Ring? (CyberDB) According to recent reports, the United States government is considering building a 5G network, a step designed to bolster the country’s cyber security posture and guard against attacks, particularly from nation states believed to be conducting hostile acts of espionage.

Design and Innovation

Google executives are floating a plan to fight fake news on Facebook and Twitter (Quartz) An extension to Google's Chrome browser could alert users on Facebook's and Twitter's websites.

Does the US Army need a strategy to counter AI? (C4ISRNET) The Army general in charge of standing up the service's Futures Command suggests the service consider a counter-artificial intelligence strategy along with AI development.

The nontechnical risk for the Pentagon’s AI plans (C4ISRNET) Technological hurdles remain, of course. But getting buy-in from the users may be the hardest part.

Army Developing Expeditionary Cyber-Electromagnetic Teams to Support Tactical Commanders (DVIDS) U.S. Army Cyber Command is deploying Expeditionary Cyber-Electromagnetic Activities (CEMA) Teams (ECTs) to support tactical commanders at National Training Center (NTC) rotations and their CEMA operations have tried to replicate real-world operations support through the cyberspace domain.

The future of cyber training might mean going inside a virtual network under attack (Federal Times) Raytheon is developing a virtual reality solution for training cyber warriors.

Should Data Scientists Adhere to a Hippocratic Oath? (WIRED) As concerns mount over the uses of data, some in the field are trying to forge ethical guidelines.

'Humans Not Invited' Is a CAPTCHA Test That Welcomes Bots, Filters Out Humans (Motherboard) FINALLY, A PLACE WHERE FELLOW ROBOTS CAN CONVENE WITHOUT SENTIENT MEAT BAGS.

Research and Development

What is quantum supremacy? The future of quantum computers relies on it (Alphr) The race to quantum supremacy is on, with researchers claiming their machines will manage tasks beyond any modern rival

Academia

Investigating the Dark Web: Carlow University and NCFTA Fight Cyber Crime (Carlow University) Carlow University and NCFTA fight cyber crime through a new graduate MicroMaster's certificate in Cyber Threat Research and Analytics.

Legislation, Policy, and Regulation

Senators propose bill to block U.S. from using Huawei, ZTE equipment (Reuters) Two Republican Senators introduced legislation on Wednesday that would block the U.S. government from buying or leasing telecommunications equipment from Huawei Technologies Co Ltd or ZTE Corp, citing concern the Chinese companies would use their access to spy on U.S. officials.

Tillerson proposes Cyberspace and Digital Economy Bureau to address security, policy creation (TechRepublic) The new bureau would aim to lead international diplomatic efforts involving all aspects of cyberspace.

The Argument Against a Mobile Device Backdoor for Government (SecurityWeek) Just as the scope of 'responsible encryption' is vague, so too are the technical requirements necessary to achieve it

Litigation, Investigation, and Law Enforcement

U.S. shuts down cyber crime ring launched by Ukrainian (Reuters) The U.S. Justice Department announced one of its largest-ever takedowns of a global cyber crime ring on Wednesday, saying it had indicted 36 people accused of trafficking in stolen identities and causing more than $530 million in losses to consumers.

World Police Take Down "Infraud" Carding Operation (BleepingComputer) The US Department of Justice (DOJ) has charged 36 suspects for their role in Infraud, a cyber-criminal organization that has been involved in the acquisition, sale, and dissemination of stolen identities, stolen debit and credit card data, personally identifiable information (PII), financial and banking information, computer malware,

Justice Dept. charges 36 alleged scammers for $530 million cyber-fraud scheme (ZDNet) Prosecutors said the case is "one of the largest cyber fraud enterprise prosecutions ever undertaken" by the Justice Department.

British man wanted by US for role in $560m cyber crime (The Telegraph) A British man is being sought by US authorities in connection with an international gang accused of committing £380 million in cybercrime fraud.

Hackers From Florida, Canada Behind 2016 Uber Breach (SecurityWeek) The massive 2016 breach that Uber covered up for more than a year was the work of a couple of individuals from Canada and Florida

Waymo v. Uber Is Looking a Little More Spy vs. Spy (WIRED) A calm Travis Kalanick waves away suspicious communications, and Waymo doesn't quite connect the dots.

DDoS attacks: How an 18-year-old got arrested for trying to knock out systems (ZDNet) After a wave of denial-of-service attacks stretching back to September, Netherlands police have made an arrest.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

PrivacyCon 2018 (Washington, DC, USA, February 28, 2018) The 2018 PrivacyCon will expand collaboration among leading privacy and security researchers, academics, industry representatives, consumer advocates, and the government. As part of this initiative, the...

Upcoming Events

SecureWorld Charlotte (Charlotte, North Carolina, USA, February 8, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Women in Data Protection, Securing Medical Devices and Health Records (Washington, DC, USA, February 9, 2018) Join some of the top cyber and privacy professionals as they talk about the landscape of the medical device and electronic health records market. They will also talk about the dangers to patients' health...

Cyber Security Summit: Silicon Valley (San Jose, California, USA, February 13, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts.

Security Titans (Scottsdale, Arizona, USA, February 23, 2018) Security Titans is a ground-breaking event, bringing the biggest names in Information Security together - all in one day, on a single stage to give the nation's cyber security industry access to the very...

CyberThreat 18 (Westminster, England, UK, February 27 - 28, 2018) Hosted by the UK’s National Cyber Security Centre, a part of GCHQ, and the SANS Institute, CyberThreat18 brings together a packed schedule of talks on a broad range of familiar and less familiar topics...

Midlands Cyber: US Cyber Market Workshop (Lutterworth, England, UK, February 27, 2018) We are delighted to announce that we will be running two workshops, led by Andy Williams, the International Director of the iCyber Centre @bwtech, Maryland. The workshops have been tailored by the team...

European Cybersecurity Forum – CYBERSEC Brussels (Brussels, Belgium, February 27, 2018) CYBERSEC Forum is an unique opportunity to meet and discuss the current issues of cyber disruption and ever-changing landscape of cybersecurity related threats. Our mission is to foster the building of...

The Cyber Security Summit: Atlanta (Atlanta, Georgia, USA, February 28, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Insider Threat Program Management With Legal Guidance Training Course (Herndon, Virginia, USA, March 6 - 7, 2018) The course will cover current regulations like National Insider Threat Policy NITP and NISPOM Conforming Change 2, and more. The course will provide the ITP Manager and Facility Security Officer with the...

SINET ITSEF 2018 (Silicon Valley, California, USA, March 7 - 8, 2018) Bridging the gap between Silicon Valley and the Beltway. SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment...

PCI Security Standards Council Middle East and Africa Forum (Cape Town, South Africa, March 14 - 15, 2018) Don’t miss the data security event of the year for the payment card industry. Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes...

SecureWorld Boston (Boston, Massachussetts, USA, March 14 - 15, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Cyber 9-12 (Washington, DC, USA, March 16 - 17, 2018) Now entering its fifth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges...

3rd Annual Billington International Cybersecurity Summit (Washington, DC, USA, March 21, 2018) With confirmed speakers from Estonia, Romania, Singapore, Sweden, the United States, and Kuwait, and with attendees from many more countries, this summit brings together world-class cybersecurity thought...

Infosecurity Magazine North America Virtual Conference (Online, March 21 - 22, 2018) Tune in on Wednesday March 21 for day two of our two-day online event to learn what’s going on at the heart of the industry. Our easy to digest format offers a mix of short sessions, panel debates and...

The Cyber Security Summit: Denver (Denver, Colorado, USA, March 22, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Women in CyberSecurity 2018 (Chicago, Illinois, USA, March 23 - 24, 2018) Through the WiCyS community and activities we expect to raise awareness about the importance and nature of cybersecurity career. We hope to generate interest among students to consider cybersecurity as...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.