skip navigation

More signal. Less noise.

Daily briefing.

The Winter Olympics opened today, but state-sponsored threat actors have hacked in first. So far it's mostly phishing and doxing by North Korea and Russia.

Apple has filed a notice under the Digital Millennium Copyright Act to have Github remove leaked iOS source code.

Cryptomminers turn up in more uncomfortable places, among them a Tennessee hospitals electronic medical records system.

As more criminals seek payment Litecoin, that cryptocurrency appears to be taking black marketshare from Bitcoin. 

Phishing shows some fresh plausibility and sophistication as the criminals pay closer attention to their marks. Researchers report a spike in conversation hijacking, where criminals interpose themselves into an email thread, spoofing one of the parties to the conversation in an effort to induce the other to open a malicious attachment that carries the Gozi Trojan as its payload. Other observers note an increase in phishing attempts that induce employees to give up their credentials so their paychecks can be directly deposited in the criminals' account. In this scam a trusted company resource is spoofed, and suspicious employees who respond to the initial phishing email with questions are promptly reassured that, yes, this is legitimate.

NETGEAR has patched five vulnerabilities Trustwave's SpiderLabs found in their broadband routers.

WordPress has issued an emergency patch for version 4.9.3, but users will have to apply it manually. Admins are finding the update comes with some headaches.

US interest in forestalling Russian mid-term election influence operations remains high, with Congress suggesting strategy to the Department of Homeland Security.

Notes.

Today's issue includes events affecting China, European Union, France, Democratic Republic of Korea, Republic of Korea, Russia, Switzerland, United Kingdom, United States.

The board and cyber-risk oversight: Crown Jewels Risk Assessments.

Corporate directors want to review cybersecurity risk and assist security leaders in protecting critical assets. Learn how to identify what matters the most and how to collaboratively assess and treat cyber risk using Crown Jewels Risk Assessments.

In today's podcast we speak with our partners at CenturyLink about victim notification: Dale Drew has some insights. Our guest, Deidre Diamond from #brainbabe, talks about her not-for-profit's work to bring students to work at trade shows. 

Cyber Security Summits: February 13 in Silicon Valley & Atlanta on February 28 (Silicon Valley, California, USA, February 13, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Darktrace, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350) https://CyberSummitUSA.com

Compete to win prize money plus the chance to be DataTribe’s next big investment (Online, March 23 - April 25, 2018) The DataTribe Inaugural Cyber Funding Competition: We put real firepower behind every idea. If you're part of a entrepreneurial technology team with a vision to disrupt cybersecurity and data sciences — we want to enhance your growth prospect with the opportunity for a DataTribe-financed seed capital of $2,000,000. Plus possible millions more in a Series A Venture Capital Round. The top three finalists will share $20,000 in prize money.

Cyber Attacks, Threats, and Vulnerabilities

Winter Olympics’ Security on Alert, but Hackers Have a Head Start (New York Times) Some computer systems connected to the 2018 Games in Pyeongchang, South Korea, have already been compromised, experts said. The big question is what happens next.

Now that's taking the p... Sewage plant 'hacked' to craft crypto-coins (Register) Mining Monero on SCADA networks? Why can't you kids be normal and just DDoS

Gojdue Variant Eludes Microsoft, Google Cloud Protection, Researchers Say (Threatpost) Researchers have identified a new ransomware strain that went undetected by built-in anti-malware protection used by cloud heavyweights Microsoft and Google as recently as January.

Google and Microsoft failed to detect zero-day ShurL0ckr ransomware (2 Spyware) New zero-day ransomware detected on both Google and Microsoft cloud servers. The new file-encrypting virus was detected on Google and Microsoft cloud services. Researchers report

Crypto-Mining Malware May Be a Bigger Threat than Ransomware (Security Boulevard) Crypto-Mining Malware is Crippling Enterprise Networks Cryptocurrencies such as Bitcoin and Ethereum have gone mainstream; it seems like everybody and their brother is looking to buy some crypto and get their piece of the digital currency gold rush. Hackers want a piece of it, too. In addition to hacking ICO’s and cryptocurrency exchanges, they’re using… Read More The post Crypto-Mining Malware May Be a Bigger Threat than Ransomware appeared first on .

How IoT botnets affect the 'internet of money,' cryptocurrency (IoT Agenda) We know botnets can wreak havoc, but what about IoT botnets? And how will they affect cryptocurrencies? Nexsoftsys's James Warner discusses.

Tennessee Hospital Hit With Cryptocurrency Mining Malware (Dark Reading) Decatur County General Hospital is notifying 24,000 patients of cryptocurrency mining software on its EMR system.

Cryptocurrency Marketplaces Hit by a Spectrum of Attacks Amidst Major Shifts in Cybercrime, Reveals New ThreatMetrix Report (BusinessWire) ThreatMetrix®, The Digital Identity Company®, today revealed a 113 percent year-over-year increase in cyberattacks in Q4 2017, as both the volume and

Insurance Customers’ Personal Data Exposed Due to Misconfigured NAS Server (Threatpost) The vulnerability also exposed login credentials for a massive national insurance claims database, Upguard says.

Sacramento Bee Leaks 19.5 Million California Voter Records, Promptly Compromised by Hackers (Gizmodo) Last month, a local California newspaper left more than 19 million voter records exposed online. Gizmodo confirmed this week that the records were compromised during an apparent ransomware attack.

Swisscom Breach Hits 10% of Swiss Population (Infosecurity Magazine) Swisscom Breach Hits 10% of Swiss Population. Telecoms firm says intruders got in via sales partner

New POS Malware Steals Data via DNS Traffic (Dark Reading) UDPoS is disguised to appear like a LogMeIn service pack, Forcepoint says.

Hacker group manages to run Linux on a Nintendo Switch (TechCrunch) Hacker group fail0verflow shared a photo of a Nintendo Switch running Debian, a distribution of Linux (via Nintendo Life). The group claims that Nintendo..

This phishing trick steals your email and then fools your friends into downloading malware (ZDNet) Researchers have noticed a sudden spike in a phishing attack that sends malware-ridden attachments as replies to real email conversations.

WordPress denial-of-service attacks – how real is the problem? [VIDEO] (Naked Security) Reports suggest that “29% of all websites are easy to DoS” thanks to what’s being called a WordPress security flaw – here are the facts.

Mobile security firm says it defeated Strava’s privacy feature with simple geometry (The Verge) Wandera pointed out the problem to Strava back in June

Trustwave Find Multiple Vulnerabilities in NETGEAR Broadband Routers (ISPreview UK) Digital security specialist Trustwave has this evening detailed 5 recently discovered vulnerabilities in NETGEAR routers, which affects multiple models and

Multiple Vulnerabilities in NETGEAR Routers (Trustwave) Last year I discovered multiple vulnerabilities in NETGEAR products. Now that these vulnerabilities have gone through the disclosure process and have been patched we can discuss the technical details. TWSL2018-002: Password Recovery and File Access on Some Routers and Modem...

Apple iPhone source code leaks on GitHub (CRN Australia) Apple's reputation for security takes another hit.

Apple’s iOS source code leak – what you need to know (HOTforSecurity) What's happened? Earlier this week someone anonymously published a key piece of Apple's iOS source code onto GitHub. Which bit of iOS was it? It was an integral part of iOS known as "iBoot" - the section of code which controls the security of your iPhone... #appleios #sourcecodeleak #vulnerability

UDPoS - Exfiltrating Credit Card Data via DNS (Forcepoint) In the current era of mass malware it's becoming increasingly rare to find something beyond the ‘usual suspects’ we see being spread by high-profile botnets on a regular basis. However, in amongst the digital haystack there exists the occasional needle: we recently came across a sample apparently disguised as a LogMeIn service pack which generated notable amounts of 'unusual' DNS requests. Deeper investigation revealed something of a flawed gem, ultimately designed to steal magnetic stripe payment card data: a hallmark of ATM/PoS malware.

Facebook HOAX! New algorithm will NOT only show you 26 friends (Naked Security) “Guess what, friends…. Facebook’s algorithm now chooses your 26 FB friends.” No, no it doesn’t.

Diverting Employees’ Payroll Direct Deposits: The Latest Wave of Phishing Scams (Ogletree Deakins) Employers beware: Companies are experiencing a wave of phishing scams that target employee paychecks.

Hidden PDF Trojan in Startup India Website (Infosecurity Magazine) I was recently analysing the Indian government website startupindia.gov.in after recently gaining recognition from Startup India for my new company.

Researchers are sounding the alarm on cyberbiosecurity (Fifth Domain) About two years ago, James Clapper, then the U.S. director of national intelligence, officially added genome editing to a list of threats posed to national security.

Symantec's untrusted certificates: How many are still in use? (Search Security) A security researcher found that a significant number of popular websites are still using untrusted certificates from Symantec, which will be invalidated this year.

'Minecraft' Data Mining Reveals Players’ Darkest Secrets (Motherboard) A Minecraft fan is using data-mining techniques to retrieve players’ in-game journals and correspondence, some of which is inspiring, depressing, and absurd.

Security Patches, Mitigations, and Software Updates

WordPress users – do an update now, and do it by hand! (Naked Security) The automatic update to WordPress 4.9.3 broke automatic updating, so the emergency update to 4.9.4 means you need to click a button.

WordPress Holds "Epic Fail Week" - Devs Break Background Updates, Ignore Zero-Day (BleepingComputer) Questionable patching on the part of the WordPress CMS team has caused lots of headaches for WP site owners this week.

Hotspot Shield Flaw Fixed After Report of Potential User Information Leak (Axcess News) Security researcher finds flaw in Hotspot Shield that leaks user information. AnchorFree responds with quick fix and denies severity of bug.

Cyber Trends

CISOs Wary Of Threat Intelligence Accuracy, Quality: Study (CXOtoday.com) In a world where cyber criminals are becoming increasingly stealthy and sophisticated—with new threats on the rise ranging from ransomware to DNS hijacking—it is ineffective and costly for companies to defend themselves against cybersecurity threats alone.

81% of Cybersecurity Pros See Value in Threat Intelligence (Infosecurity Magazine) 68% of organizations are currently creating or consuming threat data.

2017 State of Cybersecurity in Florida (Issuu) The Florida Center for Cybersecurity is proud to share The State of Cybersecurity in Florida report.

ERPScan experts decide on the major cyber risks for various industries 2017 (ERPScan) ERPScan experts estimated cyber risks for various industries.

Lack of Investments in Training and IT GRC Holding Back Cybersecurity Maturity, Finds MetricStream Survey (PR Newswire) MetricStream, the independent market leader in governance, risk, and...

76% of local government organisations suffered a cyber attack in the past year (IT PRO) Many IT professionals are unsure how to combat the rise in attacks

Half of web users are faking their data due to security fears (Sky News) New research suggests that almost 50% of people on the internet have falsified data in online forms to protect themselves.

Check Point CEO: Most enterprises generations behind in cyber security (Channelnomics) The average enterprise hasn't made it past app security, Gil Shwed tells conference

Marketplace

Poor data practices can ruin a company, research claims (IT Pro Portal) People will not do business with companies known for misuse of personal data.

Qualcomm rejects Broadcom’s $121 billion bid (TechCrunch) The largest tech acquisition offer in history wasn't enough. Qualcomm's board of directors issued a statement on Thursday saying that they are turning down..

Cyber security star Sophos sees share price slump, but there’s a much more interesting underlying story here, (Shares Magazine) Today’s third quarter update from UK cyber security firm Sophos (SOPH) makes for interesting reading.

FireEye reports first-ever adjusted quarterly profit, shares jump (Reuters) Cyber security firm FireEye Inc on Thursday reported its first-ever quarterly adjusted profit since going public in 2013, highlighting gains from the company's shift to a subscription model and its cost-cutting efforts.

Akamai Announces 400 Layoffs Seeking Cost Reduction (ReadITQuik) The 400 layoffs mark 8% of the global workforce of the company

Crowdsourcing cyber threat defense (GCN) With input from communities of professional cyber threat analysts and white-hat hackers, 418 Intelligence analyzes threat risks and countermeasures.

Wombat Security team staying in Pittsburgh after $225M acquisition (Pittsburgh Tribune) A Pittsburgh cybersecurity firm will stay local and grow after it was purchased for $225 million. Proofpoint, a Silicon Valley cybersecurity company, this week announced ...

What Wombat will look like post-acquisition (Pittsburgh Business Times) The local company was recently acquired for $225 million.

Cybersecurity firm Verodin moving HQ to Tysons (Fairfax News) Verodin, a security instrumentation firm, announced its new global headquarters in Tysons Thursday, at a ceremony attended by business, political and defense leaders.

Bandura Systems Appoints Prominent Security Executive Chris Fedde as CEO (GlobeNewswire News Room) Internet industry veteran to take the lead of fast-growing cyberthreat prevention company as it expands in a new market segment

Secureworks names Haydon as new chief revenue officer (Telecompaper) Secureworks appointed Geoff Haydon, longtime RSA and EMC executive, as its chief revenue officer.

World’s First Blockchain Compliance Protocol Hooks Former Amex, IBM, Oracle Consultant as CTO (Digital Journal) The Prefacto Compliance Protocol is at the core of iComplyICO and makes it possible for ICO issuers and investors to be assured that legal, financial and regulatory compliance procedures are adhered to throughout the lifecycle of the token, enabling the token itself to monitor and report AML, KYC, and a myriad of other compliance matters with jurisdictionally specific considerations on every transaction.

Products, Services, and Solutions

Mimecast Commits to GDPR Compliance for Customers (GlobeNewswire News Room) Mimecast Limited (NASDAQ:MIME), a leading email and data security company, today announced its commitment to helping customers comply with the General Data Protection Regulation (GDPR), a new European privacy regulation due to take effect on May 25, 2018

KnowBe4 Introduces New Feature: Industry Benchmarking (KnowBe4) KnowBe4 Introduces New Feature: Industry Benchmarking - compare your organization’s Phish-prone percentage™ with other companies in your industry.

UPDATE — Check Point Software Announces CloudGuard: Complete Gen V Cyber Protection for the Cloud (StockGuru SmallCap Alerts on Penny Stocks) Check Point® Software Technologies Ltd. (NASDAQ:CHKP), a leading provider of cyber-security solutions globally, has today announced…

Kaspersky bundles security products into single solution (IT Business) Kaspersky Lab is amalgamating some of its cybersecurity products into a single platform called Kaspersky Threat Management and Defense solution. In addition

Check Point Software Technologies to support Orange Cyberdefense with launch of mobile threat protection (SecurityInfoWatch) New Enterprise Mobility Security Service designed to address growing number of mobile cyber attacks

Gemalto, Entrust Datacard Pair On Payment Cards (PYMNTS.com) Gemalto, the digital security company and payment card supplier, announced news on Wednesday (Feb. 7) that it is joining forces with Entrust Datacard, a provider of identity and secure transaction technology solutions, to provide a Software-as-a-Service (SaaS)-based instant issuance solution for U.S. financial institutions. In a press release, the companies said that instant issuance began […]

The Bunker and IBM protect data by spreading it across the UK (Computing) Storing data in ex-nuclear facilities is only the start of The Bunker's protection proposition

GT Maritime Selects Lastline to Protect Shipboard Email Systems From Malware, Protecting Ships and Cargo, and Keeping Crews Connected (PR Newswire) Lastline Inc., the leader in advanced network-based malware...

Owl Cyber Defense Solutions Integrates with GE Bentley Nevada System 1 (GlobeNewswire News Room) New Combined System Greatly Increases Safety, Efficiency, and Security

Cylance Expands Availability of First AI-Based Consumer Endpoint Protection Platform: CylancePROTECT Home Edition (BusinessWire) Cylance® Inc., the company that revolutionized the antivirus and endpoint protection industry with true AI-powered prevention that blocks malware, ran

Technologies, Techniques, and Standards

How CISOs and Security Leaders Are Managing Evolving Global Risks to Safeguard Data (Ankura) Each year, new threats emerge faster than organizations can improve their defenses. Despite this perpetual challenge, security leaders continue to develop innovative strategies, adopt new tools, and assemble talented teams to combat information uncertainty. From the rise of cloud-computing to the evolving regulatory landscape, there are a myriad of issues to address.

22 Ransomware Prevention Tips (The State of Security) Dealing with the aftermath of ransomware attacks is like Russian roulette, where submitting the ransom might be the sole option for recovering locked data.

Don’t Let Your Out Of Office Message Become Phish Food (Infosecurity Magazine) How an out of office message can unintentionally create a security risk for the organization.

Exposing the Culture of Compliance Cramming (Security Boulevard) The latest PCI requires companies show evidence of continuous compliance, going well beyond the pass-or-fail audit of years past? Too many companies, however, are guilty of "compliance cramming."

Maturity in Your Cybersecurity Culture (Infosecurity Magazine) ENISA has published the most comprehensive and applicable recommendations and structure for setting up and running a successful security culture program.

A corporate culture of cyber security awareness (Virtual College) When cyber security is still a big problem for most corporate cultures. Is this reality or will cyber security continue to be a business dream?

Cyber Activities at the National Training Center Support Real World Operations (DVIDS) U.S. Army Cyber Command (ARCYBER) is using the Cyber-Electromagnetic Activities (CEMA) Support to Corps and Below (CSCB) program at the Army's Combat Training Centers to develop and test CEMA concepts and operational cyber support to those units.

Design and Innovation

The Embedded Cybersecurity TrendThe Embedded Cybersecurity Trend (Automation World) Though IT and software-based approaches to industrial cybersecurity will continue to be critical aspects of automation system security, embedded...

Research and Development

The Brute Force Of IBM Deep Blue And Google DeepMind (Forbes) There are interesting parallels between one of this week’s milestones in the history of technology and the current excitement and anxiety about artificial intelligence (AI). Bottom line: Beware of fake AI news and be less afraid.

New silicon chip for helping build quantum computers and securing our information (News | University of Bristol) Researchers at the University of Bristol’s Quantum Engineering Technology Labs have demonstrated a new type of silicon chip that can help building and testing quantum computers and could find their way into your mobile phone to secure information.

DHS S&T Awards $5.6M to Improve Cybersecurity Research (Newswise) DHS S&T awarded a total of $5,643,466 across seven organizations to develop new tools to arm researchers with the latest insight and an increased collection of cybersecurity incident data to understand and counter cyberattacks.

An AI That Reads Privacy Policies So That You Don't Have To (WIRED) Polisis, a machine-learning-trained tool, automatically produces readable charts of where your data ends up for any online service.

Academia

Blockchain 101: Law Schools Tackle the New Frontier (New York Law Journal) Law schools noticed the boom in interest around blockchain through the end of 2017 and they are now working hard to try to develop content around it.

Legislation, Policy, and Regulation

Cyberspace Vulnerability Factors (Modern Diplomacy) The fact is, contrary to what the majority of people think, “Cyberspace” is not a virtual and unrealistic space. In fact, the use of virtual words has led to the misleading of individuals and ideas in this area. Real space cyberspace is a new field for impact and as a result of friendship, cooperation, competition, […]

China’s Fourth Industrial Revolution: Artificial Intelligence (Cipher Brief) Bottom Line: China’s nationwide pursuit to become the world leader in artificial intelligence (AI) is an attempt to not only match U.S. economic power, but to bypass it geo-strategically.

Course internationale autour de la physique quantique (Le Temps) La Chine multiplie les initiatives et les projets spectaculaires en matière de communications quantiques, un domaine dont elle était totalement absente il y a moins de vingt ans. Après avoir formé les experts chinois, l’Europe et les Etats-Unis peuvent perdre leur leadership

A Plan to Thwart Russian Meddling (The New Atlanticist – Medium) US Rep. Will Hurd [R-TX] has a strategy to check Russian meddling in the midterm elections later this year and the US Department of Homeland Security would have a pivotal role in that plan.

George W. Bush says Russia meddled in 2016 U.S. election (Los Angeles Times) Former President George W. Bush said on Thursday that "there's pretty clear evidence that the Russians meddled" in the 2016 American presidential election, forcefully rebutting fellow Republican Donald Trump's denials of Moscow trying to affect the vote.

Anti-China bill being softened after U.S. companies complain (Reuters) Proposed legislation in Congress aimed at preventing China from acquiring sensitive technology is being softened after protests by big U.S. companies that fear a loss in sales, four people with knowledge of the matter said this week.

Three tech problems the Navy and Marines are worried about (Fifth Domain) Leaders from the Navy and Marine Corps highlighted technical problems that could lead to long-term difficulties for the Pentagon.

Litigation, Investigation, and Law Enforcement

Uber data breach aided by lack of multi-factor authentication (Naked Security) How to bolt a stable door when the horse is already miles down the road…

Putting Lawyers in Charge of Investigations Does Not Assure Privilege Protection (Password Protected) Corporations' investigations generally deserve (1) privilege protection only if the corporations are primarily motivated by their need for legal advice; an

FireEye spent $12.5M on legal settlement costs last quarter (CIO) ​FireEye has revealed that it spent US$12.5 million in net legal settlement costs during the three months ending December 2017.

Fed. Circuit Urged To Make Army Consider Palantir Software (Law360) Palantir Technologies Inc. urged the Federal Circuit on Thursday to uphold a lower court’s finding that the company was wrongly shut out of the running for a $206 million U.S. Army intelligence software contract, saying the service branch unnecessarily set out to develop a custom system and failed to conduct legally required research into available commercial options.

Google fined $21.1M for search bias in India (TechCrunch) Another antitrust fine for Google. India's competition commission has issued a 1.36BN rupees (~$21.1M) penalty on the search giant for abusing its dominant..

Motherboard Files Legal Complaint Against Metropolitan Police for Malware Purchase (Motherboard) London police have refused to explain why an officer bought powerful spyware that was marketed for spying on a user's spouse.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Women in Data Protection, Securing Medical Devices and Health Records (Washington, DC, USA, February 9, 2018) Join some of the top cyber and privacy professionals as they talk about the landscape of the medical device and electronic health records market. They will also talk about the dangers to patients' health...

Cyber Security Summit: Silicon Valley (San Jose, California, USA, February 13, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts.

Security Titans (Scottsdale, Arizona, USA, February 23, 2018) Security Titans is a ground-breaking event, bringing the biggest names in Information Security together - all in one day, on a single stage to give the nation's cyber security industry access to the very...

CyberThreat 18 (Westminster, England, UK, February 27 - 28, 2018) Hosted by the UK’s National Cyber Security Centre, a part of GCHQ, and the SANS Institute, CyberThreat18 brings together a packed schedule of talks on a broad range of familiar and less familiar topics...

Midlands Cyber: US Cyber Market Workshop (Lutterworth, England, UK, February 27, 2018) We are delighted to announce that we will be running two workshops, led by Andy Williams, the International Director of the iCyber Centre @bwtech, Maryland. The workshops have been tailored by the team...

European Cybersecurity Forum – CYBERSEC Brussels (Brussels, Belgium, February 27, 2018) CYBERSEC Forum is an unique opportunity to meet and discuss the current issues of cyber disruption and ever-changing landscape of cybersecurity related threats. Our mission is to foster the building of...

The Cyber Security Summit: Atlanta (Atlanta, Georgia, USA, February 28, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

PrivacyCon 2018 (Washington, DC, USA, February 28, 2018) The 2018 PrivacyCon will expand collaboration among leading privacy and security researchers, academics, industry representatives, consumer advocates, and the government. As part of this initiative, the...

Insider Threat Program Management With Legal Guidance Training Course (Herndon, Virginia, USA, March 6 - 7, 2018) The course will cover current regulations like National Insider Threat Policy NITP and NISPOM Conforming Change 2, and more. The course will provide the ITP Manager and Facility Security Officer with the...

SINET ITSEF 2018 (Silicon Valley, California, USA, March 7 - 8, 2018) Bridging the gap between Silicon Valley and the Beltway. SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment...

PCI Security Standards Council Middle East and Africa Forum (Cape Town, South Africa, March 14 - 15, 2018) Don’t miss the data security event of the year for the payment card industry. Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes...

SecureWorld Boston (Boston, Massachussetts, USA, March 14 - 15, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Cyber 9-12 (Washington, DC, USA, March 16 - 17, 2018) Now entering its fifth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges...

3rd Annual Billington International Cybersecurity Summit (Washington, DC, USA, March 21, 2018) With confirmed speakers from Estonia, Romania, Singapore, Sweden, the United States, and Kuwait, and with attendees from many more countries, this summit brings together world-class cybersecurity thought...

Infosecurity Magazine North America Virtual Conference (Online, March 21 - 22, 2018) Tune in on Wednesday March 21 for day two of our two-day online event to learn what’s going on at the heart of the industry. Our easy to digest format offers a mix of short sessions, panel debates and...

The Cyber Security Summit: Denver (Denver, Colorado, USA, March 22, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Women in CyberSecurity 2018 (Chicago, Illinois, USA, March 23 - 24, 2018) Through the WiCyS community and activities we expect to raise awareness about the importance and nature of cybersecurity career. We hope to generate interest among students to consider cybersecurity as...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.