skip navigation

More signal. Less noise.

Are you using threat intelligence to its full potential?

Download this free report via Recorded Future to learn 12 common threat intelligence use cases.

Daily briefing.

On Friday the US Justice Department announced an indictment based on Special Counsel Mueller's investigation of election influence operations. Three Russian organizations and thirteen Russian individuals were charged with conspiracy and other crimes related to activities during the 2016 election cycle. St. Petersburg's Internet Research Agency is alleged to have played a significant role in what it itself called "information warfare against the United States."

Discord and mistrust were the overarching goals of the alleged Russian operation. Such operations are widely expected to continue, as apparently they have: there are reports of Russian trolls exploiting last week's Florida school massacre.

The alleged shooter in that massacre seems to have been a known wolf-disturbed, lone, not apparently part of any movement-who disclosed his intentions in various social media. Worried online contacts reported him to the FBI, but Florida authorities say the Bureau failed to alert them to the danger.

All Five Eyes have looked at NotPetya and see the same thing: a Russian government operation. They receive some public industry support from FireEye, which sees the work of the Russian Sandworm group in last year's pseudoransomware campaign.

Its ongoing charm offensive in PyeongChang aside, North Korea has continued cyber operations against its customary targets. There are reports that a DPRK hacking unit has decamped from Hong Kong and set up shop in the Russian Far East.

Financial institutions in India and Russia report being raided through fraudulent SWIFT fund transfers similar to the one that hit the Bangladesh Bank in 2016.

Notes.

Today's issue includes events affecting Australia, Canada, India, Iran, Democratic Peoples Republic of Korea, Republic of Korea, NATO/OTAN, New Zealand, Qatar, Russia, Saudi Arabia, Turkey, Ukraine, United Kingdom, United States, and Venezuela.

A note to our readers: we've updated our email template to one that's more responsive on mobile devices.

Intelligent response to doing more with less.

Phishing, ransomware, and data breaches plague organizations of all sizes and industries, but the financial services market has always had the largest target on its back. How do you fend off these attacks when you don’t have the budget or resources for everything you need to protect your organization: data feeds, tools, analysis and mitigation? Learn more in our webinar on Wednesday, March 21 @ 2pm ET. Sign up now!

In today's podcast we speak with our partners at Palo Alto Networks, as Rick Howard talks about the importance of partnering with universities to improve the quantity and diversity of people coming through the STEM pipeline.

Recorded Future's threat intelligence podcast, produced in partnership with the CyberWire, is also up. This episode offers takeaways from Gartner's Threat Intelligence Market Guide.

Cyber Security Summits: February 28 in Atlanta & Denver on March 22 (Atlanta, Georgia, USA, February 28, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Darktrace, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350) https://CyberSummitUSA.com

Compete to win prize money plus the chance to be DataTribe’s next big investment (Online, March 23 - April 25, 2018) The DataTribe Inaugural Cyber Funding Competition: We put real firepower behind every idea. If you're part of a entrepreneurial technology team with a vision to disrupt cybersecurity and data sciences — we want to enhance your growth prospect with the opportunity for a DataTribe-financed seed capital of $2,000,000. Plus possible millions more in a Series A Venture Capital Round. The top three finalists will share $20,000 in prize money.

Cyber Attacks, Threats, and Vulnerabilities

Russian bots flood Twitter with pro-gun messages after Florida shooting: report (TheHill) A day after the deadly school shooting in South Florida, Twitter saw a spike in tweets about gun violence from Russian-linked accounts.

Foreign Disinformation is a Threat to Military Readiness, Too (Defense One) Troops — and their families — need training to spot and discard false narratives and information.

Old speech, photo used in false FBI Muslim crackdown story (WPXI) A story that falsely reports President Donald Trump ordered the FBI in all 50 U.S. states to take action immediately against Muslim people is based largely on a speech 10 months ago by the then-head of the Department of Homeland Security, and also misquotes that speech.

Inside the Toolset of an Elite North Korean Hacker Group (WIRED) Security researcher at FireEye break down the arsenal of APT37, a North Korean hacker team coming into focus as a rising threat.

Shadowy North Korean IT group believed hiding out in Russian Far East: sources (The Japan Times) A group of North Korean information technology experts has moved its base from Hong Kong to Vladivostok in Russia and is likely engaged in collecting forei

North Korea's Olympic Diplomacy Hasn't Stopped Its Hacking (WIRED) Despite its overtures of peace toward South Korea, the Kim regime still engages in brazen cybercrimes against its neighbor.

North Korean Cyber-Attacks and Collateral Damage (AlienVault) WannaCry was incredibly destructive. The attackers made about $150,000 - but the total damage caused by WannaCry has been estimated in the billions of dollars.There is strong evidence linking WannaCry to a group of hackers known as ‘Lazarus’, reportedly operating out of the DPRK (North Korea). Whilst WannaCry is perhaps the most famous attack by Lazarus, it isn’t the only ‘collateral damage’ caused by the DPRK’s cyber actions.Below we disclose new details

United States hot on heels of North Korea's Hidden Cobra malware (Security Brief) The United States Computer Emergency Readiness Team (US-CERT) is honing in on the North Korean Government’s activities known as HIDDEN COBRA.

All Five Eyes Countries Formally Accuse Russia of Orchestrating NotPetya Attack (BleepingComputer) All the countries part of the Five Eyes intelligence-sharing alliance — the US, the UK, Canada, Australia, and New Zealand— have made formal statements accusing the Russian Federation of orchestrating the NotPetya ransomware outbreak.

Cyber security firm backs UK, US govts on Russian cyber attacks claims (ITP.net) FireEye research identifies link between Petya ransomware and Russian-based Sandworm Team .

Europe’s defense systems vulnerable to cyber attacks (Handelsblatt Global Edition) At this year's Munich Security Conference, military experts discussed what they believe to be the biggest threat facing Europe's NATO members: cyber attacks

Millions Stolen From Russian, Indian Banks in SWIFT Attacks (SecurityWeek) SWIFT attacks: Russia’s Central Bank says one of the country’s financial institutions lost $6 million, and hackers attempted to steal $2 million from India’s City Union Bank

“Cyber attack similar to Bangladesh central bank hack” (The Hindu) Private sector lender City Union Bank, which was able to resolve two of the three cyber hack recently, likened it to the attempts on the Bangladesh central bank’s system in 2016. “We had three fraudul

A Hacker Has Wiped a Spyware Company’s Servers—Again (Motherboard) "I don't want to live in a world where younger generations grow up without privacy."

Disk image flaw in Apple MacOs APFS file system could lose user data (Computing) Apple data-loss flaw found by back-up software creator Mike Bombich

FedEx: Customer information exposed, not compromised (American Shipper) Following reports that thousands of customer identification records were left open to public access, FedEx said those records have now been secured and there is “no indication that any information has been misappropriated."

Money Laundering Via Author Impersonation on Amazon? (KrebsOnSecurity) Patrick Reames had no idea why Amazon.com sent him a 1099 form saying he’d made almost $24,000 selling books via Createspace, the company’s on-demand publishing arm.

Botnets shift focus to credential abuse (ComputerWeekly.com) Cyber criminals are increasingly using automated attacks that make use of stolen credentials, a security threat report warns.

Oracle WebLogic Server Flaw Exploited to Deliver Crypto-Miners (SecurityWeek) Threat actors are exploiting CVE-2017-10271, a recently patched vulnerability in Oracle WebLogic Server to infect systems with crypto-currency mining malware.

Cryptocurrency-mining criminals that netted $3 million gear up for more (Ars Technica) Attackers who mined 10,829 Monero coins over 18 months target a new server platform.

Google exposes another zero-day security flaw in Edge as Microsoft miss the fix deadline (MSPoweruser) Browser security is hard, and it seems sometimes it is easier to break something than to fix it. Microsoft nemesis Google Project Zero has once again made a flaw in Microsoft’s Edge browser public before the company could push out a fix. The issue is related to Microsoft’s Just In Time compiler for Javascript, which …

Savers lose millions to retirement fraudsters (Times) Savers are being tricked out of half a million pounds every day after a surge in criminals targeting British pension riches, The Times can reveal. People with nest eggs to invest, including those...

Smart meters could leave British homes vulnerable to cyber attacks, experts have warned (The Telegraph) New smart energy meters that the Government wants to be installed in millions of homes will leave householders vulnerable to cyber attacks, ministers have been warned.

Facebook accused of spamming 2FA phone numbers (Naked Security) The social network is messaging users on their 2FA phone numbers and then posting their “PLEASE STOP!!” replies

What types of hospitals experience data breaches? (Help Net Security) An estimated 16 million patient records were stolen in the United States in 2016, and last summer the British Health System was crippled by a ransomware attack. While we know these events are on the rise, what do we know about the hospitals that are vulnerable to these attacks?

Breach Exposes Sensitive California State Employee Data (Infosecurity Magazine) Thousands of Social Security believed to have been exposed

Flight-sim devs say hidden password-dump tool was used to fight pirates [Updated] (Ars Technica) Developer says tool was intended to target one specific cracker.

Security Patches, Mitigations, and Software Updates

Update for iOS and Macs negates text bomb that crashed devices (TechCrunch) Last week we reported a major bug in Apple operating systems that would cause them to crash from mere exposure to either of two specific Unicode symbols...

Why Chrome’s ad filter isn’t an adblocker (Naked Security) Optimistic news coverage has described this as the arrival of adblocking in Chrome, it isn’t.

Cyber Trends

The continuing lack of understanding of Level 0,1 device security and safety (Control Global) Separating ICS cyber security safety risk from cyber security economic risk has to be done at Level 0,1. This gives management the ability to make better business decisions. Additionally, the latest safety standards requiring ICS cyber security risk assessments, yet there are no explicit Level 0,1 considerations in the standards. Cyber security of Level 0,1 devices requires much more attention - and soon.

Majority of healthcare providers beef up security architecture to protect patients’ data (GlobalData Plc) Healthcare providers across the globe are ramping up their investments in security architecture to reduce the risk of cyber-attacks and protect their patients’ data, according to GlobalData, a leading data and analytics company.

Employee Awareness of IT Security Threats (Clutch) A knowledge gap exists between decision-making and entry-level employees about IT security threats at their companies. This report answers 5 key questions about employee security awareness. Read More

Marketplace

Cybersecurity Hype: Is the Industry Delivering on its Promise? (Infosecurity Magazine) Given the ongoing list of high-profile security breaches, is the cybersecurity industry offering value for money?

The Starbucks Effect on IT Security (SecurityWeek) With a solution that allows for customization of the threat intelligence itself and how you integrate it into your environment, you’ve now got threat intelligence “to order.”

Qualcomm formally rejects Broadcom's latest acquisition offer following Wednesday meeting (Computing) Qualcomm nevertheless described the Wednesday pow-wow as constructive,

Intel offers to pay for Spectre-like side channel vulnerabilities (Help Net Security) Intel is raising considerably the awards it plans to give out for helpful vulnerability information, and is offering a new bug bounty program focused specifically on side channel vulnerabilities, i.e., vulnerabilities that are rooted in Intel hardware but can be exploited through software.

Google’s big plans for email will give it even more power (Naked Security) Google’s about to make your inbox a much more interesting place

Products, Services, and Solutions

New infosec products of the week​: February 16, 2018 (Help Net Security) ScramFS: Encryption system for safeguarding cloud data Scram Software has announced that ScramFS - an internationally peer-reviewed encryption system for safeguarding cloud data - is now available globally to SMEs, government and not-for-profit organizations, enabling encryption of sensitive data to reduce breaches

Rohde&Schwarz Cybersecurity''s R&S PACE 2 DPI Software Features New Classification (Business Press) The new Stratum protocol classification functionalityRohde & Schwarz Cybersecurity, a leading IT security company, has enhanced its R&SPACE 2 deep packet inspection (DPI) software to include Stratum protocol classification capabilities. The DPI e ...

Schneider Electric partners with Cylance (World Cement) Schneider Electric has partnered with Cylance to boost cyber security.

Cylance's secret sauce proves the test of time (iTWire) Endpoint security company Cylance says its unique artificial intelligence-based protection is the best tool to keep companies and individuals safe fro...

Dispel Launches Election Security Platform (SecurityWeek) Dispel launches platform designed to help secure elections, including voter, ballot and campaign information

Claroty Advances the State-of-the-Art in Industrial Control Systems Security (Claroty) New Security Posture Assessment product combined with extensive new vulnerability and network hygiene monitoring and attack vector analysis capabilities update the industry’s most comprehensive ICS cybersecurity platform

S&P Global Ratings360™ to Include Cyber Risk Insights from Guidewire Software’s Cyence Risk Analytics (BusinessWire) S&P Global Ratings is bringing the cyber risk knowledge and insights of Guidewire Cyence Risk Analytics™ to S&P Global Ratings360™

Technologies, Techniques, and Standards

Siemens Leads Launch of Global Cybersecurity Initiative (Dark Reading) The new 'Charter of Trust' aims to make security a key element of the digital economy, critical infrastructure.

NIST Working on Global IoT Cybersecurity Standards (SecurityWeek) Draft NIST Interagency Report (NISTIR) 8200 seeks timely development of and use of cybersecurity standards in IoT components, systems, and services.

GDPR quick guide: Why non-compliance could cost you big (Help Net Security) If you conduct business in the EU, offer goods or services to, or monitor the online behavior of EU citizens, then the clock is ticking. You only have a few more months - until May - to make sure your organization complies with GDPR data privacy regulations. Failure to abide by GDPR means you could get hit with huge

What is an intrusion detection system (IDS)? A valued capability with serious management challenges (CSO Online) An IDS monitors network traffic, searching for suspicious activity and known threats and sending up alerts when it finds such items. The function remains critical in the modern enterprise, but maybe not as a standalone solution.

WaPo: Emails detail how senior US military officers dealt with Hawaii's false missile alert (CNN) After a false missile threat alert from Hawaii's government, top US senior military officers began discussing how to better handle such a threat if it were real, according to emails obtained by The Washington Post.

Design and Innovation

Facebook’s secret weapon in the fight against foreign meddling? Postcards (Ars Technica) “It won’t solve everything,” Facebook exec tells Reuters.

Propaganda and Comic Books: An objective analysis of the US Army Cyber Command's new 'Threatcasting' publications (SOFREP) The United States Army’s Cyber Command has released new promotional comic books being released as a part of their ongoing “Threatcasting” endeavor in conjunction with West Point Academy and Arizona State University.

A cybersecurity expert explains how to fight Russian election meddling (Vox) "I’ll tell you up front, it is going to happen again."

Research and Development

IARPA Releases Research Report on Security and Privacy Assurance (IC ON THE RECORD) The Intelligence Advanced Research Projects Activity (IARPA) has publicly released the Security and Privacy Assurance Research (SPAR) Pilot Final Report.

Air Force wants to mitigate cyber vulnerabilities in avionics systems (Defense News) Here's how the Air Force is investing in mitigating and detecting cyber vulnerabilities in avionics systems.

The Air Force requested $30M to develop a ‘cyber carrier’ (Defense News) The Department of Defense’s budget request for fiscal 2019 describes a plan to develop such a war-fighting platform for Cyber Command.

AI warfare is coming, and some global leaders say NATO isn’t ready (Defense News) The future of warfare will involve artificial intelligence systems acting as lethal weapons, and much like cyber a decade ago, NATO allies are ill-equipped to manage the potential threat, said current and former European leaders speaking at the Munich Security Conference.

How the Army plans to use virtual humans powered by artificial intelligence (C4ISRNET) The Army requested funding in the fiscal 2019 budget to develop techniques that will allow virtual humans to

Making Home Networks—and the Internet—Safer by Outsourcing Security (WPI) The nation’s 54 million residential computer networks, which often have inadequate or out-of-date security safeguards, leave millions of Americans vulnerable to fraud, compromise, and even property damage. Poorly protected home computers and other connected devices are inviting targets for hackers seeking to build “botnets” to send spam or phishing emails or launch malicious Internet attacks.

Academia

18 UK universities to do battle at Inter-ACE cyber security challenge (The Engineer) Teams from 18 universities across the UK will lock horns next month at the Inter-ACE cyber security challenge, hosted by the University of Cambridge.

Cyber security competition prepares students for future career (Hometown Stations) School is out on Monday, but several students were hard at work, perfecting their craft for the future. 

Legislation, Policy, and Regulation

Global Powers Must Address 'Episodes of Cyberwar': UN Chief (SecurityWeek) "It's high time to have a serious discussion about the international legal framework in which cyberwars take place," UN secretary general Antonio Guterres said at the Munich Security Conference.

Russians Spooked by Nukes-Against-Cyber-Attack Policy (Centre for Research on Globalization) New U.S. policy on nuclear retaliatory strikes for cyber-attacks is raising concerns, with Russia claiming that it’s already been blamed for a false-flag cyber-attack – namely the election hacking allegations of 2016, explain Ray McGovern and William Binney.

Russia's cyber meddling 'sophisticated espionage,' says national security advisor (Defense News) McMaster stated firmly that United States will “expose and act against” those that use cyberspace, social media, and other means to advance campaigns of disinformation, subversion and espionage.

The War America Isn’t Fighting (POLITICO Magazine) Former Defense Secretary Ash Carter tells us about his Pentagon plan to counter Russia—and why both Obama and Trump have failed to execute it.

Iran the most dangerous nation for cyberattacks, says Saudi foreign minister (CNBC) The most dangerous nation for cyber threats is Iran, Saudi Foreign Minister Adel Al-Jubeir told CNBC on Sunday.

What China's Cybersecurity Law Could Mean for Global Businesses | LookingGlass (LookingGlass Cyber Solutions Inc.) As data breaches and hacking incidents continue to increase, more and more nations are seeking to protect their critical information from an attack. As a result, the industry has seen an uptick in regulations from foreign governments. The laws can safeguard information, as well as help countries define their role in, February 14, 2018

The Bundeswehr, famously bureaucratic, wants to charm technology startups (Defense News) Germany’s tech companies could see new business with the military, as Defense Minister Ursula von der Leyen seeks to funnel more funding toward cyber technologies under plans to grow the country’s defense budget.

Honest Ads Act Would Deter Foreign Interference in 2018 Through Online Ads (Campaign Legal Center) Brendan Fischer, director, federal and FEC reform at Campaign Legal Center (CLC) released the following statement about Special Counsel Robert Mueller’s indictment of 13 Russian nationals for conspiracy to defraud the United States through interference in the 2016 elections:

The debate over what Cyber Command still needs (Fifth Domain) As Cyber Command continues to mature, the agency's cyber warriors will need clear authorities and resources to be successful.

Could the Military Start Drafting Hackers in Their 40s? (Nextgov.com) A commission on the draft is studying cutting age and gender exclusions for people with cyber skills.

Litigation, Investigation, and Law Enforcement

Case 1:18-cr-00032-DLF: UNITED STATES OF AMERICA v. INTERNET RESEARCH AGENCY LLC [et al.] (US Department of Justice) The United States of America, through its departments and agencies, regulates the activities of foreign individuals and entities in and affecting the United States in order to prevent, disclose, and counteract improper foreign influence on U.S. elections and on the U.S. political system.

Russian Influence Campaign: What’s in the Latest Mueller Indictment (Lawfare) Details of the Internet Research Agency’s operation to influence the 2016 election and U.S. political process.

What Is the Internet Research Agency? (Defense One) The origin of the Russian “troll farm” that allegedly targeted America’s 2016 presidential election.

Inside the Mueller Indictment: A Russian Novel of Intrigue (WIRED) The cast of characters revealed in the special counsel's epic indictment is drawn from the overlapping circles of oligarchs, spooks, and mob figures.

This Is What $1.25 Million Dollars a Month Bought the Russians (Foreign Policy) A birthday card! An all-American trip! Tweets! Stolen American identities!

For Russia, Unraveling US Democracy Was Just Another Day Job (WIRED) The most chilling aspect of that blockbuster Mueller indictment? The bureaucracy behind Russia's onslaught.

How Twitter bots affected the US presidential campaign (Fifth Domain) About one in every five election-related tweets from Sept. 16 to Oct. 21, 2016, was generated by computer software programs called “social bots,” according to a research assistant professor of computer science, University of Southern California.

Byron York: A non-alarmist reading of the Mueller Russia indictment (Washington Examiner) There is more to learn. But as far as the new indictment is concerned, there is good reason to stay calm. It's not Pearl Harbor, in any way,...

Confessions of a Russiagate Skeptic (POLITICO Magazine) Why I have my doubts about whether Trump colluded with Moscow.

President Trump, I'm Russian and I'm Not Laughing (Bloomberg.com) I fear the indictment of Russian internet trolls may lead to less freedom for both Americans and Russians.

If Your Voters were Persuaded by Bad Russian Ads, They Were Never Your Voters (National Review) On Russia’s ham-fisted propaganda efforts, the limits of the Assault Weapons Ban, and more.

Former Trump aide Richard Gates to plead guilty; agrees to testify against Manafort, sources say (Los Angeles Times) Former Trump campaign official Rick Gates is about to reach a plea deal with Special Counsel Robert S. Mueller III

I’ll be a school shooter, boasted teenage Florida killer Nikolas Cruz (Times) A teenager who admitted killing 17 former schoolmates and teachers had boasted on YouTube that he was “going to be a professional school shooter”, was allegedly a member of a white nationalist...

Instagram submits to Russia censor's demands (BBC News) Service blocks access to corruption claim-related posts despite YouTube failing to meet similar demand.

Meltdown-Spectre: Now the class action suits against Intel are starting to mount up (ZDNet) Intel faces 32 class action lawsuits over its processor flaws and says more may be in the pipeline.

Lawsuits threaten infosec research — just when we need it most (ZDNet) Security researchers and reporters have something in common: both hold the powerful accountable. But doing so has painted a target on their backs — and looming threats of legal action and lawsuits have many concerned.

Der Kampf gegen Cyberkriminelle (Berliner Morgenpost) Konzerne beschließen Charta: Digitalministerium sowie Datensicherheit als Werkseinstellung gefordert

Russian Hackers Sent to U.S. Prison for Stealing 160 Million Bank Card Numbers (SecurityWeek) A United States Judge sent two Russian nationals to prison for their involvement in a hacking scheme that compromised roughly160 million credit card numbers and incurred losses of hundreds of millions.

Just and Unjust Leaks (Foreign Affairs) Revealing official secrets and lies involves a form of moral risk-taking. And drawing the line between the right and wrong kinds of disclosures has grown harder than ever in the Trump era.

Venezuela cryptocurrency to draw investment from Turkey,... (Reuters) Venezuela's new "petro" cryptocurrency will attract investments from Turkey, Qatar, the United States and Europe, the country's cryptocurrency regulator said on Friday.

Dark Web's worst pedophile sentenced to 32 years in prison (HackRead) Matthew Falder, a dark web pedophile has been jailed for 32 years in prison for child pornography and other explicit activites.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Norwich University Cyber Security Summit (Northfield, Vermont, USA, June 18 - 20, 2018) Norwich University’s College of Graduate and Continuing Studies (CGCS) is pleased to announce the second annual Cyber Security Summit in June 2018. The summit, presented in a continuing education format,...

Upcoming Events

Security Titans (Scottsdale, Arizona, USA, February 23, 2018) Security Titans is a ground-breaking event, bringing the biggest names in Information Security together - all in one day, on a single stage to give the nation's cyber security industry access to the very...

CyberThreat 18 (Westminster, England, UK, February 27 - 28, 2018) Hosted by the UK’s National Cyber Security Centre, a part of GCHQ, and the SANS Institute, CyberThreat18 brings together a packed schedule of talks on a broad range of familiar and less familiar topics...

Midlands Cyber: US Cyber Market Workshop (Lutterworth, England, UK, February 27, 2018) We are delighted to announce that we will be running two workshops, led by Andy Williams, the International Director of the iCyber Centre @bwtech, Maryland. The workshops have been tailored by the team...

European Cybersecurity Forum – CYBERSEC Brussels (Brussels, Belgium, February 27, 2018) CYBERSEC Forum is an unique opportunity to meet and discuss the current issues of cyber disruption and ever-changing landscape of cybersecurity related threats. Our mission is to foster the building of...

The Cyber Security Summit: Atlanta (Atlanta, Georgia, USA, February 28, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

PrivacyCon 2018 (Washington, DC, USA, February 28, 2018) The 2018 PrivacyCon will expand collaboration among leading privacy and security researchers, academics, industry representatives, consumer advocates, and the government. As part of this initiative, the...

NITSIG Meeting: Protecting Controlled Unclassified Information On U.S. Government Contractor Information Systems (Laurel, Maryland, USA, March 2, 2018) This meeting will discuss the security control requirements for the protection of Controlled Unclassified Information (CUI), for contractor information systems upon which CUI is processed, stored on, or...

Insider Threat Program Management With Legal Guidance Training Course (Herndon, Virginia, USA, March 6 - 7, 2018) The course will cover current regulations like National Insider Threat Policy NITP and NISPOM Conforming Change 2, and more. The course will provide the ITP Manager and Facility Security Officer with the...

SINET ITSEF 2018 (Silicon Valley, California, USA, March 7 - 8, 2018) Bridging the gap between Silicon Valley and the Beltway. SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment...

PCI Security Standards Council Middle East and Africa Forum (Cape Town, South Africa, March 14 - 15, 2018) Don’t miss the data security event of the year for the payment card industry. Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes...

SecureWorld Boston (Boston, Massachussetts, USA, March 14 - 15, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Cyber 9-12 (Washington, DC, USA, March 16 - 17, 2018) Now entering its fifth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges...

3rd Annual Billington International Cybersecurity Summit (Washington, DC, USA, March 21, 2018) With confirmed speakers from Estonia, Romania, Singapore, Sweden, the United States, and Kuwait, and with attendees from many more countries, this summit brings together world-class cybersecurity thought...

Infosecurity Magazine North America Virtual Conference (Online, March 21 - 22, 2018) Tune in on Wednesday March 21 for day two of our two-day online event to learn what’s going on at the heart of the industry. Our easy to digest format offers a mix of short sessions, panel debates and...

The Cyber Security Summit: Denver (Denver, Colorado, USA, March 22, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Women in CyberSecurity 2018 (Chicago, Illinois, USA, March 23 - 24, 2018) Through the WiCyS community and activities we expect to raise awareness about the importance and nature of cybersecurity career. We hope to generate interest among students to consider cybersecurity as...

SecureWorld Philadelphia (Philadelphia, Pennsylvania, USA, March 28 - 29, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

National Cyber League Spring Season (Chevy Chase, Maryland, USA, March 30 - May 25, 2018) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...

4th Middle East Cyber Security Summit (Riyadh, Saudi Arabia, April 4 - 5, 2018) The summit will feature state of the art presentations, hackathons and technology showcasing from regional and international experts and leading technology providers. One of the focus areas of the summit...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.