skip navigation

More signal. Less noise.

Looking for an introduction to AI for security professionals?

Your wait is over. A new book is out from the Cylance data science team, covering artificial intelligence and machine learning techniques in practical situations to improve the security professional’s ability to thrive in a data driven world. Whether you are reviewing logs or analyzing malware, being able to derive meaningful results and improve productivity is key. Order your free copy today.

Daily briefing.

Princeton University researchers conclude that website analytic services have been unintentionally collecting passwords in session replays.

An Adobe Flash bug patched earlier this month has resurfaced in malicious Microsoft Word files as criminals seek to repurpose the exploit against vulnerable systems. 

The root of the cryptojacking attack the Los Angeles Times sustained this month appears to have been an unsecured AWS S3 bucket.

CrowdStrike released its 2018 Global Threat Report yesterday. Among the findings are the rise of supply chain compromise and cryptocurrency related fraud as significantly expanded attack vectors. Another interesting finding is the speed with which successful attackers are able to pivot laterally from an initial compromise: just under two hours.

Haystax this morning released its 2018 insider threat predictions. They see ordinary employees eclipsing privileged users as insider risks, and they see behavioral monitoring becoming "the new normal."

The trials of two accused NSA leakers get stickier for the prosecution. Reality Winner wants her confession to stealing and leaking classified documents suppressed on the grounds that she was improperly Mirandized by the FBI agents who interviewed her. She also appears to be positioning herself as a whistleblower.

In the case of Hal Martin (whose lawyers are defending him as an eccentric packrat), the Federal judge presiding has asked prosecution and defense whether the Government needs to show that Mr. Martin knew that specific documents he allegedly took contained national defense information. The sheer volume of classified material allegedly recovered from his home may give the prosecution difficulty.

Notes.

Today's issue includes events affecting China, European Union, Israel, Democratic Peoples Republic of Korea, Republic of Korea, Russia, Switzerland, Ukraine, United Kingdom, United States.

Struggling with your DLP? It's time to rethink your data loss prevention strategy.

Traditional data loss prevention tools aren’t cutting it anymore. Why? They are high-maintenance and require endless fine-tuning. They often miss insider threats. They stymie communication between security and other departments. And they slow down endpoints, leading to crashes and failures that drive users crazy. Learn from ObserveIT why DLP tools aren’t getting the job done in 2018 and how you can stop data loss in its tracks. Read Now.

In today's podcast we talk with our partners at the SANS Institute, as Dean of Research Johannes Ullrich discusses hacked third-party cables. Our guest, Terry Dunlap from ReFirm Labs guides us through the world of firmware vulnerabilities.

Billington International Cybersecurity Summit (Washington, DC, USA, March 21, 2018) Billington International Cybersecurity Summit, March 21, Washington, D.C. Cybersecurity leaders from Asia, Europe, the Middle and U.S. on global threats and best practices, including Acting DoD CIO and Singapore Cyber Commissioner-designate. Sponsor Opportunities: Sandy Nuwar at 443-994-9832

Third Annual Cyber Investing Summit 5/15/18 (New York, New York, USA, May 15, 2018) Renowned cyber security executive David DeWalt will deliver the keynote address at the Third Annual Cyber Investing Summit. The Cyber Investing Summit is a unique all-day conference focused on the financial opportunities available in the rapidly growing cyber security industry. Panels will explore sector investment strategies, market growth forecasts, equity valuations, merger and acquisition activity, cryptocurrency protection, funding for startups, and more. Speakers include leading Chief Information Security Officers, VC founders, financial analysts, cyber security innovators from publicly traded and privately held companies, and government experts.

Cyber Attacks, Threats, and Vulnerabilities

Russia accused of “false flag” attack on Olympic opening (Ars Technica) Routing hacks, bits of code used to throw off attribution trail.

Russian state media just mixed up Syrian war footage with a video game clip (Stars and Stripes) The scene is from a battlefield where countless lives have been lost, but only in the digital world — it's footage from the popular combat simulator Arma made by Prague-based Bohemia Interactive.

Facebook bug reveals identity of page admin via email (Naked Security) The autogenerated emails sent on behalf of a named Facebook page gave away more about the accounts behind the page than you’d expect.

Adobe Flash Vulnerability Reappears in Malicious Word Files (Dark Reading) CVE-2018-4878, a Flash zero-day patched earlier this month, has resurfaced in another campaign as attackers capitalize on the bug.

Covert 'Replay Sessions' Have Been Harvesting Passwords (WIRED) Analytics services are unintentionally collecting a mass of passwords and other sensitive data, new research shows.

Malspam pushing Formbook info stealer (SANS Internet Storm Center) I wrote a diary about malicious spam (malspam) pushing the Formbook information stealer back in November 2017. Formbook malspam is still a thing.

Oracle Server Vulnerability Exploited to Deliver Double Monero Miner Payloads (TrendLabs Security Intelligence Blog) The sudden rise of cryptocurrency triggered a shift in the target landscape. Cybercriminals started adapting and using their resources to try acquiring cryptocurrencies, whether through pursuing repositories like Bitcoin wallets or by compromising networks and devices to mine the currency.

2,844 new data breaches added to Have I Been Pwned (CSO Online) The massive breach, which includes more than 80 million records, is listed as a single 'unverified' data breach, but it is ranked as the 15th biggest breach on Have I Been Pwned.

Revamp of 'Pwned Passwords' Boosts Privacy and Size of Database (Threatpost) Troy Hunt has expanded his Pwned Passwords tool with 80 million more passwords, to help users find if their passwords have been compromised.

Ransomware set to become more vicious in 2018: Quick Heal (The Economic Times) Ransomware, cryptocurrency mining and zero-day exploits headlined the threat landscape in 2017, said the global IT security firm's "Annual Threat Report - 2018".

The Rig Exploit Kit Has Forsaken Ransomware for Coinminers (Cyber Security - James Griffiths) The exploit kit landscape has continued its downfall started in the summer of 2016 and its leading player —the RIG exploit kit— has stopped delivering any ransomware strains in 2018, focusing now on spreading cryptocurrency miners (coinminers) and information-stealing trojans... Continue Reading →

Unsecured AWS led to cryptojacking attack on LA Times (Naked Security) Cryptojackers have been discovered sneaking mining code on to a big brand’s website through the back door of a poorly secured Amazon AWS (Amazon Web Service) S3 bucket.

Cryptojacking is the new malware (Help Net Security) Each cryptojacked machine may provide a small fraction of computing cycle time but, when combined, they are transformed into distributed supercomputers that can earn hackers substantial cryptocurrency amounts.

Cyber attack hits 12 state agencies (WTNH Connecticut News) Approximately 160 machines in 12 agencies were not protected with antivirus software.

This is why you might be an easy target for hackers, according to experts (News Shopper) Londoners’ email passwords could make them easy targets for hackers and put themselves at risk of identity theft, experts have warned.

Mobile banking Trojans spread confusion worldwide (Help Net Security) Mobile banking Trojans spread confusion worldwide, and consumers around the world that use mobile banking apps are at a greater risk of being tricked by cybercriminals and falling victim to mobile banking theft.

Threats from Mobile Ransomware & Banking Malware Are Growing (Dark Reading) The number of unique mobile malware samples increased sharply in 2017 compared to a year ago, according to Trend Micro.

CoinDash: Hacker returns another $17m worth of stolen Ethereum to firm just months after ICO heist (International Business Times UK) The unexpected transaction came just days before the Israel-based company's formal product launch.

When employee access exceeds trust, IP goes missing (CSO Online) Companies may be tempting fate by giving interns deep access to company data, as these two examples of intellectual property theft show.

School CCTV Streams End Up on US Website (Infosecurity Magazine) School CCTV Streams End Up on US Website. Privacy snafu alarms parents in Blackpool

Oops! Apple repair center making around 20 false emergency calls a day (Naked Security) Devices are innocent until proven guilty, but those Apple Watches are notorious for being easily triggered.

Security Patches, Mitigations, and Software Updates

USPS Finally Starts Notifying You by Mail If Someone is Scanning Your Snail Mail Online (KrebsOnSecurity) In October 2017, KrebsOnSecurity warned that ne’er-do-wells could take advantage of a relatively new service offered by the U.S. Postal Service that provides scanned images of all incoming mail before it is slated to arrive at its destination address.

Cyber Trends

Top Five Insider Attack Predictions for 2018 (Haystax) This research is based on the results of a comprehensive online survey of 1,493 cybersecurity professionals to gain deep insight into the insider threats faced by their organizations, and the solutions needed to detect, remediate, and prevent them.

CrowdStrike Global Threat Report Reveals The Biggest Cyber Crime and Targeted Intrusion Trends (BusinessWire) CrowdStrike® Inc., the leader in cloud-delivered endpoint protection, today announced the release of its 2018 CrowdStrike Global Threat Report: Blurring the Lines Between Statecraft and Tradecraft

The Hacker Zoo Breaking Into A Computer Near You (Fast Company) Security firm CrowdStrike highlights the growing global threat of both state-sponsored and criminal hackers in a new report.

2018 CrowdStrike Global Threat Report: Blurring the Lines Between Statecraft and Tradecraft (CrowdStrike) The 2018 CrowdStrike® Global Threat Report offers one of the industry's most comprehensive reports on today's most damaging cyberattacks and dangerous adversaries.

6 Cybersecurity Trends to Watch (Dark Reading) Expect more as the year goes on: more breaches, more IoT attacks, more fines...

7 Key Stats that Size Up the Cybercrime Deluge (Dark Reading) Updated data on zero-days, IoT threats, cryptomining, and economic costs should keep eyebrows raised in 2018.

FSB: Just 8% of UK Small Businesses Are GDPR-Ready (Infosecurity Magazine) FSB: Just 8% of UK Small Businesses Are GDPR-Ready. Non-profit kick-starts awareness-raising campaign

Marketplace

Here’s the latest update on the very spicy beef between two massive chipmakers (TechCrunch) Broadcom and Qualcomm, the former of which is trying to acquire the latter, are continuing to duke it out on their respective investor relations pages by..

Le genevois ID Quantique passe sous contrôle coréen pour 65 millions (Le Temps) Spécialisée en cryptographie quantique, la société passe sous le contrôle de l’opérateur sud-coréen SK Telekom, via un investissement sous plusieurs formes

CyberX Raises $18 Million in Series B Funding to Combat Rising Threats to IIoT and Critical Infrastructure, Bringing Total Funding to $30 Million (BusinessWire) CyberX closes $18M Series B round led by Norwest Venture Partners to combat rising threats to critical infrastructure, bringing total to $30M.

Huawei says national security accusations are `groundless’ (South China Morning Post) US lawmakers have raised concerns that Huawei’s ties to the Chinese government pose a potential national security threat, which the company has denied.

Apple CEO to co-chair China Development Forum after handover of Chinese iCloud accounts (VentureBeat) Apple CEO Tim Cook will co-chair the 18th annual China Development Forum, a Chinese government event held in Beijing from March 18-20, according to a Wall Street Journal report this morning. The an…

Northrop Grumman Wins $95 Million Award from Department of Homeland Security to Develop Next-Generation Biometric Identification Services System (Northrop Grumman Newsroom) MCLEAN, Va. – Feb. 26, 2018 – Northrop Grumman Corporation (NYSE: NOC) has been awarded a $95 million contract by the Department of Homeland Security’s (DHS) Office of Biometric Identity Management (OBIM) to develop increments one and two of the...

PolySwarm Kickstarts Platform with First Arbiter Based on Cuckoo Sandbox (NewsBTC) Decentralized IT security marketplace PolySwarm today announced a partnership with the lead development team behind Cuckoo Sandbox.

CRN Exclusive: Mobile Security Vendor Zimperium's New CRO Makes Channel Business A Priority (CRN) Eric Grotefeld wants to help take Zimperium from doing half of its business through the channel in 2016 to carrying out 80 percent of its business through partners within a couple of years.

Chuck Brooks Takes New Role at General Dynamics (Homeland Security Today) He will drive market strategy for existing and new market segments in the public and private sectors, define product inception, and develop go-to market strategies and partnering opportunities.

David Hannigan, Chief Cyber Risk Officer for Capital One Named to Per Scholas National Board (Per Scholas) Per Scholas is pleased to announce the addition of David Hannigan to its National Board. Per Scholas is a national workforce nonprofit that provides rigorous and tuition-free technology training and professional development in careers such as IT in Atlanta, GA; Cincinnati and Columbus, OH; Dallas, TX; Washington, D.C. and New York, NY.

Products, Services, and Solutions

Avast Announces ‘Smart Life’ IoT Security Platform (BusinessWire) Powered by Avast’s AI technology, the new SaaS platform protects devices, networks and personal data

Lanner Partners with Enea and Trend Micro to Showcase Edge SD Security Solutions at MWC 2018 (PR Newswire) Lanner Electronics (TAIEX 6245), a global leader in SDN/NFV...

Blackpoint Announces SNAP-Defense Module for Securing the Internet of Things (IoT) (PR Newswire) Today, Blackpoint Cyber announced availability of its IoT module...

Netwrix partners with Concept Searching to enrich security intelligence with data discovery and classification functionality (Netwrix) The partnership aims to help organizations improve security and streamline GDPR compliance

Leading smartphone maker OPPO adopts Trustonic Secure Platform (Trustonic) Trustonic technology is now being integrated by the world’s fourth largest smartphone manufacturer, OPPO

Data I/O Corporation (NASDAQ:DAIO) announced support for the new Platform Security (PSA) Architecture from Arm (Benchmark Monitor) Data I/O Corporation (NASDAQ:DAIO) announced support for the new Platform Security (PSA) Architecture from Arm. PSA is the industry's first common framework for

Abu Dhabi's DarkMatter unveils its secure Katim Android phone (The National) Device already shipping to UAE customers with interest from overseas

TIM and Cisco Join Forces To Increase The IT Security Of Italian Companies (GlobeNewswire News Room) TIM Safe Web, the new security service developed in collaboration with Cisco and integrated into the TIM network, going live in March

Dimension Data achieves Australian Signals Directorate's Protected certification (CRN Australia) Becomes fourth provider to achieve 'Protected' certification.

CENTRI to Demonstrate Complete Chip to Cloud Data Security Following Platform Security Architecture (PSA) Principles (PR Newswire) CENTRI, a leading provider of advanced security for the Internet of Things,...

Technologies, Techniques, and Standards

How Google implements the Right To Be Forgotten (Help Net Security) Who is asking Google to delist certain URLs appearing in search results related to their name, and what kind of requests does the search giant honor?

Building Resilience Against Evolving Technology: An Interview With a Cyber Risk Expert (Security Intelligence) According to IBM cyber risk expert Tim Roberts, security professionals must do a better job of communicating with top management as the technology landscape evolves and new threats emerge.

Podcast: How identity can control shadow IT (Cyberscoop) By focusing on identity management, IT departments are able to simplify access to cloud applications, making them more secure.

Is that smart device secure, and will it protect your privacy? (Help Net Security) The decision to introduce a new smart device in your home should come only after you've answered these two questions affirmatively: "Will the device improve the quality of my life/fill a need I have?" and "Am I satisfied with the level of security and privacy the manufacturer provides to users?"

Automating out of the skill gap sinkhole (Help Net Security) Everyone involved in cybersecurity IR, at all levels, should constantly have one question in mind, "Can this be automated?" By the end of 2018, humans should only be spending their time doing work that absolutely must be done by a human analyst.

Design and Innovation

Why Data Science Is Becoming So Important in Cybersecurity (insideBIGDATA) In this special guest feature, Mike MacIntyre, Chief Scientist at Panaseer discusses where data science comes in with respect to cybersecurity. With the correct data, CISOs can translate technical risk into business risk, deliver a business case to solve it and demonstrate success. The current struggle is that CISOs have information that is meaningful but not timely, or it is timely but not meaningful because the content is too technical and siloed. What they really need is data that will enable them to market and measure the security program.

Drama-Free Artificial Intelligence (Gigaom) Depending on who’s listening, the current discussion involving the growing role of Artificial Intelligence in business inspires a range of dramati...

Is your vendor being honest about AI? (CSO Online) Some vendors who claim their products use artificial intelligence or machine learning technology are really using rules-based engines. Here's how to spot the lie.

Using technology to craft accurate, persuasive political messages (TechCrunch) In a country that's increasingly polarized, where partisan politics shape perception, the question of how to create a compelling argument -- rooted in facts..

Research and Development

How do you teach common sense? DARPA wants to find out (C4ISRNET) DARPA's budget request for fiscal 2019 shows that the agency wants to develop general artificial intelligence that can reason like humans.

Researchers Propose Improved Private Web Browsing System (SecurityWeek) A group of researchers from MIT and Harvard have presented a new system designed to make private browsing even more private.

Researchers Warn of Extraterrestrial Hacks (Motherboard) Can Earth get pwnd from space?

Academia

Satisnet teams up with Cyber Academy to fight security threats (BQ) A new cyber security project will allow companies to train staff to combat attacks like the one which saw NHS systems infected with malicious software last year.

Legislation, Policy, and Regulation

China’s web censors go into overdrive as President Xi Jinping consolidates power (TechCrunch) A week that begins with the repeal of regulation that prevents dictatorship in China is likely to be a busy one for the country's censorship people, and so..

Inside the Russian effort to fuel American secessionists (Think Progress) Flights to Russia, embassies in Moscow, fake social media accounts galore. But for what?

Iraq’s Real Weapons of Mass Destruction Were 'Political Operations' (War on the Rocks) Editor’s Note: This is the third installment in “Ministry of Truth,” a special series on state-sponsored influence operations. Read the first installment h

State Department, DoD partner to counter foreign fake news (Federal Times) The Defense Department will transfer $40 million to a State Department initiative for combating foreign disinformation campaigns.

The Russian Bots Are Coming. This Bipartisan Duo Is On It. (POLITICO Magazine) Jamie Fly and Laura Rosenberger crossed party lines to track the Kremlin propaganda campaign. Tweeters on the far right — and far left — aren’t happy about it.

US Cyber Command: "When faced with a bully...hit him harder." (The Cipher Brief) In Washington, there may be division and confusion about how to deal with Russian cyber-based interference. But 25 miles north, at Fort Meade, home of U.S. Cyber Command, they are angry and ready. Cyber Command’s new strategy demands that, “We must not cede cyberspace superiority.” The goal is “superiority” through “persistent, integrated operations [to] demonstrate … Continue reading "US Cyber Command: “When faced with a bully…hit him harder.”"

Clock is ticking for Congress to move cyber legislation (Washington Examiner) Congress is in session for about 17 weeks before the August recess, and it will get more and more difficult to pass significant cyber legisl...

Computer hacking bill threatens to ice Georgia's cybersecurity industry (Atlanta Business Chronicle) Proposed legislation, aimed at criminal hackers, is so broadly written critics say it would criminalize the fundamental way cybersecurity researchers find vulnerabilities in websites and tech products.

Public companies in the US warned over disclosure of cybercrime details (WeLiveSecurity) The SEC has told public companies in the US that they need to improve transparency for investors in relation to cybercrimes and infosecurity risks.

Coast Guard Needs Fresh IT, People to Keep Networks Secure (Nextgov.com) The service’s head of Cyber Command outlines his strategy for updating old systems and getting personnel to rethink cybersecurity.

DHS Deputy Secretary Elaine Duke to retire in spring (FederalNewsRadio.com) Homeland Security Secretary Kirstjen Nielsen praised Duke's leadership and expertise on DHS management, personnel and procurement.

Litigation, Investigation, and Law Enforcement

Case against alleged hoarder of NSA documents gets tougher for federal prosecutors - Cyberscoop (Cyberscoop) Prosecutors may be facing an uphill battle in their case against a former NSA contractor who was hoarding classified information in his Maryland home. A federal judge questioned the prosecution and defense in an ongoing case regarding Harold Martin, a former Navy officer turned defense contractor who was indicted for stealing and hoarding secret documents that outline U.S. hacking operations.

Feds' case against alleged NSA hoarder hits turbulence (POLITICO) A judge raises thorny questions that could complicate life for prosecutors.

Whistleblower documentarian calls next step in Reality Winner case 'a big one' (WRDW) Lawyers from both sides are set to appear in an Augusta courtroom Tuesday morning as the case against Reality Winner takes its next step in Augusta's federal court.

Ukraine police say they've rearrested cybercrime ringleader (Fifth Domain) The arrest comes 15 months after his embarrassing escape put the spotlight on corruption in the Eastern European country.

NanoCore's author didn't hack anyone, but he was imprisoned anyway (Graham Cluley) 33 months in prison for man found guilty of aiding and abetting online criminals by creating and selling the NanoCore RAT.

Middle school student responsible for cyber-threat that canceled classes at Central York School District: Police (PennLive) Investigators said the student's actions were motivated by the desire to cancel classes at the school.

Court rules against AT&T, closing FTC regulation loophole (TechCrunch) A federal court has ruled against AT&T in a long-running case that found itself tied up in the net neutrality debate. AT&T had argued that the 2015..

Coinbase: We will send data on 13,000 users to IRS (Ars Technica) Bitcoin startup says if concerned, “seek legal advice from an attorney promptly.”

50 Cent admits he ‘has never owned, and does not now own’ any bitcoin (TechCrunch) Reports last month that rapper 50 Cent had forgotten about $7 million or so in bitcoin he owned have been given the lie by the man himself, who declares in..

The Man Who Claimed to Invent Bitcoin Is Being Sued for $10 Billion (Motherboard) Craig Wright is being sued by Ira Kleiman, brother of deceased coder Dave Kleiman and representative of his estate.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

CyberThreat 18 (Westminster, England, UK, February 27 - 28, 2018) Hosted by the UK’s National Cyber Security Centre, a part of GCHQ, and the SANS Institute, CyberThreat18 brings together a packed schedule of talks on a broad range of familiar and less familiar topics...

Midlands Cyber: US Cyber Market Workshop (Lutterworth, England, UK, February 27, 2018) We are delighted to announce that we will be running two workshops, led by Andy Williams, the International Director of the iCyber Centre @bwtech, Maryland. The workshops have been tailored by the team...

European Cybersecurity Forum – CYBERSEC Brussels (Brussels, Belgium, February 27, 2018) CYBERSEC Forum is an unique opportunity to meet and discuss the current issues of cyber disruption and ever-changing landscape of cybersecurity related threats. Our mission is to foster the building of...

The Cyber Security Summit: Atlanta (Atlanta, Georgia, USA, February 28, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

PrivacyCon 2018 (Washington, DC, USA, February 28, 2018) The 2018 PrivacyCon will expand collaboration among leading privacy and security researchers, academics, industry representatives, consumer advocates, and the government. As part of this initiative, the...

NITSIG Meeting: Protecting Controlled Unclassified Information On U.S. Government Contractor Information Systems (Laurel, Maryland, USA, March 2, 2018) This meeting will discuss the security control requirements for the protection of Controlled Unclassified Information (CUI), for contractor information systems upon which CUI is processed, stored on, or...

Insider Threat Program Management With Legal Guidance Training Course (Herndon, Virginia, USA, March 6 - 7, 2018) The course will cover current regulations like National Insider Threat Policy NITP and NISPOM Conforming Change 2, and more. The course will provide the ITP Manager and Facility Security Officer with the...

SINET ITSEF 2018 (Silicon Valley, California, USA, March 7 - 8, 2018) Bridging the gap between Silicon Valley and the Beltway. SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment...

PCI Security Standards Council Middle East and Africa Forum (Cape Town, South Africa, March 14 - 15, 2018) Don’t miss the data security event of the year for the payment card industry. Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes...

SecureWorld Boston (Boston, Massachussetts, USA, March 14 - 15, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Cyber 9-12 (Washington, DC, USA, March 16 - 17, 2018) Now entering its fifth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges...

Infosecurity Magazine Spring Virtual Conference (Online, March 21, 2018) Tune in on Wednesday March 21 for day two of our two-day online event to learn what’s going on at the heart of the industry. Our easy to digest format offers a mix of short sessions, panel debates and...

3rd Annual Billington International Cybersecurity Summit (Washington, DC, USA, March 21, 2018) With confirmed speakers from Estonia, Romania, Singapore, Sweden, the United States, and Kuwait, and with attendees from many more countries, this summit brings together world-class cybersecurity thought...

Infosecurity Magazine North America Virtual Conference (Online, March 21 - 22, 2018) Tune in on Wednesday March 21 for day two of our two-day online event to learn what’s going on at the heart of the industry. Our easy to digest format offers a mix of short sessions, panel debates and...

The Cyber Security Summit: Denver (Denver, Colorado, USA, March 22, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Women in CyberSecurity 2018 (Chicago, Illinois, USA, March 23 - 24, 2018) Through the WiCyS community and activities we expect to raise awareness about the importance and nature of cybersecurity career. We hope to generate interest among students to consider cybersecurity as...

SecureWorld Philadelphia (Philadelphia, Pennsylvania, USA, March 28 - 29, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

National Cyber League Spring Season (Chevy Chase, Maryland, USA, March 30 - May 25, 2018) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...

4th Middle East Cyber Security Summit (Riyadh, Saudi Arabia, April 4 - 5, 2018) The summit will feature state of the art presentations, hackathons and technology showcasing from regional and international experts and leading technology providers. One of the focus areas of the summit...

Cybersecurity: A Shared Responsibility (Auburn, Alabama, USA, April 8 - 10, 2018) During the 2018 SEC Academic Conference, we will explore three themes within cyber security: the underlying computer and communication technology; the economic and physical systems that are controlled...

Sea-Air-Space: The Navy League’s Global Maritime Exposition (National Harbor, Maryland, USA, April 9 - 11, 2018) Join us this April for Sea-Air-Space, the largest maritime exposition in the U.S., with 275+ exhibitors displaying the latest in maritime, defense and energy technology. This year’s theme, “Learn. Compete.

ISC West 2018 (Las Vegas, Nevada, USA, April 11 - 13, 2018) ISC West is THE largest security industry trade show in the U.S. At ISC West, you will have the chance to network with over 30,000 security professionals through New Products & Technologies encompassing...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.