skip navigation

More signal. Less noise.

It Starts with Enrich. Enable. Excel.

Everything we do at (ISC)² is focused on helping you strengthen your career. In 2018, it starts with Enrich. Enable. Excel. Join us in New Orleans October 8 – 10 for our 8th Annual Security Congress. We’ve packed a powerful agenda, so you’ll leave empowered to excel professionally.

Daily briefing.

Catphishing remains in the news. Not only have Israeli soldiers been prospected by fictitious dating profiles apparently prepared by Hamas, but members of Germany's Bundestag have received the attentions of Chinese intelligence services. In the case of the Bundestag members, according to reports in the Süddeutsche Zeitung, the profiles, while bogus, seemed unusually open in their operation, making little or no attempt to conceal their Chinese nationality. German lawmakers were offered bribes for various kinds of inside information. They were also invited to visit China, where presumably they would be further compromised. 

A Chinese ministerial delegation is scheduled to arrive in Berlin for bilateral talks Monday. The spying incident is expected to figure in the agenda.

Researchers at Northwestern University and the University of California Santa Barbara investigated more than 17 thousand Android apps from Google Play and three major third-party app stores. They concluded that, while apps tend to be permission hogs, the permissions they hog usually go unused. Only twenty-one of the apps inspected were extracting and reporting data in a questionable fashion.

Another team of researchers, these at the University of California Irvine, reports on the "Thermanator" proof-of-concept hack: someone with a decent mid-range thermal camera who got close enough to an unattended keyboard or keypad within thirty seconds of use could see what keys were pressed. 

The US Army continues to integrate cyber operations into unit training at brigade-level and below.

Facebook's content screening uses human fact-checkers to screen for the AI, and not vice versa.

Notes.

Today's issue includes events affecting Australia, Canada, China, European Union, Germany, India, Israel, Iran, Myanmar, Russia, United Kingdom, United States.

Is your malware lab a pain to use? Want a ridiculously easy to use malware lab?

Security teams who use a cloud browser can reduce the time spent investigating cases by more than 50%. Instead of wasting time spinning up a VDI, using Tor or connecting to a jumpbox, get online in seconds with Silo, a secure cloud browser and egress from hundreds of points of presence around the world.

In today's podcast, we speak with our partners at Terbium Labs, as Emily Wilson talks about fraud as a supply chain. Our guest is Brian Wells from Merlin International discussing how high-performing health care organizations are addressing cyber threats.

The Cyber Security Summit: Seattle on July 19 and Chicago on August 29 (Seattle, Washington, United States, July 19, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, The NSA, Dell, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350).

Dragos Industrial Security Conference (DISC) 11/5/18 (Hanover, Maryland, United States, November 5, 2018) Reserve your spot now for the Dragos Industrial Security Conference (DISC) on November 5th, 2018. DISC is a free, annual event for our customers, partners, and those from the ICS asset community. Visit https://dragos.com/disc/ for more information.

Cyber Attacks, Threats, and Vulnerabilities

China tried to spy on German parliament — report (Deutsche Welle) Chinese spies have attempted to bribe German MPs for information, according to a newspaper report. Chinese agents would use fake profiles to try to get MPs to give insider information for money.

Israel-Hamas war rages in cyberspace (Arab Weekly) Israel blocks Hamas on Twitter, accuses the Palestinian group of targeting Israelis in dating and World Cup apps.

Cyber boffins drill into World Cup cyber honeypot used to cyber lure Israeli soldiers (Register) Israel reckons it was Hamas

How Facebook’s Rise Fueled Chaos and Confusion in Myanmar (WIRED) The social network exploded in Myanmar, allowing fake news and violence to consume a country emerging from military rule.

Study of 17,260 Android Apps Doesn’t Find Evidence of Secret Spying (BleepingComputer) A thorough study of 17,260 Android apps reveals that while some apps may accidentally take screenshots of the user's screen and upload it online, there is no evidence to suggest that apps are secretly turning a phone's microphone or camera on to spy on device owners behind their backs.

Your smartphone can watch you if it wants to, study finds (Naked Security) Internet users have grown used to the idea that they can be tracked and profiled as they browse the web, but what about the specific risks of smartphones?

Download Bomb Trick Returns in Chrome —Also Affects Firefox, Opera, Vivaldi and Brave (BleepingComputer) The release of Google Chrome 67 has reopened a "download bomb" bug that was exploited by tech support scammers last winter, and which had been fixed with the release of Chrome 65 in March 2018.

This keyboard attack steals passwords by reading heat from your fingers (ZDNet) Thermanator harvests thermal energy to steal passwords directly from your fingertips.

Thermanator Attack Steals Passwords by Reading Thermal Residue on Keyboards (BleepingComputer) A person's fingers leave thermal residue on keyboard keys that a malicious observer could record and later determine the text a user has entered on the keyboard, according to a recently published research paper by three scientists from the University of California, Irvine (UCI).

Title: Thermanator: Thermal Residue-Based Post Factum Attacks On Keyboard Password Entry (Arxiv) As a warm-blooded mammalian species, we humans routinely leave thermal residues on various objects with which we come in contact.

Google admits third-party app developers read your Gmail emails (HackRead) Google has admitted that "sometimes" emails sent and received by Gmail users can be accessed by third-party app developers.

Weak Admin Password Enabled Gentoo GitHub Breach (Dark Reading) Had the attacker been quieter, breach may not have been discovered immediately maintainers of popular Linux distribution said.

New Malware Variant Hits With Ransomware or Cryptomining (Dark Reading) A new variant of old malware scans a system before deciding just how to administer pain.

Research: 46 Percent of Unauthorized Cryptocurrency Mining Circumvents Antivirus Software (BTC Manager) Cryptojacking continues to be classified as a rising threat in the cybersecurity domain. After considering infiltrated browser systems, miners, macOS’, social groups, and even cellphones, reports suggest over 98.8 percent of unauthorized cryptocurrency mining takes place on Linux-based software.

Serious Security: How to cut-and-paste your way to Bitcoin riches (Naked Security) Malware that steals cryptocurrency doesn’t need to crack passwords, read wallets, copy private keys, or even have a network connection…

Digital India Susceptible to Security Breaches (Infosecurity Magazine) Cyber-threats evolve as India advances into the digital age

NHS Digital Erroneously Reveals Data of 150,000 Patients (SecurityWeek) Roughly 150,000 NHS patients who had specifically opted out of the NHS patient data-sharing regime were in fact not opted out, the parliamentary under-secretary of state for health said.

7-year-old’s avatar sexually assaulted on “family-friendly” Roblox (Naked Security) Her shocked mother grabbed screenshots that show her daughter’s avatar knocked flat and an unambiguous animation of a penis.

Security Patches, Mitigations, and Software Updates

Google Fixes Critical Android Vulnerabilities (SecurityWeek) Google's July 2018 Android address several vulnerabilities in the mobile operating system, including several rated as Critical.

Year-Old Critical Vulnerabilities Patched in ISP Broadband Gear (Threatpost) Broadband gear made by Advanced Digital Broadcast is being patched to fix three vulnerabilities rated critical.

Cyber Trends

Surge in cryptocurrency crimes caused $761m loss in 2018: Report (CISO MAG) The report released on Tuesday stated a total of $761 million was stolen from cryptocurrency exchanges in the first half of 2018. The amount already exceeds the whole amount, $266 million, of 2017 by three times.

Acute pilot shortage and fewer available freighters likely to drive faster drone adoption (The Loadstar) Drones may be hauling cargo in the air much sooner than widely expected. The worsening shortage of pilots and concerns about available freighter capacity down the road are adding a sense of urgency to the deployment of drones to fill the gaps. The pilot shortage is the more serious concern for cargo carriers. A study published by Boeing last year found that more than 637,000 pilots would needed between 2017 and 2037. And even large passenger ...

Tech World (Foreign Affairs) The world is at the dawn of a second Industrial Revolution, this time, a digital revolution. And its impact will be, if anything, even greater than that of the first.

Austerity Bites Critical National Infrastructure Security (BankInfo Security) Much more must be done to shore up the U.K.'s national infrastructure. "It's partly austerity, and it's partly what's happening in the global economy, but

Survey: Most Feds Who BYOD Do It Without Agency Approval (Nextgov.com) It’s hard for agency security officials to protect networks when they don’t know what’s connecting to them, experts say.

State of the SOC? Depends on Who You Ask (Infosecurity Magazine) New report finds distinction in perceived state of SOC among front line and executives

Marketplace

Huawei slams FCC proposal to bar funds for Chinese telecom gear (The Verge) It’s the Chinese telecom’s second battlefront, aside from Congress

The campaign against Huawei (The Strategist) The case against Huawei’s participation in bidding for the 5G network in Australia appears to be based on incomplete information, at least as far as the public record allows us to judge. For a full ...

Some U.S. lawmakers have security concerns about T-Mobile-Sprint merger due to Sprint’s ties to Huawei (TmoNews) Days after a Senate antitrust subcommittee held a hearing about the T-Mobile-Sprint merger, other members of the U.S. government have begun to express concern over the deal. Members of the U.S. House have put together a draft letter arguing that a national security investigation of the T-Mobile-Sprint merger is necessary, The letter is being passed around so that it can get signatures before it’s sent to Treasury Secretary Steve Mnuchin, who is ...

ZTE replaces its CEO and other top execs (TechCrunch) A number of top executives are out at ZTE as the phone maker works to fulfill the requirements of U.S.-imposed restrictions. Among the big changes up top is new CEO Xu Ziyang, who formerly headed up the company’s operations in Germany. A new CFO, CTO and head of HR have been named, as well, accordi…

China’s ZTE Replaces Executives in Rush to Comply With U.S. Mandate (Wall Street Journal) ZTE has named a slate of new top executives, including a new chief executive, as the Chinese telecom firm presses ahead with its U.S.-mandated leadership purge.

Cybersecurity provider Novi invests €160,000 in new CyberView service to identify hidden threats (Business & Finance) Cybersecurity provider Novi invests €160,000 in cloud-based cybersecurity analysis platform CyberView to help identify hidden threats on business's networks

Jeff Vinik-backed startup accelerator DreamIt branching into security technology (Tampa Bay Times) The name of the company in which Jeff Vinik recently invested $12 million is Dreamit Ventures, but its latest initiative is focused on the stuff of nightmares:Cyber attacks. Physical threats.

IBM Lands $740 Million Deal to Supply Data Security to Australia (Bloomberg.com) International Business Machines Corp. has secured a A$1 billion ($740 million) agreement to become a central technology partner of the Australian government over the next five years.

KeyW secures subcontract for US Army’s ATMP programme (Army Technology) KeyW Holding has secured a task order to deliver global support for the US Army intelligence training systems as part of ATMP programme.

Ex-Microsoft COO Kevin Turner emerges at helm of secretive blockchain startup co-founded by former Myspace CTO (GeekWire) Former Microsoft COO Kevin Turner has taken the helm of Core Scientific, a stealthy new blockchain and artificial intelligence startup led by veteran tech executives, GeekWire has learned.

Products, Services, and Solutions

Data Security Startup Enveil Unveils Homomorphic Encryption Platform (SecurityWeek) Data security start-up firm Enveil has launched the first practical and scalable commercial homomorphic encryption platform, ZeroReveal.

Tech Mahindra announces partnership with LIFARS (CISO MAG) To strengthen its threat preventive measures, Tech Mahindra, an IT consultancy tycoon, has announced its partnership with LIFARS, a US-based cybersecurity digital forensics and incident response firm. According to Tech Mahindra, the association will provide innovative threat responsive services to the users. The partnership will integrate LIFARS’ incident response service with Tech Mahindra’s Security Operations …

Hilltop Cybersecurity Inc Announces New Customer and Gives Product Updates (GlobeNewswire News Room) Hilltop Cybersecurity Inc, (“Hilltop” or the “Company”) (CSE:CYBX) (OTC:CYBXF), is pleased to announce PEP Solar in Phoenix Arizona as a new customer. PEP Solar will use the company’s product, “Vauban”, to secure its solar operation and to create awareness and protection from the cyber threats it has experienced in the past.

CryptoSecure Delivers System Security, Scalability for Cryptocurrencies (Dark Reading) Cyber security's comprehensive news site is now an online community for security professionals, outlining cyber threats and the technologies for defending against them.

Carbon Black adds 9 new partners to its ‘Integration Network’ (Channel Life) CbIN represents organisations that have used Carbon Black’s open APIs to build integrations designed to benefit the entire security community.

Terrapin Technologies Confirms Continued SOC 2 Type 2 Data Center… (Virtual-Strategy Magazine) Terrapin Technologies Confirms Continued SOC 2 Type 2 Data Center Compliance Re-examined by Assure Professional, the security of the data, software and consulting services provider's broker-dealer data management system is proven consistent over time.

The Buyer’s Guide to Threat Intelligence Platforms (Network World) Network news, trend analysis, product testing and the industry’s most important blogs, all collected at the most popular network watering hole on the Internet

Technologies, Techniques, and Standards

UK Financial Firms Need 'Plan B' for Inevitable Disruptions from Cyber Attack: BOE (Insurance Journal) Many U.K. financial firms don't have a Plan B to fall back on if they're hit by a cyber attack. The Bank of England wants to change that. Financial

Why Do VPNs Need To Be GDPR Compliant? (Infosecurity Magazine) Now GDPR has been in force for over a month, why do VPNs need to be compliant too?

Back to Basics: Let’s Forget About the GDPR… For A Moment (Security Boulevard) At this point it’s fairly safe to assume that most everyone in the business of “data” has heard of the European Union (EU)-wide General Data Protection Regulation (GDPR) that was signed into law in late April 2016; with the compliance deadline having come into effect on May 25, 2018. Clearly, this new regulation has significant

Five top tips for pentesters when searching for security flaws on iOS apps (WeLiveSecurity) Five top tips for pentesters to implement when searching for any type of security flaw committed by iOS application developers.

How to identify Trojans riding on unauthorised financial apps (LveMint) Trojans can track targeted banking,  payment and social media apps whenever you use them

You Know You're at Risk, Now What? (SecurityWeek) This article outlines 7 steps you can take starting today to put your organization on the path toward better situational awareness and risk reduction.

Why Are There So Many Robocalls? Here’s What You Can Do About Them (Wall Street Journal) Remember when phone calls meant people wanted to talk to you? When your phone rings these days, it’s often a robocall. Here’s what to do when you get one, and how to get fewer of them.

How the Army will infuse cyber operations on the battlefield (C4ISRNET) Army Cyber Command is using a pilot program, Cyber and Electromagnetic Activities Support to Corps and Below, to test the infrastructure changes necessary to insert tactical cyber teams within brigades.

How the Army is training for the digital conflict (C4ISRNET) An Army Cyber Command pilot program at the National Training Center at Fort Irwin is using a closed network with mock platforms to exploit to simulate certain effects and test integration of cyber and EW capabilities with brigade staff and tactical units.

Is it better to defend the Army’s network in the field or from afar? (Fifth Domain) An Army Cyber Command pilot program at the National Training Center at Fort Irwin is exploring the integration of cyber planners and tactical cyber operators with brigade combat teams, but also testing the effectiveness of defending battlefield networks from a remote location.

IDF’s cyber defenders prepare their responses for the ‘unknown threat’ (JNS.org) Whether wireless, wired, or using satellites and phones, the Hoshen Unit is involved in enabling military communications, and its personnel are aware of the fact that Israel’s enemies are keen on being able to shut down the IDF’s networks if they could.

Cyber war: An inside look at how tech giants are fighting hackers (TODAY.com) One of out every 130 emails contains malware and there 4,000 ransomware attacks every day, according to experts. So how are American’s top tech companies working to keep users safe? NBC’s Tom Costello takes a look inside Microsoft’s forensics labs and cybersecurity centers to get the details.

XPS Metadata (SANS Internet Storm Center) To answer a question I was asked recently: XPS documents contain metadata too.

Design and Innovation

How Facebook Checks Facts and Polices Hate Speech (WIRED) Chief Product Officer Chris Cox talks to WIRED about disinformation, filter bubbles, and the prospect of regulation.

Research and Development

DHS Builds Mobile Defenses (SIGNAL) R&D is focusing on securing devices and applications.

Legislation, Policy, and Regulation

EU Votes Down Internet-Wrecking Copyright Proposal (Motherboard) Massive backlash drives the controversial measure back to the drawing board

Protecting Civilians in Cyberspace: Ideas for the Road Ahead (Just Security) We must start thinking about how international efforts to protect civilians from conflict offline might help inform efforts to protect civilians from cyber conflict.

NATO advances in its new operational domain: cyberspace (Fifth Domain) The aim is for the alliance to integrate voluntary sovereign national cyber contributions and augment cyber resilience and achieve mission success in a cyber environment that is increasingly contested by adversaries.

Force companies to list who has accessed customer data: Productivity Commission (ZDNet) Australia's Productivity Commission is looking at a world of increased consumer data rights, and to inform users without deluging them with emails.

Iran Increases Censorship Of Cryptocurrency Exchanges, Iranians Still Find Ways To Trade Crypto (CryptoGlobe) Anonymous sources recently revealed that authorities in Iran have been trying to prevent the country’s citizens from accessing cryptocurrency exchanges. This is reportedly due to concerns that cryptocurrencies are being used to send money abroad, something the government wants to prevent because the country’s economy is struggling due to US-led sanctions. Despite the restrictions, Iranians report that they have still found ways to trade and buy cryptos.

Congress Pushes For a Clearer Strategy on Cyber Warfare (MeriTalk) Amid growing fears of large-scale cyberattacks–ranging from attacks on infrastructure, to cyber espionage that threatens national security, to a “terabyte of death”–Congressional lawmakers are calling for a more clearly defined strategy for responding to such attacks.

Senate, House GOP at odds over rare rebuke of Trump on national security (Washington Post) Senators faced pressure to soften their stance on sanctioning the Chinese telecom giant ZTE following White House objections.

Lawmakers should accept reality that digital communication can never be 'too secure' (TheHill) It's time for lawmakers who believe in mandatory backdoors to stand up straight, speak clearly and call for an outright ban.

Analysis | The Cybersecurity 202: Spyware theft case offers a cautionary tale for encryption debate (Washington Post) It's the ultimate insider threat.

Agencies want new emergency powers after a cyberattack (Fifth Domain) The government may be able to award small contracts in the face of a cyberattack under a proposed rule.

Viewpoint: Some FAQs Answered About the New Cybersecurity Rule (National Defense) Viewpoint: Some FAQs Answered About the New Cybersecurity Rule

Net neutrality makes comeback in California; lawmakers agree to strict rules (Ars Technica) After compromise, nation's toughest net neutrality bill back on track.

Litigation, Investigation, and Law Enforcement

Novichok poisoning: police search for syringe as concern grows in Salisbury (Times) A couple poisoned by a nerve agent are likely to have come into contact with a syringe used in the attack on a Russian spy and his daughter in Salisbury. Last night counterterrorism police were...

Cyber-Crime: Israeli tried to sell secrets on dark web for USD 50 million (The Jerusalem Post) A 38 year old Israeli worker for a cyber espionage firm is accused of stealing company secrets and attempting to sell them on the dark web.

Facebook Responding to US Regulators in Data Breach Probe (SecurityWeek) Facebook confirms facing multiple inquiries from US and British regulators about the major Cambridge Analytica user data scandal

Carole Cadwalladr takes us behind the scenes of the Cambridge Analytica investigation (Graham Cluley) Carole Cadwalladr, the investigative journalist who revealed how the personal data of millions of Facebook users was used to influence the US election, speaks about what went on behind the headlines.

Leaked Emails Show Cops Trying to Hide Emails About Phone Hacking Tools (Motherboard) Motherboard recently filed public records requests for law enforcement messages in mobile forensic email groups. But cops are trying to avoid giving up their communications, according to other leaked emails.

Cisco awarded 'seven-figure sum' in grey-market case against Gen-X IT (CRN) Vendor claims victory against defunct Manchester-based reseller, but administrator's report states Cisco had sought £35m

Student killed himself after friends shared private text (Times) An aspiring doctor killed himself after rugby team-mates shared his private message about a fling with a female student and made him fear for his future, an inquest has been told. Edward Senior, 22...

Tor-linked nonprofit raided by police (Naked Security) They were after the authors behind a blog calling for violent protests but didn’t even bother with the authors’ email provider.

Kaspersky Lab wants to fund further investigations into failed distributor (ARN) Kaspersky Lab has offered to fund the investigations and proceedings into dealings between failed distributor Hemisphere Technologies.

Former TX Chief Faces Security Breach Charges (Firehouse) Former Brownsville Fire Chief Carlos Elizondo is charged with felon counts of computer security breach for accessing data from the city.

Former Brownsville Fire Chief Faces Breach Charges (Infosecurity Magazine) Grand jury indicts former fire chief in an 11-count case of computer security breach charges

ID thief steals savings of America’s oldest living war veteran (Military Times) Richard Overton, age 112, fought in World War II in a segregated Army unit.

Overton a victim of 'cyber attack,' police say (KVUE) Investigators say they think Richard Overton -- who is 112 years old -- was the victim of a cyber attack, that this was not the work of someone he knew.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Air Space & Cyber Conference (National Harbor, Maryland, USA, September 17 - 19, 2018) Gain new insights and skills to advance your career. Be among the first to see the latest innovations in airpower, space, and cyber capabilities all the while bonding with your fellow Airmen. Inspiring...

Upcoming Events

Cyber Security Summit 2018 (Newport, Rhode Island, USA, July 18 - 20, 2018) Join us for Opal Group’s Cyber Security Summit – set in Newport, RI, this premier event will gather C-Level & Senior Executives responsible for defending their companies’ critical infrastructures together...

The Cyber Security Summit: Seattle (Seattle, Washington, USA, July 19, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Health Cybersecurity Summit 2018 (Santa Clara, California, USA, July 20, 2018) Worried about being hacked? Not sure how to respond to a cyber incursion? The first line of defense is a cyber threat preparedness strategy that includes coordination with critical infrastructure and emergency...

Global Cyber Security Summit (Kathmandu, Nepal, July 27 - 28, 2018) Information Security Response Team Nepal (NPCERT) is all set to host a Global Cyber Security Summit (GCSS) on July 27 with the theme “Building Global Alliance for Cyber Resilience”. The two-day event aims...

SINET61 2018 (Melbourne, Victoria, Australia, July 31 - August 1, 2018) Promoting cybersecurity on a global scale. SINET – Melbourne provides a venue where international solution providers can engage with leaders of government, business and the investment community to advance...

Community College Cyber Summit (3CS) (Gresham, Oregon, USA, August 2 - 4, 2018) 3CS is the only national academic conference focused on cybersecurity education at community colleges. Who should attend 3CS? College faculty and administrators, IT faculty who are involved or who would...

2018 Community College Cyber Summit (3CS) (Gresham and Portland, Oregon, USA, August 2 - 4, 2018) 3CS is organized and produced by the National CyberWatch Center, National Resource Center for Systems Security and Information Assurance (CSSIA), CyberWatch West (CWW), and Broadening Advanced Technological...

2nd Billington Automotive Cybersecurity Summit (Detroit, Michigan, USA, August 3, 2018) The 2nd summit on August 3 in Detroit, MI will be the top leadership summit on auto cybersecurity convening a who’s who of speakers in the automotive cybersecurity ecosystem. The inaugural summit included,...

2nd Billington Automotive Cybersecurity Summit (Detroit, Michigan, USA, August 3, 2018) The 2nd summit on August 3 in Detroit, MI will be the top leadership summit on auto cybersecurity convening a who’s who of speakers in the automotive cybersecurity ecosystem. The inaugural summit included,...

Black Hat USA 2018 (Las Vegas, Nevada, USA, August 4 - 9, 2018) Now in its 21st year, Black Hat USA is the world's leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2018 opens with four days...

Audit Your Digital Risk (Washington, DC, USA, August 7 - 8, 2018) Recent reports indicate that manufacturing is the most heavily targeted industry for cyber attacks in the past year. According to a study released by NTT Security, 34% of all documented cyber attacks in...

DefCon 26 (Las Vegas, Nevada, USA, August 9 - 12, 2018) DEF CON has been a part of the hacker community for over two decades. $280.00 USD, cash for all four days. Everyone pays the same: The government, the media, the ‘well known hackers’, the unknown script...

CyberTexas 2018 (San Antonio, Texas, USA, August 14 - 15, 2018) The 2018 CyberTexas Conference will bring members of the CyberUSA community together with industry and government members of Texas to create long-term values for the cybersecurity ecosystem in San Antonio...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.