skip navigation

More signal. Less noise.

2017 cyberattacks proved more numerous, sophisticated, and ruthless than in years past.

WannaCry, NotPetya, ransomware-as-a-service, and fileless attacks abounded. And, that’s not everything. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. Read The Cylance Threat Report: 2017 Year in Review Report and learn about the threat trends and malware families their customers faced in 2017.

Daily briefing.

CSE Cybsec's Z-Lab reports finding Fancy Bear (also as APT28, Sednit, Pawn Storm, Sofacy, Strontium, and Russia's GRU) engaged in an espionage campaign directed against the Italian Navy. The Russian intelligence service is said to have installed an updated version of its familiar X-Agent malware in naval systems. The campaign is being called "Roman Holiday."

ESET researchers are analyzing three remote access tools used in ongoing campaigns against targets—mostly government agencies—in Ukraine. The tools are called "Quasar," "Sobaken," and "Vermin." ESET characterizes the campaign as one of "criminal espionage." The tools are used to access and exfiltrate sensitive files from government systems.

A database containing US voter information was found exposed in an unsecured AWS S3 bucket by Robocent, a robocalling firm specializing in selling its services to political campaigns. Kromtech found and disclosed the exposure. 

Trustwave's SpiderLabs say they've found a vulnerability in Reprise Software's RLM license management tool. Reprise says they won't patch because there's no vulnerability at all. RLM, says Reprise, is designed to run in a segregated non-privileged account. It's not supposed to be given administrator-level privileges, which is what SpiderLabs saw. That, says Reprise, isn't a bug, but rather an abuse of their product.

Cisco has patched Policy Suite, SD-WAN, and Nexus.

The US National Institute of Standards and Technology (NIST) will withdraw eleven SP 800 cybersecurity publications on August 1st. 

Members of the US Congress press the tech industry on content moderation.

The US Intelligence Community still believes Russia is a cyberthreat.

Notes.

Today's issue includes events affecting Egypt, India, Iran, Italy, Qatar, Russia, Saudi Arabia, Turkey, Ukraine, United Kingdom, United States.

What do Floppy Disks, Han Solo, and Insider Threats Have in Common?

Visit the ObserveIT booth at Black Hat USA to find out! They’re going back to the 80s to reminisce about throwback technology and show you how to take a 21st-century approach to your insider threat management strategy—so you don’t have to be stuck in the past with your DLP and Flock of Seagulls haircut. And before you head out to Vegas, take ObserveIT’s quiz on which 80’s pop culture icon best represents your insider threat management strategy.

In today's podcast, we speak with our partners at Lancaster University, as we hear from Daniel Prince on rewriting digital histories. Our guest, Matt Cauthorn from ExtraHop, describes a new worm that's spreading through Android devices. 

And, since we've passed midweek, our Hacking Humans podcast is also up. Joe describes one way law enforcement agencies lure crooks to their dismal arrest. Dave shares a tech support scan spreading in chat forums. A listener from Dublin has a fake Apple email. And we talk with Rachel Tobac, CEO of SocialProof Security.

XM Cyber is coming to Black Hat (Las Vegas, Nevada, United States, August 4 - 9, 2018) Visit XM Cyber at the Innovation City, booth IC2233, to experience the first fully automated APT simulation platform to Simulate, validate and remediate every hacker’s path to organizational critical assets.

8th Annual (ISC)2 Security Congress (New Orleans, Louisiana, United States, October 8 - 10, 2018) The (ISC)2 Security Congress brings together the sharpest minds in cyber and information security for over 100 educational sessions covering 17 tracks. Join us to learn from the experts, share best practices, and make invaluable connections. Your all-access conference pass includes educational sessions, workshops, keynotes, networking events, career coaching, expo hall and pre-conference training. Save your seat at congress.isc2.org.

Dragos Industrial Security Conference (DISC) 11/5/18 (Hanover, Maryland, United States, November 5, 2018) Reserve your spot now for the Dragos Industrial Security Conference (DISC) on November 5th, 2018. DISC is a free, annual event for our customers, partners, and those from the ICS asset community. Visit https://dragos.com/disc/ for more information.

Cyber Attacks, Threats, and Vulnerabilities

Researchers: 'Roman Holiday' malware campaign appears to be Russia targeting Italian navy (SC Media US) The Russian threat group Fancy Bear appears to be behind a recent campaign that appears to target Italy's navy with an updated version of the APT group's X-Agent backdoor malware, according to researchers.

Vermin one of three RATs used to spy on Ukrainian government institutions (WeLiveSecurity) ESET researchers have analyzed remote access tools (RATs) - Quasar, Sobaken and Vermin - that have been heavily used in recent espionage campaigns on Ukrainian government institutions.

Thousands of US voters' data exposed by robocall firm (ZDNet) Each record contains a voter's name, address, and "calculated" political affiliation.

Hundreds of thousands US voter data appeared online. Again. (LinkedIn) Just when I thought the days of misconfigured AWS S3 buckets are over, I discovered a massive US voter data online, apparently being part of Robocent,

Securonix Threat Research: GandCrab Ransomware Attack (Securonix) The GandCrab ransomware attacks are some of the most prevalent ransomware threats of 2018. In recent months, the GandCrab attackers were able to infect more than 50,000 victims and generate more than $600,000 in ransom payments from victims [1]. Securonix Threat Research Team…

Unpatched Remote Code Execution in Reprise License Manager (Trustwave) During a recent penetration testing engagement, I came across a particularly interesting web application called RLM, running on the non-standard port 5054, which naturally caught my eye. After a bit of poking around, I was able to identify a critical...

Vulnerability or Not? Pen Tester Quarrels With Software Maker (SecurityWeek) A security researcher has published details of what he considers to be a vulnerability in the RLM web application provided by Reprise Software. Reprise CEO Matt Christiano has told SecurityWeek, it is not a vulnerability.

Drupal, Phishing and A New Cryptomining Botnet (Blog | Imperva) At Imperva, we use pattern anomaly detection as one of the tools to identify emerging threats and build new defenses. Our security researchers analyze the detected patterns from time to time, and this is how we learned about the existence of the Ash botnet.

How hackers exploit critical infrastructure (Help Net Security) The traditional focus of most hackers has been on software, but the historical focus of crime is on anything of value. It should come as no surprise,

NISD: Just How Can A Cyber-Attack Impact An Essential Operator? (Video) (Mondaq) Partner Simon Shooter on what larger impact there could be from a cyber attack.

Omaha-based voting machine company denies Russian hacking (AP News) Russian hackers didn't breach an Omaha company's election machines or software in 2016, according to the company's officials.

Cloud Security Leader Coronet Identifies San Diego, Orange County (CA) & Houston-Hobby as America’s Most Cyber Insecure Airports (PRWeb) New report alerts business travelers on how airport Wi-Fi can put essential cloud-based work apps at risk, and educates flyers on the dangers of connecting to unencrypted, unsecured or improperly configured networks

Messenger Apps Top Risk Hit Parade (Dark Reading) Whether running on iOS or Android, Facebook's and WhatsApp's messenger apps present a 'winning' combination.

How to spoof someone’s GPS navigation to send them the wrong way (Naked Security) Researchers have for the first time demonstrated that it’s possible to spoof turn-by-turn GPS road navigation to send users to specific wrong locations.

Keeping it on the Down Low on the Dark Web (SecurityWeek.Com) Even while using Tor hidden services, there are many ways you can be exposed and have your activities compromised if you don’t take the right precautions to stay anonymous.

City of Alamogordo victim of $250,000 email scam (Alamogordo Daily News) State Auditor Wayne Johnson is cautioning all New Mexico government entities about an unknown email scam after the city of Alamogordo paid more than $250,000 to a scam artist Thursday.

Cyber attack on MGM Hospital (Asian Age) Thereafter, the hospital lodged a complaint with the cyber crime cell and a case was filed under the IT Act.

Roblox responds to the hack that allowed a child’s avatar to be raped in its game (TechCrunch) There’s a special place in Hell for people who think it’s funny to rape a 7-year-old girl’s avatar in an online virtual world designed for children. Yes, that happened. Roblox, a hugely popular online game for kids, was hacked by an individual who subverted the game’s protec…

British Airways apologises for delays and cancellations at Heathrow (Computing) Heathrow in 'complete chaos' after British Airways' IT failure

Security Patches, Mitigations, and Software Updates

Cisco plugs serious flaws in Policy Suite, SD-WAN, and Nexus switches (Help Net Security) Cisco has issued another batch of fixes, plugging a number of critical and high severity holes in Cisco Policy Suite, SD-WAN, and Nexus products.

Waratek Issues Guidance on Oracle April 2018 CPU (PRNewswire) Most Java flaws can be remotely exploited: Half of the Java patches relate to Deserialization Flaws

Cyber Trends

Cyber Attack Trends: 2018 Mid-Year Report (Check Point Software) When it comes to the global cyber landscape, threats are ever evolving, keeping organizations as well as the security community constantly challenged.

2018 Thales Data Threat Report – Retail Edition (Thales eSecurity) The 2018 Thales Data Threat Report – Retail Edition discusses the depth of data breaches in the retail industry, enterprise plans for combating them, and best practice data security recommendations.

2.3 Billion Account Credentials Compromised from 51 Organizations in 2017; New Research Shows Breadth of Breach Impacts (GlobeNewswire News Room) Shape Security’s 2018 Credential Spill Report provides inside look at lifecycle of stolen credentials and extent of data breach damage

2018 Credential Spill Report (Shape Security) Everyone knows there’s no such thing as a free lunch, but that doesn’t stop us from salivating over a deal that’s too good to be true. Roundtrip business class flights from LAX-LHR for the cost of a one-way from SFO-JFK. A $100 gift card for $50. Even a wheel of fancy French cheese at American single prices.

GDPR Fueling Rise of PII Theft, Cryptomining Plateauing (Infosecurity Magazine) Report shows traditional tech support scams are back on the rise, while cryptomining stagnates

Shrouding IoT Security in the Fog (Infosecurity Magazine) By virtue of its distributed architecture, fog computing secures everything from the cloud to the device.

US Orgs Overly Optimistic About Cyber-Readiness (Infosecurity Magazine) Attitudes and plans for tackling cybercrime are evolving, according to FICO.

Survey Finds Breach Discovery Takes an Average 197 Days (Security Boulevard) A new global study based on 500 interviews conducted by The Ponemon Institute on behalf of IBM finds that the average amount of time required to identify a data breach is 197 days, and the average amount of time needed to contain a data breach once it is identified is 69 days.

Finance leads, entertainment trails sectors investing in cybersec; threats faced differ from perceptions (SC Magazine) Investment in cyber security varies hugely between vertical sectors - but spend is no guarantee of reduced breaches, and perceived threats are not necessarily the same as actual threats.

Marketplace

Online viewing for the 2018 World Cup heavily benefited the VPN industry: Study (Comparitech) The 2018 World Cup heavily benefited the VPN industry as many fans sought to stream the games online for free or in their native languages.

Okta Acquires ScaleFT to Bring Zero Trust to the Enterprise (Business Wire) Okta, Inc. (NASDAQ:OKTA), the leading independent provider of identity for the enterprise, today announced it has acquired ScaleFT, the Zero Trust sec

Coinbase Acquisitions Approved By SEC, FINRA, Paving Way for Security Token Listings (CryptoGlobe) Cryptocurrency exchange Coinbase has reportedly been granted approval by the US Securities and Exchange Commission (SEC) to acquire several securities firms, opening up the possibility of the platform listing crypto tokens that are classified as securities. Coinbase VP Adam White says the exchange had “unprecedented” interest from institutional clients.

Coinbase didn’t get (or need) SEC approval for acquisitions after all, company says (TechCrunch) Hmm. Well, after Coinbase confirmed to Bloomberg (and us) that they had received regulatory approval for some acquisitions that would let it eventually usher in trading tokenized securities on its exchange, the company is now walking back from which agencies it received approval. While a Coinbase s…

Raytheon selected as cybersecurity advisor to the Royal Hashemite Court of the Kingdom of Jordan (PRNewswire) Work includes conducting vulnerability assessments for aviation and critical infrastructure systems

Picosegmentation Prevails in Shark Tank (SIGNAL) The third of three AFCEA finalists provides cybersecurity at the smallest level.

Zuckerberg: The Recode interview (Recode) Everything was on the table — and after Facebook’s wildest year yet, that’s a really big table.

Aspire Consulting Group LLC Secures Its First Prime Contract (Nasdaq) Textmunication Holdings, Inc. (OTC PINK: TXHD; OTC PINK:TXHDD), a cloud-based mobile SMS and RCS marketing platform provider, announces Aspire Consulting Group LLC ("Aspire") has been awarded a prime contract with the Maryland Health Benefit Exchange (MHBE).

Microsoft offers up to $100,000 to identity bug finders (HOTforSecurity) Want to earn $100,000? You could win as much as that if you manage to uncover a serious vulnerability in Microsoft's various identity services. And you could be helping millions of people around the world better secure themselves both at home and...

Beyond Crypto Valley - Find out Why Switzerland Is the Blockchain Capital of the World (CoinCentral) Switzerland is famous for cheese, chocolate, nifty multifunctional folding pocket knives AND some of the planets most outstanding natural beauty.

Products, Services, and Solutions

Aporeto Simplifies Service Mesh Security Operations With New Istio Integration (Business Wire) Aporeto, the Zero Trust security solution for microservices, containers and the cloud, today announced its extensive integration with Istio, the open source service mesh platform that connects, manages and secures microservices at scale.

Trust Automation To Provide Cybersecurity Solutions For Legacy Industrial Control Systems (Trust Automation) Trust Automation Inc., a leading supplier of automation technology for defense and industrial applications, has announced it will offer a novel new cybersecurity solution for industrial control systems (ICS). Working through the United States Department of Homeland Security’s Science and Technology Directorate, Trust has obtained an exclusive license to the Autonomic Intelligent Cyber Sensor (AICS) […]

New Subscription Service Takes on Ransomware Protection (Dark Reading) Training and response is the basis of a new offering that addresses ransomware and extortion attacks.

Technologies, Techniques, and Standards

NIST to Withdraw 11 Outdated Cybersecurity Publications (SecurityWeek) NIST’s Computer Security Division decided to withdraw 11 outdated SP 800 publications on August 1, 2018

Make Security Boring Again (Dark Reading) In the public sector and feeling overwhelmed? Focus on the basics, as mind numbing as that may sound.

Are Bug Bounty Programs the Answer to Secure Endpoints? (Infosecurity Magazine) Like with any security protection, don’t just rely on one form – bug bounties aren’t a silver bullet.

Budgetary Foresight: 3 Essential Cyber Security Programs For 2019 (Cyber Security Hub) Be ready for 2019 budgetary questions and planning by starting early and investigating essential cyber security technologies, instead of a panicked, late-night whirlwind of RFPs and industry reports. Here's a three-part system.

What Can the World Cup Teach Us About Cybersecurity? (Infosecurity Magazine) Just like with World Cup results, in cybersecurity it is not always the team with the strongest players or the best technical strategy that wins.

Kaspersky's Stephan Neumeier: Pay and the Hackers Own You (Awani Review) Kaspersky Lab Asia MD Stephan Neumeier advises effective cyber security defence against ransomware attacks, or be prepared to be wiped out for good.

No standards for vulnerability database, but 'US has set norms' (iTWire) There are no universal standards for a vulnerability database but the US national vulnerability database was the first to be set up and has set the no...

Russia's national vulnerability database is a bit like the Soviet Union – sparse and slow (Register) By design, though, not... er, general rubbishness

Remove FBI Locker Ransomware – Restore PC (Security Boulevard) This article will help you remove FBI Locker ransomware efficiently. Follow the ransomware removal instructions provided at the end of the article. FBI Locker is a virus that claims to encrypt your files and demands money as a ransom to...

Marines stand up first-of-its-kind tactical cyber team (Fifth Domain) The Marine Corps activated the first of its new defensive cyber teams within the Marine Air Ground Task Force.

Design and Innovation

Could semantic icons replace passwords and PINs? (Naked Security) SemanticLock replaces passwords, PINs and patterns with a sequence of graphical icons which work semantically.

Shadow Politics: Meet the Digital Sleuth Exposing Fake News (WIRED) Buried in media scholar Jonathan Albright's research was proof of a massive political misinformation campaign. Now he's taking on the the world's biggest platforms before it's too late.

Why is InfoWars allowed on Facebook? Zuckerberg: Because it doesn’t cause “harm” (Ars Technica) "Within this, those principles have real trade-offs and real tug on each other."

Leaked Documents Show Facebook’s ‘Threshold’ for Deleting Pages and Groups (Motherboard) During testimony to lawmakers, Facebook did not provide specifics on the threshold Pages or Groups have to cross before being deleted. Documents obtained by Motherboard layout those limits.

Why You Can't Trust More Cryptocurrency White Papers (WIRED) Crypto-developers—ironically, a community devoted to eliminating centralized authority—could use more traditional vetting structures.

“Astoundingly stupid” Kodak (not really) Bitcoin miner bites the dust (Naked Security) Deemed a scam from its CES debut, Kodak says KashMiner was never licensed, and its promised payouts portrayed ignorance of how Bitcoin works.

Landbot gets $2.2M for its on-message ‘anti-AI’ chatbot (TechCrunch) Who needs AI to have a good conversation? Spanish startup Landbot has bagged a $2.2 million seed round for a ‘dumb’ chatbot that doesn’t use AI at all but offers something closer to an old school ‘choose your adventure’ interaction by using a conversational choice inte…

Internet of Things (IoT) and Blockchain Technology Will Be an Interesting Ride (CoinCentral) There’s a lot of speculation over the Internet of Things (IoT) and blockchain technology. Is it a match made in heaven? Do they reinforce each other’s strengths–or do the technologies clash? Should they occupy separate worlds that don’t overlap? And what exactly is the Internet of Things anyway?

Research and Development

Wells Fargo Bank Submits Tokenization System Patent for Data Cryptography Protection (BitcoinExchangeGuide) Well Fargo Wants to Patent a Tokenization System for Protecting Data Wells Fargo, the San-Francisco-based bank recently filed a patent that outlines a tokenization system, which they will utilize t…

IBM Can't Contain Itself, Launches Nabla (Infosecurity Magazine) IBM researchers have created a new approach to container isolation with the launch of Nabla containers

Academia

MoTC begins hunt for Qatari cybersecurity talents (The Peninsula Qatar) The Ministry of Transport and Communications (MoTC), in association with the ITU Arab Regional Cybersecurity Centre (ARCC), announces the opening of the Qatar Threat Hunters 2018 Competition for youth aged 17-24, from mid-July to September 2018.

Legislation, Policy, and Regulation

Throughout Middle East, the Web Is Being Walled Off (Wall Street Journal) Authoritarian governments in the Middle East are increasingly adopting a version of China’s approach to online censorship, cutting citizens off from swaths of the internet, often with the aid of Western technology.

Trump says Russia is no longer targeting the U.S., contradicting statement from U.S. intelligence chief (Washington Post) Comments at Wednesday afternoon Cabinet meeting restokes criticism of president and his performance at Helsinki meeting with Putin.

US intelligence chief is harsh on Russia, at odds with Trump (AP News) National Intelligence Director Dan Coats' drumbeat of criticism against Russia is clashing loudly with President Donald Trump's pro-Kremlin remarks ...

As Russians describe ‘verbal agreements’ at summit, U.S. officials scramble for clarity (Washington Post) The Trump administration has offered few specifics on meetings that the president describes as a “tremendous success.”

Opinion | Parsing the surreal from the sensible in Trump’s Helsinki performance (Washington Post) The president is right to want to reduce tensions with Russia.

Analysis | In his prepared remarks, Trump removed a line about bringing election hackers to justice (Washington Post) It was one of several changes Trump made to his typewritten comments.

Why It Matters That Trump Denies Russian Interference (WIRED) Trump has denied or downplayed Russia's attempts to influence US democracy three times this week—and that has very real consequences.

Anti-Trump Hysteria Isn’t Helping (The Atlantic) The president’s performance in Helsinki wasn’t defensible—but neither was it treasonous.

Cyberspace invaders — Elina Noor (Malay Mail) Last Friday, a grand jury in the US District of Columbia charged 12 Russians with 11 counts of aggravated identity theft, conspiracy to launder money, and conspiracy to commit an offence against the United States. These federal crimes, as the indictment alleges, were knowingly and...

Analysis | The Cybersecurity 202: Anti-censorship tool opens new rift between lawmakers and tech companies (Washington Post) Lawmakers want Google and Amazon to bring back domain fronting.

Lawmakers Don't Grasp the Sacred Tech Law They Want to Gut (WIRED) Decades ago, Section 230 gave tech companies sweeping power to police content on their platforms. Now some lawmakers want that power back.

Election security bill picks up new support in Senate (TheHill) The bill is designed to help states upgrade their digital voting systems and boost information sharing between state and federal officials.

Bill to Block Feds' Personal Email, Social Media Access Advances (Nextgov.com) The bill would authorize agency leaders to block any website for cybersecurity reasons without negotiating with unions.

Gov Slow to Address Urgent CNI Security Needs (Infosecurity Magazine) The UK government is not addressing the need for cybersecurity skills for critical national infrastructure

Litigation, Investigation, and Law Enforcement

Trump says he accepts U.S. intelligence on Russian interference in 2016 election but denies collusion (Washington Post) He had come under heavy criticism for not publicly challenging Putin’s assertion at a news conference that the Kremlin did not interfere with the election.

Opinion | Stop calling it ‘meddling.’ It’s actually information warfare. (Washington Post) Let's treat the threat with the seriousness it deserves.

KnowBe4 Analysis: Lack of Security Awareness Training Allowed Russians to Hack American Election (Business Insider) KnowBe4, provider of the world's largest security awareness training and simulated phishing platform, analyzed the official indictment of the Russian GRU officers charged with interfering in the 2016 U.S. presidential election.

Britain has identified Russians suspected of Skripal nerve attack:... (U.S.) British police have identified several Russians who they believe were behind the nerve agent attack on former spy Sergei Skripal and his daughter, the British news agency, Press Association, said on Thursday, citing a source close to the investigation.

Alleged Russian agent Maria Butina ordered to remain in custody after prosecutors argue she has ties to Russian intelligence (Washington Post) Federal prosecutors said she was linked to oligarch with ties to the Putin administration and appeared ready to flee.

‘She was like a novelty’: How alleged Russian agent Maria Butina gained access to elite conservative circles (Washington Post) By August 2016, the FBI was monitoring the young political-science student as part of an effort to track what she was doing in the United States, according to officials.

Indicted Russian national Maria Butina once reportedly tried to quiz a left-leaning civil rights group about its cyber vulnerabilities (Business Insider) Maria Butina, the Russian gun rights activist charged with being a Russian agent, reportedly tried to interview a left-leaning civil rights group in 2017 about its cyber vulnerabilities. Butina's reported outreach could be indicative of Russia's continued efforts to infiltrate US politics.

Why an accused Russian agent visited an American university and South Dakota summer camp (Washington Post) Authorities arrested Maria Butina this week and charged her with acting on behalf of the Russian government.

A $5 Billion Fine Will Not End Google’s Stranglehold on Smartphone Software (Motherboard) In order to license Android, phone manufacturers are subject to a rigid set of requirements meant to drive mobile search traffic to Google.

Peer-to-Peer Crypto-Exchanges: A Haven for Money Laundering (Threatpost) Buyers and sellers can exchange cash in person, transfer bank funds online or can exchange funds for prepaid cards, gift cards or other cryptocurrencies.

FBI Refuses to Release Dark Web Kingpin Arrest Video It Already Showed and Bragged About (Motherboard) The bureau rejected a FOIA request without explaining why.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Security in our Connected World (Beijing, China, September 19, 2018) This year’s seminar will not only examine critical security technologies, such as the Trusted Execution Environment (TEE) and Secure Element (SE), but will also delve into their associated business and...

Global Security Exchange (Las Vegas, Nevada, USA, September 23 - 27, 2018) Global Security Exchange—formerly the ASIS Annual Seminar and Exhibits—delivers new opportunities to exchange key ideas and best practices, expand global connections, and experience innovations. The GSX...

MSPWorld® Peer Group & Data Analytics Summit (Las Vegas, Nevada, USA, October 4 - 5, 2018) The MSPWorld® Peer Group & Data Analytics Summit is a revolutionary new concept for the managed services executive. Accessible only by MSPs, this conference will focus on small, peer lead groups exchanging...

Upcoming Events

Cyber Security Summit 2018 (Newport, Rhode Island, USA, July 18 - 20, 2018) Join us for Opal Group’s Cyber Security Summit – set in Newport, RI, this premier event will gather C-Level & Senior Executives responsible for defending their companies’ critical infrastructures together...

The Cyber Security Summit: Seattle (Seattle, Washington, USA, July 19, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Health Cybersecurity Summit 2018 (Santa Clara, California, USA, July 20, 2018) Worried about being hacked? Not sure how to respond to a cyber incursion? The first line of defense is a cyber threat preparedness strategy that includes coordination with critical infrastructure and emergency...

Global Cyber Security Summit (Kathmandu, Nepal, July 27 - 28, 2018) Information Security Response Team Nepal (NPCERT) is all set to host a Global Cyber Security Summit (GCSS) on July 27 with the theme “Building Global Alliance for Cyber Resilience”. The two-day event aims...

SINET61 2018 (Melbourne, Victoria, Australia, July 31 - August 1, 2018) Promoting cybersecurity on a global scale. SINET – Melbourne provides a venue where international solution providers can engage with leaders of government, business and the investment community to advance...

Community College Cyber Summit (3CS) (Gresham, Oregon, USA, August 2 - 4, 2018) 3CS is the only national academic conference focused on cybersecurity education at community colleges. Who should attend 3CS? College faculty and administrators, IT faculty who are involved or who would...

2018 Community College Cyber Summit (3CS) (Gresham and Portland, Oregon, USA, August 2 - 4, 2018) 3CS is organized and produced by the National CyberWatch Center, National Resource Center for Systems Security and Information Assurance (CSSIA), CyberWatch West (CWW), and Broadening Advanced Technological...

2nd Billington Automotive Cybersecurity Summit (Detroit, Michigan, USA, August 3, 2018) The 2nd summit on August 3 in Detroit, MI will be the top leadership summit on auto cybersecurity convening a who’s who of speakers in the automotive cybersecurity ecosystem. The inaugural summit included,...

2nd Billington Automotive Cybersecurity Summit (Detroit, Michigan, USA, August 3, 2018) The 2nd summit on August 3 in Detroit, MI will be the top leadership summit on auto cybersecurity convening a who’s who of speakers in the automotive cybersecurity ecosystem. The inaugural summit included,...

Black Hat USA 2018 (Las Vegas, Nevada, USA, August 4 - 9, 2018) Now in its 21st year, Black Hat USA is the world's leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2018 opens with four days...

Audit Your Digital Risk (Washington, DC, USA, August 7 - 8, 2018) Recent reports indicate that manufacturing is the most heavily targeted industry for cyber attacks in the past year. According to a study released by NTT Security, 34% of all documented cyber attacks in...

DefCon 26 (Las Vegas, Nevada, USA, August 9 - 12, 2018) DEF CON has been a part of the hacker community for over two decades. $280.00 USD, cash for all four days. Everyone pays the same: The government, the media, the ‘well known hackers’, the unknown script...

CyberTexas 2018 (San Antonio, Texas, USA, August 14 - 15, 2018) The 2018 CyberTexas Conference will bring members of the CyberUSA community together with industry and government members of Texas to create long-term values for the cybersecurity ecosystem in San Antonio...

SecureWorld Bay Area (Santa Clara, California, USA, August 21, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

The Air Force Information Technology & Cyberpower Conference (Montgomery, Alabama, USA, August 27 - 29, 2018) As the premiere Air Force cyber security annual event, the Air Force Information Technology & Cyberpower Conference (AFITC) returns to Montgomery, Alabama in August of 2018. As a critical intersection...

The Cyber Security Summit: Chicago (Chicago, Illinois, USA, August 29, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.