skip navigation

More signal. Less noise.

2017 cyberattacks proved more numerous, sophisticated, and ruthless than in years past.

WannaCry, NotPetya, ransomware-as-a-service, and fileless attacks abounded. And, that’s not everything. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. Read The Cylance Threat Report: 2017 Year in Review Report and learn about the threat trends and malware families their customers faced in 2017.

Daily briefing.

The head of Ukraine's national cyber police has warned that Russian operators are staging malware in Ukrainian enterprises, presumably for a coordinated campaign as some later date. Today is Ukraine's Constitution Day, often mentioned as attractive to attackers wishing to draw maximal attention to their political point. August 24th, the country's independence day, is another date mentioned for potential attack timing. Russian authorities have issued routine denials of involvement in cyberattacks on Ukrainian targets.

The threat, should it materialize, is unlikely to be confined to Ukraine. NotPetya began with attacks on Ukrainian targets and quickly spread worldwide.

Cyberespionage campaigns, apparently staged by and from China, have been targeting Tibetans resident in India.

Bravo, Talos. Cisco's research unit has released a free decryptor for Thanatos ransomware.

Facebook's continuing audit of apps and data usage attracts little love. It's proving difficult for the company to track down third-party data use (many such parties proving either uncooperative or defunct). And critics see Facebook as slow and unresponsive in its reaction to discovery in April of a quiz app's having leaked data on some 120 million users.

A multi-agency law enforcement operation in the US has taken down a number of alleged dark web contraband dealers, for the most part drug traffickers. The action involved the Department of Justice, Homeland Security Investigations, the US Secret Service, the US Postal Inspection Service, and the Drug Enforcement Administration. Authorities are tight-lipped about details, but apparently Government agents posed as cryptocurrency money-launderers to roll up the suspects.

Notes.

Today's issue includes events affecting Australia, China, India, Japan, Democratic Peoples Republic of Korea, Russia, Ukraine, United Arab Emirates, United Kingdom, United States.

Learn four incident response lessons from high-profile breaches.

Most enterprises know that they are constantly under attack but haven’t fully embraced some lessons to be learned from real-world, high-profile security incidents. Watch this free webinar, presented by experts from Coalfire and Arete Advisors, to learn four practical lessons that will help you avoid damaging losses and minimize negative impacts of cybersecurity incidents.

In today's podcast we speak with our partners at CenturyLink, as Mike Benjamin discusses malspam, and how it differs from run-of-the-mill spam (not that run-of-the-mill spam is good, either). Our guest is Jaime Blasco from AlienVault, who shares thoughts on the security implications of using open source tools. 

And this week's Hacking Humans is up. We share a story of airport penetration testing with high degree of yuck-factor, and not yuck in a good way--you won't be yucking it up. Joe explores research on protecting passwords from social engineering. Our catch-of-the-day comes courtesy of Graham Cluley's email spam box. Dave interviews Wired's Security Staff Writer Lily Hay Newman on her article tracking Nigerian email scammers.

8th Annual (ISC)2 Security Congress (New Orleans, Louisiana, United States, October 8 - 10, 2018) The (ISC)2 Security Congress brings together the sharpest minds in cyber and information security for over 100 educational sessions covering 17 tracks. Join us to learn from the experts, share best practices, and make invaluable connections. Your all-access conference pass includes educational sessions, workshops, keynotes, networking events, career coaching, expo hall and pre-conference training. Save your seat at congress.isc2.org.

Cyber Attacks, Threats, and Vulnerabilities

Exclusive: Ukraine says Russian hackers preparing massive strike (Reuters) Hackers from Russia are infecting Ukrainian companies with malicious software to create "back doors" for a large, coordinated attack, Ukraine's cyber police chief told Reuters on Tuesday.

Ukraine Cyberpolice Chief Alleges Russian Hackers Preparing Massive Strike (RadioFreeEurope/RadioLiberty) The head of Ukraine's cyberpolice has claimed that Russian hackers are infecting computer systems of Ukrainian firms with malware to establish "back doors" for a large-scale coordinated attack.

Russia is preparing a huge cyberattack, Ukraine warns (Newsweek) The head of Ukraine's cyber police said the preparation that's been detected could only have been done by Russian hackers.

Russian Hackers Planning 'Massive Strike' Against Ukraine: Cyber Police Chief (Insurance Journal) Hackers from Russia are infecting Ukrainian companies with malicious software to create "back doors" for a large, coordinated attack, Ukraine's cyber

Cyber-Espionage Campaigns Target Tibetan Community in India (SecurityWeek) Two cyberespionage campaigns targeting the Tibetan community based in India appear to be the work of Chinese actors

A New Twist In SSDP Attacks (Arbor Networks Threat Intelligence) Arbor ASERT has uncovered a new class of SSDP abuse where naïve devices will respond to SSDP reflection/amplification attacks with a non-standard port. The resulting flood of UDP packets have ephemeral source and destination ports, making mitigation more difficult - a SSDP diffraction attack. This behavior appears

NSA-Linked Implant Patched to Work on Windows Embedded (SecurityWeek) DoublePulsar, one of the hacking tools the Shadow Brokers supposedly stole from the NSA-linked Equation Group, can now run on Windows Embedded devices

The New Face of Necurs: Noteworthy Changes to Necurs’ Behaviors (TrendLabs Security Intelligence Blog) We discovered noteworthy changes in how Necurs makes use of its bots: pushing infostealers on them and showing an interest in certain characteristics.

Amid DDoS, No Smooth Sailing For Travel Firms (PYMNTS.com) Faster payments are smarter payments. Safer payments are smarter payments, too. However, though speed matters, so does safety. In a world where faster payments are becoming more mainstream, including 12 countries with established Real-Time Payments systems and 45 others in various stages of development, it’s no wonder that security remains top of mind for stakeholders. […]

Hotels, airlines and travel sites battle bot attacks (ZDNet) Attackers in certain countries appear to have a particular focus on breaching organisations operating in the travel sector.

Akamai: DDoS attacks on the rise, become more specialized (CSO Online) Akamai's new State of the Internet/Security: Web Attack report says DDoS attacks increased 16% since 2017. It also says China and Russia launch the most credential abuse attacks on the hospitality industry.

1 in 17 Mobile Devices Used to Conduct Bad Bot Attacks on Websites (Distil Networks) Research from Distil Networks reveals mobile as the new frontier for malicious bots

Mobile Bots: The Next Evolution of Bad Bots (Distil Networks) From the early 2000s, bots have been roaming the internet, some beginning as useful tools but have evolved over time to increasingly abuse and de-fraud businesses.

Windows Settings Shortcuts Can Be Abused for Code Execution on Windows 10 (BleepingComputer) A new file type format added in Windows 10 can be abused for running malicious code on users' computers, according to Matt Nelson, a security researcher for SpecterOps.

Unpatched WordPress Flaw Leads to Site Takeover, Code Execution (SecurityWeek) A file deletion vulnerability that remains unpatched 7 months after being reported allows complete takeover of WordPress sites and arbitrary code execution, but exploitation requires authentication

Yet another massive Facebook fail: Quiz app leaked data on ~120M users for years (TechCrunch) Facebook knows the historical app audit it’s conducting in the wake of the Cambridge Analytica data misuse scandal is going to result in a tsunami of skeletons tumbling out of its closet. It’s already suspended around 200 apps as a result of the audit — which remains ongoing, with…

Fastbooking Hack Leaves Japan Hotel Red-Faced (SecurityWeek) Hundreds of hotels had customer data stolen as a result of a breach suffered by Fastbooking, a France-based company that provides e-commerce solutions for the hotel industry

Music fans' payment details stolen in cyber attack on Ticketmaster UK  (The Telegraph) Ticketing website Ticketmaster has suffered a cyber breach affecting 5pc of customers including payment details, the company admitted today.

Marketing Firm Leaked Database With 340 Million Records (WIRED) The leak may include data on hundreds of millions of Americans, with hundreds of details for each, from demographics to personal interests.

Online Betting Site Left Employees' Logins and Passwords Open to Hackers (Motherboard) The British betting site BetVictor allegedly left several administrative logins and passwords exposed through a search feature on its site, potentially allowing hackers to break into its internal systems.

OMG! I just received someone else’s security camera footage! (Naked Security) The opposite of serendipity – a security camera service sent video alerts to the wrong user… who just happened to be a BBC staffer.

CHEW on This: How Our Digital Lives Create Real World Risks (SecurityWeek) Securing applications and understanding vulnerabilities in code and IT systems will always be important. But today security pros must open their eyes to a much bigger picture.

How Facebook and Google nudge users to make anti-privacy choices (Help Net Security) Facebook, Google and Microsoft use anti-privacy dark patterns to steer users toward sharing more information about themselves to benefit those businesses.

Are you happy with this technology that Facebook’s developing? (Naked Security) New patents suggest Facebook’s going to soon know when you’re asleep, when you’re awake, and is going to have a good guess at when you’re going to die.

Controversial ‘hack back’ debate undecided after new details (Fifth Domain) A new book has added to a long-running debate regarding whether a company should be able to retaliate in cyberspace.

Security Patches, Mitigations, and Software Updates

New Details Leak on Security Flaw That Led OpenBSD to Disable Hyper-Threading (ExtremeTech) A new security report indicates issues with Hyper-Threading can leak cryptographic information in certain cases, but evidence points against this being a Spectre or Meltdown-class failure.

Cyber Trends

91% of critical incidents involve known, legitimate binaries like PowerShell (Help Net Security) Opportunistic threat actors are leveraging trusted tools, like PowerShell, to retrieve and execute malicious code from remote sources.

Q1 2018 Quarterly Threat Report (eSentire Managed Detection and Response) The Q1 2018 Quarterly Threat Report provides a quarterly snapshot of threat events investigated by the eSentire Security Operations Center (SOC). Download the report to see what attacks targeted mid-sized organizations in Q1 and learn how you can protect your business against them.

Cybercriminals will gravitate to criminal activity that maximizes their profit (Help Net Security) The McAfee Labs Threats Report June 2018 examines the growth and trends of new malware, ransomware, and other threats in Q1 2018.

Coin Miner Malware Spikes 629% in 'Telling' Q1 (Dark Reading) Drastic growth suggests adversaries are learning how they can maximize rewards with minimal effort.

What You Need To Know - Summer 2018 State of the Internet / Security: Web Attack Report (Akamai) It's that time of year - the Summer 2018 State of the Internet / Security: Web Attack report is now live. This new naming schema is just one of the many changes you'll notice if you're a returning reader of...

IoT security a concern, but most lack way to detect attacks on ICS (CSO Online) Industrial organizations are concerned about IoT security, with 77% believing their ICS network will suffer an attack. Yet nearly half have no measures in place to detect such an attack.

Cyber Researchers Don’t Think Feds or Congress Can Protect Against Cyberattacks (Nextgov.com) Only 15 percent of cyber researchers think the U.S. can defend against a critical infrastructure cyberattack, according to a survey.

Five Predictions for GDPR (Security Boulevard) #1 Over half of companies are still not ready for GDPR. To be honest, this number might even be higher.... The post Five Predictions for GDPR appeared first on Data Security Blog | Thales e-Security.

Cyber Risk at All-Time High for UK Financial Sector (Infosecurity Magazine) Bank of England survey respondents rate it second overall

Marketplace

​Kaspersky Lab talks with Canberra to prevent US-like ban (ZDNet) The Russian-based security vendor met with the prime minister's office to tout its new transparency centre initiative and proactively prevent the Australian government from following the United States in banning its use.

Huawei Australia's John Lord hits back at claims of a 5G ban (CRN Australia) Chairman fronts media to dispel "myths".

Splunk Acquires VictorOps, Accelerates DevOps Development and Customer Success (ReadITQuik) Splunk paid an aggregate purchase price of roughly $120 million for the transaction in cash and Splunk securities.

BitSight, a provider of security ratings, raises $60M at a valuation of around $600M (TechCrunch) As the tech world continues to grapple with how best to deal with the growing issue of malicious hacking and other security breaches, a startup that has developed a ratings system to track how well businesses are faring has raised a large growth round to expand its business. BitSight, which provide…

Social SafeGuard Raises $11 Million to Counter Digital Threats (PRWeb) Social SafeGuard, a leading provider of software for digital risk protection, today announced that it has raised $11 million in new funding from AllegisCyber,,,

Cynet Raises $13M to Fuel Growth, Provides Solution to Organizations Looking to Make Security Easy (BusinessWire) Cynet, pioneers of the holistic detection and response platform (www.cynet.com), understood the urgent need for a comprehensive answer to organization

Booz outlook bright as defense spending ramps up (Washington Technology) Booz Allen Hamilton sees its backlog and revenue growing amid an improving services market environment and a focus on internal controls after security breaches.

Rain Capital looks to fund cybersecurity startups in a post-Cambridge Analytica world (PitchBook) We spoke with Chenxi Wang, who spent more than a decade in cybersecurity before launching Rain Capital, about her new fund and the difficulties of raising money as a woman and first-time fundraiser.

CIT Advances Regional and National Network to Source, Qualify and Close Deals (GlobeNewswire News Room) Investments in Over 200 High-Potential Early-Stage Companies Across the Commonwealth Opens Doors for Current and Future Portfolio Companies

Virsec Expands Global Sales, Technology and Strategic Alliances Teams with Four Executive Appointments (GlobeNewswire News Room) Leader in Combatting Fileless Attacks that Weaponize at Runtime Appoints Industry Experts to Accelerate Growth

Jasen Meece to head business development for Gurucul (Help Net Security) Jason Meece will oversee sales, business development, channel and partnership programs, and their go-to-market strategies.

Mike Hale Named CACI National, Cyber Solutions Group EVP; DeEtte Gray Comments - GovCon Wire (GovCon Wire) Mike Hale, formerly vice president and intelligence community client executive at CACI International

Products, Services, and Solutions

Cyberbit Provides Enhanced Visibility Into OT Networks With Release 6.0 of SCADAShield (PR Newswire) Cyberbit Ltd., a world leading provider of cybersecurity simulation...

Threat X extends SaaS-Based WAF solution with threat detection (Help Net Security) Threat X capabilities capitalize on machine learning and attacker profiling to automate the precise detection and neutralization of advanced threats.

Versasec announces vSEC:CMS S5.2 (Versasec) Latest Release of Flagship Identity and Access Management Solution Also Focuses on Certificate Authorities and Management of Client Components

Inbox Security Scan identifies and protects critical online accounts (Help Net Security) Dashlane Inbox Security Scan scans your email inbox, finds all the accounts you've created using that email, and offers a security analysis.

Proficio’s ProView Plus Portal provides clients with ThreatInsight (Help Net Security) ThreatInsight Scoring Dashboard leverages advanced analytics to reveal blind spots in an organization’s security controls.

Zscaler Announces Integration with Microsoft Cloud App Security (CSO) Interoperability between Zscaler and Microsoft Cloud App Security solutions enable secure and seamless adoption of SaaS services for enterprise customers

Hide My Ass Pro 4 review: A noticeable upgrade with great speeds (PCWorld) HMA Pro 4 looks similar to version 3, but it adds some excellent design improvements, new features, and faster speeds.

The University of Minnesota Enables Secure IoT Deployments and Simplifies Network Management with Aruba Mobile-First Infrastructure (Taiwan News) The University of Minnesota Enables Secure IoT Deployments and Simplifies Network Management with Aruba Mobile-First Infrastructure

Technologies, Techniques, and Standards

WPA3 is here but how will it make Wi-Fi more secure? (Naked Security) New Wi-Fi security standards don’t come along very often but the Wi-Fi Alliance has just formally launched one, Wi-Fi Protected Access 3, or WPA3.

“Safer hops for email” – EFF’s plan to cut down on email snooping (Naked Security) STARTTLS is the email command that switches into encrypted mode. EFF just announced “STARTTLS Everyhere” to get everyone on board…

Free Thanatos Ransomware Decryptor Released (SecurityWeek) Cisco Talos releases free decryption tool to help victims of the Thanatos ransomware recover their files without paying the ransom

UAE Banks Federation Organizes ‘Tasharuk’ Workshop to Increase Awareness About Cyber Threat Intelligence Sharing Platform (Albawaba Business) With the objective of providing deeper insights on its cyber threat intelligence sharing platform, the UAE Banks Federation (UBF) today, June 26, 2018, hosted a workshop on ‘TASHARUK’ for its member banks in Abu Dhabi.

10 Tips for More Secure Mobile Devices (Dark Reading) Mobile devices can be more secure than traditional desktop machines - but only if the proper policies and practices are in place and in use.

Identity verification: Staying ahead of post-breach era consumer preferences (Help Net Security) Four key trends illustrate how recent breaches and shifting consumer behaviors are impacting the way businesses approach identity verification.

3 Ways That Marketers Can Get Involved In Cybersecurity Management (Forbes) As part of a series of interviews I’ve conducted to better understand marketing’s role in cybersecurity, I talked with Theresa Payton, former CIO for the White House and current CEO of Fortalice Solutions, a cybersecurity and intelligence consulting firm risk, fraud, and security company that helps businesses and government organizations protect themselves from emerging threats.

SMBs conduct security training, but they aren't prepared for a real-life cyberattack (TechRepublic) A new report from Webroot reveals that more SMBs are aware of potential cyberattacks but 79% say they are not prepared for them.

Taking the right cybersecurity precautions in China - Cylance (Security Brief) China is already Australia’s largest import and export trading partner, and President Xi Jinping recently implied that it’s unlikely to slow down.

Army to Issue Cyber Quest Report Soon (SIGNAL) The experiment focuses on cyber situational awareness.

Design and Innovation

Defense Cyber Security Adapts to a World in Which Data is the New Endpoint (Symantec) The Department of Defense is in the middle of a transition that just about every agency either has - or soon will - face

Cyber Security Briefing: Biometric bank cards are coming (BusinessCloud.co.uk) Using our fingerprints to buy goods, fraudsters impersonating Netflix and Apple's newest security features - this is Jonathan Symcox's news round-up

Academia

Female Students Awarded Cybersecurity Scholarships (Infosecurity Magazine) Morphisec awards scholarships to three female students in the field of cybersecurity.

Legislation, Policy, and Regulation

Why the United States needs a cyber accord with North Korea (CNN) US President Donald Trump and North Korean leader Kim Jong Un pledged to develop a new US-North Korea relationship during their historic summit in Singapore, but that won't be possible as long as Pyongyang continues to use cyberattacks against the United States and its allies.

UK Publishes Minimum Cyber Security Standard for Government Departments (SecurityWeek) The UK government's Cabinet Office has published the first iteration of its Minimum Cyber Security Standard, which will be incorporated into the Government Functional Standard for Security.

US senators could agree to lift ZTE ban if it is hit with security limits (South China Morning Post) The deal with Trump could ban ZTE hardware from critical assets, with US government employees prohibited from buying the Chinese firm’s products

Senators want Commerce to help U.S. firms ditch ZTE (Cyberscoop) A bipartisan trio of senators has asked the Department of Commerce to clarify that U.S. companies are welcome to remove products from their networks made by controversial Chinese telecom company ZTE.

U.S. House Passes Bill to Enhance Industrial Cybersecurity (Industrial Control Systems (ICS) Cyber Security Conference) The U.S. House of Representatives on passed a bill aimed at protecting industrial control systems (ICS), particularly ones used in critical infrastructure, against cyberattacks.

US legislators put industrial control system security on the map (Naked Security) After a spate of attacks on industrial control systems (ICS), the US this week officially recognized the need to secure them with a new bill.

Office of Cyberspace Reborn In Bill Approved by Senate Panel (BleepingComputer) The Senate Foreign Relations Committee voted today to advance bill H.R. 3776, the Cyber Diplomacy Act. This bill outlines the restoration of the State Department's Cyber Office under the new name of Office of Cyberspace and the Digital Economy and the reinstatement of a head of cyber related activities for the Department of State.

Bill to save net neutrality is 46 votes short in US House (Ars Technica) 172 Democrats signed petition to force vote, but they need 218 signatures.

IEEE joins the ranks of non-backdoored strong cryptography defenders (Rwgister) 'Exceptional access' is a really bad idea, says standards-setter, but one-off malware is cool

The new cyber leader focused on national defense (C4ISRNET) The Cyber National Mission Force has a new commander.

Litigation, Investigation, and Law Enforcement

Anthony Kennedy’s Retirement May Have Huge Consequences for Privacy (WIRED) Kennedy’s record is mixed, but he was a thoughtful voice on how to interpret Constitutional rights for the internet era.

US Dark Web Raids Lead to Arrests and Seizures (Infosecurity Magazine) Authorities identified 65 targets

Feds Pose as Cryptocurrency Money Launderer to Bust Alleged Dark Web Dealers (Motherboard) In a novel investigative strategy, rather than just following the money, investigators went undercover as someone converting Bitcoin into cash, exploiting a financial bottleneck faced by dark web criminals.

Fortinet, Interpol ink threat sharing info deal to combat cybercrime (Inquirer) Hackers had given the organizers of the 2018 Pyeongchang Winter Olympics in February this year a scare when a cyber attack paralyzed internet networks and caused communications to fail at the opening ceremony.

Man travels across world to attack online friend, shot by girl’s mum (Naked Security) She somehow allowed an online “friend” to get hold of her address – with a tragic outcome.

Woman ruined, sent death threats after #PermitPatty shaming video goes viral (Naked Security) The latest subject in a string of online shaming incidents was scrabbling to make amends this week as her business life fell apart and the death threats flooded in.

Army investigators issue warning about ‘virtual kidnapping’ scam (Army Times) The Army community is getting an alert after scammers recently called an Army family.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

GovSummit (Washington, DC, USA, June 27 - 28, 2018) GovSummit -- the government security conference hosted annually by the Security Industry Association -- brings together government security leaders with private industry technologists for top-quality information...

The Cyber Security Summit: DC Metro (Tysons Corner, Virginia, USA, June 28, 2018) Learn from cyber security experts from The U.S. Department of Justice, The NSA, Pulse Secure, CenturyLink and more as they brief you on the latest security threats facing your business. This event is...

Impact Optimize2018 (Rosemont, Illinois, USA, June 28, 2018) Impact Optimize2018, the first-ever IT and Business Security Summit hosted by Impact, will provide attendees with actionable steps that enable the betterment of information, network and cybersecurity.

Nuclear Asset Information Monitoring and Maintenance (Warrington, England, UK, July 3 - 4, 2018) On July 3rd and 4th in Warrington United Kingdom, nuclear industry leaders will meet for the IoE Events Nuclear Asset Information, Monitoring and Maintenance conference to further develop the sector’s...

Cyber Security Summit 2018 (Newport, Rhode Island, USA, July 18 - 20, 2018) Join us for Opal Group’s Cyber Security Summit – set in Newport, RI, this premier event will gather C-Level & Senior Executives responsible for defending their companies’ critical infrastructures together...

The Cyber Security Summit: Seattle (Seattle, Washington, USA, July 19, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Health Cybersecurity Summit 2018 (Santa Clara, California, USA, July 20, 2018) Worried about being hacked? Not sure how to respond to a cyber incursion? The first line of defense is a cyber threat preparedness strategy that includes coordination with critical infrastructure and emergency...

Global Cyber Security Summit (Kathmandu, Nepal, July 27 - 28, 2018) Information Security Response Team Nepal (NPCERT) is all set to host a Global Cyber Security Summit (GCSS) on July 27 with the theme “Building Global Alliance for Cyber Resilience”. The two-day event aims...

SINET61 2018 (Melbourne, Victoria, Australia, July 31 - August 1, 2018) Promoting cybersecurity on a global scale. SINET – Melbourne provides a venue where international solution providers can engage with leaders of government, business and the investment community to advance...

Community College Cyber Summit (3CS) (Gresham, Oregon, USA, August 2 - 4, 2018) 3CS is the only national academic conference focused on cybersecurity education at community colleges. Who should attend 3CS? College faculty and administrators, IT faculty who are involved or who would...

2018 Community College Cyber Summit (3CS) (Gresham and Portland, Oregon, USA, August 2 - 4, 2018) 3CS is organized and produced by the National CyberWatch Center, National Resource Center for Systems Security and Information Assurance (CSSIA), CyberWatch West (CWW), and Broadening Advanced Technological...

2nd Billington Automotive Cybersecurity Summit (Detroit, Michigan, USA, August 3, 2018) The 2nd summit on August 3 in Detroit, MI will be the top leadership summit on auto cybersecurity convening a who’s who of speakers in the automotive cybersecurity ecosystem. The inaugural summit included,...

2nd Billington Automotive Cybersecurity Summit (Detroit, Michigan, USA, August 3, 2018) The 2nd summit on August 3 in Detroit, MI will be the top leadership summit on auto cybersecurity convening a who’s who of speakers in the automotive cybersecurity ecosystem. The inaugural summit included,...

Black Hat USA 2018 (Las Vegas, Nevada, USA, August 4 - 9, 2018) Now in its 21st year, Black Hat USA is the world's leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2018 opens with four days...

Audit Your Digital Risk (Washington, DC, USA, August 7 - 8, 2018) Recent reports indicate that manufacturing is the most heavily targeted industry for cyber attacks in the past year. According to a study released by NTT Security, 34% of all documented cyber attacks in...

DefCon 26 (Las Vegas, Nevada, USA, August 9 - 12, 2018) DEF CON has been a part of the hacker community for over two decades. $280.00 USD, cash for all four days. Everyone pays the same: The government, the media, the ‘well known hackers’, the unknown script...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.