skip navigation

More signal. Less noise.

Looking for an introduction to AI for security professionals?

Your wait is over. A new book is out from the Cylance data science team, covering artificial intelligence and machine learning techniques in practical situations to improve the security professional’s ability to thrive in a data driven world. Whether you are reviewing logs or analyzing malware, being able to derive meaningful results and improve productivity is key. Order your free copy today.

Daily briefing.

Germany, which continues to work on remediation of what's being called an "ongoing" attack on a government dedicated secure network, officially declines to attribute the attack. Economy Minister Zypries yesterday said that, while there were no indications Russia was behind the hack, it would be "problematic" if this would turn out to have been the case.  

Few others are so reticent. The industry consensus is that the attack is the work of Fancy Bear, Russia's GRU. Some members of the Bundestag who've been briefed on the incident are calling it "a form of warfare."

Fancy Bear has been busy elsewhere, too. Palo Alto Networks reports that it's observing a campaign mounted against diplomatic targets elsewhere in the world.

As disturbing as Russian cyber operations have been, CrowdStrike says that, in its view, North Korea remains the greater threat. Dragos agrees that North Korea needs to be taken seriously. The company believes Pyongyang has been working hard on tools to be used against industrial control systems. It also believes the DPRK is sizing up the US power grid as a promising high-payoff target.

General Paul Nakasone, nominated to succeed Admiral Rogers as head of NSA and US Cyber Command, thinks deterrence is cyberspace difficult but essential. The opposition must, he told Congress, face costs.

The amplification attacks against which security experts warned turned up in the wild Wednesday. GitHub was briefly taken down-estimates range from five to twenty minutes. Security experts call it the biggest distributed denial-of-service campaign on record: 1.3Tbps.

Notes.

Today's issue includes events affecting Australia, China, European Union, Germany, Iran, Democratic Peoples Republic of Korea, Russia, Ukraine, United States.

A note to our readers: We'll be in Mountain View, California, next week, covering  SINET's ITSEF conference. Sessions will be held on March 7th and 8th. Watch for summaries, articles, and live tweets beginning Wednesday.

Struggling with your DLP? It's time to rethink your data loss prevention strategy.

Traditional data loss prevention tools aren’t cutting it anymore. Why? They are high-maintenance and require endless fine-tuning. They often miss insider threats. They stymie communication between security and other departments. And they slow down endpoints, leading to crashes and failures that drive users crazy. Learn from ObserveIT why DLP tools aren’t getting the job done in 2018 and how you can stop data loss in its tracks. Read Now.

In today's podcast we talk with our partners at Dragos. CEO Robert M. Lee discusses industrial control system security in advanced manufacturing. Our guest is Marcus Harris from Saul Ewing Arnstein & Lehr LLP, who talks about the decision by some security companies to allow the Russians to inspect their source code. 

Billington International Cybersecurity Summit (Washington, DC, USA, March 21, 2018) Billington International Cybersecurity Summit, March 21, Washington, D.C. Cybersecurity leaders from Asia, Europe, the Middle and U.S. on global threats and best practices, including Acting DoD CIO and Singapore Cyber Commissioner-designate. Sponsor Opportunities: Sandy Nuwar at 443-994-9832

Third Annual Cyber Investing Summit 5/15/18 (New York, New York, USA, May 15, 2018) Renowned cyber security executive David DeWalt will deliver the keynote address at the Third Annual Cyber Investing Summit. The Cyber Investing Summit is a unique all-day conference focused on the financial opportunities available in the rapidly growing cyber security industry. Panels will explore sector investment strategies, market growth forecasts, equity valuations, merger and acquisition activity, cryptocurrency protection, funding for startups, and more. Speakers include leading Chief Information Security Officers, VC founders, financial analysts, cyber security innovators from publicly traded and privately held companies, and government experts.

Cyber Attacks, Threats, and Vulnerabilities

Russia-linked Hackers Directly Targeting Diplomats: Report (SecurityWeek) The Russia-linked cyber espionage group Sofacy (APT28) has been targeting foreign affairs agencies and ministries worldwide in a recently discovered campaign, Palo Alto Networks warns.

Cyberattack 'Ongoing' Against German Government Network (SecurityWeek) The German government's IT network is under an "ongoing" cyberattack", the parliamentary committee on intelligence affairs said.

Infamous Russian Cyber-Espionage Group Hacks German Government (BleepingComputer) APT28, an infamous cyber-espionage unit that many security firms believe is acting at the behest of the Russian government, has hacked various German government agencies for more than a year.

Russian-Linked Hackers Target Foreign Ministries (PCMAG) The hacking group, known as Fancy Bear, is best known for breaching the Democratic National Committee during the 2016 US election.

No evidence thus far that Russia behind German cyber attack:... (Reuters) German Economy Minister Brigitte Zypries on Thursday said there were no indications thus far that Russia was behind a cyber attack on German computer networks disclosed by Berlin on Wednesday.

Russia cyber attack on Germany a 'form of warfare' (The Telegraph) A suspected attack by Russian hackers on computer systems used by the German government is still ongoing and may be more serious than at first thought, MPs warned on Thursday.

German Gov’t Hacks shouldn’t Surprise Anyone (Safe and Savvy Blog by F-Secure) F-Secure’s Tom Van de Wiele says the reports about the recent attacks against the German government shouldn't come as a surprise.

North Korean Hackers May Be Developing Malware That Could Shut Down the U.S. Power Grid (The Daily Beast) More than half of security vulnerabilities tested in U.S. industrial systems could lead to “severe operational impact.”

North Korea poses a greater cyber-attack threat than Russia, security expert warns (The Independent) North Korea poses a more considerable cyber-attack threat to the international community than Russia, according to cyber-security firm CrowdStrike. Kim Jong-un's regime has been connected to a number of major hacks in recent years, with its attention primarily focused on neighbour and rival South Korea.

Beijing’s Influence Operations Target Chinese Diaspora (War on the Rocks) Editor’s Note: This is the fourth installment in “Ministry of Truth,” a special series on state-sponsored influence operations. Catch up on the series here

Iran-Linked Chafer Group Expands Toolset, Targets List (SecurityWeek) The Iran-based targeted attack group known as "Chafer" has been expanding its target list in the Middle East and beyond and adding new tools to its cyberweapon arsenal, Symantec warns.

GitHub Survived the Biggest DDoS Attack Ever Recorded (WIRED) On Wednesday, a 1.3Tbps DDoS attack pummeled GitHub for 15-20 minutes. Here's how it stayed online.

GitHub hit with the largest DDoS attack ever seen (ZDNet) DDoS attackers have found a new way of magnifying their attacks, with experts warning that bigger attacks are likely.

First Native IPv6 DDoS Attack Strikes, As Organisations Face Yet Another New Cyber Threat (Information Security Buzz) DNS dictionary attack came from around 1,900 different hosts on over 650 varying networks A first of its kind IPv6 DDoS attack hit servers over the weekend, raising a red flag for the future era of cyber-crime, according to global web security firm, Neustar. The DNS threat – which was successfully defended against – came from …

Financial Cyber Threat Sharing Group Phished (KrebsOnSecurity) The Financial Services Information Sharing and Analysis Center (FS-ISAC), an industry forum for sharing data about critical cybersecurity threats facing the banking and finance industries, said today that a successful phishing attack on one of its employees was used to launch additional phishing attacks against FS-ISAC members.

Beware; rTorrent Client Exploited to Mine Monero Cryptocurrency (HackRead) Hackers are exploiting a critical vulnerability in rTorrent to mine Moero cryptocurrency and so far $4,000 Monero has been made.

Cybersecurity Incident & Important Consumer Information (Equifax) As a result of ongoing analysis of data stolen in last year’s cybersecurity incident, Equifax announced that the company has confirmed the identities of U.S. consumers whose partial driver’s license information was taken. We were able to identify these consumers by referencing other information in proprietary company records that the attackers did not steal, and by engaging the resources of an external data provider.

Major data breach at Marine Forces Reserve impacts thousands (Marine Corps Times) Thousands of Marines and sailors have had their bank account and credit card information compromised.

Chrome Lets Hackers Phish Even 'Unphishable' Yubikey Users (WIRED) While still the best protection against phishing attacks, some Yubikey models are vulnerable after a recent update to Google Chrome.

Python-Written CannibalRAT Used in Targeted Attacks (SecurityWeek) The newly identified CannibalRAT has been written entirely in Python is being used in highly targeted attacks, Cisco Talos researchers say.

Five Threat Groups Target Industrial Systems: Dragoz (SecurityWeek) Industrial cybersecurity firm Dragos summarizes the activities of five sophisticated threat groups that target industrial control systems (ICS)

The Industrial Cyber Threat Landscape (Committee on Energy and Natural Resources, United States Senate) Chairwoman Murkowski, Ranking Member Cantwell and members of the committee, thank you for providing me the opportunity to testify before you today.

Security Implications of the End of Net Neutrality (SecurityWeek) Internet traffic modifications by ISPs as a result of the FCC's decision to end net neutrality create a huge potential attack surface.

Threat Spotlight: Attached Password Stealer (Barracuda) Earlier this month we revealed a new security advisory platform...

UK Uni Students Lose £100,000 to Phishers (Infosecurity Magazine) UK Uni Students Lose £100,000 to Phishers. Student Loans Company scams on the rise

Britons love of p[0]rnography puts them at risk of 'digital STI' (The Telegraph) Britons’ growing penchant for p[0]rnography is putting them at risk of particularly nasty computer viruses that could cost victims their savings, cyber experts have warned.

Security Patches, Mitigations, and Software Updates

Bug in HP Remote Management Tool Leaves Servers Open to Attack (Threatpost) Firmware versions of HPE’s remote management hardware iLO3 have an unauthenticated remote denial of service vulnerability.

Microsoft releases Spectre fixes for Windows 10 on Skylake CPUs (Help Net Security) Microsoft has pushed out a new set of Spectre (variant 2) security updates for devices running on Skylake CPUs and Windows 10 Fall Creators Update or Windows Server version 1709 (Server Core).

Cellebrite: We Keep iPhone Flaws Secret For The Public's Safety (Forbes) Earlier this week, Forbes learned that Israel-based U.S. government contractor Cellebrite was touting the ability to unlock the majority of iOS models on the market.

Philips Working on Patches for 35 Flaws in Healthcare Product (SecurityWeek) Philips working on patches for dozens of flaws affecting IntelliSpace Portal, a visualization and analysis solution designed for healthcare organizations

Cyber Trends

10 Key Takeaways From Cisco's Annual Cybersecurity Report (CRN) Attackers are getting better at evading detection and have made serious headway in exploiting new technologies like IoT and cloud services, Cisco's cybersecurity report finds.

How & Why the Cybersecurity Landscape Is Changing (Dark Reading) A comprehensive new report from Cisco should scare the pants off enterprise security leaders.

Why Cybersecurity Is More Difficult Today Than 2 Years Ago (Recorded Future) Research from ESG says cybersecurity professionals have found their jobs becoming more difficult over the last two years. Find out what a threat intelligence solution should entail to make your job easier.

SecOps reality gap: 85% say practicing SecOps is a goal, 35% actually do (Help Net Security) The SecOps reality gap is real. The vast majority of companies are bought-in, but unfortunately, a major gap exists between intent of practicing SecOps and the reality of their fast-growing businesses.

Marketplace

Cyber Command planning an analytics program called RAINFIRE (Fedscoop) The DoD cyberwarfare agency is seeking insights on joint analytics support capabilities it’s looking to obtain, including development and optimization.

NGA previews acquisition overhaul (FCW) The National Geospatial-Intelligence Agency is looking to revamp its acquisition process to lean heavily on small businesses and agile spending authorities.

One third of directors concerned about the cost of GDPR compliance (Africom) Those in arts & entertainment are least prepared, with over half (52%) not having started compliance efforts. Non-compliance can result in fines of up to 4% of the company's global annual turnover or €20 million, whichever is higher. Losing this amount of money could force most businesses into liquidity issues.

GDPR Is Almost Here, Let the Data Protection Officer Talent Race Begin (Wall Street Journal) T.S. Eliot once said most of the evil in this world is done by people with good intentions. And while data privacy is certainly a good intention, GDPR mandates may create unintended consequences. But help may be on the way in the form of a management position designed for knotty data challenges: the data protection officer.

Akamai reveals it paid nearly $400M for its two 2017 acquisitions (Boston Business Journal) Cambridge-based Akamai Technologies Inc. paid $380 million in a pair of 2017 acquisitions meant to boost its web performance and cybersecurity offerings at a crucial time for the $11.5 billion company.

Webroot Drives Four Years of Double-Digit Revenue Growth (PR Newswire) Webroot, the Smarter Cybersecurity® company, announced double-digit...

Wipro To Acquire Minority Stake in Denim Group, a Leading Application Security Solution Provider (BusinessWire) Wipro to acquire minority stake in Denim Group, a leading application security solution provider.

Cyber Insurer Coalition Raises $10 Million to Solve Cyber Risk for SMBs (Coalition) Coalition Inc., the first technology-enabled cyber insurance solution, announced today that it raised $10 million in Series A funding from leading technology investors including Vy Capital, Ribbit Capital, Valor Equity Partners, Sam Altman (President, Y Combinator), and Deep Nishar (Senior Managing Director, Softbank Vision Fund).

UAE-Based Cyber Security Firm DarkMatter Doubles Revenue in 2017 to $400M (Insurance Journal) DarkMatter, a three year-old United Arab Emirates-based cyber security firm, has more than doubled revenue last year to over $400 million. The firm, which

Lockpath Expands Leadership Team (PR Newswire) Lockpath, a leading provider of governance, risk management and...

Products, Services, and Solutions

New infosec products of the week​: March 2, 2018 (Help Net Security) New infosec products of the week feature releases from the following vendors: Accellion, Aricent, Corvil, Demisto, ESET and NOS Microsystems.

Arilou Develops First-of-its-kind Technology for Automotive Ethernet (NNG) Dynamic technology makes it possible to securely control in-vehicle communication

UK and Australian governments now use Have I Been Pwned (TechCrunch) Troy Hunt is turning Have I Been Pwned into an essential pwning monitoring service. The service monitors security breaches and password leaks so that you and..

Oxygen Forensics Doubles Down on Drone Forensics by Providing Industry-Exclusive Support for DJI Cloud (Oxygen Forensics) Oxygen Forensics, a worldwide developer and provider of advanced forensic data examination tools for mobile devices, cloud services and drones, announced today that its flagship software product, Oxygen Forensic® Detective v. 10.1 can now obtain data from the DJI cloud, which is the data repository for all DJI drones.

Secure Channels Inc. Future Proofs Data Security with a Quantum Resistant Patented Enterprise Security Platform (PR Newswire) Secure Channels Inc. (SCI), provider of innovative data security and...

Unlocking the Galaxy S9 with Intelligent Scan? It's easy, but maybe not so secure (CNET) An in-depth look at Samsung's new biometrics verification system -- and how it stacks up against the iPhone X’s Face ID -- shows it's not quite safe enough for mobile payments.

Brazilian Security Firm Launches A “Hack-proof” Android Smartphone For Storing Cryptocurrencies (BTCMANAGER) In what appears to be a first-of-its-kind handset, Brazilian security firm Sikur has rolled out a smartphone with a built-in cryptocurrency wallet at the Mobile World Congress 2018 in Barcelona. Unhackable Hardware The company claims that the security-focused new handset, dubbed SIKURPhone, is a perfect choice fo ...

Technologies, Techniques, and Standards

Free Decrypter Available for GandCrab Ransomware Victims (BleepingComputer) Bitdefender has released a free decrypter that helps victims of GandCrab ransomware infections recover files without paying the ransom.

Read My Lips: Don't Be a Botnet (Cyxtera) These days, most organizations are aware that they can be the target of a DDoS attack.

Cyber insurance, lessons from the trenches (ITWeb) Cyber insurance should be seen more as part of a risk management strategy, a retainer if you would, says says Ryan van de Coolwijk, ITOO Special Risks: Product Head Cyber Insurance.

Going phishing: countering fraudulent campaigns (World Trademark Review) WTR is a unique and timely intelligence service informing commercial trademark decision making by assessing the business impact of trademark law developments.

Why You Need Collaborative Defense in Depth (Security Intelligence) A collaborative defense strategy enables companies to unite siloed departments, integrate threat defense and extend security capabilities beyond the individual power of each tool.

Design and Innovation

Bill Gates' 'Nonsense' Crypto Comments Draw Twitter Ire (CoinDesk) Billionaire philanthropist Bill Gates claimed cryptocurrency "has caused deaths in a fairly direct way." The crypto community found that very amusing.

Blockchain Technology Is Here To Stay (CIOReview) The distributed ledger technology also known as blockchain technology is currently considered as one of the biggest game...

Microsoft president Brad Smith '82 discusses artificial intelligence future (The Princetonian) “We really need to step back and recognize that we can’t afford to look at this future without critical eyes,” explained Smith. “Technology is always used in good ways and bad, and even when it’s used in good ways, it has an impact that we can’t necessarily predict.  It had indirect effects that aren’t necessarily intended.”

What security is needed for digital assistant devices? (SearchNetworking) Alexa for Business Platform and other digital assistant devices are set to transform business operations, but how will they affect cybersecurity?

Research and Development

What is DARPA doing in Ukraine? (Defense News) The Pentagon's famous high-tech weapons office is working with Ukraine's government on information-related systems.

Microsoft advances several of its hosted artificial intelligence algorithms (TechCrunch) Microsoft Cognitive Services is home to the company's hosted artificial intelligence algorithms. Today, the company announced advances to several Cognitive..

Legislation, Policy, and Regulation

Absent at Munich: Placing cybersecurity on the main stage of geopolitics (Defense News) This year’s Munich Security Conference missed a golden opportunity to place cyber on the main stage of geopolitics.

German government under cyber attack, shores up defenses (Reuters) Germany's government was marshalling its defenses on Thursday against a powerful cyber attack that lawmakers said had breached the foreign ministry's computer network and whose origins officials admitted were still unclear.

Ex-CIA chief warns of new Cold War with Russia, WMD threat from ISIS (CBS News) Putin said Thursday in a televised address that the country had developed nuclear weapons that are capable of overwhelming any U.S. defense

Cyber Command Nominee Deflects Questions on Russia (Roll Call) The nominee to lead U.S. Cyber Command and the National Security Agency told lawmakers Thursday he would offer options to the president and Defense secretary to respond to Russian hacking of U.S. elections “if directed” to do so.Lt. Gen. Paul Nakasone, the current head of the Army’s Cyber Command, said the decision whether or not to retaliate for Russian disinformation efforts during the 2016 presidential election or to preempt future attempts at election interference is a policy matter for civilian leadership in the executive and legislative branches.

Cyber Command nominee: attacks must come with a cost (Fifth Domain) Lt. Gen. Paul Nakasone, in written testimony before the Senate Armed Services Committee, outlines the progress both the U.S. and adversaries have made in cyberspace.

Army officer: China, Russia don't fear US cyber retaliation (San Francisco Chronicle) Nations including China and Russia that launch cyberattacks against the U.S. don't fear retribution and see no reason to change their behavior, the Army officer tapped to be the next head of U.S. Cyber Command told a Senate Committee Thursday.

How a new leader could reshape Cyber Command (Fifth Domain) As Cyber Command grows and matures, here are tangible ways it can evolve under its new commander.

Here’s the Letter Israel Sent to Solicit Zero-Days From American Hackers (Motherboard) In a peek into the way governments may source hacking tools, Motherboard obtained a 2015 letter the Israeli Ministry of Defense sent to US-based exploit developers.

White House preparing for McMaster exit as early as next month (NBC News) President Trump has been at odds with his national security adviser for months

White House denies national security adviser McMaster is departing (Military Times) The White House pushed back Thursday against an MSNBC report that President Donald Trump is planning to imminently replace National Security Adviser H.R. McMaster.

Condoleezza Rice: H.R. McMaster should stay on as national security adviser (Washington Examiner) 'H.R. McMaster is one of the best generals of his generation. He's doing a really fine job as national security adviser. I have no idea abou...

Exclusive: Xi confidant set to become China's new spy master - sources (Reuters) A vice minister of public security, a close confidant of President Xi Jinping, is tipped to take over as China's spy master, five sources said, as the country looks to clean up its security apparatus and plug intelligence gaps.

Data61 CEO bumped up to CSIRO executive along with new chief scientist role (ZDNet) Among an executive restructure, Australia's national science agency will receive its own chief scientist.

ICO: 'There's so much misinformation out there' on GDPR (Computing) Elizabeth Denham keen to 'bust myths' about the regulator's approach to compliance

Corps unveils new cyber job field (Marine Corps Times) A big step in the Corps' development of cyber career tracks.

Congress needs to act in a bipartisan way to protect the integrity of our voting system (TheHill) Protecting our democracy should be common sense. While many issues divide us, the integrity of the vote should not.

Speed Up the Security-Clearance System (Bloomberg.com) Jared Kushner isn't the only one who's waiting.

Ducey creates security team to combat cyberattacks against Arizona (Arizona Central) The Republican governor will form the Arizona Cybersecurity Team through an executive order issued Thursday.

Litigation, Investigation, and Law Enforcement

1 State? 7 States? Uncertainty Persists About Russian Cyberattacks On U.S. Election (NPR.org) The intelligence community has more evidence than it has revealed about Russian interference efforts — but so far it is keeping what it knows secret.

PayPal Settles FTC Charges that Venmo Failed to Disclose Information to Consumers About the Ability to Transfer Funds and Privacy Settings; Violated Gramm-Leach-Bliley Act (Federal Trade Commission) The Federal Trade Commission has reached a settlement with PayPal, Inc.

Recent NPAs Set ‘Troubling Precedent’ (Who's Who Legal) In 2017, companies settled violations with the DOJ in unprecedented non-prosecution agreements that contained disavowals of any criminal liability.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

2nd Billington Automotive Cybersecurity Summit (Detroit, Michigan, USA, August 3, 2018) The 2nd summit on August 3 in Detroit, MI will be the top leadership summit on auto cybersecurity convening a who’s who of speakers in the automotive cybersecurity ecosystem. The inaugural summit included,...

Upcoming Events

NITSIG Meeting: Protecting Controlled Unclassified Information On U.S. Government Contractor Information Systems (Laurel, Maryland, USA, March 2, 2018) This meeting will discuss the security control requirements for the protection of Controlled Unclassified Information (CUI), for contractor information systems upon which CUI is processed, stored on, or...

Insider Threat Program Management With Legal Guidance Training Course (Herndon, Virginia, USA, March 6 - 7, 2018) The course will cover current regulations like National Insider Threat Policy NITP and NISPOM Conforming Change 2, and more. The course will provide the ITP Manager and Facility Security Officer with the...

SINET ITSEF 2018 (Silicon Valley, California, USA, March 7 - 8, 2018) Bridging the gap between Silicon Valley and the Beltway. SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment...

AFFIRM and USCC 5th Annual Cybersecurity Summit (Arlington, Virginia, USA, March 8, 2018) The 5th Annual Cybersecurity Summit is a place for important discussions about the challenges with cyber-security and is also a significant benefit both for the AFFIRM scholarship program, which helps...

PCI Security Standards Council Middle East and Africa Forum (Cape Town, South Africa, March 14 - 15, 2018) Don’t miss the data security event of the year for the payment card industry. Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes...

SecureWorld Boston (Boston, Massachussetts, USA, March 14 - 15, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Cyber 9-12 (Washington, DC, USA, March 16 - 17, 2018) Now entering its fifth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges...

Infosecurity Magazine Spring Virtual Conference (Online, March 21, 2018) Tune in on Wednesday March 21 for day two of our two-day online event to learn what’s going on at the heart of the industry. Our easy to digest format offers a mix of short sessions, panel debates and...

3rd Annual Billington International Cybersecurity Summit (Washington, DC, USA, March 21, 2018) With confirmed speakers from Estonia, Romania, Singapore, Sweden, the United States, and Kuwait, and with attendees from many more countries, this summit brings together world-class cybersecurity thought...

Infosecurity Magazine North America Virtual Conference (Online, March 21 - 22, 2018) Tune in on Wednesday March 21 for day two of our two-day online event to learn what’s going on at the heart of the industry. Our easy to digest format offers a mix of short sessions, panel debates and...

The Cyber Security Summit: Denver (Denver, Colorado, USA, March 22, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Women in CyberSecurity 2018 (Chicago, Illinois, USA, March 23 - 24, 2018) Through the WiCyS community and activities we expect to raise awareness about the importance and nature of cybersecurity career. We hope to generate interest among students to consider cybersecurity as...

Northeast Regional Security Education Symposium (Jersey City, New Jersey, USA, March 23, 2018) The Professional Security Studies Department at New Jersey City University (NJCU) will hold its Northeast Regional Security Education Symposium on Friday, March 23, 2018, from 8 am to 2 pm. The symposium...

SecureWorld Philadelphia (Philadelphia, Pennsylvania, USA, March 28 - 29, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

National Cyber League Spring Season (Chevy Chase, Maryland, USA, March 30 - May 25, 2018) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...

4th Middle East Cyber Security Summit (Riyadh, Saudi Arabia, April 4 - 5, 2018) The summit will feature state of the art presentations, hackathons and technology showcasing from regional and international experts and leading technology providers. One of the focus areas of the summit...

Cybersecurity: A Shared Responsibility (Auburn, Alabama, USA, April 8 - 10, 2018) During the 2018 SEC Academic Conference, we will explore three themes within cyber security: the underlying computer and communication technology; the economic and physical systems that are controlled...

Sea-Air-Space: The Navy League’s Global Maritime Exposition (National Harbor, Maryland, USA, April 9 - 11, 2018) Join us this April for Sea-Air-Space, the largest maritime exposition in the U.S., with 275+ exhibitors displaying the latest in maritime, defense and energy technology. This year’s theme, “Learn. Compete.

2018 Mississippi College Cybersecurity Summit (Clinton, Mississippi, USA, April 10 - 11, 2018) The 2018 Mississippi College Cybersecurity Summit is a conference designed to engage, educate, and raise awareness about cybersecurity across the nation. The 2018 Cybersecurity Summit will provide valuable...

ISC West 2018 (Las Vegas, Nevada, USA, April 11 - 13, 2018) ISC West is THE largest security industry trade show in the U.S. At ISC West, you will have the chance to network with over 30,000 security professionals through New Products & Technologies encompassing...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.