skip navigation

More signal. Less noise.

Are you investing wisely in threat intelligence?

Download this free guide from Recorded Future to learn the 11 questions you must answer before buying threat intelligence.

Daily briefing.

Researchers fear a second, deadlier round of attacks with the Triton/Trisis ICS malware used against Saudi petrochemical targets late last summer.

Iran shows continued activity in spearphishing targets in Asia and the Middle East. The threat group Temp.Zagros, more often known as MuddyWater (no connection with the similarly named hedge investment firm), has stepped up its distribution of malicious Word documents. Palo Alto Networks, FireEye, and Trend Micro are all tracking the group.

CTS Labs, discoverers of vulnerabilities in AMD chipsets that may or may not be serious, defends its controversial disclosure, but admit they might have done a better job getting independent verification of their research. They don't address the other concern observers have raised: short-sellers at Viceroy Research Group received a copy of the vulnerability research. They released a report on AMD the same day CTS Labs issued its findings, and in that report predicted that AMD's value would essentially go to zero.

NATO has placed itself firmly behind the UK in its nerve agent dispute with Russia. TASS is authorized to state that "sources" tell it NATO's Article 5 won't be invoked, presumably because the chemical attack was too small and too ambiguous.

The US Administration also issued sanctions yesterday in reprisal for both NotPetya and 2016 election meddling.

Yesterday FBI and Department of Homeland Security analysis resulted in US-CERT issuing a Joint Technical Alert warning of Russian government intrusion into US Government and energy sector networks. The campaign is said to involve preparation for ICS attacks.

Notes.

Today's issue includes events affecting Australia, China, France, Germany, Iran, Latvia, NATO/OTAN, Russia, Saudi Arabia, United Kingdom, United States.

A note to our readers: the CyberWire is happy to have been chosen as a finalist for the Maryland Cybersecurity Diversity Award (and the Cybersecurity Association of Maryland's People's Choice Award). You can find out more about the awards (and how to vote for us, if you'd like) here.

Intelligent response to doing more with less

Phishing, ransomware, and data breaches plague organizations of all sizes and industries, but the financial services market has always had the largest target on its back. How do you fend off these attacks when you don’t have the budget or resources for everything you need to protect your organization: data feeds, tools, analysis and mitigation? Learn more in our webinar on Wednesday, March 21 @ 2pm ET. Sign up now!

In today's podcast we speak with our partners at the SANS Institute, as Johannes Ullrich (also of the SANS Stormcast) explains credential stuffing. Our guest is Rico Chandra from Arktis, and he discusses securing radiation detectors.

Billington International Cybersecurity Summit (Washington, DC, USA, March 21, 2018) Billington International Cybersecurity Summit, March 21, Washington, D.C. Cybersecurity leaders from Asia, Europe, the Middle and U.S. on global threats and best practices, including Acting DoD CIO and Singapore Cyber Commissioner-designate. Sponsor Opportunities: Sandy Nuwar at 443-994-9832

Cyber Security Summits: Denver on March 22 & May 15 in Dallas (Denver, Colorado, USA, March 22, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Darktrace, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350) https://CyberSummitUSA.com

The Startup Journey: From Public Service to Successful Entrepreneurship (Fulton, Maryland, USA, March 22, 2018) At this DataTribe Meetup, Will Grannis, Managing Director Google CTO Office, will discuss his professional experiences spanning across entrepreneurship, public service, and Silicon Valley. Free food & beverages will be provided.

Third Annual Cyber Investing Summit 5/15/18 (New York, New York, USA, May 15, 2018) Renowned cyber security executive David DeWalt will deliver the keynote address at the Third Annual Cyber Investing Summit. The Cyber Investing Summit is a unique all-day conference focused on the financial opportunities available in the rapidly growing cyber security industry. Panels will explore sector investment strategies, market growth forecasts, equity valuations, merger and acquisition activity, cryptocurrency protection, funding for startups, and more. Speakers include leading Chief Information Security Officers, VC founders, financial analysts, cyber security innovators from publicly traded and privately held companies, and government experts.

Cyber Attacks, Threats, and Vulnerabilities

A Cyberattack in Saudi Arabia Had a Deadly Goal. Experts Fear Another Try. (NYTimes) Petrochemical companies were hit by a series of cyberassaults last year. The worst of them, against a widely used safety system, could have set off an explosion.

Pro-establishment Iranian hackers gaining prominence in the Persian Gulf (SC Magazine) The rising capabilities of Iranian hackers came to the fore in 2017 when hacker groups like Helix Kitten, Charming Kitten, and Volatile Kitten launched several crippling cyber-attacks on Saudi Arabian entities.

Iran-Linked Group 'TEMP.Zagros' Updates Tactics, Techniques In Latest Campaign (Threatpost) An Iran-linked group is linked to a massive spear phishing campaign that sends malicious Word Docs to victims in Asia and the Middle East.

Apple Bans Iran from the App Store (BleepingComputer) Iranian users have not been able to access Apple's App Store all day today, in what appears to be a ban put in place by the US company.

DHS warns of new Russia hacks as US sanctions Russia over election interference (Ars Technica) DHS alert warns of Russian government malware targeting critical infrastructure.

Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors (US-CERT) Since at least March 2016, Russian government cyber actors—hereafter referred to as “threat actors”—targeted government entities and multiple U.S. critical infrastructure sectors, including the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors.

If the US and Russia had a cyberwar, Russia would win: Cybersecurity CEO (CNBC) A top cybersecurity CEO tells Jim Cramer that if a cyber war broke out between the U.S. and Russia, then Russia would win.

Chinese Hackers Hit U.S. Firms Linked to South China Sea Dispute (Bloomberg) Chinese hackers have launched a wave of attacks on mainly U.S. engineering and defense companies linked to the disputed South China Sea, the cybersecurity firm FireEye Inc. said.

Chinese Crooks Assembling Massive Botnet of Nearly 5 Million Android Devices (BleepingComputer) A Chinese malware operation is currently building a massive botnet of nearly 5 million Android smartphones using a strain of malware named RottenSys.

The hacker, hacked: national criminals attack Russian banks (Financial Times) The country is now keen to change the idea that it is a cyber crime paradise

CTS Labs Provides Clarifications on AMD Chip Flaws (SecurityWeek) As a result of massive backlash from the industry, CTS Labs has provided some clarifications about the AMD processor vulnerabilities and its disclosure method

Malware attack on 400k PCs caused by backdoored BitTorrent app (Ars Technica) Once the stuff of spy novels, supply chain attacks are becoming common.

PSA: Beware of Windows PowerShell Credential Request Prompts (BleepingComputer) A new PowerShell script was posted on Github recently that prompts a victim to enter their login credentials, checks if they are correct, and then sends the credentials to a remote server. This allows an attacker to distribute the script and harvest domain login credentials from their victims.

Hackers Can Abuse Text Editors for Privilege Escalation (SecurityWeek) Researchers analyzed several text editors and found that many of them can be exploited for privilege escalation. Affected vendors not planning on releasing patches

Walmart Jewelry Partner Exposes Data of Millions of Customers (HackRead) Unsecured Amazon S3 Bucket Claims Another Victim - This Time, Private Data of 1.3 Million Limogés Jewelry Customers Have Been Exposed.

Hacking SAP CRM: 2 vulnerabilities in SAP NetWeaver AS Java (ERPScan) SAP NetWeaver AS Java is a widely used platform that supports numerous SAP applications. One of these applications is SAP CRM. A security issue in default component may lead to mass hacking of thousands of companies and millions of dollars losses.

DDoS Amplification Attacks Skyrocketed in Q4, Revealed by Nexusguard Research (BusinessWire) DDoS attacks using domain name server (DNS) amplification increased more than 357 percent in the fourth quarter of 2017, according to Nexusguard.

4 answers you need to know about the dawn of 1Tbps DDoS attacks (CIO Dive) Historically smaller DDoS attacks were not able to harness the same kind of bandwidth accessible to memcached servers seen in the recent attacks.

Hackers have self-driving cars in their headlights (Financial Times) Greater connectivity gives criminals more access

What To Do If Your 'Fortnite' Account Was Hacked, And How To Avoid It In The First Place (Forbes) Recently, numerous Fortnite players have reported that their accounts have been hacked.

Cellebrite competitor GrayKey raises security concerns with iPhone unlocking device (SC Media US) A product made by Cellebrite competitor GrayKey is raising security concerns over a standalone device capable of unlocking iPhones.

Potential PHI Exposure at BJC HealthCare Impacts 33K (HealthITSecurity) Recent potential healthcare data breaches include PHI exposure from a data server error, a stolen laptop, and a likely phishing scam.

Scam Of The Week: Phishing Madness! (KnowBe4) Beware of March Madness, criminal hackers are at it again, after Valentine's Day their phishing agenda has moved to the next topic.

Security Patches, Mitigations, and Software Updates

Intel Shares Details on New CPUs With Spectre, Meltdown Protections (SecurityWeek) Microcode patches for Spectre are available for all Intel CPUs launched in the past five years. The company provided more details on future processors that will include protections against these types of attacks

Cyber Trends

Microsoft Publishes Bi-annual Security Intelligence Report (SIR) (SecurityWeek) Microsoft has published its 23rd bi-annual Security Intelligence Report, which draws on data analysis of Microsoft's global estate since February 2017.

“Truly frightening” IoT security should motivate CSOs to reconsider their endpoint strategies (CSO) More than a few Israeli security researchers are reconsidering their personal purchase of home security cameras, baby monitors, doorbells and thermostats after a hackathon revealed “truly frightening” security vulnerabilities ...

Hackers learn to hurdle two-factor authentication (Financial Times) Biometrics, apps and machine learning are adding layers of security

70% of firms would fail a privileged account management audit (Security Brief) Firms believe privileged account management is important for security - but why are they still doing it wrong?

The Latest Strains of Attacks on the Pharmaceutical and Healthcare Sector (SecurityWeek) Security teams need visibility outside the organization and across the widest range of data sources possible to mitigate digital risk and better protect the organization.

Marketplace

'Panama Papers' Law Firm Shuts Down Operations (SecurityWeek) Mossack Fonseca, the law firm at the heart of the "Panama Papers" will shut down operations, citing negative press and what it called unwarranted action by authorities.

Palo Alto Networks picks up Evident.io for $300M cash (Silicon Valley Business Journal) Santa Clara-based network security company Palo Alto Networks is buying Pleasanton-based Evident.io for $300 million in cash, both companies said Wednesday.

Critical Start to Buy Advanced Threat Analytics (Dark Reading) Firms previously had teamed up in SOC services.

The red-hot AI hardware space gets even hotter with $56M for a startup called SambaNova Systems (TechCrunch) Another massive financing round for an AI chip company is coming in today, this time for SambaNova Systems …

Automox Inc. closes on $2M for its automated cyber protection (BizWest) Jay Prassl, chief executive of Boulder-based tech firm Automox Inc., is looking to make cybersecurity less reactive and more proactive, by focusing less on the detection of hacks and more on protecting your system from them.

CACI, ManTech Win Spots on $17.5B DISA Encore III IT Services IDIQ; Ken Asbury, Daniel Keefe Comment (GovCon Wire) CACI International (NYSE: CACI) and ManTech International (Nasdaq: MANT) have secured positions on a

Most Connected Devices Are Easy to Hack. This Company Says It Can Fix That (Bloomberg) SecureRF wants to make all that “smart” stuff less dumb.

Cisco, Symantec Takeover Buzz Sends This Cyber Stock Soaring (Investor's Business Daily) FireEye popped on Thursday amid speculation the rebounding cybersecurity company could be acquired by Cisco Systems or Symantec.

Private equity finds profit in lucrative cyber businesses (Financial Times) ‘Buy-and-build’ can bring strong returns, but results are hard to replicate

Products, Services, and Solutions

Limelight Networks Helps Companies Defend against Cyber Threats with New Bot Management Solution (BusinessWire) Limelight Networks, Inc. today announced a new Advanced Bot Manager option for its Limelight Application Firewall Solution.

NH-ISAC and Anomali Join Forces to Accelerate Cyber Threat Detection and Sharing for Healthcare Industry (BusinessWire) Anomali, the leading provider of threat management and collaboration solutions, announced today a strategic partnership with the National Health Infor

enSilo's Endpoint Security Platform First To Add Orchestration Features, Delivering Custom Response Actions to Fight Hidden Breaches (PR Newswire) enSilo, the company that protects endpoints pre- and post-infection to...

Intelisecure Partners with Digital Guardian, Netskope to Meet Surge in Demand for Managed Critical Data Protection (NASDAQ.com) Partnerships Enable InteliSecure to Combine Two Unique Capabilities: World-Class Data Loss Prevention and Cloud Security Access, Forming a Powerful.

Certified in the Governance of Enterprise IT - IT Certification - CGEIT (ISACA) CGEIT certification is designed for IT professionals who manage, provide advisory and assurance services and who support the governance of an enterprise’s IT.

Trustonic Secures Mobile Banking OTP Authentication in Korea (Trustonic) Korea’s centralised One Time Password (OTP) authentication service provider, KFTC, has launched an OTP service with KDB Bank and made it available nationally to make consumers’ lives simple.

Coalfire Labs R&D Team Releases Icebreaker Tool (PR Newswire) Coalfire, a trusted provider of cybersecurity advisory services,...

Australian email security vendor MailGuard to launch blockchain-based cybersecurity solution GlobalGuard (CRN Australia) Will combine Mailguard experience with a neural network.

Google Reviews Over 50 Billion Android Apps Daily (SecurityWeek) Google's Play Protect uses machine learning to help detect mobile malware and protect users from Potentially Harmful Apps (PHAs).

Dobler Consulting Becomes Member of MSP Alliance (AB Newswire) Dobler Consulting joins vibrant global consortium of cloud, managed service providers and technology enabling vendors.

Keeper Launches Secure Chat Platform (Mobile ID World) Keeper Security, the company behind the Keeper password manager app, has announced a new secure communications platform called KeeperChat.

Technologies, Techniques, and Standards

NIST Cybersecurity Framework Getting a Facelift, Looking to Make Adoption Easier (Security Boulevard) One of the biggest obstacles to securing the nation's critical infrastructure components, as well as to securing enterprise environments, is poor coordination...

Pwn2Own: Microsoft Edge and Apple Safari fall on day 1 (CSO Online) On day one of Pwn2Own, Microsoft Edge and Apple Safari were pwned, and the hack of Oracle VirtualBox was a partial success.

Ransomware Resilience: Detect and Respond (Infosecurity Magazine) When ransomware tore through businesses last year, questions were raised about how companies could react to such attacks and be able to better detect and respond in the future.

Online Ads vs. Security: An Invisible War (Dark Reading) Why visiting one website is like visiting 50, and how you can fight back against malvertisers.

Expert Roundup: The Impact of Software Monocultures on Security Across Organizations (Heimdal Security Blog) We asked cybersecurity experts about the impact of software monocultures on security and their answers provided great insights. They talked about the risks of using it in the organizations and why a multi-vendor approach is a better option.

Rush to the Cloud Risks Security Breaches (Infosecurity Magazine) Over half of cybersecurity professionals are reporting misalignment between them and the rest of the business when it comes to the cloud and security issues, according to new research by Palo Alto Networks.

Research and Development

The Last Barrier To Ultra-Miniaturized Electronics Is Broken, Thanks To A New Type Of Inductor (Forbes) In the race for ever-improving technology, there are two related technical capabilities that drive our world forward: speed and size.

IARPA: Encryption-busting quantum computers coming in near future (FederalNewsRadio.com) The head of IARPA, the intelligence community's advanced research agency, is looking at new encryption standards that can withstand future breakthroughs in quantum computing.

Washington waking up to threats of AI with new task force (TechCrunch) Elon Musk has been one of the few Silicon Valley luminaries to place intense attention on the potential dangers of AI, raising a billion dollars with Y Combinator’s Sam Altman to found OpenAI . Musk has continued the drumbeat on AI’s dangers, telling a crowd at SXSW this week that “A.I. is far more…

Academia

Imperial students to take on Inter-ACE cyber security challenge (Imperial News) Students from Imperial will be taking on competitors from 17 of the UK’s other leading universities in a two-day cyber security competition.

Northrop Grumman Foundation Congratulates Top 28 Teams Advancing to CyberPatriot National Finals Competition this April in Baltimore (Northrop Grumman Newsroom) The Northrop Grumman Foundation, presenting sponsor for the Air Force Association’s (AFA) CyberPatriot X competition, is proud to congratulate the top 25 high school and three middle school teams advancing to the...

Niwot High girls’ cybersecurity teams excel at national challenge (Left Hand Valley Courier) There’s an old saying that “To catch a thief, you have to think like one.” For five intense days, two teams of Niwot High School (NHS) girls rewired their thought

Higher ed particularly at risk of email phishing attacks, report finds (EdScoop) Eighty-eight percent of colleges and universities fail to protect students, faculty, alumni, staff, according to marketing and analytics company 250ok.

Legislation, Policy, and Regulation

NATO leaders unite in blaming Russia for nerve agent attack on ex-spy (Ars Technica) Novichok, a type of nerve agent developed by Soviets, identified as weapon in attack.

NATO won’t invoke Article 5 on collective defense over UK claims against Russia — source (TASS) A source says NATO sees no reasons for using Article Five of the collective defense treaty after London’s charges against Moscow in connection with the poisoning of former GRU Colonel Sergey Skripal

West calls on Russia to explain nerve toxin attack on former double... (Reuters) Britain, the United States, Germany and France jointly called on Russia on Thursday to explain a military-grade nerve toxin attack in England on a former Russian double agent, which they said threatened Western security.

U.S. issues broad Russian sanctions citing NotPetya attack and Internet Research Agency meddling (TechCrunch) In a surprisingly robust reprimand for the Trump administration, the U.S. Treasury Department issued a set of sanctions Thursday citing interference in the 2016 election as part of a broader pattern of hostile actions undertaken by the Russian government against U.S. interests. The sanctions follow…

New White House Sanctions Finally Take Russia's Online Chaos Seriously (WIRED) From election meddling to NotPetya to grid hacking, Russia's digital provocations are no longer being ignored.

Sasse, McCain urge US to prompt NATO response to Russia (Beatrice Daily Sun) Sens. Ben Sasse and John McCain on Thursday urged the United States to join with its NATO allies in "a coordinated response to Russia's shadow operations," including its latest apparent

More countries are learning from Russia’s cyber tactics (Financial Times) Nation states look to be growing more aggressive in their capabilities to disrupt

Analysis | Most lawyers don’t understand cryptography. So why do they dominate tech policy debates? (Washington Post) Lawyers are overconfident while computer scientists are introverted — but computer scientists know what they are talking about.

Senators to grill Trump's pick for NSA chief on Russia, privacy (Reuters) U.S. senators will grill President Donald Trump's pick to lead the National Security Agency on the government's surveillance reach and a range of cyber security issues on Thursday, when he faces his second confirmation hearing to lead the electronic spy agency.

Espionage bill still threatens many despite defences for media, Law Council says (the Guardian) Dealing with or publishing protected information could lead to 20-year prison sentence

Litigation, Investigation, and Law Enforcement

As U.S. indicts foreign hackers, American cyber spies fear arrests in tit-for-tat action (McClatchy) As U.S. becomes a ‘punching bag’ for foreign hackers, prosecutors increasingly move to file criminal charges against state-run hackers abroad. But U.S. cyber warriors worry that they may face retaliation, too, possibly ending up in a foreign jail cell.

Can AMD Vulnerabilities Be Used to Game the Stock Market? (Motherboard) A shady financial firm tried to bury and short sell AMD based on several security vulnerabilities discovered by CTS Labs. But the tactic appears to have failed.

AMD – The Obituary (Viceroy Research Group) Viceroy analyze CTS Labs’ report exposing fatal security vulnerabilities across AMD products

SEC cyber unit eyes initial coin offerings with suspicion (Financial Times) As corporate fundraising evolves, investors need greater protection

Anti-anti-virus service provider tied to huge hacks cops plea (Naked Security) Jurijs Martisevs pled guilty to running a clearinghouse for criminal developers to see if anti-virus programs would detect their malware.

Statement of Facts: United States of America v. Jurijs Martisevs (United States District Court for the Eastern District of Virginia (via Register Media)) The United States and the defendant, JURIJS MARTISEVS ("MARTISEVS"), agree that the following facts are true and correct, and that had this matter proceeded to trial, the United States would have proven them beyond a reasonable doubt with admissible and credible evidence.

Intelligent to a Fault: When AI Screws Up, You Might Still Be to Blame (Scientific American) Interactions between people and artificially intelligent machines pose tricky questions about liability and accountability, according to a legal expert

New Orleans ends its Palantir predictive policing program (The Verge) The partnership ran for six years without public knowledge

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Insider Threat Program Management With Legal Guidance Training Course (Herndon, Virginia, USA, May 8 - 9, 2018) This training will provide the ITP Manager, Facility Security Officer, and others (CIO, CISO, Human Resources, IT, Etc.) supporting an ITP, with the knowledge and resources to develop, manage, or enhance...

Insider Threat Program Management With Legal Guidance Training Course (Tyson's Corner, Virginia, USA, June 19 - 20, 2018) This training will provide the ITP Manager, Facility Security Officer, and others (CIO, CISO, Human Resources, IT, Etc.) supporting an ITP, with the knowledge and resources to develop, manage, or enhance...

Upcoming Events

Cyber 9-12 (Washington, DC, USA, March 16 - 17, 2018) Now entering its fifth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges...

Infosecurity Magazine Spring Virtual Conference (Online, March 21, 2018) Tune in on Wednesday March 21 for day two of our two-day online event to learn what’s going on at the heart of the industry. Our easy to digest format offers a mix of short sessions, panel debates and...

3rd Annual Billington International Cybersecurity Summit (Washington, DC, USA, March 21, 2018) With confirmed speakers from Estonia, Romania, Singapore, Sweden, the United States, and Kuwait, and with attendees from many more countries, this summit brings together world-class cybersecurity thought...

Infosecurity Magazine North America Virtual Conference (Online, March 21 - 22, 2018) Tune in on Wednesday March 21 for day two of our two-day online event to learn what’s going on at the heart of the industry. Our easy to digest format offers a mix of short sessions, panel debates and...

The Cyber Security Summit: Denver (Denver, Colorado, USA, March 22, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Women in CyberSecurity 2018 (Chicago, Illinois, USA, March 23 - 24, 2018) Through the WiCyS community and activities we expect to raise awareness about the importance and nature of cybersecurity career. We hope to generate interest among students to consider cybersecurity as...

Northeast Regional Security Education Symposium (Jersey City, New Jersey, USA, March 23, 2018) The Professional Security Studies Department at New Jersey City University (NJCU) will hold its Northeast Regional Security Education Symposium on Friday, March 23, 2018, from 8 am to 2 pm. The symposium...

KNOW Identity Conference 2018 (Washington, DC, USA, March 26 - 28, 2018) The premier global event for the identity industry, the KNOW Identity Conference is the nexus for identity innovation, offering a uniquely differentiated, powerful, and immersive event that convenes the...

SecureWorld Philadelphia (Philadelphia, Pennsylvania, USA, March 28 - 29, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

National Cyber League Spring Season (Chevy Chase, Maryland, USA, March 30 - May 25, 2018) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...

4th Middle East Cyber Security Summit (Riyadh, Saudi Arabia, April 4 - 5, 2018) The summit will feature state of the art presentations, hackathons and technology showcasing from regional and international experts and leading technology providers. One of the focus areas of the summit...

Cybersecurity: A Shared Responsibility (Auburn, Alabama, USA, April 8 - 10, 2018) During the 2018 SEC Academic Conference, we will explore three themes within cyber security: the underlying computer and communication technology; the economic and physical systems that are controlled...

Sea-Air-Space: The Navy League’s Global Maritime Exposition (National Harbor, Maryland, USA, April 9 - 11, 2018) Join us this April for Sea-Air-Space, the largest maritime exposition in the U.S., with 275+ exhibitors displaying the latest in maritime, defense and energy technology. This year’s theme, “Learn. Compete.

2018 Mississippi College Cybersecurity Summit (Clinton, Mississippi, USA, April 10 - 11, 2018) The 2018 Mississippi College Cybersecurity Summit is a conference designed to engage, educate, and raise awareness about cybersecurity across the nation. The 2018 Cybersecurity Summit will provide valuable...

ISC West 2018 (Las Vegas, Nevada, USA, April 11 - 13, 2018) ISC West is THE largest security industry trade show in the U.S. At ISC West, you will have the chance to network with over 30,000 security professionals through New Products & Technologies encompassing...

CYBERTACOS San Francisco (San Francisco, California, USA, April 16, 2018) CYBERTACOS is back and becoming one of the biggest cybersecurity networking events! Register today and join us for networking, food and drinks. This event includes a 45-minute meet the press panel made...

RSA Conference 2018 (San Francisco, California, USA, April 16 - 20, 2018) Take this opportunity to learn about new approaches to info security, discover the latest technology and interact with top security leaders and pioneers. Hands-on sessions, keynotes and informal gatherings...

Our Security Advocates (San Francisco, California, USA, April 17, 2018) OUR Security Advocates highlights a diverse set of experts from across information security, safety, trust, and other related fields. OURSA is a single-track, one-day conference with four topic sessions.

Industrial Control Systems (ICS) Cyber Security Conference Asia (Singapore, April 25 - 27, 2018) The Central ICS/SCADA Cyber Security Event of the Year for the APAC Region. Three days of multi-track training & workshops for days for operations, control systems and IT security professionals to connect...

INFILTRATE (Miami Beach, Florida, USA, April 26 - 27, 2018) INFILTRATE is a "pure offense" security conference aimed at the experienced to advanced practitioner. With the late-90s hacker con as its inspiration, the event has limited attendance in order to foster...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.