skip navigation

More signal. Less noise.

Outmaneuver your most sophisticated cyber enemies—automatically.

Cyber attacks are getting more sophisticated. Cybercrime and data breach costs will reach the billions and even trillions in the next few years. These are things we already know. But what are you doing to help your cybersecurity teams (who are already stretched thin) mitigate the billions of threats? The ScoutShield threat intelligence gateway keeps your overburdened teams from throwing in the towel by blocking threats automatically – making their lives easier and saving you from cyber attacks. Watch our video to learn more.

Daily briefing.

Enforcement officers from the UK's Information Commissioner's Office raided Cambridge Analytica's London headquarters late Friday night, tossing the place until 3:00 Saturday morning. What they found, if anything, is not yet known.

The data scandal has clobbered Facebook in the markets. Last week it lost, says MarketWatch, $75 billion in market cap. (That's like losing a Raytheon.) The company disputes reports that it indiscriminately collected Android data, saying that it collected only data users gave it permission to collect. A full-page apology the company ran in three US and six UK newspapers yesterday frames the scandal as a relatively restricted app issue.

The US this morning expelled sixty Russian diplomats in response to Russia's nerve-agent use in Salisbury, England. Other allied nations are taking similar steps. The expulsions come during a period of heightened fears of cyberattack, especially Russian cyberattacks against vulnerable power grids. 

Rapid 2.0 ransomware has a significant new feature: it won't execute on victim machines if it detects Russian locale settings. AVCrypt ransomware, which attempts to uninstall security software, may in fact be a wiper, since it offers no instructions for paying ransom. Another possible wiper that's out is  DiskWriter (or "UselessDisk"), a master boot record bootloader. Webroot reports  the TrickBot banking Trojan has received a new extortion module.

Iran has expressed outrage over the US indictment of nine hackers working for the Mabna Institute. 

The alleged leader of the Carbanak gang has been arrested in Spain, collared in a collaborative effort involving at least five nations.

Notes.

Today's issue includes events affecting Belarus, China, European Union, France, Germany, Iran, Ireland, Lithuania, Poland, Romania, Russia, Spain, Taiwan, Ukraine, United Kingdom, United States.

A note to our readers: the CyberWire is happy to have been selected as a finalist for the Maryland Cybersecurity Diversity Award (and the Cybersecurity Association of Maryland's People's Choice Award). You can find out more about the awards (and how to vote for us, if you'd like) here. Voting has been extended now that weather has postponed the event until March 27th.

Struggling with your DLP? It's time to rethink your data loss prevention strategy.

Traditional data loss prevention tools aren’t cutting it anymore. Why? They are high-maintenance and require endless fine-tuning. They often miss insider threats. They stymie communication between security and other departments. And they slow down endpoints, leading to crashes and failures that drive users crazy. Learn from ObserveIT why DLP tools aren’t getting the job done in 2018 and how you can stop data loss in its tracks. Read Now.

In today's podcast, we speak with our partners at Lancaster University, as  Daniel Prince discusses risk management.

Register for the Women in Tech Social on April 5 from 5:00-7:30pm in Howard County, MD. (Woodstock, Maryland, USA, April 5, 2018) Women working in or pursuing a technology/cybersecurity career in Maryland: join us for delicious food and drink as you connect with other fabulous women in tech. This friendly and casual gathering promises to be fun for one and all!

XM Cyber is coming to RSA (San Francisco, California, United States, April 16 - 20, 2018) Visit XM Cyber at the Israeli Pavilion, South Hall booth 635, to experience the first automated APT simulation platform to expose, assess and amend every attack path to organizational critical assets.

Cyber Attacks, Threats, and Vulnerabilities

Facebook responds to data misuse (TechCrunch) Facebook CEO Mark Zuckerberg has issued a formal response to the reports that Cambridge Analytica misused customer data collected from Facebook, and the platform is making some changes.

Facebook was warned about app permissions in 2011 (TechCrunch) Who’s to blame for the leaking of 50 million Facebook users’ data? Facebook founder and CEO Mark Zuckerberg broke several days of silence in the face of a raging privacy storm to go on CNN this week to say he was sorry. He also admitted the company had made mistakes; said it had breache…

Facebook scraped call, text message data for years from Android phones [Updated] (Ars Technica) Maybe check your data archive to see if Facebook’s algorithms know who you called.

Facebook amassed details of users’ texts and telephone calls (Times) Facebook has collected detailed phone records of millions of users including who they spoke with or sent messages to and when. The company said it gained the permission of Android phone owners to...

Facebook denies it collects call and SMS data from phones without permission (TechCrunch) After an Ars Technica report that Facebook surreptitiously scrapes call and text message data from Android phones and has done so for years, the scandal-burdened company has responded that it only collects that information from users who have given permission. Facebook’s public statement, posted on…

The Cambridge Analytica Data Apocalypse Was Predicted in 2007 (WIRED) The scientists warned us about big data and corporate surveillance. They tried to warn themselves.

Russian attacks on energy grid spark alarm (TheHill) Revelations about Russian cyberattacks on the U.S. energy grid are sparking new fears in Washington about the growing threat to the energy sector.

Threat From Cyber Hackers Is Growing, U.S. Grid Regulator Says (Bloomberg) Hackers increasingly threaten sites in the U.S. ranging from nuclear power plants to water processing systems, according to a member of the Federal Energy Regulatory Commission, adding his voice to warnings from several agencies and officials in recent weeks.

There is a lack of adequate engineering considerations for cyber security of control systems (Control Global) Good engineering principles and practices have been neglected when it comes to control system cyber security that not only affects cyber security but also safety. How can you perform a nuclear or non-nuclear (HazOp) safety analyses if you haven't adequately addressed the cyber-induced system interactions and cyber security at all Purdue Reference Model levels including Level 0,1 devices?

Opinion | There’s another huge threat from the Internet. And the public doesn’t seem to care. (Washington Post) We need to take steps to secure our electric grid, payment networks and water systems.

Norway and US Busted Hacking Russian Networks to Gain Data on Leadership (Sputnik) This is the first time Norwegian hacking efforts to obtain intelligence information on Russia have been documented. According to formerly classified documents, Norway and the US have been pooling their spying efforts since 2011.

Yes, Even Elite Hackers Make Dumb Mistakes (WIRED) No matter how much mystique a hacker persona has, the individual or group behind it inevitably makes operations security errors sometimes.

Ireland ‘extremely vulnerable’ to cyber attacks from Russia (Irish Examiner) Ireland is now “extremely vulnerable” to cyber attacks and other threats from Russia, a former senior military intelligence officer has warned.

Atlanta officials still 'working around the clock' to resolve ransomware attack (CSO Online) Feds, Microsoft and Cisco are working with Atlanta to resolve the situation, but Atlanta's mayor won't say if the city paid the $51,000 ransom demand.

Rapid 2.0 Ransomware Released, Will Not Encrypt Data on PCs with Russian Locale (BleepingComputer) Precisely two months on the day since the release of its first version, the group behind the Rapid ransomware strain has released v2.0 today.

TrickBot Gets Computer Locking Capabilities (SecurityWeek) A recently observed variant of the TrickBot banking Trojan has added a new module that can lock a victim’s computer for extortion purposes, Webroot reports.

The AVCrypt Ransomware Tries To Uninstall Your AV Software (BleepingComputer) A new ransomware named AVCrypt has been discovered that tries to uninstall existing security software before it encrypts a computer.  Furthermore, as it removes numerous services, including Windows Update, and provides no contact information, this ransomware may be a wiper.

Crooks infiltrate Google Play with malware in QR reading utilities (Naked Security) They got Google’s “Play Protect” approval for a number of apps that were fronts for a barrage of aggressive ads.

The DiskWriter or UselessDisk BootLocker May Be A Wiper (BleepingComputer) A new MBR bootlocker called DiskWriter, or UselessDisk, has been discovered that overwrites the MBR of a victim's computer and then displays a ransom screen on reboot instead of booting into Windows. This ransom note asks for $300 in bitcoins in order to gain access to Windows again.

Zenis ransomware encrypts files and deletes backups (2-spyware) The game of Zenis ransomware: encrypted files, deleted backups and Bitcoins demanded. Recently emerged Zenis ransomware is quite a unique example of crypto-malware. Researchers still

The bug that made free money (Naked Security) What would you do if you found a bug that could create money out of thin air?

Hackers Infect Linux Servers With Monero Miner via 5-Year-Old Vulnerability (BleepingComputer) A hacker group has made nearly $75,000 by installing a Monero miner on Linux servers after exploiting a five-year-old vulnerability in the Cacti "Network Weathermap" plugin.

Who and What Is Coinhive? (KrebsOnSecurity) Multiple security firms recently identified cryptocurrency mining service Coinhive as the top malicious threat to Web users, thanks to the tendency for Coinhive’s computer code to be used on hacked Web sites to steal the processing power of its visitors’ devices.

Research: Cryptocurrency exchanges have pretty weak password security (The Next Web) Researcher from password manager app Dashlane suggests that most cryptocurrency exchange desks fail to require even basic password security measures.

Cryptocurrency Hacking Raises Threats of Financial Vulnerability (Infosecurity Magazine) A dependence on cryptocurrencies increases, we will see more and more social engineering attacks used to steal digital coinage.

Beware the fake Facebook sirens that flirt you into sextortion (Naked Security) Fake hot-babe profiles are working together as “feeders,” “bait” and “hunters” in order to lure men into sex chats that lead to extortion.

Pwner of a Lonely Heart: The Sad Reality of Romance Scams (SecurityWeek) Men and women may jokingly refer to their significant other as their “partner in crime,” but when it comes to romance scams, this joke may become a sad reality.

Security Patches, Mitigations, and Software Updates

AMD announces Ryzen patch timeline as disclosure controversy rages (Naked Security) Has an unknown Israeli company called CTS Labs tried to exploit worries over microprocessor flaws for financial gain?

No Windows RDP Update? No Connection (Infosecurity Magazine) Microsoft getting tougher on clients that do not update their software

Cyber Trends

Tim Cook addresses Facebook privacy, U.S./China relations at Beijing event (TechCrunch) Apple CEO Tim Cook kicked of this year’s China Development Forum in Beijing today with an address that hit on a number of hot button topics, user privacy concerns and a looming U.S./China trade war. The executive touched on privacy regulations, in the wake of a breech of trust that found Cambridge …

The Attacker Has the Advantage in Cyberspace. Can We Fix That? (The Cipher Brief) Defenders have not gained any lasting advantage from four decades’ worth of innovation.

"A security breach could quite feasibly go unnoticed" (Insurance Business) Businesses face the risk of being breached, not knowing what hit them – or that it already did

Malware Infections Drop During Lent as People Stay Away from Technology and Adult Websites (Enigma Software Group USA LLC) Malware infections have dropped 17% in the United States since the start of the Lenten season.

Marketplace

Facebook valuation drops $75 billion in week after Cambridge Analytica scandal (MarketWatch) Facebook Inc. FB, -2.20% lost $74.66 billion in market capitalization this week, after news broke that Cambridge Analytical had acquired and improperly handled data from about 50 million members.

Regulation could protect Facebook, not punish it (TechCrunch) You know what tech startups hate? Complicated legal compliance. The problem is, Facebook isn’t a startup any more, but its competitors are. There have been plenty of calls from congress and critics to regulate Facebook following the election interference scandal and now the Cambridge Analytica deba…

Towards a world without Facebook (TechCrunch) Dear blockchain people: this is your hour. Abandon your transparently greedy get-rich-quick schemes, turn away from your casinos of de-facto modern-day penny stocks, and focus your decentralized attention on what the world needs. Save us, O blockchainers, from the scourge that is Facebook! Decentra…

Huawei shrugs off spying allegations to target Apple and Samsung customers in phone wars (Financial Review) As Trump-era protectionism and fresh spying controversy mires its efforts, Huawei hasn't given up hope of toppling Apple and Samsung in the phone wars.

General Dynamics continues fight for $876M Army DCGS-A contract (Washington Technology) Another legal fight looms for the Distributed Common Group System as General Dynamics protests the $876 million award to Raytheon and Palantir.

Professor Tom Leighton wins 2018 Marconi Prize (MIT News) Akamai co-founder honored for pioneering content delivery network services industry.

Retail ISAC hires new director, other security officials (Inside Cybersecurity) The Retail Cyber Intelligence Sharing Center, which houses the Retail Information Sharing and Analysis Center, has hired four new security professionals to bolster the Retail ISAC team, the R-CISC announced Wednesday.

Deloitte Taps Europol's Wainwright to Help Run Cyber-Security Practice (Insurance Journal) Europol Executive Director Rob Wainwright is leaving the EU intelligence agency he's led for almost a decade to help run Deloitte LLP's cyber-security practice, as companies wake up to the growing "systemic" threat of cyber crime. The 50-year-old MI5 veteran will join the Amsterdam-based unit in June, according to

Products, Services, and Solutions

Facebook is now prioritizing local news globally (TechCrunch) As Facebook continues to face fierce media scrutiny over how it handles user data, the company may well be wishing for some gentler headlines. So it’s perhaps no accident it’s chosen today to announce the international rollout of a News Feed tweak it made in the US, back in January, tha…

Orange Cyberdefense Launches New Mobile Decontamination Terminal For USB Flash Drives (BusinessWire) Available until now as a 70kg fixed booth or as software installed on computers, Malware Cleaner is now available in a “mini-terminal” version.

InvizBox introduces its portable VPN router, InvizBox Go, for secure internet anywhere (EnosTech.com) Irish cyber security company, InvizBox, is today pleased to announce the global availability of InvizBox Go – a portable VPN router with built in power bank, Wi-Fi extension and ad blocker to secure internet traffic and access blocked content globally.

Technologies, Techniques, and Standards

How Facebook's data issue is a lesson for everyone (Help Net Security) The ongoing discussions around Facebook’s use of customer data are a clear reminder that businesses still face a number of challenges when it comes to protecting customers’ data.

E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness (DataSmart Consulting LLC) Do you have cookies on your website? Of course, you do! [In fact, almost every website in existence utilizes cookies now] With GDPR on the way, the time to come into compliance is now, and the Ward brothers are interviewing a great SaaS solution Founder and CEO, Daniel Johannsen. Mr. Johannsen explains how Cookiebot can analyze any site and identify the necessary changes to be compliant while ensuring a great user experience.

NIST Unveils Draft Guide on ‘Cyber Resilient’ Systems Development (Executive Gov) The National Institute of Standards and Technology has published a draft guide on how to achieve cyb

UIDAI CEO Ajay Bhushan Pandey says Aadhaar security can’t be breached (Deccan Chronicle) UIDAI tells top court that Aadhaar is robust, nationally online verifiable ID.

Cluster of Coins: How Machine Learning Detects Cryptocurrency-mining Malware (TrendLabs Security Intelligence Blog) As new trends and developments in the malicious mining of cryptocurrency emerge, a smart and sustainable way of detecting these types of threats is swiftly becoming a cybersecurity necessity. By using Trend Micro Locality Sensitive Hashing (TLSH), a machine learning hash that is capable of identifying similar files, we were able to group together similar cryptocurrency-mining samples gathered from the wild. By grouping together samples based on their behavior and file types, detection of similar or modified malware becomes possible.

Security Practitioners: 10 Signs You Need to be More Direct (SecurityWeek) How security practitioners can identify areas in which directness can help improve

To Illustrate the Dangers of Cyberwarfare, the Army Is Turning to Sci-fi (IEEE Spectrum: Technology, Engineering, and Science News) Graphic novelettes issued by the U.S. Army Cyber Institute aim to educate soldiers about digital threats

Design and Innovation

IBM adds crypto-anchors to blockchain to fight fraud (Computing) A crypto-anchor ties a physical product to the blockchain

Firefox Working on Protection Against In-Browser Cryptojacking Scripts (BleepingComputer) Firefox engineers are working on a method to address the recent rise in usage of in-browser miners (cryptojacking scripts) that are, in most cases, ruining the web surfing experience of most users.

Research and Development

Protecting weapons systems against cyber attack: It’s all about resilience (FederalNewsRadio.com) The Air Force’s Cyber Resiliency Office for Weapons Systems (CROWS) is assessing how the Air Force fields and sustains its weapons systems.

Academia

U.S. Discovery of Iranian Cyber Attack Doesn't Seem to Alarm Universities (The Chronicle of Higher Education) Foreign-policy experts suggest a computer-hacking indictment has more to do with international politics than a dire threat to American research institutions.

UVA Knocks Off Defending Champ UMBC to Reach National Cybersecurity Competition (UVA Today) The team of computer science students will head to a national cybersecurity competition in April after successfully fending off a two-day onslaught of mock cyberattacks to qualify.

Legislation, Policy, and Regulation

US and EU expel scores of Russian diplomats over Skripal attack (the Guardian) US orders expulsion of 60 officials as 14 EU member states plus Ukraine announce coordinated response to nerve agent poisoning

Russia Hacked U.S. Power Grid — So What Will The Trump Administration Do About It? (NPR.org) The Trump administration says Russia penetrated at least one power plant's control software. And yet, President Trump has passed up opportunities to call out Russia's actions.

US trade report lays bare Chinese government cyber-espionage (Asia Times) Report charges Chinese attacks service strategic objectives that are aligned with national industrial policies. Plausible deniability is maintained

US cyber-sanctions 'gimmick' riles Iran (BBC News) The US had taken action against 10 Iranians and a tech firm for alleged worldwide hack attacks.

The Big Message in the Iranian Cyber Indictments: Deterrence (Nextgov.com) The Justice Department wants to send a message to Congress and the public: We’re deterring cyberattacks.

Facebook’s data scandal highlights risks of Canada’s weak internet sovereignty (The Globe and Mail) Even long overdue strengthening of domestic privacy protections will be partial at best, however, considering the massive amount of Canadian internet communications routed through the United States

UK and US issue joint statement on cyber collaboration (The Argus) Military and intelligence chiefs issued an unprecedented joint statement following discussions on how to respond to ‘malign activity’.

Wyden bill aims to boost intelligence spending transparency (KTVZ) Sens. Ron Wyden, D-Ore., and Rand Paul, R-Ky., and Reps. Peter Welch, D-Vt., and Jim Sensenbrenner, R-Wis., rolled out legislation Friday that would require the president to disclose the topline annual budget request to Congress from each of the 16 federal agencies conducting intelligence activities.

Stefanik wants creation of A.I. review commission (Watertown Daily Times) U.S. Rep. Elise M. Stefanik, R-Willsboro, has introduced a bill to designate a special commission to review artificial-intelligence development in the United States.

Senate Gives Nod To Controversial Cross-Border Data Access Bill (Threatpost) The senate on Thursday gave the thumbs up to a bill that is the subject of both support by tech companies and critique by privacy groups.

Congress Enacts Garbage Surveillance Legislation By Attaching it to Must-Pass Budget Bill (Motherboard) The CLOUD Act is highly unpopular, but it passed, because Congress is dysfunctional.

Justice Dept. Revives Push to Mandate a Way to Unlock Phones (New York Times) F.B.I. and Justice Department officials have been quietly meeting with security researchers who have been working on approaches to provide such access to encrypted devices.

Feds pushing new plan for encrypted mobile device unlocks via court order (Ars Technica) "Weakening security makes no sense," top Apple VP tells Ars.

Crypto War III: Assurance (CircleID) For decades, academics and technologists have sparred with the government over access to crypographic technology. In the 1970s, when crypto started to become an academic discipline, the NSA was worried, fearing that they'd lose the ability to read other countries' traffic. And they acted. For example, they exerted pressure to weaken DES... The Second Crypto War, in the 1990s, is better known today, with the battles over the Clipper Chip, export rules, etc.

State Department Seemingly Buys $15,000 iPhone Cracking Tech GrayKey (Motherboard) As the FBI pushes once again for backdoors in consumer encryption products, the State Department is apparently taking advantage of a $50 per iPhone unlocking product from Grayshift, a company with an ex-Apple engineer on its staff.

iPhone unlockers set a dangerous precedent for abuse, says security expert (Security Brief) “It’s highly likely that these devices will ultimately end up in the hands of agents of an oppressive regime," warns a Malwarebytes researcher.

FCC May Punish US Carriers That Make Deals With China’s Huge Huawei, Says Report (The Daily Caller) The Federal Communications Commission is reportedly mulling over a new rule that would attempt to limit the amount of technology in the U.S. coming from a powerful Chinese corporation. The U.S. govern

Why America Is So Scared of China’s Biggest Tech Company (Bloomberg.com) U.S. politicians are convinced the company is a threat to national security.

What Trump's Choice of Bolton Reveals (The Atlantic) The president is surrounding himself with familiar faces from his favorite cable-news network—but may not find in them what he seeks.

Are Kansas and Missouri making sure this year’s elections are secure from meddling? (Kansas City Star) Missouri Secretary of State Jay Ashcroft said his office “takes cyber-security very seriously,” and is working with the Department of Homeland Security. Unlike Kansas, Missouri does require machines that leave a paper trail.

Government launches new cyber security export strategy (Computing) Plan intended to help British IT security firms to unlock new contracts

Litigation, Investigation, and Law Enforcement

Cambridge Analytica raided by UK data watchdog (TechCrunch) The UK’s data watchdog, the ICO, finally obtained a warrant to enter and search the offices of Cambridge Analytica late Friday — carrying out an evidence gathering sweep of the company into the small hours of Saturday morning. Cambridge Analytica is at the centre of a data misuse storm …

Facebook accused of massive fraud in new lawsuit filed by Cook County (Ars Technica) Lawyer: “Facebook… is the largest data mining operation in existence.”

EU antitrust authorities threaten to break up Google (Computing) EU threat to break-up Google over fears about its dominance and claims of anti-competitive practices

Gang leader behind malware attacks targeting 100 financial institutions arrested in Spain (Help Net Security) The leader of the crime gang behind the Carbanak and Cobalt malware attacks targeting over a 100 financial institutions worldwide has been arrested in Alicante, Spain, after a complex investigation.

EQUITY ALERT: Rosen Law Firm Files Securities Class Action Lawsuit Against A10 Networks, Inc. – ATEN (BusinessWire) Rosen Law Firm, a global investor rights law firm, announces it has filed a class action lawsuit on behalf of purchasers of the securities of A10 Netw

Netflix, Dropbox promise not to sue security researchers, with caveats (Help Net Security) Netflix and Dropbox have both noted recently that they won't sue security researchers who find and disclose vulnerabilities in their products. The only caveat is: the researchers must conduct the research in line with their vulnerability disclosure policy and bug bounty program guidelines.

Handling Breaches at the Bureau: In Conversation with Supervisory Special Agent Elvis Chan (BlueCat) We had the privilege of sitting down with FBI Supervisory Special Agent Elvis Chan who manages a squad responsible for investigating national cybersecurity incidents. He discusses the importance of having the right kind of data, advantages of the cloud, and why you need an incident response plan.

US Police Unlock iPhones with Fingerprints of Deceased (Infosecurity Magazine) US police now use fingerprints of deceased criminals to unlock their iPhone devices

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

KNOW Identity Conference 2018 (Washington, DC, USA, March 26 - 28, 2018) The premier global event for the identity industry, the KNOW Identity Conference is the nexus for identity innovation, offering a uniquely differentiated, powerful, and immersive event that convenes the...

SecureWorld Philadelphia (Philadelphia, Pennsylvania, USA, March 28 - 29, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

National Cyber League Spring Season (Chevy Chase, Maryland, USA, March 30 - May 25, 2018) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...

4th Middle East Cyber Security Summit (Riyadh, Saudi Arabia, April 4 - 5, 2018) The summit will feature state of the art presentations, hackathons and technology showcasing from regional and international experts and leading technology providers. One of the focus areas of the summit...

Cybersecurity: A Shared Responsibility (Auburn, Alabama, USA, April 8 - 10, 2018) During the 2018 SEC Academic Conference, we will explore three themes within cyber security: the underlying computer and communication technology; the economic and physical systems that are controlled...

Sea-Air-Space: The Navy League’s Global Maritime Exposition (National Harbor, Maryland, USA, April 9 - 11, 2018) Join us this April for Sea-Air-Space, the largest maritime exposition in the U.S., with 275+ exhibitors displaying the latest in maritime, defense and energy technology. This year’s theme, “Learn. Compete.

2018 Mississippi College Cybersecurity Summit (Clinton, Mississippi, USA, April 10 - 11, 2018) The 2018 Mississippi College Cybersecurity Summit is a conference designed to engage, educate, and raise awareness about cybersecurity across the nation. The 2018 Cybersecurity Summit will provide valuable...

ISC West 2018 (Las Vegas, Nevada, USA, April 11 - 13, 2018) ISC West is THE largest security industry trade show in the U.S. At ISC West, you will have the chance to network with over 30,000 security professionals through New Products & Technologies encompassing...

CYBERTACOS San Francisco (San Francisco, California, USA, April 16, 2018) CYBERTACOS is back and becoming one of the biggest cybersecurity networking events! Register today and join us for networking, food and drinks. This event includes a 45-minute meet the press panel made...

RSA Conference 2018 (San Francisco, California, USA, April 16 - 20, 2018) Take this opportunity to learn about new approaches to info security, discover the latest technology and interact with top security leaders and pioneers. Hands-on sessions, keynotes and informal gatherings...

Our Security Advocates (San Francisco, California, USA, April 17, 2018) OUR Security Advocates highlights a diverse set of experts from across information security, safety, trust, and other related fields. OURSA is a single-track, one-day conference with four topic sessions.

5th Annual Cybersecurity Summit (McLean, Virginia, USA, April 24, 2018) Join the Potomac Officers Club for the Fifth Annual Cybersecurity Summit to hear from public and private sector leaders on how federal agencies can improve their respective data security measures.

Secutech (Taipei, Taiwan, April 25 - 27, 2018) To meet the rising demand for intelligent and customised solutions, Secutech converges security and safety, ICT, IoT, artificial intelligence, big data, edge computing, intelligent video analytics and...

Industrial Control Systems (ICS) Cyber Security Conference Asia (Singapore, April 25 - 27, 2018) The Central ICS/SCADA Cyber Security Event of the Year for the APAC Region. Three days of multi-track training & workshops for days for operations, control systems and IT security professionals to connect...

INFILTRATE (Miami Beach, Florida, USA, April 26 - 27, 2018) INFILTRATE is a "pure offense" security conference aimed at the experienced to advanced practitioner. With the late-90s hacker con as its inspiration, the event has limited attendance in order to foster...

Automotive Cybersecurity Summit 2018 (Chicago, Illinois, USA, May 1 - 8, 2018) Smart Vehicles. Smart Infrastructures. The 2nd annual Automotive Cybersecurity Summit brings together public and private-sector manufacturers, suppliers, assemblers, technology providers and V2X partners...

Global Cyber Security in Healthcare & Pharma Summit (London, England, UK, May 3 - 4, 2018) The number of cyber-attacks in healthcare is on the rise, and the industry must do more to prevent and respond to these incidents. The Global Cyber Security in Healthcare & Pharma Summit 2018 will bring...

Secure Summit DC (Washington, DC, USA, May 7 - 8, 2018) (ISC)² Secure Summit DC will assemble the best minds in cybersecurity for two days of insightful discussions, workshops and best-practices sharing. The goal of the event is to equip security leaders to...

HACKNYC (New York, New York, USA, May 8 - 10, 2018) The recent flood of data breach news may numb us to the threat of attacks with kinetic effects--direct or indirect physical damage, injury, or death. Hack NYC focus’ on our preparation for, and resilience...

Insider Threat Program Management With Legal Guidance Training Course (Herndon, Virginia, USA, May 8 - 9, 2018) This training will provide the ITP Manager, Facility Security Officer, and others (CIO, CISO, Human Resources, IT, Etc.) supporting an ITP, with the knowledge and resources to develop, manage, or enhance...

SecureWorld Kansas CIty (Kansas City, Missouri, USA, May 9, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.