skip navigation

More signal. Less noise.

Are you investing wisely in threat intelligence?

Download this free guide from Recorded Future to learn the 11 questions you must answer before buying threat intelligence.

Daily briefing.

Researchers at ProtectWise think they discern a shift in Chinese cyber espionage. More spearphishing, a focus on IT staff in targeted enterprises, and collection of code-signing certificates: these are taken as signs of preparation for supply chain attacks.

Intel has confirmed that "Spectre-like" chip vulnerabilities reported by C'T are real. There are eight of them, and Intel is working on fixes.

Australia's Commonwealth Bank gets a black eye from its loss of about 20 million customers' records.

Incapsula and others warn of "Kitty," a cryptominer that specializes in Monero.

Amazon and Google have, as expected, put an end to domain fronting, a feature widely used by services like Open Whisper's Signal to evade Internet censorship. Google began the process some weeks ago (pointing out that domain fronting had been an accidental and not a supported feature of their content-delivery system). Amazon shut the option down this week, telling Open Whisper that their use of Amazon's CloudFront would be suspended immediately if Open Whisper's Signal continued to use third-party domains without their permission.

US Cyber Command today was officially elevated to Combatant Command Status, putting it on a par with major military organizations like US Strategic Command. General Paul Nakasone got his fourth star as he assumed command of Cyber Command and duties as Director, National Security Agency. Nakasone replaced Admiral Michael Rogers, who now enters retirement.

Hackers who don't like the US state of Georgia's proposed anti-hacking law have protested by (wait for it) hacking sites in the Peach State.

Notes.

Today's issue includes events affecting Australia, China, Egypt, Germany, Iran, Oman, Russia, Saudi Arabia, United Arab Emirates, United Kingdom, United States.

There's a better way to stop data loss. Learn more!

Data loss is a big problem. Every organization that deals with electronic data needs to have a data loss prevention strategy in place. ObserveIT’s white paper, Building a Strategy for the Post-DLP World, explores how organizations have been dealing with data loss to date, why these strategies are failing, and what a better path forward looks like. Get information you need to build a data loss prevention strategy that works for the modern organization. Download your free copy.

In today's podcast we talk with Johannes Ullrich from our partners at the SANS Institute and the Internet Stormcast podcast, reviewing the history of hardware flaws. Our guest, Philip Tully from ZeroFox, expands on the remarks about artificial intelligence he delivered at RSA.

HackNYC2018 (New York, New York, United States, May 8 - 10, 2018) Cyber attacks are often called non-violent or non-kinetic attacks, but the simple truth is that there is a credible capability to use cyber attacks to achieve kinetic effects. Kinetic Cyber refers to a class of cyber attacks that can cause direct or indirect physical damage, injury or death solely through the exploitation of vulnerable information systems and processes. Use code CWIRE20 for 20% off the $50.00 individual ticket price.

Cyber Security Summits: May 15 in Dallas & Boston on June 5 (Dallas, Texas, United States, May 15, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, CenturyLink, IBM Security and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com

Third Annual Cyber Investing Summit 5/15/18 (Dallas, Texas, United States, May 15, 2018) Renowned cyber security executive David DeWalt will deliver the keynote address at the Third Annual Cyber Investing Summit. The Cyber Investing Summit is a unique all-day conference focused on the financial opportunities available in the rapidly growing cyber security industry. Panels will explore sector investment strategies, market growth forecasts, equity valuations, merger and acquisition activity, cryptocurrency protection, funding for startups, and more. Speakers include leading Chief Information Security Officers, VC founders, financial analysts, cyber security innovators from publicly traded and privately held companies, and government experts.

Cyber Attacks, Threats, and Vulnerabilities

Chinese Cyberspies Appear to be Preparing Supply-Chain Attacks (BleepingComputer) Chinese cyberspies are evolving their tactics, focusing on IT staffers, relying more and more on spear-phishing instead of malware, and gathering code signing certificates from hacked software companies in the preparation of future supply-chain attacks.

Eight more Spectre-style flaws found in Intel processors (ITNews) Four rated as high severity.

Meltdown Patch in Windows 10 Can Be Bypassed (SecurityWeek) Meltdown mitigation implemented in Windows 10 can be bypassed, researcher finds. Microsoft working on an update

Hurry up patching those Oracle bugs: Attackers aren't waiting (Register) Honeypots swarmed on within three hours of patch release

Commonwealth Bank lost 20m customers' records (The Straits Times) Australia's troubled Commonwealth Bank admitted yesterday it has lost financial records for almost 20 million customers in a major security blunder, but insisted there was no need to worry.

Commonwealth Bank under fire again for data breach of 19m accounts (Financial Review) The Commonwealth Bank is reportedly facing renewed investigations after admitting it lost backup data on tape for more than 15 years of customer statements in 2016, affecting almost 20 million accounts.

Somebody Tried to Hide a Backdoor in a Popular JavaScript npm Package (BleepingComputer) The Node Package Manager (npm) team avoided a disaster today when it discovered and blocked the distribution of a cleverly hidden backdoor mechanism inside a popular —albeit deprecated— JavaScript package.

Zoopark: New Android-Based Malware Campaign Spreading Through Compromised Legitimate Websites (Al Bawaba) Zoopark: New Android-Based Malware Campaign Spreading Through Compromised Legitimate Websites

Cat burglar: Kitty cryptominer targets web application servers, then spreads to app users (SC Media US) distributing the mining effort beyond the targeted web application servers and internal network and reaching future visitors of the attacked web applicatio

Crypto Me0wing Attacks: Kitty Cashes in on Monero (Incapsula) It’s been a month since the first Drupalgeddon 2.0 RCE (SA-CORE-2018-002/CVE-2018-7600) exploit was first published, unleashing its destruction into the wild…and through our cloud monitoring systems.

Hello Kitty Malware cryptojacking Drupal websites (AMBCrypto) According to sources, Hello Kitty malware is targeting websites based on Drupal network in order to mine cryptocurrency. The servers under control of the updated kitty malware are been attacking and creating back-ends to infect other servers. According to a recent research by Imperva Incapsula, an online security company, Kitty malware is attacking Drupal’s Content […]

The endpoint attack chain… simplified (Sophos News) Understanding the different steps attackers take is crucial to guarding against attacks.

MassMiner Takes a Kitchen-Sink Approach to Cryptomining (Threatpost) The malware targets Windows servers with a cornucopia of well-known exploits, all within a single executable -- including the EternalBlue NSA hacking tool.

No Computing Device Too Small For Cryptojacking (Dark Reading) Research by Trend Micro shows IoT and almost all connected devices are targets for illegal cryptocurrency mining.

4chan hackers tried changing voting results of NASA student challenge (HackRead) Apparently, 4chan hackers conducted the cyber attack to stop a group of three African American school girls from winning the NASA's competition.

Scammers bought Twitter ads to run verified badge phishing scam (HackRead) Would you believe that the verification program approved by Twitter to verify users has now become part of a phishing scam?

Threat Spotlight: Cybercriminals Working Hard to Take Over Email Accounts (Barracuda) The chances are, you’d be more inclined to open and act on an email from a colleague, friend or someone you know as opposed to someone you don’t.

South West Chamber changes website after cybersquatter demands ransom (TribLIVE.com) An unidentified cybersquatter hijacked the Collier-based South West Communities Chamber of Commerce website domain name recently, replacing its contents with pornography. The chamber's website is ...

Hackers protest Georgia’s anti-hacking bill by hacking Georgia sites (CSO Online) Hackers claim to have credentials from the City of Augusta and Georgia Southern University and to have defaced the Georgia websites in retaliation for the anti-hacking bill.

Evasive Malware Now a Commodity (SecurityWeek) A study found that over 98 percent of malware making it to the sandbox array uses at least one evasive tactic, and 32 percent of malware samples making it to this stage could be classified as “hyper-evasive".

Industrial Companies: Attack Vectors (Positive Technologies) Industrial control systems are critical to operations at industrial facilities, but poorly protected in terms of information security. Successful attacks against ICS components can cause more than just financial losses. Unauthorized modification or disruption may lead to blackouts, transportation failures, or even major disasters with loss of life.

AT&T explains why it blocked Cloudflare DNS: It was just an accident (Ars Technica) AT&T blames "unintentional IP address conflict," promises to fix it.

Security Patches, Mitigations, and Software Updates

Intel Working on Patches for 8 New Spectre-Like Flaws: Report (SecurityWeek) Researchers reportedly informed Intel of 8 new Spectre-like vulnerabilities, including ones that may be more serious and easier to exploit

Twitter says all 336 million users should change their passwords (CNNMoney) Twitter says account passwords were not hacked but users should still change them to be safe.

Keeping your account secure (Twitter) An update on your account security.

Google and Amazon put an end to censorship-dodging domain fronting (Naked Security) Privacy services relying on the unsupported feature have been left high and dry

Google and Amazon's move to block domain fronting will hurt activists under repressive regimes (Quartz) The technique was used as a censorship circumvention tool in repressive regimes.

Free Speech Advocates Blast Amazon Over Threats Against Signal (Threatpost) Secure-messaging firm Signal was told by Amazon not to use its AWS servers for domain-fronting, a technique used to enable communications in countries such as Egypt, Oman, Qatar and UAE where the service is banned.

Facebook's Phishing Detection Tool Now Recognizes Homograph Attacks (BleepingComputer) Facebook has updated a phishing detection toolkit it developed two years ago. The update now allows webmasters who sign up for the tool to detect homograph (Unicode-based lookalike) domains created for their websites.

Facebook’s getting a clear history button (Naked Security) “This is an example of the kind of control we think you should have.”

Google rolls out new policies for U.S. election ads (TechCrunch) Google announced on Friday a new set of policies around how it will verify election advertisers in the U.S. Specifically, any advertiser who want to buy an election ad on Google in the U.S. will now have to go through additional verification to prove they are a citizen or lawful permanent resident,…

Cyber Trends

Cyber Warfare: The Threat From Nation States (Forbes) The nature of warfare has shifted from physical to online, seeing a deluge of state-sponsored cyber assaults on the West. The issue was put under the global spotlight last month (April), when the UK and US made an unprecedented joint statement blaming Russia for cyber-attacks on businesses and consumers.

Robert Hannigan: “The data economy is jeopardised by tech firms acting stupidly” (New Statesman) The former GCHQ director explains why cyber security could be a tool for diplomacy.

Palo Alto Networks CEO Mark McLaughlin: Security “is a software fight” (The Mercury News) For Palo Alto Networks Chief Executive Mark McLaughlin, making security easier for companies to implement and use has led to big sales for the Santa Clara-based software and platform leader.

Cybersecurity Resilience Survey (RedSeal) CyberScoop and FedScoop present a new survey of federal civilian, defense and intelligence agency IT decision makers

New Survey on Biometric Technology Shows Consumers Are OK With Some Forms and Wary of Others (UT News | The University of Texas at Austin) Consumers feel more comfortable with fingerprint scanning than with other types of biometric technology, including face, eye, voice and other biometric measurements, according to a survey from the Center for Identity at UT Austin.

Americans Skeptical Financial Services Can Protect their Data (InsuranceNewsNet) New evidence shows data thieves are increasingly targeting the financial services industry. Surveys show Americans have little trust in the safety of their personal data, something experts say financial services should be proactive to correct.

South America Emerges as the New Hotbed of Identity Fraud, as ThreatMetrix Report Reveals Morphing Nature of Global Cybercrime (BusinessWire) ThreatMetrix®, A LexisNexis® Risk Solutions Company, today announced new data revealing the morphing nature of global cybercrime.

RSA CTO: 'Modernization Can Breed Malice' (Dark Reading) Zulfikar Ramzan predicted the future of cybersecurity, drivers shaping it, and how enterprise IT should react in his InteropITX 2018 keynote.

Marketplace

Equifax Directors Win Re-Election, Despite Concerns About Breach (Wall Street Journal) Equifax shareholders voted to re-elect all of the company’s board members who were on the ballot, though several directors including the board’s chairman received a significant number of votes against their re-election.

Driving Microsoft’s Unexpected Windows Boost: Fear (Wall Street Journal) A sharp increase in cyberattacks gave Microsoft’s Windows operating system the kind of lift it hasn’t seen in years, as fears of getting hacked prompted companies to upgrade their computers.

Waltham cyber firm Carbon Black completes IPO (BostonGlobe.com) The cybersecurity company monitors its clients’ computers and other devices for threats.

Ex-NSA chief's startup raises $78 million, helps defend U.S. power grid (Business Insider) IronNet Cybersecurity Inc, a startup led by former U.S. National Security Agency chief Keith Alexander, has raised $78 million in additional funding, the company told Reuters on Wednesday, a day ahead of a planned announcement.

Cyber security firm raises £3 million to fuel growth (Growth Business) Corero raises new funds following contract wins with cloud based service firm.

Cloud security company Zscaler plummets after COO announces surprise resignation (CNBC) Zscaler, which held its stock market debut in March, plunged 10 percent after announcing the departure of its COO.

FireEye Falls Despite a Great Quarter, Raised Guidance (The Motley Fool) The cybersecurity leader started 2018 on a strong note, raising its guidance in the process. But it seems the market wanted more.

Huawei, ZTE customers in the US contemplate life without them (South China Morning Post) Small network operators in the United States are bracing themselves for bad news, as the White House considers restricting the ability of the two Chinese firms to sell products in the US because of national security concerns

Navy secretary, other US officials increasingly sounding alarm over Chinese smartphone maker Huawei (Military Times) The Navy's top civilian recently warned that the service needs to keep the telecom behemoth out of U.S. military projects due to fears the company could allow Beijing to steal U.S. national security secrets.

Akamai CEO says company will hire 'several hundred' this year (Boston Business Journal) Akamai Technologies Inc. CEO Tom Leighton said Thursday during an interview on Bloomberg TV that his company would probably hire "several hundred more" employees this year, sounding a positive note after a tumultuous six months for the Cambridge-based tech giant.

South Florida Technology Company ERP Maestro Expands C-Suite (PR Newswire) ERP Maestro, industry leader and provider of the first-to-market...

Products, Services, and Solutions

Webroot Bolsters DNS Protection, Competes with Cisco Umbrella for MSPs (ChannelE2E) Competition intensifies in the DNS protection market, where MSP-friendly security companies like Webroot and Cisco Systems continue to bolster their respective offerings.

BioCatch forms partnership to bring behavioral biometrics to ForgeRock platform (BiometricUpdate) BioCatch has announced it will offer its behavioral biometrics capabilities as an integrated module on the ForgeRock platform to protect against new account fraud and account takeover attacks as a …

CloudPassage Debuts Project Cielo (Security Boulevard) CloudPassage debuts Project Cielo Automated cloud security provider announces beta release of security and compliance intelligence product for public infrastrastructure services designed for the Halo Platform

AI and cybercrime: Is your fish tank and smart TV really secure? (TechHQ) Dave Palmer, Director of Technology, at UK-based Darktrace told the audience at CODEX’s Tech Insights Event in London last week that AI will absolutely be used by criminals, not because it’s cool and entertaining but because

Technologies, Techniques, and Standards

A well-trained staff may be your best defense against IoT cyberattacks (Tech Repubic) Protecting all your IoT devices from criminals requires more than mere technology. Every employee must be security aware and trained on what do to when attacks occur.

A smooth transition to the cloud is possible with identity governance (Help Net Security) A successful migration is possible with identity governance, and the business value the cloud can bring can make pursuing the transition well worth your organization’s time and effort.

Pentesting considerations and analysis on the possibility of full pentest automation (Pentester's life) So, when we speak of automation in this scenario, it’s important to distinguish between three desirable features that ought to be guaranteed in the process: Accurately rating the findings; No…

Why securing containers and microservices is a challenge (CSO Online) Their granularity, deployment speed, and data traffic volume require new approaches to securing container environments.

Design and Innovation

The sparring partner who roughs up Marines with Snapchat (C4ISRNET) This Marine lab will identify challenges, develop warfighting concepts and design wargames and experiments. MD5 also will provide a platform upon which to accelerate these evolving concepts.

Research and Development

This Quantum Cryptography Breakthrough Uses Twin Particles of Light (Computer Business Review) The quantum cryptography breakthrough, called Twin-Field QKD, could potentially allow for ultra-secure links between cities

Academia

Pitt rolls out commission to limit risk of election hacking (The Tribune-Democrat) The University of Pittsburgh Institute for Cyber Law, Policy and Security launched a Blue Ribbon Commission on Thursday with a goal of helping to ensure the integrity of the state’s

Thales fosters innovations with Project Arduino in China's Universities (Markets Insider) As the world is increasingly fast moving, unpredictable and full of opportunities, the countries rely on innovative t...

HBCUs make Cyber Security Masters Degree's Top 50 (US Black Engineer) Norfolk State University and Hampton University are among the best of the best cybersecurity graduate programs, according to CyberSecurityMastersDegree dot org. 

Legislation, Policy, and Regulation

Popular Putin prepares for Cold War 2.0 (Asia Times) As US-led Western hostility against Moscow mounts, Vladimir Putin's new government is bound to be a war cabinet

China said to be discussing ZTE ban with U.S. officials (TechCrunch) The Chinese government is reportedly going to bat for ZTE over a seven-year ban that would have broad ranging consequences for the phone maker. According to a new report from Reuters, the subject was broached during a meeting with between senior Chinese and U.S. officials in Beijing this week. The …

Is The Dodd-Frank Of Privacy Coming? (Forbes) May is here and like Y2K before it this may be one of the more cautiously anticipated moments in business because of the oncoming wave of privacy and cybersecurity regulations that come into force in Europe.

Cyber Command Elevated To Unified Combatant Command, Army Cyber Gets New Leader (Defense Daily Network) Nine months after the president first ordered U.S. Cyber Command elevated to a unified combatant command, the move will be made official during a Friday ce

Cybercom to Elevate to Combatant Command (U.S. Department of Defense) In response to the changing face of warfare, U.S. Cyber Command will be elevated to the Defense Department's 10th combatant command during a May 4 ceremony, chief Pentagon spokesperson Dana W. White

Three decisions Cyber Command’s new leader will have to make (Fifth Domain) What issues will incoming Cyber Command commander face upon taking the job?

What Is Absent From the U.S. Cyber Command 'Vision' (Lawfare) Many issues need to be addressed as Cyber Command implements “command vision” is implemented.

Litigation, Investigation, and Law Enforcement

Facebook is still falling short on privacy, says German minister (TechCrunch) Germany’s justice minister has written to Facebook calling for the platform to implement an internal “control and sanction mechanism” to ensure third-party developers and other external providers are not able to misuse Facebook data — calling for it to both monitor third par…

Phone Maker BLU Settles with FTC Over Unauthorized User Data Extraction (Threatpost | The first stop for security news) Florida-based phone maker BLU is facing an FTC complaint over allegations it shared detailed personal user data with a third-party firm that included full text messages, call logs and contact lists.

DDoS attacks fall by 60 per cent one week after WebStresser close down (Computing) New DDoS attack services expected to quickly emerge to fill the gap

Volkswagen Ex-CEO Martin Winterkorn Indicted in Emissions Probe (WSJ) Former Volkswagen Chief Executive Martin Winterkorn has been indicted on charges of conspiracy and wire fraud for his alleged role in the emissions scandal.

Trade-Secret Case Plaintiffs May Not Count Defendants' Cost Savings as Damages (New York Law Journal) Judge Paul Feinman said that compensatory damages for plaintiffs in trade secret cases must be based on the how much the plaintiffs lose not on an infriger’s avoided development costs.

The FBI Is in Crisis. It's Worse Than You Think (Time) ‘I’ve never seen anything like this’

NY Court of Appeals Affirms Code-Stealing Conviction for Ex-Goldman Sachs Coder (New York Law Journal) Sergey Aleynikov’s loss at the Court of Appeals is the latest development in a legal odyssey that began in 2009 when the computer engineer left Goldman Sachs to work for a startup that offered to triple Aleynikov’s salary at Goldman to $1.2 million.

Facebook fires engineer accused of stalking women (Naked Security) The accused is alleged to have abused their privileged access to your data.

A Short History of Law Enforcement and Cyber Crime (Medium) The advent of cyber crime created a new challenge for police forces. We examine how they dealt with the emerging threat.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Secure Summit DC (Washington, DC, USA, May 7 - 8, 2018) (ISC)² Secure Summit DC will assemble the best minds in cybersecurity for two days of insightful discussions, workshops and best-practices sharing. The goal of the event is to equip security leaders to...

HACKNYC (New York, New York, USA, May 8 - 10, 2018) The recent flood of data breach news may numb us to the threat of attacks with kinetic effects--direct or indirect physical damage, injury, or death. Hack NYC focus’ on our preparation for, and resilience...

Insider Threat Program Management With Legal Guidance Training Course (Herndon, Virginia, USA, May 8 - 9, 2018) This training will provide the ITP Manager, Facility Security Officer, and others (CIO, CISO, Human Resources, IT, Etc.) supporting an ITP, with the knowledge and resources to develop, manage, or enhance...

SecureWorld Kansas CIty (Kansas City, Missouri, USA, May 9, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Cyber Ready 2018 Cybersecurity/Intel Conference (MacDill Air Force Base, Florida, USA, May 14, 2018) Major General Mike Ennis (USMC, ret), CIA National Clandestine Service's first Deputy Director for Community Human Intelligence (HUMINT), will deliver the keynote. The conference will also feature an all-audience...

Cyber Investing Summit (New York, New York, USA, May 15, 2018) Now in its third year, the Cyber Investing Summit is an all-day conference focusing on investing in the cyber security industry, which is predicted to exceed $1 trillion in cumulative spending on products...

Third Annual Cyber Investing Summit (New York, New York, USA, May 15, 2018) Renowned cyber security executive David DeWalt will deliver the keynote address at the Third Annual Cyber Investing Summit. The Cyber Investing Summit is a unique all-day conference focused on the financial...

The Cyber Security Summit: Dallas (Dallas, Texas, USA, May 15, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Digital Utilitites Europe (Amserdam, the Netherlands, May 16 - 17, 2018) The conference will bring together key industry stakeholders to address the current challenges of the digitisation in the utilities sector. Join us in Amsterdam to hear latest business case studies and...

SecureWorld Houston (Houston, Texas, USA, May 17, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Ignite18 (Anaheim, California, USA, May 21 - 24, 2018) Palo Alto Networks' sixth annual conference features highly technical insights based on firsthand experiences with next-generation security technologies, groundbreaking new threat research, or innovative...

AFCEA/GMU Critical Issues in C4I Symposium (Fairfax, Virginia, USA, May 22 - 23, 2018) The AFCEA/GMU Critical Issues in C4I Symposium brings academia, industry and government together annually to address important issues in technology and systems research and development. The agenda for...

3rd Annual Nuclear Industrial Control Cybersecurity and Resilience Overview (Warrington, England, UK, May 22 - 23, 2018) Now in its 3rd year, the Cyber Senate Nuclear Industrial Control Cyber Security and Resilience Conference will take place on May 22/23rd in Warrington United Kingdom. This two day executive forum will...

PCI Security Standards Council’s Asia-Pacific Community Meeting (Tokyo, Japan, May 23 - 24, 2018) Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes and industry expert speakers. The PCI Security Standards Council’s 2018...

North American Financial Information Summit (New York, New York, USA, May 23, 2018) Data is the most vital asset of any financial services firm. With volumes increasing exponentially, and the complexity and structure continuously changing, it is more vital than ever to keep on top of...

SecureWorld Atlanta (Atlanta, Georgia, USA, May 30 - 31, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

RISKSEC (New York, New York, USA, May 31, 2018) Welcome to the 2018 New York City RiskSec Conference. As SC Media approaches our 30th anniversary, we fully understand the avalanche of cybersecurity-related problems, responsibilities and aspirations...

Cyber:Secured Forum (Denver, Colorado, USA, June 4 - 6, 2018) Cyber:Secured Forum will feature in-depth content on cybersecurity trends and best practices as related to the delivery of physical security systems and other integrated systems. Content is being collaboratively...

Campaign Cyber Defense Workshop (Boston, Massachussetts, USA, June 4, 2018) The Campaign Cyber Defense Workshop brings together experts from the region’s industry, university, and government organizations to address campaign security and effective practices for maintaining campaign...

Gartner Security and Risk Management Summit 2018 (National Harbor, Maryland, USA, June 4 - 7, 2018) Prepare to meet the pace and scale of today’s digital business at Gartner Security & Risk Management Summit 2018. Transform your cybersecurity, risk management and compliance strategies and build resilience...

New York State Cybersecurity Conference (Albany, New York, USA, June 5 - 7, 2018) June 2018 marks the 21st annual New York State Cyber Security Conference and 13th Annual Symposium on Information Assurance (ASIA). Hosted by the New York State Office of Information Technology Services,...

The Cyber Security Summit: Boston (Boston, Massachusetts, USA, June 5, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

SecureWorld Chicago (Chicago, Illinois, USA, June 5, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

NSA 2018 Enterprise Discovery Conference (Ft. Meade, Maryland, USA, June 5 - 6, 2018) Hosted by the National Security Agency and the Federal Business Council (FBC). The EDC is the largest event held at NSA with over 1500 attendees from around the world. EDC provides a collaborative learning...

TU-Automotive Cybersecurity (Novi, MIchigan, USA, June 6 - 7, 2018) Co-located with the world's largest automotive technology conference & exhibition. The conference unites players from research labs, automakers, tier 1’s, security researchers, and the complete supply...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.