skip navigation

More signal. Less noise.

Do security ratings protect you from a data breach? You need LookingGlass 24x7 monitoring.

There’s a lot of talk about “continuous monitoring” in the marketplace. At LookingGlass, we are clear that it is NOT a database or look-up service. Our Third Party Risk Monitoring solution is the only managed service in the marketplace that offers 7x24x365 monitoring for real-time notifications of compromises and data breaches, all human-vetted to reduce false positives. Want to know more? Contact LookingGlass now for an exclusive offer.

Daily briefing.

ProtectWise's threat research shop, 401TRG, has identified a common actor behind a number of disparate threat groups that have been active since at least 2009, and perhaps as early as 2007. The group, "Winnti Umbrella," is, ProtectWise concludes, run by "the Chinese state intelligence apparatus." The groups that fall under the Umbrella include EAD, BARIUM, Wicked Panda, GREF, PassCV, Axiom, and Winnti. 

Security firms have tracked these groups for years; ProtectWise argues that they're a single operation. Researchers base attribution on common infrastructure, overlapping tactics, techniques, and procedures, and above all operational security lapses that reveal attackers' locations. The operation's initial targets are gaming studios and tech companies, where they seek to steal code-signing certificates. There's some collateral criminal bycatch, but the ultimate goal appears to be political intelligence.

Recorded Future's report last week that North Korean elites are changing their online behavior also notes that North Korean espionage services stage much of their cyber operations through other countries. Readily accessible gaming services, BitTorrent, and video streaming make a country attractive. So does hosting North Korean diplomatic and cultural missions.

Kaspersky warns of ZooPark (now in its fourth generation), an Android malware campaign active mostly in the Middle East and North Africa since 2015. One of its vectors is Telegram, the secure chat app.

Vulnerabilities in GPON routers, disclosed last week, are now under active exploitation by botnet herders.

ZTE appeals US sanctions to the US Commerce Department.

Russian Twitterbots tweet threats toward UK Labour leader Jeremy Corbyn's intraparty opponents.

Notes.

Today's issue includes events affecting Canada, China, Egypt, European Union, India, Indonesia, Iran, Japan, Jordan, Kenya, Democratic Peoples Republic of Korea, Republic of Korea, Lebanon, Malaysia, Isle of Man, Morocco, Mozambique, Nepal, New Zealand, Philippines, Russia, Taiwan, Thailand, United Kingdom, United States.

$8.76 Million: The Average Yearly Cost of Insider Threats. Join ObserveIT 5/15 to learn more.

Insider Threat incidents come with a hefty price tag, according to the “2018 Cost of Insider Threats: Global Organizations” report released by independent research group, The Ponemon Institute. Make sure that you understand the full context (and cost) of these threats by joining an exclusive LIVE online discussion with The Ponemon Institute founder, Larry Ponemon, on May 15th at 11:00am EDT. Claim your seat, now.

In today's podcast, we speak with our partners at Webroot, as David Dufour talks about antimalware testing procedures.

Cyber Security Summits: May 15 in Dallas & Boston on June 5 (Dallas, Texas, United States, May 15, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, CenturyLink, IBM Security and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com

Third Annual Cyber Investing Summit 5/15/18 (Dallas, Texas, United States, May 15, 2018) Renowned cyber security executive David DeWalt will deliver the keynote address at the Third Annual Cyber Investing Summit. The Cyber Investing Summit is a unique all-day conference focused on the financial opportunities available in the rapidly growing cyber security industry. Panels will explore sector investment strategies, market growth forecasts, equity valuations, merger and acquisition activity, cryptocurrency protection, funding for startups, and more. Speakers include leading Chief Information Security Officers, VC founders, financial analysts, cyber security innovators from publicly traded and privately held companies, and government experts.

8th Annual (ISC)2 Security Congress (New Orleans, Louisiana, United States, October 8 - 10, 2018) The (ISC)2 Security Congress brings together the sharpest minds in cyber and information security for over 100 educational sessions covering 17 tracks. Join us to learn from the experts, share best practices, and make invaluable connections. Your all-access conference pass includes educational sessions, workshops, keynotes, networking events, career coaching, expo hall and pre-conference training. Save your seat at congress.isc2.org.

Cyber Attacks, Threats, and Vulnerabilities

Report: Chinese government is behind a decade of hacks on software companies (Ars Technica) Though sloppy at times, Winnti Umbrella remain advanced and extremely prolific.

Report: China's Intelligence Apparatus Linked to Previously Unconnected Threat Groups (Dark Reading) Multiple groups operating under the China state-sponsored Winnti umbrella have been targeting organizations in the US, Japan, and elsewhere, says ProtectWise.

Burning Umbrella: An Intelligence Report on the Winnti Umbrella and Associated State-Sponsored Attackers (ProtectWise 401TRG) We assess with high confidence that the Winnti umbrella is associated with the Chinese state...

North Korea's threat actors operating from other countries (Security Brief) North Korea conducts malicious cyber operations from countries including India, Malaysia, New Zealand, Nepal, Kenya, Mozambique, Indonesia, and China.

Fourth-generation Android espionage campaign targets Middle East (ZDNet) Smartphone snoopers install malware which can provide attackers with information on almost every activity performed on the device.

ZooPark malware targets Android users though Telegram, watering holes (Cyberscoop) A newly uncovered cyber-espionage campaign targets Android users in the Middle East and North Africa through the chat app Telegram and compromised websites, according to a report published Thursday by Kaspersky Lab.

Serious Security: The GLitch “row hammering” attack (Naked Security) How the graphics chip in your mobile phone could allow crooks to deliver malware via your browser – no app download required.

Former CIA director says Russians spread misinformation on Jade Helm military exercise (Stars and Stripes) Former CIA director Michael Hayden said the misinformation campaign around Jade Helm exposed that Americans could be turned against one another because of cultural divides.

MassMiner cryptocurrency worm targets unpatched enterprise servers (2Spyware) MassMiner CPU miner exploits multiple vulnerabilities to hijack web servers. MassMiner - a cryptocurrency mining malware which is exploiting EternalBl

Vulnerabilities Affecting Over One Million Dasan GPON Routers Are Now Under Attack (BleepingComputer) Two vulnerabilities affecting over one million routers, and disclosed earlier this week, are now under attack by botnet herders, who are trying to gather the vulnerable devices under their control.

Adding Persistence Via Scheduled Tasks (SANS Internet Storm Center) Once a computer has been infected by a malware, one of the next steps to perform is to keep persistence. Usually, endpoints (workstations) are primary infection vectors due to the use made of it by people: they browse the Internet, they read emails, they open files.

Pr0nbot is Back - and Evading Twitter Censors (Threatpost) A rapidly swelling botnet of Twitter accounts advertising “adult dating”-themed scam websites has at least 80,000 nodes to date.

Akamai's Patrick Sullivan on the rise in automated bots (Cyberscoop) Patrick Sullivan, Akamai's global director of security strategy, on the rise in automated bots and how they are impacting enterprise security.

Town of Wasaga Beach hit by cyber attack (Barrie) The Town of Wasaga Beach has confirmed it is dealing with a cyber attack.

Off-the-shelf hacking kits let amateurs target schools (Times) “Amateur” hackers using ready-made tools bought or rented on the dark web are driving a huge rise in attacks on schools, family-run businesses and other smaller enterprises, an analysis has shown.

Bitcoin's 'been a problem for us,' says CEO of top cybersecurity firm FireEye (CNBC) Jim Cramer hears from Kevin Mandia, the CEO of FireEye, about the risks that cryptocurrencies pose to cybersecurity.

Security Patches, Mitigations, and Software Updates

May 2018 Patch Tuesday forecast: Where are the flowers? (Help Net Security) The wintry weather doesn’t want to give up its hold on us here in the US. The extended cold has kept the spring flowers from blooming, dragging out the winter blues. It doesn’t look any better in the IT world this month either. A new zero-day attack and Microsoft re-enabling the last of the three Meltdown and Spectre

Chrome Users Reporting Freezes & Timeouts After Windows 10 April Update (BleepingComputer) Windows 10 users who have installed the April 2018 Update (build 1803) are reporting freezes or connection problems when using Chrome or Chromium based applications. When these freezes occur, it turns the screen black and Windows becomes completely unresponsive until the user reboots the computer or restarts their graphic driver.

Gmail's 'Self Destruct' Feature Will Probably Be Used to Illegally Destroy Government Records (Motherboard) Activists have asked Google to disable the feature on government accounts.

Cyber Trends

Online attack forms are changing (Slovak Spectator) At the beginning of 2017, the number of recorded and blocked crypto-mining and crypto-jacking attacks equalled hundreds of attempts per day, but today there are thousands.

'Gen V' attacks: The next cybersecurity problem? (TechTarget) During a recent online presentation, Check Point Software Technologies founder and CEO Gil Shwed explained why Gen V attacks are an emerging cybersecurity problem.

Healthcare sector suffered more than half of all cyber-attacks in 2017 (SC Media UK) In the past couple of years, while we have seen a rise in businesses adopting new cyber-security policies, such measures haven't curbed rising cyber-crime.

Warren Buffett: 'Cyber is uncharted territory and it’s going to get worse, not better' (Yahoo) Warren Buffett warns that there's a 2% chance of a $400 billion cyber-based disaster happening each year.

Charlie Munger compares cryptocurrencies to “turds” and “dementia” (Quartz) Warren Buffett hates crypto. Charlie Munger likes it less.

Technical ignorance is not leadership (TechCrunch) There is a peculiar pattern that I have noticed among elites in the United States outside Silicon Valley, which is the almost boastful ignorance of technology. As my colleague Jon Shieber pointed out today, you can see that ignorance among congressmen throughout the whole Facebook/Cambridge Analyti…

Our “modern” Congress doesn’t understand 21st century technology (TechCrunch) Lorelei Kelly Contributor Lorelei Kelly leads the Resilient Democracy Coalition, a group working to make sure Congress succeeds in the Information Age. More posts by this contributor The banana republic of big data Slowly but surely, Congress will join us in the 21st century Robert Bjarnason Contri…

Personal privacy vs. public security: fight! (TechCrunch) Personal privacy is a fairly new concept. Most people used to live in tight-knit communities, constantly enmeshed in each other’s lives. The notion that privacy is an important part of personal security is even newer, and often contested, while the need for public security — walls which…

Marketplace

Investors grapple with cyber risk (Euromoney) Fund managers understand that cybersecurity is one of the biggest threats to banks.

Results for Dell Technologies Capital after first year out of stealth (Channellife) The company has announced strong exit & investment momentum in its first year out in the open, focusing on tech startups in AI, ML, & cybersecurity.

Carbon Black stock surges 26% after IPO as cloud software stays hot (MarketWatch) Carbon Black Inc. shares rally on their first day of trading Friday, firmly planting the cybersecurity company into unicorn territory after it priced its initial public offering above already elevated levels.

Zscaler And A Key Departure (investing.com) Zscaler (NASDAQ:ZS) shares fell Thursday on news that its COO William Welch will be departing the company.

Slovaks have learned how to combat malware (Slovak Spectator) Slovakia took the top position in a global ranking on cyber security.

FireEye: The Turnaround Is On Track (Seeking Alpha) Internet security firm FireEye reported first quarter earnings this week.

Mark Zuckerberg did the apology thing. Now he must actually change Facebook (CNET) The CEO defiantly says he won't let propaganda, scandals or trolls ruin his creation. We’ll see how that turns out.

Products, Services, and Solutions

New Service Blocks EU Users So Companies Can Save Thousands on GDPR Compliance (BleepingComputer) A new service called GDPR Shield is making the rounds this week and for all the wrong reasons. The service, advertised as a piece of JavaScript that webmasters embed on their sites, blocks EU-based users from accessing a website, just so the parent company won't have to deal with GDPR compliance.

Google will verify the identity of those buying US political ads (Engadget) Political ads will also be required to display who paid for them.

Standard Bank to automate threat analysis with RiskIQ (IBS Intelligence) RiskIQ, the global leader in digital threat management, today announced that Standard Bank has deployed its suite of products to automate the discovery and threat analysis of brand infringement, cybercrime and web-based attacks against its digital presence.

IAG creates 'novel' model to predict cost of cyber attack (iTnews) Checks how its investments may offset losses.

Technologies, Techniques, and Standards

5 Ways to Better Use Data in Security (Dark Reading) Use these five tips to get your security shop thinking more strategically about data.

Security Analyst: The New Data Scientist (Infosecurity Magazine) Data science skills have become more common as Universities offer a wide selection of courses on the subject.

Time to ditch DIY security: How managed security service providers will make you stronger (Security Brief) A wise man once said, “An attacker may defeat someone who is alone, but two can resist him, and a three-stranded cord is not easily broken.”

How to Keep Hackers Out of Your Facebook and Twitter Accounts (WIRED) Scammers, pranksters, and bad actors all want to break into whatever social media accounts they can. Here's how to keep yours safe.

How U.S. Election Officials Are Trying To Head Off The Hackers (Fast Company) Experts warn hackers could target voter rolls or election-night reporting systems to undermine legitimacy without casting a single fraudulent vote.

Design and Innovation

Teaching robots through trial and error (TechCrunch) A few days after watching a small army of Sawyer robots drop fake apples into plastic bowls, we’re back at UC Berkeley’s Sutardja Dai Hall to witness another approach to robotic learning. This time out, it’s an older model — PR2, the once ubiquitous personal robot from the now-defunct Willow Garage…

Research and Development

Space photons bring a new dimension to cryptography (Geospatial World) France: ESA and its partners will investigate how satellites can distribute photon ‘keys’ to help secure encryption.

Academia

UW Trustees to Vote on Cybersecurity Certificate Program (Laramie Live) A new cybersecurity certificate could be available to students in Fall 2018, pending the approval of the University of Wyoming Board of Trustees.

Legislation, Policy, and Regulation

Putin Starts New Term After Protests, Amid Tension With West (RadioFreeEurope/RadioLiberty) Vladimir Putin has been sworn in to a new six-year term as Russian president, vowing to "serve the people" and improve their lives while protecting what he called a country of "great victories and feats."

With Influence Activities Exposed, the Kremlin Acts Even More Boldly (The Cipher Brief) Russian influence operations were thrust into the public limelight in the West in 2017 with the findings of the U.S. Intelligence Community that Russia did in fact, interfere with U.S. Elections. The resulting attention did not deter the Kremlin; on the contrary – it takes pride in it. From the Kremlin point of view, influence …

Translation: Xi Jinping’s April 20 Speech at the National Cybersecurity and Informatization Work Conference (New America) In the wake of the recent upgrade of China’s cyberspace authorities from a central leading group to commission status, a National Cybersecurity and Informatization Work Conference took place in Beijing on April 20–21. Xi Jinping gave a speech outlining adjusted priorities for digital development, cybersecurity, and cyberspace governance after the 19th Party Congress.

China Exploits IT Supply Chain, Report Says (MeriTalk) It’s no secret that Chinese companies are major suppliers to U.S. technology companies that serve the Federal government, and a report issued last month says the Chinese government is leveraging that manufacturing capability to create significant security risks across the U.S. Federal enterprise.

Here's what we know happened at the trade summit between China and U.S. (CBC) Top officials from China and the United States reached a consensus on some aspects of the countries' trade row, but disagreements over other issues remain "relatively big," according to the Chinese government on Friday.

China Telecom Companies May Face Federal Ban Over Security Fears (Bloomberg Government) Congress has turned its sights on two Chinese telecommunications companies that a senator says could make it easier for China to spy on the U.S.

Chinese-American Elites Lament a Brewing Trade War (WIRED) A Silicon Valley event explores the impact on tech firms of fraying US-China ties.

In Silicon Valley, a gathering urges Washington to rethink view of China (Asia Times) Prominent scholars and Chinese-American figures at Committee of 100 conference say misperceptions are driving hostility towards China

Tackling the high risk of a cyber attack: Inquirer (The Straits Times) In its editorial, the paper calls for measures to make individuals and companies more aware of the need for cyber security.. Read more at straitstimes.com.

ODNI Releases Annual Intelligence Community Transparency Report (IC on the Record) Today, consistent with the USA FREEDOM Act and the FISA Amendments Reauthorization Act of 2017 (the reauthorized FAA) requirements to release certain statistics (codified in 50 U.S.C.§ 1873(b)) and the Intelligence Community’s Principles of Intelligence Transparency, we are releasing our fifth annual Statistical Transparency Report Regarding Use of National Security Authorities presenting statistics on how often the government uses certain national security authorities.

Spy agency NSA triples collection of U.S. phone records: official... (Reuters) The U.S. National Security Agency collected 534 million records of phone calls and text messages of Americans last year, more than triple gathered in 2016, a U.S. intelligence agency report released on Friday said.

'NSA Dominates Surveillance, Sabotage' in Cyberspace - German Newspaper (Sputnik) Internet technology has increasingly become compromised and militarized. More and more hackers are active in cyberspace, and the scope of their activities poses a serious threat to global security, German newspaper Sueddeutsche Zeitung wrote.

US is waking up to the deadly threat of cyber war (CNN) Operation Locked Shield, staged in Estonia by the NATO Cooperative Cyber Defense Centre of Excellence, was the largest and most intricate cyber defense exercise ever mounted, writes David Andelman

Is it Time to Regulate Cyber Conflicts? (Lawfare) Recommendations for a long-term strategy on controlling nation-state cyber conflicts.

Private Companies Take the Lead on Cyber Security (War on the Rocks) Last month, 34 technology and security companies signed what they call the Cybersecurity Tech Accord, “agreeing to defend all customers everywhere from malicious attacks by cybercriminal enterprises and nation-states.” The agreement is a remarkable initiative by a group of industry heavyweights, ranging from Cisco to

Karl Marx a tool to 'win the future' for China, Xi Jinping says (Deutsche Welle) The Chinese president has praised Karl Marx as the "greatest thinker of modern times" ahead of the bicentennial of the German philosopher. Xi's German counterpart, meanwhile, was far more critical.

Senate Panel Tackles Mitigating America’s Cybersecurity Risk (MeriTalk) The Department of Homeland Security (DHS) was in the hot seat during last week’s Senate Committee on Homeland Security & Governmental Affairs hearing.

White House gears up to push CIA nominee as concerns mount (POLITICO) Haspel is sitting in on preparation sessions and continuing visits with senators this week ahead of Wednesday's confirmation hearing.

Secretary of State Launches Cybersecurity Partnership (Iowa Public Radio) The state’s top elections official says the state's voting systems are buffeted by cyber attacks. Now Iowa's secretary of state is launching a new

Georgia Could Pass a Vaguely Written 'Unauthorized Computer Access' Law This Week (Gizmodo) Georgia Gov. Nathan Deal has until Tuesday to decide whether to approve a dubious bill that would make it illegal to access a computer or network “without authority,” Wired reported, in what looks an awful lot like legislators trying to make something they don’t understand a crime.

A Georgia Hacking Bill Gets Cybersecurity All Wrong (WIRED) Georgia's SB315 discourages security research and encourages hacking back—meaning it's exactly backwards.

Inside New York City Cyber Command — a government agency most people know nothing about that's leading America's biggest city into the future (Business Insider) NYC Cyber Command (NYC3) is changing the way government officials in America's biggest city protect its people amid increasing threats of cyberattacks in the US

Cyber strategy to be 'holistic' (Manx Radio) New measures launched by government

Litigation, Investigation, and Law Enforcement

Russian Twitter bot sends death threat to Labour MP (Times) Police are investigating a death threat against a Labour MP opposed to Jeremy Corbyn, which they believe came from a Russian social media robot. Details of the inquiry emerged as The Sunday Times...

Russia Blocks 50 VPNs and Proxy Services Providing Access to Telegram (BleepingComputer) Roskomnadzor, Russia's telecommunications watchdog, blocked last week, on Thursday, May 3, 2018, access to over 50 VPN and proxy services.

UK Regulators Demand Cambridge Analytica Hand Over User Data (WIRED) David Carroll, a professor at Parsons School of Design, might finally get to see everything Cambridge Analytica knows about him.

ZTE pleads for reversal of US ban (The Standard) Chinese telecom company ZTE Corp,which has suspended trading in its shares in Hong Kong said today it has asked the U.S. Commerce Department’s Bureau of Industry and Security to suspend the ba...

Comodo revokes security certificates for “Pirate Bay of science” (My Broadband) Comodo CA has revoked the security certificates for Sci-Hub, TorrentFreak reported.

City of London Police to assemble crack team of cyber detectives (The Telegraph) The City of London Police plans to launch a team of “cyber detectives”, hired straight out of UK universities, amid growing fears around cyber attacks on the Square Mile.

Control centre for cyber crime fight (The Telegraph) The police headquarters will in the next couple of months will start a cyber crime control centre in Patna to deal with rising cases of cyber crime in Bihar.

Leek, candy, and big pancake: The slang Chinese crypto traders use to hide from the authorities (Quartz) Why the hell would someone be trying to buy a "little concubine"?

Islamic State 'Sim card man' jailed (BBC News) Rabar Mala, who lived in Warrington, became what amounted to an IT support worker for the group.

Man hacked 200 firms & sold data of millions of users on dark web (HackRead) West not only breached the security of these companies but also stole their user data before selling them on the now seized AlphaBay market on the Dark Web.

DDoSer Who Terrorized German and UK Firms Gets Off Without Jail Time (BleepingComputer) A German hacker who launched DDoS attacks and tried to extort ransom payments from German and UK firms was sentenced last month to one year and ten months of probation.

Did this EPA tweet violate Hatch Act? OSC says it'll investigate (FederalNewsRadio.com) The Office of Special Counsel is investigating whether the Environmental Protection Agency violated the Hatch Act over a politically charged tweet sent last month.

The Man Who Cracked the Lottery (New York Times) When the Iowa attorney general’s office began investigating an unclaimed lottery ticket worth millions, an incredible string of unlikely winners came to light - and a trail that pointed to an inside job.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Secure Summit DC (Washington, DC, USA, May 7 - 8, 2018) (ISC)² Secure Summit DC will assemble the best minds in cybersecurity for two days of insightful discussions, workshops and best-practices sharing. The goal of the event is to equip security leaders to...

HACKNYC (New York, New York, USA, May 8 - 10, 2018) The recent flood of data breach news may numb us to the threat of attacks with kinetic effects--direct or indirect physical damage, injury, or death. Hack NYC focus’ on our preparation for, and resilience...

Insider Threat Program Management With Legal Guidance Training Course (Herndon, Virginia, USA, May 8 - 9, 2018) This training will provide the ITP Manager, Facility Security Officer, and others (CIO, CISO, Human Resources, IT, Etc.) supporting an ITP, with the knowledge and resources to develop, manage, or enhance...

SecureWorld Kansas CIty (Kansas City, Missouri, USA, May 9, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Cyber Ready 2018 Cybersecurity/Intel Conference (MacDill Air Force Base, Florida, USA, May 14, 2018) Major General Mike Ennis (USMC, ret), CIA National Clandestine Service's first Deputy Director for Community Human Intelligence (HUMINT), will deliver the keynote. The conference will also feature an all-audience...

Cyber Investing Summit (New York, New York, USA, May 15, 2018) Now in its third year, the Cyber Investing Summit is an all-day conference focusing on investing in the cyber security industry, which is predicted to exceed $1 trillion in cumulative spending on products...

Third Annual Cyber Investing Summit (New York, New York, USA, May 15, 2018) Renowned cyber security executive David DeWalt will deliver the keynote address at the Third Annual Cyber Investing Summit. The Cyber Investing Summit is a unique all-day conference focused on the financial...

The Cyber Security Summit: Dallas (Dallas, Texas, USA, May 15, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Digital Utilitites Europe (Amserdam, the Netherlands, May 16 - 17, 2018) The conference will bring together key industry stakeholders to address the current challenges of the digitisation in the utilities sector. Join us in Amsterdam to hear latest business case studies and...

SecureWorld Houston (Houston, Texas, USA, May 17, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Ignite18 (Anaheim, California, USA, May 21 - 24, 2018) Palo Alto Networks' sixth annual conference features highly technical insights based on firsthand experiences with next-generation security technologies, groundbreaking new threat research, or innovative...

AFCEA/GMU Critical Issues in C4I Symposium (Fairfax, Virginia, USA, May 22 - 23, 2018) The AFCEA/GMU Critical Issues in C4I Symposium brings academia, industry and government together annually to address important issues in technology and systems research and development. The agenda for...

3rd Annual Nuclear Industrial Control Cybersecurity and Resilience Overview (Warrington, England, UK, May 22 - 23, 2018) Now in its 3rd year, the Cyber Senate Nuclear Industrial Control Cyber Security and Resilience Conference will take place on May 22/23rd in Warrington United Kingdom. This two day executive forum will...

PCI Security Standards Council’s Asia-Pacific Community Meeting (Tokyo, Japan, May 23 - 24, 2018) Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes and industry expert speakers. The PCI Security Standards Council’s 2018...

North American Financial Information Summit (New York, New York, USA, May 23, 2018) Data is the most vital asset of any financial services firm. With volumes increasing exponentially, and the complexity and structure continuously changing, it is more vital than ever to keep on top of...

SecureWorld Atlanta (Atlanta, Georgia, USA, May 30 - 31, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

RISKSEC (New York, New York, USA, May 31, 2018) Welcome to the 2018 New York City RiskSec Conference. As SC Media approaches our 30th anniversary, we fully understand the avalanche of cybersecurity-related problems, responsibilities and aspirations...

Cyber:Secured Forum (Denver, Colorado, USA, June 4 - 6, 2018) Cyber:Secured Forum will feature in-depth content on cybersecurity trends and best practices as related to the delivery of physical security systems and other integrated systems. Content is being collaboratively...

Campaign Cyber Defense Workshop (Boston, Massachussetts, USA, June 4, 2018) The Campaign Cyber Defense Workshop brings together experts from the region’s industry, university, and government organizations to address campaign security and effective practices for maintaining campaign...

Gartner Security and Risk Management Summit 2018 (National Harbor, Maryland, USA, June 4 - 7, 2018) Prepare to meet the pace and scale of today’s digital business at Gartner Security & Risk Management Summit 2018. Transform your cybersecurity, risk management and compliance strategies and build resilience...

New York State Cybersecurity Conference (Albany, New York, USA, June 5 - 7, 2018) June 2018 marks the 21st annual New York State Cyber Security Conference and 13th Annual Symposium on Information Assurance (ASIA). Hosted by the New York State Office of Information Technology Services,...

The Cyber Security Summit: Boston (Boston, Massachusetts, USA, June 5, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

SecureWorld Chicago (Chicago, Illinois, USA, June 5, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

NSA 2018 Enterprise Discovery Conference (Ft. Meade, Maryland, USA, June 5 - 6, 2018) Hosted by the National Security Agency and the Federal Business Council (FBC). The EDC is the largest event held at NSA with over 1500 attendees from around the world. EDC provides a collaborative learning...

TU-Automotive Cybersecurity (Novi, MIchigan, USA, June 6 - 7, 2018) Co-located with the world's largest automotive technology conference & exhibition. The conference unites players from research labs, automakers, tier 1’s, security researchers, and the complete supply...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.