skip navigation

More signal. Less noise.

2017 cyberattacks proved more numerous, sophisticated, and ruthless than in years past.

WannaCry, NotPetya, ransomware-as-a-service, and fileless attacks abounded. And, that’s not everything. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. Read The Cylance Threat Report: 2017 Year in Review Report and learn about the threat trends and malware families their customers faced in 2017.

Daily briefing.

The lull in Chinese cyberattacks during the previous US Administration and the early days of the current one appears to have amounted to a false dawn. Carbon Black's recent quarterly threat report has led some to conclude that the lull was a period of learning and development during which the PLA and the Ministry of State Security took lessons from Russian operations. Now it seems, as Ars Technica puts it, Beijing has "taken the gloves off."

There may be a partial explanation for Iran's terse warnings about cyberattacks. Bleeping Computer says, based in part on reporting by Israeli outlet Hadashot, that Iranian infrastructure has recently been afflicted with a "Stuxnet-like" strain of malware.

Trolling aside—and there's been no shortage of that—observers are wondering where the Russians are in the US midterm elections. The Bears have been relatively quiet, which leads nervous commentators to breathlessly predict a big surprise for next Tuesday's voting.

Russian information operations may have been more effective at home than abroad. Apparently conventional wisdom among Russians is that the US will experience a second Civil War by 2020. Celebrities and businesses sometimes come to take too much stock in their own press releases. The same might happen with trolling and statecraft, too.

US Cyber Command seems to be ready to retaliate in kind against any Election Day cyberattacks.

The BBC reports that tens of thousands of Facebook private messages, many from accounts based in Russia or Ukraine, are now for sale on the dark web.

Notes.

Today's issue includes events affecting Australia, Canada, China, European Union, Iran, Iraq, Russia, Saudi Arabia, Turkey, Ukraine, United Kingdom, United States.

Create a culture of cybersecurity awareness with Coachable Moments.

According to The Ponemon Institute, two out of three insider threat incidents are caused by employee or contractor mistakes. The good news is, these mistakes can easily be avoided ... with the right coaching. Just in time for Cybersecurity Awareness Month, the Coachable Moments series from ObserveIT gives cybersecurity teams the tools they need to empower people to understand the policies and best-practices intended to keep them safe. Check out Coachable Moments today to learn more.

In today's podcast we speak with Accenture's Malek Ben Salem, who shares insights into how blockchain technology could be applied to election security. Our guest is Shannon Morse, host of Hak5 and keynote speaker at the Diana Initiative. We discuss her nontraditional career path into tech.

Maryland Cybersecurity Career & Education Fair (Rockville, Maryland, United States, November 9 - 10, 2018) Join us for two dynamic days that put on display why Maryland is where cyber works. Friday will feature a career and education fair, connecting cybersecurity job seekers with opportunities across the state of Maryland. On Saturday, high school and undergraduate students compete in our cyber challenge.

Cyber Attacks, Threats, and Vulnerabilities

New data shows China has “taken the gloves off” in hacking attacks on US (Ars Technica) The new normal: More sophisticated attackers, more destructive attacks.

New Stuxnet Variant Allegedly Struck Iran (BleepingComputer) A malware similar in nature to Stuxnet but more aggressive and sophisticated allegedly hit the infrastructure and strategic networks in Iran.

TV report: Israel silent as Iran hit by computer virus more violent than Stuxnet (Times of Israel) Tehran strategic networks attacked, Hadashot TV says, hours after Israel revealed it tipped off Denmark about Iran murder plot, and days after Rouhani's phone was found bugged

The CIA's communications suffered a catastrophic compromise. It started in Iran. (Yahoo) From around 2009 to 2013, the U.S. intelligence community experienced crippling intelligence failures related to the secret internet-based communications system, a key means for remote messaging between CIA officers and their sources.

BleedingBit Information from the Research Team (Armis Labs) Read this report on how BLEEDINGBIT exposes Millions of Enterprise Access Points and Unmanaged Devices to an Undetectable Chip Level Attack

Bleedingbit zero-day chip flaws may expose majority of enterprises to remote code execution attacks (ZDNet) Updated: The BLE chip zero-day vulnerabilities have the potential to render millions of enterprise security systems powerless.

Mystery of the Midterm Elections: Where Are the Russians? (New York Times) Nefarious activity by known or suspected hackers seems low this year. But that might not be good news and could spell trouble even after Tuesday’s vote.

The Pentagon Has Prepared a Cyberattack Against Russia (The Daily Beast) U.S. military hackers have been given the go-ahead to gain access to Russian cybersystems as part of potential retaliation for any meddling in America’s elections.

Joe Manchin’s social media accounts hacked, the senator’s office says (Washington Post) Accounts have since been secured, the West Virginian’s aides say.

Report: Majority of Americans Unable to Discern Fake Election Emails (MarketWatch) Valimail Survey Finds Older Americans Better at Identifying Fake Emails - But Average Success Rates Very Low Among All Groups

Real vs. Fake Email Test Results (Valimail) Prior to the 2018 midterm elections, Valimail conducted a survey to test adult Americans’ ability to distinguish fraudulent campaign emails.

A vote for better security (SC Media) In light of rampant concerns about election tampering and voting machine manipulation, here are some steps IT security experts believe that state and

Will 'Deepfakes' Disrupt the Midterm Election? (WIRED) Advances in machine learning allow almost anyone to create plausible imitations of candidates in video and audio, potentially sowing confusion.

How Do You Say ‘Fake News’ in Russian? (Foreign Policy) Russian news sites portray the U.S. presidential election as a prelude to civil war.

Hacked Facebook private messages for sale (BBC News) The perpetrators told the BBC Russian Service they had details from a total of 120 million accounts.

New techniques expose your browsing history to attackers (Help Net Security) Security researchers have discovered new techniques that could be used by hackers to learn which websites users have visited as they surf the web.

Old School 'Sniffing' Attacks Can Still Reveal Your Browsing History (Motherboard) The way that major browsers store history and structure links leaves them vulnerable to old school ‘sniffing’ attacks, according to new research from the University of California San Diego.

Emotet Trojan Begins Stealing Victim's Email Using New Module (BleepingComputer) The Emotet malware is typically used as a banking trojan and more recently for distributing other malware, but has now become more versatile via a module that allows it to steal a victim's actual emails going back six months.

SMS Phishing + Cardless ATM = Profit (KrebsOnSecurity) Thieves are combining SMS-based phishing attacks with new “cardless” ATMs to rapidly convert phished bank account credentials into cash. Recent arrests in Ohio shed light on how this scam works.

Cisco zero-day exploited in the wild to crash and reload devices (ZDNet) No patch available,yet. Vulnerability affects devices running ASA 9.4+ and FTD 6.0+ software.

Yi IoT Home Camera Riddled with Code-Execution Vulnerabilities (Threatpost) Five of them allow remote compromise of the IoT gadgets, so attackers can intercept video feeds and more.

Another day, another update, another iPhone lockscreen bypass (Naked Security) Researcher José Rodríguez beats the lockscreen to display contact phone numbers and email addresses.

Defence shipbuilder Austal hit by cyber-attack (ABC Radio) A cyber-attack and extortion attempt has forced major Australian Defence shipbuilder Austal to increase its data security.

How Hackers Exploit Online Games (Security Boulevard) Legitimate platforms like online gaming services are a breeding ground for hackers, with in-game currencies and micro-transactions putting a target on the gaming industry’s back

Bogus Porn Emails Using Old Passwords to Scam You Out of Cash (PCMAG) Cisco Talos says email scammers have made at least $146,000 in bitcoin by circulating sextortion messages. But don't fall for it: no one has incriminating video footage of you.

Experts Divulge Memorable IT/Information Security Nightmares (eWEEK) Just in time for Halloween, industry experts have weighed in, sharing their IT nightmare stories (and lessons learned), as well as offering their analysis around DevSecOps (development of security operations).

Cyber Trends

Internet freedom continues to decline around the world, a new report says (The Verge) Governments are reining in liberty for the eighth consecutive year, Freedom House reports

We need thicker skins in age of social media (Times) We live in an age when events that used to take place behind closed doors are now more visible. People leave traces of their stupidity online where once their tracks were covered and, for the most...

Microsoft boss hammers home 'unintended consequences' of AI (CRN) Satya Nadella implored the industry to be leaders in setting the standards around privacy and ethics in AI

Report reveals one-dimensional support for two-factor authentication (Naked Security) 34 popular consumer websites were put to the 2FA test.

Eight resellers name their top cybersecurity threats to watch out for in 2019 (CRN) From whaling and USB attacks to third-party exploitation, what will be the biggest threats facing end users next year? We asked execs at eight cyber-security resellers and consultancies to name their picks.

Marketplace

Bull or Bear? How the Market Reacts to Data Breach News | Lexology () Last week, Cathay Pacific Airlines Ltd., the Hong Kong-based international airline, disclosed that a hacker had broken into its computer system and…

Cisco Chairman John Chambers invests in India-based cybersecurity startup (CISO MAG) The startup delivers information security platforms and services to enterprises and governments globally

Emerging Leader Attila Security Announces First Round of Funding (PRWeb) Attila Security, a company providing visibility, control and threat defense across physical, virtual, and cloud applications is pleased to announce it has com

QuoVadis to be sold to US firm DigiCert (The Royal Gazette) Cybersecurity firm QuoVadis is to be sold by its Swiss owners to US company DigiCert.QuoVadis, which was founded in Bermuda in the late 1990s, was

Australia's top cyber spy says Chinese tech is too good to be allowed near its key infrastructure (Business Insider) Australia's top cyber spy says Chinese technology like Huawei is too good and Chinese state media can't really agree

Huawei says no Australia barriers are needed (IOL Business Report) Australia must restrict foreign firms with government ties from its 5G mobile communications network.

Huawei Lobbyists Visit Canadian MPs to Alleviate Security Concerns (Epoch Times) Huawei lobbyists started paying visits to Canadian parliamentarians in August.

The Privacy Battle to Save Google From Itself (WIRED) Interviews with over a dozen current and former Google employees highlight a commitment to privacy—and the inherent tensions that creates.

Employee Discontent Threatens Google’s Reputation (Wall Street Journal) On Thursday, Google workers who took part in a walkout at the company’s offices around the world signaled a crisis in faith—one that, if widespread, could cause reputational harm, potentially affecting the Alphabet Inc. unit’s standing as an aspirational workplace, risk experts and analysts said.

A Chinese Dissident Artist Is Taking Aim at Google for Censored Search Engine (Motherboard) Badiucao’s new exhibition compares Google's censored search engine for China, codenamed Dragonfly, to Donald Trump's wall.

Why recruiting cyberwarriors in the military is harder than retaining forces (Fifth Domain) Recruiting the American military’s cyber force is more difficult than retaining digital warriors, top Pentagon officials said during the CyberCon conference hosted by Fifth Domain Nov. 1.

EDA, Thales sign network services contract - DB - Digital Battlespace (Shephard Media) The European Defence Agency (EDA) has signed a contract with Thales Six GTS France for the provision of secure network and communication services to the ...

AllegisCyber Names Mike Aiello-- Director of Product Management for Go (PRWeb) Mike Aiello, a cybersecurity executive at Alphabet Inc.’s Google and previously a Chief Information Security Officer (CISO) at Goldman Sachs for Consumer B

Absolute Software Names Christy Wyatt as Chief Executive Officer (BusinessWire) Absolute (TSX: ABT), the endpoint visibility and control company, today announced the appointment of accomplished security and technology industry lea

AppRiver Bolsters Executive Management Team with Chief Marketing Officer (GlobeNewswire News Room) Leading Cloud Cybersecurity and Productivity Provider Appoints 20-Year Marketing Veteran Cleve Bellar as its First CMO

Paul Wang joins High-Tech Bridge’s Advisory Board (CSO) With over 20 years of cybersecurity practice in all four Big 4 companies, Paul Wang will support High-Tech Bridge’s sustainable global growth, competitive AI strategy and customer value creation.

Products, Services, and Solutions

Keeper Security Unveils New Dark Web Monitoring Product, BreachWatch™ (PR Newswire) Keeper Security, Inc., the leading creator of zero-knowledge security solutions, Keeper® Password Manager and...

HITRUST releases Threat Catalogue to improve risk management (Help Net Security) HITRUST's Threat Catalogue will provide organizations with visibility into the threats and risks targeting their information, assets and operations.

New TITUS machine learning capabilities enable confidence in identifying and protecting data (Help Net Security) TITUS' Intelligent Protection offers machine learning driven by classification to reduce risk of data loss.

Covata's Enterprise Security Console to provide visibility and control over sensitive data (Help Net Security) Covata’s Enterprise Security Console empowers businesses to discover, protect, and control their sensitive information across multiple platforms.

TierPoint Launches CleanIP Next-Generation Firewall (PR Newswire) TierPoint, a leading provider of secure, connected data center and cloud solutions at the edge of the internet, today...

Bitdefender Labs Launches Election Security Central to Track Cybersecurity and Information Warfare on Voters | Markets Insider (Business Insider) Bitdefender, a leading global cybersecurity company protecting over 500 millio...

Technologies, Techniques, and Standards

Are We Really Okay With Facial Recognition? (IQS Directory Resource Center) Everyone is talking about facial recognition these days? But things aren’t as simple as they seem. We need to consider these key factors.

IBM manager: Cyber-resilience strategy part of business continuity (TechTarget) Make sure a cyber-resilience strategy is top of mind at your organization. In this podcast, learn ways to minimize the constant threat of cyberattacks and enhance your business continuity.

Managing Cyber Risks: A New Tool for Banks (BankInfo Security) Banks have a new tool available for developing cyber risk management programs. In an interview, architects of the Financial Services Sector Cybersecurity Profile,

EZShield + IdentityForce Provide Holiday Shopping Tips to Protect Consumers Against Identity Theft (AP NEWS) EZShield + IdentityForce , issued five tips today to help consumers protect themselves from identity theft during the holiday shopping season. These tips can help safeguard consumers whether they are purchasing gifts on mobile phones, keeping their children’s identity safe, or returning items.

Design and Innovation

Google’s stealthy sign-in sentry can pick up pilfered passwords (Naked Security) The search giant’s secret sauce can see when somebody’s using your stolen password.

How Microsoft's Defending Democracy program amplifies account security (TechRepublic) Diana Kelley, Microsoft's Cybersecurity Field CTO, explains how the company is combating disinformation, phishing attacks, and cloud security.

Microsoft's security tactics focus on customers, transparency, and working with its tech competitors (TechRepublic) Diana Kelley, Microsoft's Cybersecurity Field CTO, talks about the company's approach to data security, collaborating with its major tech competitors, and why the cloud is a security imperative.

Verint System unveils Cyber Intelligent Reasearch and Development Center in Romania (Business Review) Verint Systems announced the opening of a Cyber ​​Intelligence Research and Development Center in Romania offering Romanian IT professionals the

Research and Development

Quantum Random Numbers Future-Proof Encryption (Semiconductor Engineering) Three universities chose to build and license quantum random number generators.

Academia

Software Engineering Institute Names Leading Cybersecurity Researcher as CTO (PR Newswire) The Software Engineering Institute at Carnegie Mellon University today announced the appointment of nationally known...

Purdue professor led Worm research that began cybersecurity work () Purdue University Professor Eugene Spafford is known for his work almost 30 years ago in defeating one of the first major malware programs released onto the internet.

Computer Science Department plans to change curriculum (The Cavalier Daily) The Computer Science Undergraduate Curriculum Committee is considering curriculum changes to both the Bachelor of Science and Bachelor of Arts degrees for computer science.

Legislation, Policy, and Regulation

'GDPR is one of the best things to happen for data security,' says CIO roundtable (Computing) A CIO roundtable states that the EU's General Data Protection Regulation has helped focus board minds on security

GDPR's First 150 Days Impact on the U.S. (Threatpost) Weighing the impact of GDPR and how the historic legislation has shaped privacy protection measures in the U.S., so far.

Canada Eyes Ban On Shady Piracy Warnings That Demand Payment (Motherboard) Bill C-86 would end the obligation for ISPs to forward misleading copyright infringement notices that ask for a settlement payment to customers accused of pirating media.

Analysis | The Cybersecurity 202: Trump takes harder line on digital security just before the midterms (Washington Post) His attorney general announced a program to curb Chinese economic espionage.

Sen. Ron Wyden Introduces Bill That Would Send CEOs to Jail for Violating Consumer Privacy (Motherboard) The 'Consumer Data Protection Act' is a bill that would comprehensively overhaul internet privacy protections.

Wyden Releases Discussion Draft of Legislation to Provide Real Protections for Americans’ Privacy (U.S. Senator Ron Wyden of Oregon) Bill Requires Radical Transparency About How Corporations Share, Sell and Use Your Data; Creates Tough Penalties and Jail Time for Executives

Discussion Draft: ‘Consumer Data Protection Act (US Senate) To amend the Federal Trade Commission Act to establish requirements and responsibilities for entities that use, store, or share personal information, to protect personal information, and for other purposes.

Pentagon official: Cyber Command and NSA may split infrastructure (Fifth Domain) The split stems from the different missions of the two agencies, according to Capt. Ed Devinney, director of corporate partnerships and technology outreach at Cyber Command.

Everyone in DoD is a cyberwarrior (Fifth Domain) Each person is responsible for cyber hygiene and cyber defense today, according to Vice Adm. Nancy Norton, director of DISA and commander of Joint Force Headquarters-DoD Information Networks.

Mattis stands up new Pentagon office to safeguard Defense information (Federal News Network) Defense Secretary James Mattis has appointed a new task force to cut theft and misappropriation of DoD information, reporting directly to the deputy defense secretary and vice chairman of the Joint Chiefs of Staff.

HHS opens health cybersecurity coordination center (Health Data Management) Agency will provide timely and actionable intelligence on cyber threats to healthcare organizations.

HHS kills HCCIC cyber command center, aligns with Homeland Security (Healthcare IT News) The new HHS-DHS Health Cybersecurity Coordination Center, HC3, replaces the Healthcare Cybersecurity Communications and Integration Center after a year of turmoil and unraveling.

Speaker Ryan appoints three to cyberspace commission (Homeland Preparedness News) Rep. Mike Gallagher (R-WI), Samantha Ravich, and Frank Cilluffo were appointed this week by House Speaker Paul Ryan (R-WI) to the Cyberspace Solarium Commission. The commission was established by the National Defense Authorization Act to develop a framework for U.S. … Read More »

Litigation, Investigation, and Law Enforcement

Senate Panel Seeks FBI Briefing on Super Micro Hacking Report (Bloomberg) A U.S. Senate committee asked the FBI and Department of Homeland Security for a classified briefing on a report saying China’s intelligence services used subcontractors to plant malicious chips in Super Micro Computer Inc. server motherboards.

Chinese ‘cyber-attack’ on Oz firm linked to jet company (The Australian) An alleged Chinese cyber-attack that US prosecutors say targeted an Australian website registration firm has been linked to a French company building one of the most common commercial jet engines.

Arq Group addresses speculation over its involvement in China hacks (CRN Australia) Said it had no knowledge of events detailed in a US indictment.

U.S. Accuses Chinese Firm, Partner of Stealing Trade Secrets From Micron (Wall Street Journal) The Justice Department unsealed charges Thursday against a Chinese state-owned firm and its Taiwan partner for allegedly stealing trade secrets from the U.S.’s largest memory-chip maker, Micron Technology.

Analysis | One month after Jamal Khashoggi’s killing, these key questions remain unanswered (Washington Post) Saudi Arabia finally admitted to killing Khashoggi, but the case is far from closed.

One month on: The Jamal Khashoggi murder case so far (Al Jazeera) Assassination of Saudi journalist inside the kingdom's Istanbul consulate has drawn global ire, intense media scrutiny.

Activist investor Carl Icahn sues Dell over alleged financial disclosure failure (CRN Australia) Carl Icahn alleges financial information on VMware stock swap plan wasn't disclosed.

Russia’s GRU provides crypto twist to Mueller investigation (Asia Times) The Mueller probe into possible links between Trump family and Moscow claims Russian intelligence mined its own crypto to launder money for US operations

In email to Trump’s campaign strategist, Roger Stone implied he knew of WikiLeaks’s plans (Washington Post) The exchange with Stephen K. Bannon undercuts Stone’s claim to The Washington Post that he never communicated with campaign officials about WikiLeaks.

The Real Houseguest of the Ecuadorian Embassy (WIRED) As details of his democracy-bending relationship with Roger Stone break, Julian Assange is proving guests, like fish, stink after six years.

Financial and psychological toll of catfishing scams (CBS News) A North Carolina woman is in jail for allegedly plotting to kill her mother for insurance money after she fell victim to a so-called catfishing scam, when stolen identities are used to lure people into fake relationships. These online romance scams can lead to bullying, cyberstalking, theft, and even worse consequences. Victims in the U.S. and Canada say they lost nearly a billion dollars over the last three years. Meg Oliver reports.

"Emotional terrorists": The financial and psychological toll of catfishing scams (CBS News) Why scam victims send thousands of dollars to people they've never met -- one woman allegedly plotted a murder to gain more cash

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

InfoWarCon 18 (Leesburg, Virginia, USA, November 1 - 3, 2018) InfoWarCon 18 brings together a highly elite group of political, military, academic, DIYer, and commercial cyber-leaders and thinkers from around the world. We examine the current, future, and potential...

RETR3AT Cybersecurity Conference (Montreat, North Carolina, USA, November 2, 2018) Each year, Montreat College’s Center for Cybersecurity Education and Leadership hosts RETR3AT, a conference designed to engage, educate, and raise awareness about cybersecurity in Western North Carolina...

4th Annual Cyber Southwest (CSW) Symposium (Tuscon, Arizona, USA, November 2, 2018) Be a part of the 4th Annual Cyber Southwest (CSW) Symposium set to take place at the University of Arizona, Eller College of Management - McClelland Hall in Tucson, AZ on Friday, November 2nd, 2018. CSW...

Hybrid Identity Protection Conference (New York, New York, USA, November 5 - 6, 2018) Learn what cutting-edge industry leaders are doing to improve identity protection in the modern organization and how they are boosting enterprise security. Network with the world’s leading identity experts...

Hybrid Identity Protection Conference 2018 (New York, New York, USA, November 5 - 6, 2018) The Hybrid Identity Protection Conference is the premier educational and networking event for identity experts. Learn what cutting-edge industry leaders are doing to improve identity protection in the...

Cyber Security & Artificial Intelligence MENA Summit (Dubai, UAE, November 6 - 7, 2018) Cyber Security and Artificial Intelligence MENA Summit has been designed to bring you a remarkable opportunity to gain fresh insights into areas such as artificial intelligence and machine learning impact...

2nd Annual Aviation Cyber Security Summit Summit (London, England, UK, November 6 - 7, 2018) Now in its 2nd year, the Cyber Senate Aviation Cyber Security and Resilience Summit (AVCIP2018) will take place on 6th and 7th in London United Kingdom 2018. This two-day executive forum will include presentations,...

Federal IT Security Conference: FITSC 2018 (College Park, Maryland, USA, November 7, 2018) Phoenix TS and Federal IT Security Institute (FITSI) are partnering to host the third annual Federal IT Security Conference (FITSC) this November. Speakers from NIST, DHS, the Defense Department as well...

SINET Showcase (Washington, DC, USA, November 7 - 8, 2018) Highlighting and advancing innovation. SINET Showcase provides a platform to identify and highlight “best-of-class” security companies that are addressing the most pressing needs and requirements in Cybersecurity.

SecureWorld Seattle (Seattle, Washington, USA, November 7 - 8, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Infosecurity North America (New York, New York, USA, November 14 - 15, 2018) With 23+ years of global experience creating leading information security events, Infosecurity Group is coming to New York in November 2018. Infosecurity North America will provide a focussed business...

Kingdom Cyber Security (Riyadh, Saudi Arabia, November 20 - 21, 2018) Setting a game plan to boost cyber resilience at the national level.

API Security Summit (London, England, UK, November 21, 2018) The API Security Summit, taking place in London on the 21st of November 2018 will bring together the financial services community, regulators, fintechs, TPPs and associations from across UK and Europe to find solutions to the current lack of standardisation, debate what standards/legislation may emerge in 2019, and how to plan with these in mind.

Army Autonomy and Artificial Intelligence Symposium and Exposition (Detroit, Michigan, USA, November 28 - 29, 2018) This symposium will explore and showcase innovative ways the U.S. Army is developing critical capabilities in robotics, autonomy, machine learning, and artificial intelligence. The goals are to explore...

The Cyber Security Summit: Los Angeles (Los Angeles, California, USA, November 29, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.