skip navigation

More signal. Less noise.

Free 2018 User Risk Report: Find Out What End Users Know About Phishing, Ransomware, Password Safety, And More In Our International Survey.

What do today’s employees really know about cybersecurity topics and best practices that protect data and network security? To find out, we surveyed over 6,000 working adults across the US, UK, France, Germany, Italy, and Australia about their personal security habits. You might find the results heartening, perplexing, or terrifying — but always enlightening. Download our 2018 User Risk Report to see how employees shaped up on cybersecurity awareness issues that are impacting organizations worldwide.

Daily briefing.

Rumors of a "second Stuxnet" were reinforced yesterday when Iran's Telecommunications Minister accused Israel of having attacked Iran's telecommunications infrastructure. The Minister said the attack was unsuccessful and, according to Reuters, vowed retaliation. 

Cisco Talos research outlines the activities of "Persian Stalker," an Iranian domestic covert surveillance campaign that relies on spoofed Telegram apps to keep an eye on possible dissent. 

Business Insider notes that observers think Iranian cyber operations against US oil production capabilities are a growing possibility as the US tightens sanctions against Tehran.

It is, of course, Election Day in the US, and so far there are no reports of any unusual interference in the voting. As WIRED comments, measures taken to secure the election have been "unprecedented," and while there are surely lessons to be drawn and improvements to be made, officials seem cautiously optimistic about cybersecurity of the midterms. 

Concerns about influence operations persist, with Facebook saying last night that it had blocked one-hundred-fifteen accounts for "coordinated inauthenticity." There's some dissatisfaction with how Facebook's advertising transparency tool is working, and some Senators have asked the social network to buck up the tool's performance.

Twitter says it's ready, but the New York Times says the service remains infested with bots. Other observers note, reports Politico, that when it comes to trolling, irresponsibility, and so on, Americans do just fine on their own, without foreign help. In this case, as Pogo said half a century ago, "We have the enemy and he is us." He often is. 

Notes.

Today's issue includes events affecting Australia, China, Estonia, Iran, Israel, Russia, United Kingdom, United States.

A year in, companies unsure of risk under China's Cyber Security Law, says Control Risks.

Over a year into China’s Cyber Security Law, Control Risks experts say its vague definition and application leaves multinational companies struggling to understand their risk. Further, how strictly the government will crack down and the extent of penalties for non-compliance remain open questions. Nonetheless, companies operating in China must understand their unique exposure and specific cyber, physical and procedural requirements. Let Control Risks help you make the critical decisions to seize your opportunities in China.

In today's podcast, we speak with our partners at the University of Maryland's Center for Health and Homeland Security, as Ben Yelin discusses how the FBI uses Google location data to nab crooks. Our guest is Victor Danevich from Infoblox on the challenges on managing higher education's networks.

And Recorded Future's latest podcast, produced in cooperation with the CyberWire, is also up. In this episode, "Thwarting Organized Crime and Protecting Major Telecoms," Dale Drew, CSO at Zayo Group, shares his views on threat intelligence and why he’s leading an effort to champion open source tools in the industry.

The Pesky Password Problem: Red and Blue Team Battle featuring Kevin Mitnick (Online, November 14, 2018) Kevin Mitnick and Roger Grimes debate one of security's most controversial issues: passwords. Hear the truth regarding effective passwords, password management and more in this unique webinar. Save your spot!

Cyber Security Summit: November 29 in Los Angeles (Los Angeles, California, United States, November 29, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The CIA, The City of Los Angeles, Verizon, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com

Cyber Attacks, Threats, and Vulnerabilities

Iran accuses Israel of failed cyber attack (Reuters) Iran's telecommunications minister accused Israel on Monday of a new cyber ...

Iran accuses Israel of launching cyber attacks targeting telecoms infrastructure (Computing) Allegations ratchet-up as the US imposes sanctions on Iran

Fake Telegram Apps Used to Spy on Iranian Users (Infosecurity Magazine) Fake Telegram Apps Used to Spy on Iranian Users. Cisco Talos details new campaigns

Persian Stalker pillages Iranian users of Instagram and Telegram (Cisco Blogs) State-sponsored actors have a number of different techniques at their disposal to remotely gain access to social media and secure messaging applications. Starting in 2017 and continuing through 2018, Cisco...

Why people are worried that the next big threat will come from Iranian hackers targeting American oil companies (Business Insider) America’s friends in the Middle East might face disruptive attacks in retaliation against the latest US measures – six years after Saudi oil major was hit by major cyber sabotage.

CIA’s secret online network unravelled with a Google search (Naked Security) The US government is reeling from a catastrophic, years-long intelligence failure that compromised its internet-based covert communications.

Report: Australian intelligence knows Huawei was used in espionage (Axios) Politicos often accuse the company of espionage, but few specific examples are known.

Huawei denies foreign network hack reports (ZDNet) Huawei has pointed to its 'unblemished record of cybersecurity' following reports over the weekend that it helped the Chinese government gain access codes for a foreign network.

Strange snafu misroutes domestic US Internet traffic through China Telecom (Ars Technica) Telecom with ties to China's government misdirected traffic for two and a half years.

Joint Statement on Election Day Preparations (Federal Bureau of Investigation) The FBI, DHS, DOJ, and ODNI—in coordination with federal, state, local, and private sector partners nationwide—are continuing efforts to protect our elections.

The Unprecedented Effort to Secure Election Day (WIRED) Ninety-four district election officers. Thirteen hundred electoral jurisdictions. Multiple law enforcement agencies. The fight to keep the midterms safe has an unimaginable scope.

U.S. intel sees no evidence of efforts to tamper with election systems (NBC News) Last week, the White House was sent a top secret assessment of election security produced by an interagency task force.

U.S. Girds for Possible Russian Meddling on Election Day (Wall Street Journal) This year, voters will be casting ballots in what experts say will be the most secure U.S. election since the birth of the internet. But officials worry that Russia or others could deploy new, unpredictable tactics.

The US has a cyberattack ready if Russia interferes with 2018 midterm elections (TechRepublic) Cybersecurity precautions could easily turn into cyberwarfare. Here's how the US plans to combat possible Russian influence in the midterm elections.

Voting officials under scrutiny amid heavy election turnout (AP NEWS) Federal and state officials have been working for nearly two years to shore up the nation's election infrastructure from cyberattacks by Russians or others seeking to disrupt the voting process. It turns out that many of the problems are closer to home.

What Cyber Malfeasance Will Rear Its Ugly Head in the 2018 Midterm Elections? | CyberDB (CyberDB) With the approach of the United States’ 2018 midterm elections, concerns have been expressed by many regarding the security and integrity of...

Voting Machine Manual Instructed Election Officials to Use Weak Passwords (Motherboard) A vendor manual for voting machines used in about ten states shows the vendor instructed customers to use trivial, easy to crack passwords and to re-use the passwords when changing log-in credentials.

Twitter Says It Is Ready for the Midterms, but Rogue Accounts Aren’t Letting Up (New York Times) On the eve of the midterm elections, Twitter — like other social media companies — is still struggling to combat misinformation.

Facebook blocks 115 accounts for alleged 'inauthentic behavior' ahead of midterm elections (Yahoo! Good Morning America) Facebook announced it blocked 30 accounts and 85 on Instagram that authorities believe are linked to foreign entities tying to interfere with elections.

Experts warn the social media threat this election is homegrown (POLITICO) Homegrown American trolls are a growing force behind efforts on Facebook and Twitter to suppress voter turnout.

Panelists at Penn Law event suggest different measures against foreign cyber interference (Daily Pennsylvanian) The panel was the keynote presentation of a two-day conference on cyber interference, dark money, and foreign influence. 

Scammers Ride on Popular Vote411 Voter Info Site to Push Scareware Alerts (BleepingComputer) Online swindlers looking for a quick buck are using a domain that can be easily confused with a voter information website to redirect users to pages pushing various types of scams.

Spammers Use Brand Recognition to Make ‘Trump’ Top Term in 2018 Midterm Election Email Spam Subject Lines (Proofpoint) Proofpoint researchers chart spam volumes related to the midterm elections.

New Microsoft Edge Browser Zero-Day RCE Exploit in the Works (BleepingComputer) Details are about to emerge about a zero-day remote code execution vulnerability in the Microsoft Edge web browser, as two researchers plan to reveal a proof-of-concept and publish a general write up. Microsoft has not been told the details of this vulnerability.

Study of political junk on Facebook raises fresh questions about its metrics (TechCrunch) A midterms election study of political disinformation being fenced by Facebook’s platform supports the company’s assertion that a clutch of mostly right-leaning and politically fringe Pages it removed in October for sharing “inauthentic activity” were pulled for gaming its e…

Facebook wants to reveal your name to the weirdo standing next to you (Naked Security) Facebook’s had a patent approved for a new way to sniff out potential friends, based on your phone and patterns of movement.

Security Bug in Icecast Puts Online Radio Stations At Risk (BleepingComputer) A vulnerability discovered in Icecast streaming media server could be leveraged by an attacker to kill the broadcast of online radio stations that rely on it to reach their audience.

GPU side channel attacks can enable spying on web activity, password stealing (Help Net Security) Computer scientists at the University of California, Riverside have revealed how easily attackers can use GPU side channel attacks to spy on web activity.

The Growing Threat of SMiShing Attacks (Infosecurity Magazine) SMiShing attacks use SMS texting as the medium and is often used in conjunction with other attacks.

HSBC Bank Breached Again, Suspends Online Access to Affected Accounts (softpedia) Enhances authentication process to Personal Internet Banking

BBC micro:bit vendor Kitronik says customers' deets nicked, fingers Magecart malware (Register) We're one of 7,000 victims here, firm insists

Children’s apps contain an average of 7 third-party trackers, study finds (Naked Security) Android apps in the “Family” category had a surprisingly high number of trackers embedded in them.

Another wave of Elon Musk bitcoin scams spread by verified Twitter accounts (Graham Cluley) The cryptocurrency giveaway scammers are up to their tricks again on Twitter, and it seems that Twitter simply can't keep up with them.My advice to Twitter? Make Login Verification compulsory for verified accounts.

Security Patches, Mitigations, and Software Updates

Android fans get fat November security patch bundle – if the networks or mobe makers are kind enough to let 'em have it (Register) And Apple fixes Watch-killing security patch of its own

Chrome 71 will block any and all ads on sites with “abusive experiences” (Ars Technica) Fake error messages, phishing, and other annoyances will soon be heavily penalized.

Cyber Trends

Phishing attacks up by 297 percent across eCommerce in Q3 2018 (Enterprise Times) Report reveals increased dark web activity putting eCommerce merchants and consumers at greater risk. Phishing attacks up by 297 percent in Q3 2018

2018 AFP Payment Fraud Control Survey (Association for Financial Professionals) The 2018 AFP Payment Fraud Control Survey examines the nature of fraud attacks on business-to-business transactions, payment methods impacted and strategies organizations are adopting to protect themselves. 682 corporate practitioner member responses form the basis of this report.

What were the DDoS numbers for Q2 & Q3 2018? (Akamai) We heard your feedback. First of all, the numbers that everyone is most interested in: There were 2,057 DDoS attacks in the Q1 of 2018, 1839 attacks in Q2 and 2,367 attacks in Q3, for a total of 6,263 DDoS...

AI is Changing the Landscape of Cybersecurity (PCQuest) Automation often used synonymously with Artificial Intelligence, although automated machines can use AI, they are very different.

Hidden Costs of IoT Vulnerabilities (Dark Reading) IoT devices have become part of our work and personal lives. Unfortunately, building security into these devices was largely an afterthought.

Marketplace

Addressing the 3 Million Person Cybersecurity Workforce Gap (SecurityWeek) A 2018 report shows the cybersecurity workforce gap stands at more than 2.9 million workers globally -- with 2.14 million staff required in the Asia-Pacific region, and almost half a million required in North America.

USAF announces Hack the Air Force 3.0 (Air Force Reserve Command) The Air Force and HackerOne have teamed up for Hack the Air Force 3.0, the military service’s third and most inclusive bug bounty program.

DISA Prepping Three Contracts to Manage All Its Mobility Services (Nextgov.com) The military’s IT office plans to award all three contracts for mobile services and content management—classified and unclassified—before the end of fiscal 2019.

Symantec Acquires Appthority, Javelin Networks (SecurityWeek) Symantec acquires mobile application security firm Appthority and Javelin Networks, a company specializing in Active Directory (AD) security

Thoma Bravo to Acquire Veracode Software from Broadcom Inc. (NASDAQ:AVGO) (PR Newswire) Thoma Bravo, a leading private equity investment firm, today announced that it has agreed to...

VMware acquires Heptio, the startup founded by 2 co-founders of Kubernetes (TechCrunch) During its big customer event in Europe, VMware announced another acquisition to step up its game in helping enterprises build and run containerised, Kubernetes-based architectures: it has acquired Heptio, a startup out of Seattle that was co-founded by Joe Beda and Craig McLuckie, who were two of …

No, IBM Did Not Overpay For Red Hat (Seeking Alpha) IBM pays $33 billion for Linux vendor Red Hat. Synergies will be extensive. IBM has done this successfully before.

OPAQ Appoints Industry Veteran Lynn D. Tinney SVP Channels (Press of Atlantic City) OPAQ, the network security cloud company, today announced the appointment of industry veteran Lynn D. Tinney as Senior Vice President of Channels. Lynn has successfully led

Products, Services, and Solutions

Webroot Expands Continuum Integration (Webroot) Webroot DNS Integration Provides MSPs with Enhanced Visibility within the Continuum console.

DH2i looks to disrupt cloud VPN market with new DxOdyssey software-defined perimeter software (DH2i) DH2i's DxOdyssey Set to Disrupt the Multi-Billion Dollar Cloud VPN Market

MasterPeace Solutions’ Project to Reduce IoT Device Vulnerabilities is Driver Behind NIST-led Consortium (BusinessWire) MasterPeace Solutions drives osMUD, an open source project to reduce IoT device vulnerability within consumer and small business environments.

Bandura Cyber and Gigamon Deliver Threat Intelligence-Fueled Network Protection to the Enterprise (BusinessWire) Bandura Cyber today announced a strategic integration with Gigamon to deliver an all-encompassing solution.

CyberGRX Challenges Market to Take a United Approach to Third-Party Cyber Risk Management (BusinessWire) CyberGRX today announced an open online community dedicated to increasing cross organizational collaboration between risk professionals and IT teams.

Dashlane and Chubb Announce Global Partnership (PR Newswire) Today, Dashlane announced a partnership expansion with Chubb, the world's largest publicly traded property and casualty...

Secure Channels Launches Encryption-as-a-Service Platform SCIFCOM featuring Secure Token Exchange, File Encryption and Send, Password Protection, and Secure Email Capabilities (PR Newswire) Secure Channels Inc., a provider of innovative security solutions, announced today the launch of SCIFCOM (Secure...

Netflix releases desktop versions of device security app Stethoscope (Help Net Security) The Stethoscope app promotes good security configurations for desktop and laptop computers, but it does not force the users to do anything.

ThreatQuotient integrates verified breach intelligence from Visa to strengthen payment data defenses (Help Net Security) Combination of ThreatQ Threat Intelligence Platform and Visa Threat Intelligence Data enables a proactive cyber defense and streamlined incident management.

Wipro partners with Check Point for cyber security solutions (The Economic Times) The Bengaluru-headquartered IT services company would deliver Check Points advanced and dynamic cloud security solution, CloudGuard IaaS (infrastructure as a service).

Liquid Telecom, Serianu Target Sacco Cyber Criminals With New Service (KahawaTungu) Internet service provider Liquid Telecom has partnered with cyber security consultancy Serianu to bring a new service targeting local savings and credit cooperative societies (saccos) help them miti

Technologies, Techniques, and Standards

How Estonia Secures Its Electronic Elections From Kremlin Attacks (Defense One) Could innovations like a volunteer infosec corps and 'data embassies' help the U.S.?

A Quest for Answers on Army Expeditionary Cyber Teams (SIGNAL) Officials seek to define a concept that never before existed.

How to Lock Down What Websites Can Access on Your Computer (WIRED) If you’re not careful, websites can access your webcam and grab all kinds of permissions on your computer. Take back control of your browser.

How financial institutions can change the economics of fraud (Help Net Security) As the US became the last of the G20 countries to adopt Chip and PIN/Signature cards, fraudsters moved towards online card-not-present fraud.

Intelligence is Not a Numbers Game (SecurityWeek) There’s no point in having billions of data points if those data points aren’t timely, accurate, actionable, and adequately map to your intelligence objectives and requirements.

Cyber-crooks think small biz is easy prey. Here's a simple checklist to avoid becoming an easy victim (Register) Make sure you're spending your hard-earned cash on the 'right' IT security

How Security can Drive Business Competitiveness (SecurityWeek) A Consumer Identity and Access Management (CIAM) approach can help your security organization gain a reputation as a business partner that drives heightened user experiences and business competitiveness.

Fortinet Issues Cyber Safety Tips for Mobile Users Ahead of Diwali Online Shopping Season (BW CIOWORLD) Indian News - , Security-Indian consumers should Bolster Security On Mobile Devices before the start of ‘11/11’ Singles’ Day & The Ongoing Diwali Festive Shopping Spree

Why a Dog Bite is a Lesson in Handling Cyberattacks (SecurityWeek) Like dog bites, the negative impact of cyber incidents can go from bad to worse quickly—and the first 48 hours are critical.

Design and Innovation

Market Insight: The Road to AI — A Journey to Smarter Security and Risk Decision Making (Blue Vector) Security and risk providers' excessive use of messaging around artificial intelligence and machine learning has left customers unable to differentiate hype from real value. This report helps technology product marketing leaders understand challenges and opportunities around AI in security.

Is the US about to get a nationwide, privately owned, biometrics system? (Naked Security) Two US biometric companies have partnered to research a private, nationwide biometrics system.

Blockchain-based elections would be a disaster for democracy (Ars Technica) Opinion: Blockchain-based voting would destroy public trust in elections.

Research and Development

Viewpoint: Record Distance for Quantum Cryptography (Physics) An optical-fiber-based quantum cryptography scheme works over a record distance of 421 km and at much faster rates than previous long-distance demonstrations.

Academia

Cybersecurity Beanpot 2018 - CMD+CTRL Cyber Range Competition (Security Innovation) A huge thank you to everyone who participated in the inaugural Cybersecurity Beanpot Challenge! Below are some highlights from the event, including all the winners and scholarship recipients.

Popular cyber security MOOC begins third year (FE News) Popular cyber security MOOC begins third year

Marquette cyber security program receives federal designation (Milwaukee Business Journal) Marquette University’s information assurance and cyber defense specialization program has received a formal recognition for excellence by the federal government.

Virginia State Approving Agency (SAA) Approves Security University's Registered Qualified/ Cybersecurity Apprenticeship Program for Veterans' Education Benefits (PR Newswire) The Virginia State Approving Agency October 23, 2018 approved Security University's (SU) 2 Registered Qualified/...

Legislation, Policy, and Regulation

UK Government Warns Telecos of 5G Security Review (Infosecurity Magazine) UK Government Warns Telecos of 5G Security Review. Letter could signal change of approach to Chinese players

Senators Want Facebook To Fix Ad Transparency Tool (Nextgov.com) The system for verifying ad buyers is easily abused.

Md. Air National Guard cyber security units activated (WBAL) Two new Air National Guard units have been activated in Maryland. At full strength, the units will employ more than 300 full-time and traditional airmen, focusing on federal and state missions. The Maryland Air National Guard's new 175th Cyber Operations Group is one of only two Cyber Operations Groups in the Air National Guard.

Litigation, Investigation, and Law Enforcement

SCOTUS Refuses to Hear Appeal of Net Neutrality (Infosecurity Magazine) The FCC ruling to repeal net neutrality regulations remains contested.

Facebook still isn’t taking Myanmar seriously (TechCrunch) Facebook picked election evening in the U.S. to release a major report on its role in Myanmar, where it is widely accused of failing to prevent its social network from being used to incite genocide. The situation is arguably more severe that alleged Russia-backed attempts to meddle with the 2016 U.…

Facebook must change and policymakers must act on data, warns UK watchdog (TechCrunch) The UK’s data watchdog has warned that Facebook must overhaul its privacy-hostile business model or risk burning user trust for good. Comments she made today have also raised questions over the legality of so-called lookalike audiences to target political ads at users of its platform. Informa…

In Chinese Spy Ops, Something Old, Something New (Foreign Policy) Indictments reveal how Beijing mixes traditional spycraft with cyberespionage to steal U.S. technology.

Cathay Pacific faces probe over massive data breach (Reuters) Hong Kong's privacy commissioner will launch a compliance investigation int...

Police devices can extract data from mobiles (Times) Devices that can extract private data from mobile phones are being issued to police officers in Scotland despite widespread questions about their legality. The national force is rolling out...

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

First Annual Maryland InfraGard Cybersecurity Conference (College Park, Maryland, USA, December 5, 2018) InfraGard is a partnership between the FBI and members of the private sector. The InfraGard program provides a vehicle for seamless public-private collaboration with government that expedites the timely...

Upcoming Events

Hybrid Identity Protection Conference (New York, New York, USA, November 5 - 6, 2018) Learn what cutting-edge industry leaders are doing to improve identity protection in the modern organization and how they are boosting enterprise security. Network with the world’s leading identity experts...

Hybrid Identity Protection Conference 2018 (New York, New York, USA, November 5 - 6, 2018) The Hybrid Identity Protection Conference is the premier educational and networking event for identity experts. Learn what cutting-edge industry leaders are doing to improve identity protection in the...

Cyber Security & Artificial Intelligence MENA Summit (Dubai, UAE, November 6 - 7, 2018) Cyber Security and Artificial Intelligence MENA Summit has been designed to bring you a remarkable opportunity to gain fresh insights into areas such as artificial intelligence and machine learning impact...

2nd Annual Aviation Cyber Security Summit Summit (London, England, UK, November 6 - 7, 2018) Now in its 2nd year, the Cyber Senate Aviation Cyber Security and Resilience Summit (AVCIP2018) will take place on 6th and 7th in London United Kingdom 2018. This two-day executive forum will include presentations,...

Federal IT Security Conference: FITSC 2018 (College Park, Maryland, USA, November 7, 2018) Phoenix TS and Federal IT Security Institute (FITSI) are partnering to host the third annual Federal IT Security Conference (FITSC) this November. Speakers from NIST, DHS, the Defense Department as well...

SINET Showcase (Washington, DC, USA, November 7 - 8, 2018) Highlighting and advancing innovation. SINET Showcase provides a platform to identify and highlight “best-of-class” security companies that are addressing the most pressing needs and requirements in Cybersecurity.

SecureWorld Seattle (Seattle, Washington, USA, November 7 - 8, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Infosecurity North America (New York, New York, USA, November 14 - 15, 2018) With 23+ years of global experience creating leading information security events, Infosecurity Group is coming to New York in November 2018. Infosecurity North America will provide a focussed business...

Kingdom Cyber Security (Riyadh, Saudi Arabia, November 20 - 21, 2018) Setting a game plan to boost cyber resilience at the national level.

API Security Summit (London, England, UK, November 21, 2018) The API Security Summit, taking place in London on the 21st of November 2018 will bring together the financial services community, regulators, fintechs, TPPs and associations from across UK and Europe to find solutions to the current lack of standardisation, debate what standards/legislation may emerge in 2019, and how to plan with these in mind.

Army Autonomy and Artificial Intelligence Symposium and Exposition (Detroit, Michigan, USA, November 28 - 29, 2018) This symposium will explore and showcase innovative ways the U.S. Army is developing critical capabilities in robotics, autonomy, machine learning, and artificial intelligence. The goals are to explore...

The Cyber Security Summit: Los Angeles (Los Angeles, California, USA, November 29, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Securing Digital ID 2018 (Alexandria, Virginia, USA, December 4 - 5, 2018) As an increasing number of transactions move online and are mobile-enabled, the conference will explore today’s complex world of digital identities and how they are used for strong authentication and remote...

First Annual Maryland InfraGard Cybersecurity Conference (College Park, Maryland, USA, December 5, 2018) InfraGard is a partnership between the FBI and members of the private sector. The InfraGard program provides a vehicle for seamless public-private collaboration with government that expedites the timely...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.