skip navigation

More signal. Less noise.

2017 cyberattacks proved more numerous, sophisticated, and ruthless than in years past.

WannaCry, NotPetya, ransomware-as-a-service, and fileless attacks abounded. And, that’s not everything. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. Read The Cylance Threat Report: 2017 Year in Review Report and learn about the threat trends and malware families their customers faced in 2017.

Daily briefing.

A BGP (Border Gateway Protocol) leak Monday routed traffic through China and to a lesser extent through Russia and Nigeria (SecurityWeek). The incident now appears to have been the result of an error and not a malicious campaign: a misconfiguration in a Nigerian ISP seems to have caused the rerouting (WIRED). There have been recent jitters over the possibility of BGP hijacking for espionage and surveillance purposes, but this was all a mistake.

Cylance describes a sophisticated cyberespionage campaign directed against Pakistan, with the air force particularly affected. The campaign is "Operation Shaheen," the threat actor "the White Company." Cylance evaluates the White Company as a nation-state actor, but they don't say which nation-state that might be. Operation Shaheen was carefully prepared, with extensive reconnaissance and the ability to evade no less than eight anti-virus products.

In yesterday's Patch Tuesday, Microsoft addressed more than sixty issues with sixteen patches. Adobe fixed issues in Flash Player, Acrobat and Reader (KrebsOnSecurity).

Italian prosecutors have given up their efforts to bring Phineas Phisher, hacker of the Hacking Team, to book (Motherboard). He hasn't been found and is presumably free as a bird.

Tyler Barris pled guilty to Federal charges related to his involvement in a Kansas man's SWATting death last year. He'll receive at least twenty years in prison (Ars Technica).

The US Congress passed legislation to reestablish the National Protection and Programs Directorate as the Cybersecurity and Infrastructure Security Agency (CISA), now the lead US civilian cybersecurity agency (Department of Homeland Security).

Notes.

Today's edition of the CyberWire reports events affecting Australia, China, France, Germany, Italy, Nigeria, Pakistan, Russia, United Kingdom, United States.

Securing the Vote: How Easily Could Our Elections Be Hacked?

U.S. voting systems are broken. They are peppered with risks from people, process, and technology – and something must be done to regain voter confidence. In the latest Securealities report, Coalfire identifies these vulnerabilities and provides recommendations for remediation based on analyses from their work on voting networks and systems, plus 3,000 cybersecurity engagements in the past year.

In today's podcast, out later this afternoon, we speak with our partners at Terbium Labs, as  Emily Wilson takes us through their recent Truth About Dark Web Pricing study. Our guest is Gregory Garrett from BDO on their telecommunications risk report.

The Pesky Password Problem: Red and Blue Team Battle featuring Kevin Mitnick (Online, November 14, 2018) Kevin Mitnick and Roger Grimes debate one of security's most controversial issues: passwords. Hear the truth regarding effective passwords, password management and more in this unique webinar. Save your spot!

Cyber Security Summit: November 29 in Los Angeles (Los Angeles, California, United States, November 29, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The CIA, The City of Los Angeles, Verizon, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com

Rapid Prototyping Event: The Turing Test (Columbia, Maryland, United States, December 11 - 13, 2018) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event in which participants implement an automated process to interact with a Microsoft Windows machine just as a human user may do with the goal being to fool a human judge who is monitoring target computers via Remote Desktop Protocol (RDP) or Virtual Network Computing (VNC) into thinking a normal user is interacting with that machine and not an automated program or process.

Cyber Attacks, Threats, and Vulnerabilities

Cylance researchers discover powerful new nation-state APT (CSO Online) A new APT, dubbed White Company, is flexing its muscle on the world stage, and it has security researchers worried.

Cylance Discovers New Middle Eastern APT Actor: The White Company (BusinessWire) Research Uncovers a New, Well-Resourced Group Targeting Pakistan’s Air Force

APT Group Uses Windows Zero-Day in Middle East Attacks (SecurityWeek) Windows zero-day fixed by Microsoft with its November 2018 Patch Tuesday updates (CVE-2018-8589) used by an APT group in attacks aimed at the Middle East

Nigerian firm takes blame for routing Google traffic through China (Reuters) Nigeria's Main One Cable Co took responsibility on Tuesday for a glitch tha...

Google Internet Traffic Wasn't Hijacked, But It Was Out of Control (WIRED) For two hours on November 12, Google internet traffic mistakenly rerouted through China, Russia, and elsewhere. Here's why.

Sophisticated Cyberattack Targets Pakistani Military (SecurityWeek) A previously undisclosed threat actor is targeting government and military assets in Pakistan as part of a new, unusually complex espionage campaign, Cylance security researchers warn.

Nationalism driving fake news in India (BBC News) BBC research shows how a desire to reinforce national identity is pushing people to share fake news.

More Information About Last Week’s Takedowns (Facebook Newsroom) Over the last year, we have been much more proactive in finding and removing inauthentic behavior, including from foreign actors.

Facebook: Fake Instagram accounts used Trump, Kanye and social issues to target voters (USA TODAY) Facebook says Russians exploited divisive issues and people such as Kanye West and President Trump to target voters ahead of the midterm elections.

Russian Hackers Largely Skipped the Midterms, and No One Really Knows Why (Wall Street Journal) After unleashing widespread cyberattacks and disinformation warfare on the U.S. in 2016, Russia’s trolls and hackers mostly appeared to have sat on the sidelines ahead of last week’s midterm elections.

Nigerian firm takes blame for routing Google traffic through China (Reu) Nigeria's Main One Cable Co took responsibility on Tuesday for a glitch tha...

New Report Finds Bad Bots Comprise Almost Half of All Traffic on Airlines’ Websites, Mobile Apps, and APIs (Distil Networks) Distil Research Lab releases first industry-specific data focused on airline bot activity

PayPal phishing scam using Conditional CSS tricks and Google Captcha (My Online Security) OK got a quite strange & unusual PayPal phishing scam arrive today. The scammers either don’t like Microsoft users or can’t work out how to get the scam to work in Internet explorer or Outlook…

How does the Mylobot botnet differ from a typical botnet? (SearchSecurity) Deep Instinct recently blogged about how the new Mylobot botnet demonstrates new, complex tools and techniques. Discover how this botnet works and how it differs from a typical botnet with expert Nick Lewis.

Mylobot botnet delivers one-two punch with Khalesi malware (KTVN) With the ability to download other types of malware after infecting a computer, the Mylobot botnet is demonstrating the capability of information stealing, according to a new report from CenturyLink, Inc. (NYSE: CTL)....

Your Private Data Is Quietly Leaking Online, Thanks to a Basic Web Security Error (Bloomberg) Personal information of donors and shoppers leaked online. U.S. children’s hospital among websites leaking data.

Free VPN App Investigation (Top10VPN) We investigated the top free VPN (Virtual Private Network) apps in Apple's App Store and Google Play and found that over half are run by highly secretive companies with Chinese ownership. Very few of these hugely popular apps, which have hundreds of millions of installs worldwide, do anywhere enough to deserve the trust of consumers looking to protect their privacy.

Samsung Galaxy S9, iPhone X Hacked at Pwn2Own Tokyo (SecurityWeek) White hat hackers hack iPhone X, Samsung Galaxy S9 and Xiaomi Mi 6 at Pwn2Own Tokyo

Security Patches, Mitigations, and Software Updates

Patch Tuesday, November 2018 Edition (KrebsOnSecurity) Microsoft on Tuesday released 16 software updates to fix more than 60 security holes in various flavors of Windows and other Microsoft products. Adobe also has security patches available for Flash Player, Acrobat and Reader users.

It's November 2018, and Microsoft's super-secure Edge browser can be pwned eight different ways by a web page (Register) Look, we're tired of doing these headlines too, but there's patching to do

Windows 10 April 2018 also gets its November Patch Tuesday with additional Spectre fix (On MSFT) In addition to today's patch for the small number of users running the October 2018 Update, Microsoft has also released a patch for the April 2018 Update which brings the build version to 17134.407.

Microsoft Patches Windows Zero-Day Exploited by 'FruityArmor' Group (SecurityWeek) Microsoft patches nearly 50 vulnerabilities with its October 2018 Patch Tuesday updates, including a Windows zero-day exploited by the FruityArmor APT group

Facebook patches another bug that could have allowed mass-harvesting of user data (ZDNet) Imperva security researcher publicly discloses bug today, but Facebook patched the issue back in May.

Cyber Trends

Privacy, cloud and evolving threats: a survey of Forcepoint customer cybersecurity concerns (Forcepoint) A survey of more than 1,000 Forcepoint customers finds that cybersecurity professionals are concerned about privacy, cloud and infrastructure security, while also trying to find the balance between ensuring security and enabling access. Meeting these challenges is made more difficult by the ever-evolving cyber threats IT professionals must address and the ongoing risk of human error.

Nearly 70 Percent of SMBs Experience Cyber Attacks, Half Do Not Know How to Protect Their Companies (PR Newswire) Keeper Security, Inc., which offers leading zero-knowledge, cybersecurity solutions for businesses and individuals,...

Despite rise in security awareness, employees’ poor security habits are getting worse (Help Net Security) Employees’ poor cybersecurity habits are getting worse, compounded by the speed and complexity of the digital transformation.

SailPoint Survey Shows Employees’ Habits Expose Growing Risk Amid the Digital Transformation (BusinessWire) SailPoint’s 10th Annual Market Pulse Survey found employees’ bad cybersecurity habits are exposing growing risks amid the digital transformation.

Carbon Black’s UK Threat Report is grim news for those protecting data (MicroscopeUK) Attacks are widespread and the criminals are outwitting a lot of customers, which worries Nick Booth

Ransomware no. 1 cyberthreat to SMBs, and the average attack costs $47K (TechRepublic) More than 55% of MSPs said their clients experienced a ransomware attack in the first six months of 2018, according to a Datto report.

Marketplace

M&A transactions may be stalling due to GDPR compliance concerns (Help Net Security) 66 percent of those surveyed believe that GDPR will increase acquirers’ scrutiny of the data protection policies and processes of target companies.

XM Cyber Closes $22 Million in Series A Funding (XM Cyber) Cybersecurity Disruptor will Use New Investment to Fuel Continuous Growth and Innovation

Novetta acquires Berico Technologies (Intelligence Community News) McLean, VA-based Novetta announced on November 12 the acquisition of Berico Technologies, based in Reston, VA. Novetta’s acquisition of Berico is rooted in the alignment of mission, capabilit…

Can BlackBerry Afford A $1.5 Billion Deal For Cylance? (Seeking Alpha) BB is rumored to be in talks to acquire cybersecurity company Cylance for $1.5B. The deal could make sense strategically, but the combined entity could be cash

Palantir Has a $20 Billion Valuation and a Bigger Problem: It Keeps Losing Money (Wall Street Journal) The Silicon Valley unicorn, a data-analysis giant that’s inching toward an IPO, has been run like a scrappy startup, including lavish perks. CEO Alex Karp is now under pressure to remake the business, including bringing an end to what’s known inside the company as “Palantir Entitlement Syndrome.”

Exclusive: Cloud Securer Netskope Raises $170 Million, Sprouts 'Unicorn' Horn (Fortune) Meet the latest billion-dollar cybersecurity firm.

How Prague’s Avast went from Soviet-era security project to $4.5 billion IPO (VentureBeat) Avast reached the pinnacle of capitalism with its IPO. But the security company's journey from a Soviet-era research lab in Prague was long and winding.

Siemens Teams Up with Aruba: Two Aim to Meld OT/IT Offering (Computer Business Review) Siemens has inked a strategic partnership with HPE's Aruba that marries their respective Operational Technology (OT) and IT portfolios.

Abusix Joins Open Invention Network as Licensee (WBOC) Abusix, a specialist provider of Threat Intelligence and Subscriber Security solutions for Telcos and Internet Service Providers (ISPs), has joined the largest patent non-aggression community in history, created by and for Linux and Open Source Software supporters.

Valve paid $20,000 to hacker who discovered critical Steam security flaw (PCGamer) Researcher Artem Moskowsky found an easy way to generate all the Steam keys he wanted.

Port Covington backers prepping city residents for cyber gigs (Maryland Daily Record) The team steering community investment efforts from Port Covington’s redevelopment aims to help build a pipeline leading Baltimore residents to cybersecurity jobs at “Cyber Town USA.…

Bossier Chamber of Commerce encourages students to pursue a career in cyber technology (KTBS) The Bossier Chamber of Commerce wants more high schoolers to think about a career in cyber technology.

Siemplify Taps Former Carbon Black and Cisco Channel Executive to Boos (PRWeb) Siemplify, the leading innovator in security orchestration, automation and response (SOAR), today announced the appointment of Bradd Barmettler as global head o

Products, Services, and Solutions

Cavirin Auto-Remediation Workflows Help Hybrid Cloud Enterprises Maintain Golden Security Posture (Cavirin) Cavirin's newest release delivers auto-remediation across AWS with Lambda functions and across all environments with Ansible Playbooks.

Ciphertex Debuts Two New Servers at SuperComputing-18 (BusinessWire) Ciphertex Data Security, a leading data security solutions provider, today announced two new servers at the SuperComputing-18 Conference. The new Ciph

The Bricata Comprehensive Network Protection Platform Earns FIPS... (Bricata) NIST Has Issued Certificate #3325 to Bricata, Completing Rigorous FIPS 140-2 Testing Process for Deployments in U.S. Federal Government November 14, 2018 – Columbia, Md. – Bricata, Inc., a leading provider of comprehensive network protection, today announced the immediate... #bricata #fips #news

Protego Spearheads Launch of the OWASP Official Serverless Top 10 Project (WBOC) The Open Web Application Security Project (OWASP) released today the official OWASP Serverless Top 10 project initiated by Protego Labs.

Prey for Business Offers Beta Location History Capability and New Fleet Status Dashboard (GlobeNewswire News Room) Map Timeline Lets Users See Where Device Has Been Over Time

DataMotion and Zipari Enter into Strategic Partnership to Boost Consumer Engagement (News9) Collaboration Provides HIPAA-Compliant Secure Messaging for Insurance Self-Service Portals and Mobile Applications

Alert Logic Introduces SIEMless Threat Management™ to Help Resource-Constrained Organizations Get the Right Coverage at an Optimal Cost (GlobeNewswire News Room) New Offering Seamlessly Connects Platform, Intelligence and Experts to Address Threats and Compliance Risks 24/7 Across Any Environment at a Lower Total Cost

CyGlass Inc. and NETSHIELD Corp. Team Up in Strategic Partnership (Benzinga) CyGlass Inc., a SaaS AI-driven network-centric dark threat detection solution, and NETSHIELD Corp., a global...

Bitdefender announces security integration with Kaseya (IT Brief) The new partnership will allow VSA by Kaseya’s cloud and on-premises users to deploy and manage security with Bitdefender Cloud Security for MSPs.

How to design a cyber-secure smart grid (Power Engineer) The European Network for Cyber Security (ENCS) has launched a new training course that it claims will give security architects “the knowledge to design secure smart grid systems”.

Twistlock Releases Cloud Discovery Open Source Tool for Cloud Native Services - DevOps.com (DevOps.com) A simple, powerful way for audit and security practitioners to discover all 'unknown unknowns' across cloud environments PORTLAND, Ore., Nov. 13,

Holiday Shopping Safety Tips: LastPass 2018 Online Retailer Security List (The LastPass Blog) Keep your information safe this holiday season! LastPass ranks 2018’s top 10 online retailers from most to least secure and shares what to lookout for.

Technologies, Techniques, and Standards

The Hail Mary Plan to Restart a Hacked US Electric Grid (WIRED) On tiny Plum Island, DARPA stages a real-life blackout to put its grid recovery tools to the test.

What the Onslow Water and Sewer Authority Can Teach About Responsible Disclosure (SecurityWeek) From a communications and technical standpoint, the Onslow Water and Sewer Authority (ONWASA) turned a malicious cyber incident into a strong success story on many fronts.

ISACA refreshes COBIT framework to address latest business technology trends and standards (Help Net Security) Customers that adopt COBIT 2019 will benefit from optimized resource use, increased efficiency, and better management of their information and technology.

How to fit all of Shakespeare in one tweet (and why not to do it!) (Naked Security) A security researcher squoze 1,299,999 words into a single tweet, thanks to image metadata that Twitter doesn’t remove.

Build the Capacity to Hunt for Publicly Disclosed Indicators of... (Bricata) Earlier this year federal authorities unveiled multi-stage and widespread cyber-attacks on the U.S. energy sector and other infrastructure locations. At the time, these attacks had been ongoing for at least a year and incurred several successful compromises... #ics #networksecurity #threathunting

Phishing Training is a Tool, Not a Solution (SecurityWeek) It’s time to swing the pendulum back, and put the responsibility to do battle with phishing campaigns back where it most correctly belongs—on the security systems.

Design and Innovation

How to Teach Artificial Intelligence Some Common Sense (WIRED) We’ve spent years teaching neural nets to think like human brains. They’re crazy-smart, but what if we’ve been doing it all wrong?

Bank of America Obtains Crypto Patent, is it Planning to Operate a Wallet? (NewsBTC) A sure sign of growing adoption and institutional interest in cryptocurrencies is when major banks start to look at them more closely. The second largest A sure sign of growing adoption and institutional interest in cryptocurrencies is when major banks start to look at them more closely.

Research and Development

White House to Approve Massive Cybersecurity "Moonshot" Recommendations Tomorrow (ClearanceJobs) The Cyber Moonshot is an initiative to make the internet safe in ten years. Tomorrow the committee behind this plan will present recommendations to the White House on how to make this ambitious goal a reality.

Academia

Diversity Matters: FS-ISAC Awards Scholarships to Build Talent Pipeline in the US and Globally (FSISAC) Fourteen women awarded scholarship across the US; 24 scholarships awarded globally in 2018

Legislation, Policy, and Regulation

The UN GGE is dead: Time to fall forward (ECFR) The top down UN GGE process appears dead in the water. International norms and laws for responding to cyber attacks must now be built from the bottom up.

Paris Call for Trust and Security in Cyberspace (France Diplomatie) Cyberspace now plays a crucial role in every aspect of our lives and it is the shared responsibility of a wide variety of actors, in their respective roles, to improve trust, security and stability in cyberspace.

U.S. tech giants back French call for global cooperation in cyberspace (Cyberscoop) A multifaceted framework for lessening aggression in global cyberspace was unveiled by the French government on Monday, drawing support from tech giants and digital rights groups.

Facebook will let French regulators study its efforts to fight hate speech (Washington Post) Facebook will invite French regulators to study its approach to combating hate speech online, marking the latest attempt by governments around the world to figure out ways to thwart toxic content from spreading.

Intel Asks for Comments on Draft Federal Privacy Law (SecurityWeek) Intel has developed and published a draft model federal bill that it calls the "Innovative and Ethical Data Use Act of 2018", and is inviting comments from businesses, privacy experts and the general public.

Encryption laws threaten $3b cyber security industry, tech firm Senetas warns (Financial Review) New laws for spy agencies to snoop on electronic devices could scare off investment in local cybersecurity systems and weaken systems, government contractor warns.

Senetas' delay in encryption bill submission surprising (ITWire) One of the curious aspects surrounding the Federal Government's encryption bill is why it took Australian firm Senetas — which has technology exports...

It’s Amateur Hour in the World of Spyware and Victims Will Pay the Price (Motherboard) We’re living in the golden age of spyware and government hacking, with companies rushing to join a blossoming billion dollar market. The weakest among us—activists or journalists—will suffer the consequences if we don’t regulate it appropriately.

Congress Passes Legislation Standing Up Cybersecurity Agency in DHS (Department of Homeland Security) On November 13, the United States House of Representatives voted unanimously to pass legislation creating the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS).

U.S. Adopts New Battle Plan to Fight China’s Theft of Trade Secrets (Wall Street Journal) The Trump administration is broadening its China trade battle beyond tariffs with a plan to use export controls, indictments and other tools to counter the theft of intellectual property.

Pentagon task force not a ‘quick-fix’ to protect critical technology (Fifth Domain) A Pentagon task force to prevent the swiping of American secrets and improve supply chain cybersecurity will include representatives from at least seven agencies and is expected to have a long-term vision.

Trump Preparing to Oust Homeland Security Secretary, Post Says (Bloomberg) U.S. Homeland Security Secretary Kirstjen Nielsen may be removed by President Donald Trump in the near future, the Washington Post reported Monday night.

Pentagon cyber official warns U.S. companies against 'hacking back' (TheHill) A top cyber official at the Defense Department on Tuesday urged companies to refrain from “hacking back” when they are the victim of a cyberattack, saying it could negatively affect the already unclear rules of engagement in cyberspace.

State vs. Federal Privacy Laws: The Battle for Consumer Data Protection (SecurityWeek) There has long been speculation that the need for a federal data privacy policy would finally be realized only after the ‘perfect storm’ occurred.

Government to extend age-verification to social media (Computing) Culture secretary Margot James admits plans to extend adult website age verification to social media websites

Litigation, Investigation, and Law Enforcement

Russia wants DNC’s election-hacking lawsuit thrown out (Washington Post) Moscow warns the State Department that American spy agency hacking exposes the U.S. to similar charges.

China scours social media, erases thousands of accounts (Reuters) China’s top cyber authority has scrubbed 9,800 social media accounts of independent news providers deemed to have posted sensational, vulgar or politically harmful content on the Internet, it said late on Monday.

Facebook Failed to Police How Its Partners Handled User Data (New York Times) For years, Facebook struck deals that gave device makers access to troves of user data. A disclosure to Congress details the company’s lax oversight of those partnerships.

Australia's cyber security chief says Austal defense hack investigation may take years (Reuters) Australia's chief cyber security chief said on Tuesday an investigation into...

Analysis | The Cybersecurity 202: Amazon is now at the center of a debate over public safety versus privacy (Washington Post) Prosecutors are trying to force Amazon to turn over data on Echo device for a murder case.

Hacking Team Hacker Phineas Fisher Has Gotten Away With It (Motherboard) Leaked court documents show that Italian authorities have no idea who hacked the government spyware maker Hacking Team.

Man pleads guilty to swatting attack that led to death of Kansas man (Ars Technica) Prosecutor: Tyler Barriss' "disregard for the safety of other people was staggering."

Does wiping your iPhone count as destroying evidence? (Naked Security) Police say it’s a felony, but a woman arrested in connection with a drive-by shooting says she doesn’t even know how to remotely wipe.

El Capitan student, 14, arrested on suspicion of threatening the high school on social media (San Diego Union Tribune) A 14-year-old student at El Capitan High School was arrested on suspicion of making threats on social media against the Lakeside school, sheriff’s officials said Monday. 

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

CPX Asia 360 2019 (Bangkok, Thailand, January 21 - 23, 2019) CPX 360 - the industry’s premier cyber security summit and expo - brings together the world’s leading cyber security experts to one venue. Gain a deep understanding of current challenges cyber security...

CPX Americas 360 2019 (Las Vegas, Nevada, USA, February 4 - 7, 2019) CPX 360 promises to be the premier cyber security summit. CPX 360 is where you’ll receive up-to-the-minute intelligence about global threats and other vital topics from the world’s leading cyber security...

BSides Huntsville (Huntsville, Alabama, USA, February 15 - 16, 2019) The fun and cheap way to earn CEU's. Instead of paying way too much to listen to some guy in a suit try and sell you something, you can pay just a few bucks to hear actual programmers and hackers talk...

CPX Europe 360 2019 (Vienna, Austria, February 18 - 20, 2019) CPX 360 - the industry’s premier cyber security summit and expo - brings together the world’s leading cyber security experts to one venue. Gain a deep understanding of current challenges cyber security...

Symposium on Securing the IoT (San Francisco, California, USA, March 27 - 29, 2019) Want to share your passion and knowledge for Securing the 25 Billion devices connected to the Internet? Topics currently being selected for tracks include: Authenticating Blockchain, Secure Medical & Healthcare,...

Upcoming Events

Infosecurity North America (New York, New York, USA, November 14 - 15, 2018) With 23+ years of global experience creating leading information security events, Infosecurity Group is coming to New York in November 2018. Infosecurity North America will provide a focussed business...

Kingdom Cyber Security (Riyadh, Saudi Arabia, November 20 - 21, 2018) Setting a game plan to boost cyber resilience at the national level.

API Security Summit (London, England, UK, November 21, 2018) The API Security Summit, taking place in London on the 21st of November 2018 will bring together the financial services community, regulators, fintechs, TPPs and associations from across UK and Europe to find solutions to the current lack of standardisation, debate what standards/legislation may emerge in 2019, and how to plan with these in mind.

Army Autonomy and Artificial Intelligence Symposium and Exposition (Detroit, Michigan, USA, November 28 - 29, 2018) This symposium will explore and showcase innovative ways the U.S. Army is developing critical capabilities in robotics, autonomy, machine learning, and artificial intelligence. The goals are to explore...

The Cyber Security Summit: Los Angeles (Los Angeles, California, USA, November 29, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Securing Digital ID 2018 (Alexandria, Virginia, USA, December 4 - 5, 2018) As an increasing number of transactions move online and are mobile-enabled, the conference will explore today’s complex world of digital identities and how they are used for strong authentication and remote...

First Annual Maryland InfraGard Cybersecurity Conference (College Park, Maryland, USA, December 5, 2018) InfraGard is a partnership between the FBI and members of the private sector. The InfraGard program provides a vehicle for seamless public-private collaboration with government that expedites the timely...

International Cyber Risk Management Conference (Hamilton, Bermuda, December 6 - 7, 2018) Now in its fourth year in Canada, the International Cyber Risk Management Conference (ICRMC) has earned a reputation as one of the world’s most trusted cyber security forums. We are proud to bring ICRMC...

2018 Cloud Security Alliance Congress (Orlando, Florida, USA, December 10 - 12, 2018) Today, cloud represents the central IT system by which organizations will transform themselves over the coming years. As cloud represents the future of an agile enterprise, new technology trends, such...

Wall Street Journal Pro CyberSecurity Executive Forum (New York, New York, USA, December 11, 2018) The WSJ Pro Cybersecurity Executive Forum will bring together senior figures from industry and government to discuss how senior executives can best prepare for hacking threats, manage breaches, and work...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.