skip navigation

More signal. Less noise.

Get your copy of the definitive guide to threat intelligence.

We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.

Daily briefing.

A CyberWire Daily News Briefing redesign is coming.

After the Thanksgiving holiday, we'll be rolling out a new format for our email. We've redesigned it the better to avoid falling into spam traps, or becoming inadvertently enmeshed in the array of anti-phishing measures increasingly deployed. You've seen some of these changes already with our addition of inline links to our summary. When the redesign is complete, you'll see fewer links to suggested reading in the email itself. That selected reading will remain present in its entirety on our website, posted as always with the appropriate Daily News Briefing. We hope you'll find the new format more user-friendly. We'll announce the date of the rollout as it approaches. And, as always, thanks for subscribing and reading.

Amazon has experienced a so-far unspecified breach. The online retailer has emailed many customers (but not all) to say that their name and email address had been exposed “due to a technical error.” The email, genuine despite its phishy appearance, doesn’t say what happened, or where, or why, but reassures recipients that everything’s fine and there’s no need to change passwords (Ars Technica). 

Facebook has cleared up yesterday’s outages, which it attributes to server configuration errors (CNET).

Recorded Future says it’s cleared up the mystery of “Tessa88,” the hitherto unidentified cybercriminal who in 2016 sold MySpace, Badoo, LinkedIn, QIP, Rambler, VKontakte, Mobango, and Twitter databases. The security firm has concluded that Tessa88 is one Maksim Vladimirovich Donakov, of Penza, Russia. Tessa88, whose activities were bracketed with “Peace_of_mind’s,” claimed to be a broker or middleman as opposed to a hacker (ZDNet).

Competing gangs are struggling for Magecart supremacy on an infected e-commerce site (Ars Technica).

Espionage in cyberspace continues at its customary tempo and customary actors. Australia, however, is thought to be seeing an increase in the attention being paid to its corporate intellectual property by China’s Ministry of State Security (CNBC). And observers continue mulling Cozy Bear’s virtuoso return to phishing for access (Threatpost, Forbes).

Those of you in the furry community, you know who you are. But a breach in “High Tail Hall” suggests that about half-a-million of you will eventually be known to everyone else as well. The BBC and Mr. Cluley seem au courant on the incident.

Notes.

Today's edition of the CyberWire reports events affecting Afghanistan, Australia, China, European Union, Republic of Korea, NATO/OTAN, Russia, Saudi Arabia, United Kingdom, United Nations, United States.

A quick note: we'll be observing Thanksgiving this week, so there will be no Daily News Briefing, Daily Podcast, or Hacking Humans on Thursday or Friday, and no Research Saturday or Week that Was this Saturday. Everything returns to normal next week. In the meantime, enjoy the holiday, and see you as usual on Monday.

What are the brightest minds are saying about network security?

We're asking knowledgeable security insiders like you to take a short survey. In return, we're offering all qualified respondents a chance to enter a drawing to win one of three gift cards valued at $50 each. Join other cybersecurity leaders and share your viewpoints. Click here to take the survey.

In today's podcast, out later this afternoon, we speak with our partners at Webroot, as David Dufour talks through the pros and cons of open source code. Our guest is Andy Kling from Schneider Electric with an update on Triton malware.

International Spy Museum's 2nd Annual William H. Webster Distinguished Service Award Dinner (Washington, DC, United States, November 28, 2018) Join the Spy Museum for the second annual William H. Webster Distinguished Service Award Dinner honoring Admiral William H. McRaven on Wednesday, November 28 at The Ritz-Carlton. For tickets, visit spymuseum.org.

Cyber Security Summit: November 29 in Los Angeles (Los Angeles, California, United States, November 29, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The CIA, The City of Los Angeles, Verizon, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com

Rapid Prototyping Event: The Turing Test (Columbia, Maryland, United States, December 11 - 13, 2018) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Prototyping Event in which participants implement an automated process to interact with a Microsoft Windows machine just as a human user may do with the goal being to fool a human judge who is monitoring target computers via Remote Desktop Protocol (RDP) or Virtual Network Computing (VNC) into thinking a normal user is interacting with that machine and not an automated program or process.

Cyber Attacks, Threats, and Vulnerabilities

China reportedly steps up efforts to steal Australian company secrets (CNBC) An investigation by Australia's Fairfax Media and Nine News found that China's Ministry of State Security was responsible for a wave of attacks detected by Australia and its partners in an intelligence sharing alliance.

Russian 'Bear' Hackers Are Back With New Weapons And Disguises (Forbes) Two hacking crews linked to the Kremlin have been spotted targeting Western businesses and government organizations. One was allegedly behind the DNC hack, the other hasn't been seen for a year.

APT29 Re-Emerges After 2 Years with Widespread Espionage Campaign (Threatpost) The group is best-known for hacking the DNC ahead of the 2016 presidential election.

Technical foul: Amazon suffers data breach days before Black Friday, emails world+dog (Register) $1tn biz doesn't answer very basic questions - like how or why it happened

Amazon admits it exposed customer email addresses, but refuses to give details (TechCrunch) Amazon’s renowned secrecy encompasses its response to a new security issue, withholding info that could help victims protect themselves. Amazon emailed users Tuesday, warning them that a it exposed an unknown number of customer email addresses after a “technical error” on its website. W…

Amazon Low-Key Reveals Breach of Some Customer Data (Dark Reading) 'Technical error' exposed names and email addresses.

Facebook, Instagram back up after outage, company confirms (ABC News) Facebook and Instagram are back up, the company confirmed on Tuesday.

Facebook blames outage on 'server configuration' (CNET) The social network, along with its apps such as Instagram, were down for hours Tuesday.

Black Friday and Cybercrime: Retail's Frankenstein Monster (Digital Shadows) With every year that passes, Black Friday seems to morph into a creation its original proponents could not have even envisioned.

Cyber-security firm doxxes hacker who sold MySpace and Dropbox databases in 2016 (ZDNet) Recorded Future claims Tessa88's identity is a 29-year-old Russian named Maksim Vladimirovich Donakov.

True Identity of Notorious Hacker tessa88 Revealed (Recorded Future) Insikt Group analyzed underground forum discussions and discovered images of the individual behind notorious hacker tessa88, revealing their true identity.

Magecart Black Hats Battle it Out On Infected Site (Infosecurity Magazine) One group attempts to sabotage skimming operation of the other

E-commerce site is infected not by one, but two card skimmers (Ars Technica) Rival crime gangs race against each other to steal consumers' personal data.

Mirai: Not Just For IoT Anymore (Arbor Networks Threat Intelligence) Executive Summary Botmasters have taken the lessons from developing Internet of Things (IoT) malware and shifted their focus to targeting commodity Linux servers. Like many IoT devices, unpatched Linux servers linger on the network, and are being abused at scale by attackers sending exploits to every vulnerable

Report: Emotet makes phishing lures more convincing by scraping victims' emails (Cyberscoop) Researchers say the Emotet is improving its ability to steal financial credentials by using emails scraped from its own victims to make templates.

TrickBot’s Bigger Bag of Tricks (TrendLabs Security Intelligence Blog) TrickBot's module scans for indicators if an infected computer is connected to a network that supports POS services and machines.

Malvertising in Apple Pay Targets iPhone Users (Infosecurity Magazine) Malicious advertising on newspaper and magazine websites is targeting iPhone users.

Half a million Android users tricked into downloading malware from Google Play (TechCrunch) More than half a million users have installed Android malware posing as driving games — from Google’s own app store. Lukas Stefanko, a security researcher at ESET, tweeted details of 13 gaming apps — made by the same developer — which were at the time of his tweet downloadable from Google Pla…

Hackers erase 6,500 sites from the Dark Web in one attack (Naked Security) Dark Web hosting company Daniel’s Hosting was wiped out, taking down about 30% of the Dark Web’s operational and active hidden services.

Here’s why Marines in Afghanistan abruptly shut down their social media account (Marine Corps Times) The sudden removal of the account calls into question transparency concerns regarding the Corps’ combat missions overseas.

Microsoft’s MFA is so strong, it locked out users for 8 hours (Naked Security) It’s a long time for Office 365 and Azure AD users to be locked out of such an important business platform, but MFA remains a good idea.

Malware-Analyse: G Data: GandCrab-Ransomware besonders penetrant (Channel Partner) Die Entwickler der GandCrab-Ransomware setzen laut G Data auf einfache Lösungen wie ein hundertmaliges Aufrufen der Benutzerkontensteuerung, um ihre kriminellen Ziele zu erreichen.

VisionDirect hacked: Hackers infect domains with malicious Google Analytics code (HackRead) Hackers using Google Adwords & Google Sites to spread malwareVisionDirect, one of Europe’s largest online optical retailer that deals with contact lenses and eye care related products has announced that a number of its domains have suffered a data breach in which hackers stole customers’ credit card and banking data.

Analysis | The Cybersecurity 202: At least six states still might not have paper ballot backups in 2020 (Washington Post) The old-fashioned way of counting is the accepted defense against cyber attacks.

Making a PCS move from overseas? Your Social Security number and other personal data might be at risk (Military Times) As troops are making international moves, they may not be aware that their personally identifiable information, such as Social Security numbers, is on the move, too.

Subject: Invoice. The cause of 6 out of 10 of the most effective phishing campaigns (Panda Security Mediacenter) The digital security consultancy, Cofense, has recently published a report about the state of phishing attacks throughout this year.

Beware of Third Party Data Breaches (The National Law Review) A study by Ponemon Institute found the percentage of US and UK companies that faced a data breach because of a vendor or third party is growing. In the US alone, 61% of surveyed respondents

High Tail Hall data breach exposes over 400,000 furry fans (Graham Cluley) An online fantasy role-playing game where participants can dress up as buxom furry animals has had its user database leaked onto the internet.

Security Patches, Mitigations, and Software Updates

You can now sign into your Microsoft account without a password (VentureBeat) You can now sign into Microsoft accounts password-free, thanks to Yubico, Microosft, and other FIDO2 device manufactuerers.

Cyber Trends

The Snowden Legacy, part one: What’s changed, really? (Ars Technica) In our two-part series, Ars looks at what Snowden's disclosures have wrought politically and institutionally.

Cyber Attacks Leave US Telco Companies on Hold for Two Days (PRWeb) EfficientIP, a leading specialist in network security, today revealed in its 2018 Global DNS Threat Report that the telecommunications sector ranks as one o

2018 Global DNS Threat Survey Report (EfficientIP) Discover the prominence and business impact of DNS attacks this past year, plus results from the Coleman Parkes global survey covering multiple sectors.

Survey Says: Security and IT Professionals Are Concerned About Enterprise API Growth (Ping Identity) At Ping Identity, we surveyed 100 security and IT professionals during our IDENTIFY 2018 events in San Francisco and New York about the growing adoption of APIs in the enterprise. The findings point to one conclusion: API security should be at the top of everyone’s minds.

Policy on data protection likely to get tighter worldwide: Fortinet (The Financial Express) Governments and regulators around the world are likely to persist in pushing for greater access to and control over their citizens’ data amid rising incidence of data breach, said Patrice Perche, senior executive vice president for worldwide sales and support, Fortinet.

Cybersecurity a big concern in Canada as cybercrime’s impact grows (WeLiveSecurity) Cybersecurity a big concern in Canada as the impact of cybercrime continues to grow according to the ESET Cybercrime Barometer 2018, a survey that polled 3,500 adults in North America.

Marketplace

Israeli cybersecurity co Tufin plans Nasdaq IPO (Globes) Tufin, which is engaged in network security policy management and firewall management, has met with investment bankers on the planned IPO.

Quantum Machines raises $5.5M to build control and operational layer for quantum computers (TechCrunch) Quantum Machines, an Israeli startup launched by three Ph.D. physicists, wants to build the operational and control layer for quantum computing. Today, it announced a $5.5 million seed investment led by TLV Ventures with participation from Battery Ventures. The three principals have been studying q…

Trillion-dollar loss for big five tech companies as market slump deepens (The Telegraph) One trillion dollars has been wiped off the values of the famous five “FAANG” technology companies as the Silicon Valley stock market rout deepened on Tuesday.

Has the Bitcoin bubble finally burst? (The Telegraph) Another day, another plunge in the digital currency market.

Alphabet Chairman Struggles With Google CEO's China Strategy (Bloomberg.com) Alphabet Inc. Chairman John Hennessy is unsure about a banner strategy of the company’s most-important executive.

Facebook’s Zuckerberg Says He Has No Plans to Step Down as Chairman (Wall Street Journal) Facebook CEO Mark Zuckerberg pushed back against calls for him to step down as chairman and said he hoped to continue working with his longtime chief operating officer, Sheryl Sandberg, in a TV interview.

Internal Facebook memo sees outgoing VP of comms Schrage take blame for hiring Definers (TechCrunch) TechCrunch has obtained an internal memo published by Facebook’s outgoing head of public policy Elliot Schrage in which he blames himself for hiring PR firm Definers. He admits to having the company push negative narratives about competitors, but says Facebook did not ask or pay Definers to p…

Sorry Mark Zuckerberg, Facebook isn’t a “positive force” (Ars Technica) Facebook makes users depressed, and Facebook posts helped fuel ethnic cleansing.

Forcepoint competitor on why it scrapped its EMEA strategy to 'start again' (CRN) iboss EMEA VP tells CRN that he sees no point in the vendor entering into competition with its partners

A New Global Cyber Innovation Summit is Coming to the U.S. (Legaltech News) The Global Cyber Innovation Summit which will be hosted in Baltimore in May 2019 looks to differentiate from other conferences through its proactive risk-oriented approach to cybersecurity.

Tanium CEO leads from the front as company plans 60% growth (IDG Connect) Tanium CEO, Orion Hindawi, talks Brexit, Quantum computing fears, machine learning, and pressures to IPO.

AttackIQ Names Brett D. Galloway as CEO (AttackIQ) Former Cisco executive and Silicon Valley-based founder joins fast-growing innovator in continuous security validation

Products, Services, and Solutions

Amazon Pay Accepted Here? Web Giant Aims to Put Digital Wallet in Stores (Wall Street Journal) Amazon wants brick-and-mortar stores to accept Amazon Pay, its digital wallet service, challenging Apple in the mobile-payments race.

The ​FCC’s New Spam Rules Makes Oxford BioChronometrics Even More Critical for Business Owners (Equities.com) Due to the rise of bad actors and spam advertising, the FCC is now wielding heavy fines for violators. As a result, business owners must walk a fine line.

Just in Time for the Holidays: KnowBe4 Offers “Safe Travels for Road Warriors” Video (AP NEWS) With the stress of holidays around the corner, KnowBe4 , the provider of the world’s largest security awareness training and simulated phishing platform, is offering up tips for staying safe while you travel with a free video module entitled “Safe Travels for Road Warriors.” The video, which is packed with online safety tips, is available now and will continue to be accessible throughout the 2018 holiday season.

RapidFire Tools Inc. Adds Advanced Breach Detection System to Cyber Hawk Insider Threat Tool (GlobeNewswire News Room) The company’s flagship internal threat detection system gives MSPs Basic and Advanced options for identifying “Advanced Persistent Threats” on client networks

Awake Security Debuts Network Traffic Analysis Platform to Detect Risks (eWEEK) Awake Security enters the cyber-security market with network traffic analysis technology that can help enterprises identify potential risks and cyber-threats.

ZeroFOX Premium Social Media & Digital Threat Data in ThreatConnect (AP NEWS) ThreatConnect, Inc. ®, provider of the industry's only extensible, intelligence-driven security platform, is proud to announce its integration with ZeroFOX. This premium social media & digital threat data integration is now available to ThreatConnect customers and is one of the more than 350 existing integrations and applications available in the ThreatConnect Platform.

Technologies, Techniques, and Standards

How clean is your software supply chain? (Computing) With malware now pervasive and high-profile organisations being breached every day, Computing invites IT leaders to a networking dinner for sharing best practises

Evolving military cyber training starts with how industry delivers software (Fifth Domain) It's clear the U.S. Army is going to have a strong requirement for software development practices such as Agile. Agile and DevOps software methodology for the Defense Department's Persistent Cyber Training Environment.

Disruptive technologies show why government needs data security standards now (Fifth Domain) Innovation could quickly turn to exasperation if a strategy to harden the increasing variety of smart devices is not implemented, according to experts.

Need board support for IT security investments? Think about who they really are first, advises Kier CIO Duncan Stott (Computing) Understanding board members can help when making IT security pitches to them, says Stott

The Country You Save May Be Your Own (Foreign Affairs) The problem of democracy in the United States, Iran teaches us, is neither the forgotten voter nor the handwringing swingvoter; it is the nonvoter, the nearly 103 million Americans who either refused or were unable to cast a ballot in 2016.

The path to improved cybersecurity culture (Information Management) The recent ISACA-CMMI Institute cybersecurity culture research illustrates the accomplishments and gaps that are seen in the cybersecurity culture of many organizations.

The holiday season and cybercrime: 8 ways to protect yourself (Help Net Security) The holiday season has become an unbridled online spending extravaganza, and threat actors have taken notice. Learn how to protect yourself.

Design and Innovation

A clear case for AI in endpoint protection (Security Brief) Today, AV has an alternative, and it is Artificial Intelligence (AI).

Instagram’s Crackdown on Fake Followers Just Might Work (WIRED) Instagram's promise to root out "inauthentic activity" sends some social media marketers into crisis.

How Will We Outsmart A.I. Liars? (New York Times) For better and worse, humans are only improving their ability to deceive themselves with technology.

The Story of Lenny, the Internet's Favorite Telemarketing Troll (Motherboard) Lenny is a decade-old chatbot designed to troll telemarketers that has developed a cult following online. It’s remarkably convincing, but is it actually effective?

Research and Development

Can a new standard prevent an encryption meltdown? (GCN) Even with government and industry working on quantum-resistant encryption, getting any solutions rolled out will take time and a massive effort.

Blockchain Is Especially at Risk for Quantum Attacks, Scientists Warn (Gizmodo) Blockchain is meant to be secure—but a new paper from quantum computing scientists warns that quickly advancing quantum technology poses a vulnerability for the much-hyped blockchain.

Legislation, Policy, and Regulation

China identifies 17 key areas to make AI breakthroughs (ZDNet) The Chinese government is also inviting private entities and research institutions to join the development of key AI projects as the country aims to lead global AI races by 2030.

From cyber to military mobility: EU members endorse new defense objectives (Defense News) EU member states adopt 17 new cooperative projects under the fledgling PESCO pact, an initiative meant to sharpen Europe's military edge.

Cyber Is at the Heart of Indo-Pacific Command Strategy (SIGNAL Magazine) Across the vast Indo-Pacific region, all roads lead to cyber, according to a panel of U.S. and foreign military and civilian experts.

DoD to reorganize, create new security clearance organization (Federal News Network) The Defense Department is planning to merge the National Background Investigations Bureau, Defense Security Service and other entities within the Pentagon to form one, new security clearance entity.

To maintain tech edge, US seeks export controls on AI (C4ISRNET) Before the government can regulate artificial intelligence, it has to define it.

The FCC has a new plan to combat unwanted robocalls and spammy texts (Washington Post) But critics say it could lead to censorship of legitimate messages.

Army creates new defensive cyber project office (InsideDefense.com) The Army has reorganized one of its leading technology project management offices to instead focus on defensive cyber operations, responding to a growing need in that domain.

To Stockpile or Not to Stockpile Zero-Days? (Dark Reading) As the debate rages on, there is still no simple answer to the question of whether the government should stockpile or publicly disclose zero-day vulnerabilities.

Opinion | How should we address the growing power shift from Washington to Silicon Valley? (Washington Post) How do we modernize the government’s crumbling digital infrastructure without giving tech too much control?

Litigation, Investigation, and Law Enforcement

A knife emoji, then silence: The strange story of how China detained the head of Interpol (Quartz) Chinese authorities are investigating Meng Hongwei, who has been missing since late September, for taking bribes.

Russia loses Interpol presidency vote (BBC News) Interpol elects a South Korean as president, rejecting the controversial Russian frontrunner.

Blow for Kremlin as ‘ex‑KGB man’ loses Interpol vote (Times) Russia was dealt a blow this morning when its candidate to become the head of Interpol was defeated. Alexander Prokopchuk, a veteran of the Russian interior ministry, had been seen as the favourite...

U.S. spy agencies sued for records on whether they warned Khashoggi of impending threat of harm (Washington Post) The Columbia University institute seeks documents relating to agencies’ “duty to warn.”

Trump statement sticks with Saudis, hyping economic benefits of alliance (Defense News) President Donald Trump released a lengthy statement justifying the U.S. alliance with Saudi Arabia by focusing on domestic economic benefits and the threat from Iran.

Bitcoin-Rigging Criminal Probe Focused on Tie to Tether (Bloomberg) DOJ investigating whether Tether was used to prop up Bitcoin. U.S. case part of broader review of possible coin manipulation.

Russian challenge to chemical weapons watchdog rejected (Military Times) The global chemical weapons watchdog’s initiative to apportion blame for poison gas and nerve agent attacks survived two institutional challenges from Russia on Tuesday and is set to become operational next year.

IRS Failed to Track 11,000 Breached Social Security Numbers for Tax Fraud (Nextgov.com) The tax agency also failed to review another 15,000 breached taxpayer ID numbers it received for possible fraud monitoring, an audit found.

CBP’s Facial Biometrics Program Has Caught 26 Alleged Imposters (Nextgov.com) Since its rollout this summer, the biometrics program is finding more success at land borders than airports.

Silk Road’s alleged hitman, “redandwhite,” arrested in Vancouver (Ars Technica) Ross Ulbricht told redandwhite that he wanted to put a "bounty" on a vendor's head.

Facebook appeals UK data watchdog’s £500K Cambridge Analytica fine (TechCrunch) Facebook has said it will appeal a £500,000 penalty issued by the U.K.’s data watchdog this summer following a lengthy investigation into the Cambridge Analytica data misuse scandal. Facebook told the regulator an estimated one million U.K. users were among the 87 million of its users whose p…

Facebook failed to stop a child bride being auctioned on its platform (TechCrunch) Facebook failed to prevent its platform being used to auction a 16-year-old girl off for marriage in South Sudan. Child early and forced marriage (CEFM) is the most commonly reported form of gender-based violence in South Sudan, according to a recent Plan International report on the myriad risks fo…

Ivanka Trump’s email use spurs bipartisan calls for investigation (Washington Post) President Trump defended his daughter, but Republicans and Democrats in Congress demanded documents and said they’ll look into her actions.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

3rd Next Generation Cyber Security for Utilities (Denver, Colorado, USA, February 13 - 14, 2019) With the value of damages caused by cyber-attacks growing rapidly every year, adopting a new and comprehensive approach to cyber security for utilities is more important than ever. Among essential facilities...

Transport Security Congress (Washington, DC, USA, April 2 - 3, 2019) The Transport Security Congress brings together business and security leaders from all sectors of passenger and goods transportation to discuss solutions to the evolving security and safety risk landscape.

Australian Cyber Conference 2019 (Melbourne, Victoria, Australia, October 7 - 9, 2019) The Australian Information Security Association (AISA) is the premier industry body for information security professionals in Australia. As a nationally recognised not-for-profit organisation, AISA champions...

Upcoming Events

Kingdom Cyber Security (Riyadh, Saudi Arabia, November 20 - 21, 2018) Setting a game plan to boost cyber resilience at the national level.

API Security Summit (London, England, UK, November 21, 2018) The API Security Summit, taking place in London on the 21st of November 2018 will bring together the financial services community, regulators, fintechs, TPPs and associations from across UK and Europe to find solutions to the current lack of standardisation, debate what standards/legislation may emerge in 2019, and how to plan with these in mind.

Army Autonomy and Artificial Intelligence Symposium and Exposition (Detroit, Michigan, USA, November 28 - 29, 2018) This symposium will explore and showcase innovative ways the U.S. Army is developing critical capabilities in robotics, autonomy, machine learning, and artificial intelligence. The goals are to explore...

The Cyber Security Summit: Los Angeles (Los Angeles, California, USA, November 29, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

IEEE WIE Forum USA East (White Plains, New York, United States, November 29 - December 1, 2018) IEEE WIE Forum USA East 2018 focuses on developing and improving leadership skills for individuals at all stages of their careers. Attendees will have the opportunity to hear inspirational and empowering...

Securing Digital ID 2018 (Alexandria, Virginia, USA, December 4 - 5, 2018) As an increasing number of transactions move online and are mobile-enabled, the conference will explore today’s complex world of digital identities and how they are used for strong authentication and remote...

First Annual Maryland InfraGard Cybersecurity Conference (College Park, Maryland, USA, December 5, 2018) InfraGard is a partnership between the FBI and members of the private sector. The InfraGard program provides a vehicle for seamless public-private collaboration with government that expedites the timely...

International Cyber Risk Management Conference (Hamilton, Bermuda, December 6 - 7, 2018) Now in its fourth year in Canada, the International Cyber Risk Management Conference (ICRMC) has earned a reputation as one of the world’s most trusted cyber security forums. We are proud to bring ICRMC...

2018 Cloud Security Alliance Congress (Orlando, Florida, USA, December 10 - 12, 2018) Today, cloud represents the central IT system by which organizations will transform themselves over the coming years. As cloud represents the future of an agile enterprise, new technology trends, such...

Wall Street Journal Pro CyberSecurity Executive Forum (New York, New York, USA, December 11, 2018) The WSJ Pro Cybersecurity Executive Forum will bring together senior figures from industry and government to discuss how senior executives can best prepare for hacking threats, manage breaches, and work...

National Cyber League Fall Season (Chevy Chase, Maryland, USA, December 15, 2018) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.