skip navigation

More signal. Less noise.

Where do cyber security professionals go to find jobs and career advice?

CyberSecJobs.com features thousands of opportunities across the country and overseas for cyber security pros. Check us out today by visiting CyberSecJobs.com.

Daily briefing.

Germany has joined other nations in attributing widespread cyberattacks to Russia's GRU ("APT28," a.k.a. Fancy Bear). Brazil is voicing concerns about Russian election influence operations. The UK is preparing a retaliatory capability against Russian cyberattacks.

Bloomberg's report of Chinese hardware seeding attacks on the IT supply chain receives more skeptical criticism. Both Apple and Amazon quickly denied the report as soon as it was published. On Friday the UK's National Cyber Security Centre said it had no reason to doubt Apple's and Amazon's assessments. On Saturday the US Department of Homeland Security agreed: "Like our partners in the UK...at this time we have no reason to doubt the statements from the companies named in the story." Both DHS and GCHQ deny investigating the issue.

Google announced yesterday that it would wind down its social network. Google+ had been commercially disappointing. It was also leaky: the Wall Street Journal reports that Google+ revealed user data to app developers without users' knowledge. The Journal says Google knew about the API issue in March, but decided on legal advice that it wasn't strictly speaking obligated to disclose it. Mountain View feared regulatory scrutiny and reputational damage. (It will now receive both.)

In the UK, the High Court threw out a suit that could have cost Google £3.3 billion. The suit concerned illegitimate data collection rom Apple's Safari browser (the "Safari Workaround") between August 2011 and February 2012. Google has settled various US claims over the same incident for a total of $39.5 million.

Notes.

Today's issue includes events affecting Australia, Brazil, Canada, China, Denmark, Germany, India, Indonesia, Iraq, Italy, Democratic Peoples Republic of Korea, Latvia, Netherlands, Russia, Saudi Arabia, Syria, Turkey, Ukraine, United Kingdom, United States.

Find out what midsized enterprises are doing right to hit the cybersecurity “sweet spot.”

Despite having bigger budgets and greater resources, large enterprises aren't better protected from cyberattacks than are their smaller counterparts. The sweet spot for cybersecurity is found among midsized businesses, which testing finds performed best at protecting their assets and mitigating their security risks. That's the conclusion of Coalfire's inaugural Coalfire Penetration Risk Report, based on more than 300 penetration tests in 148 companies worldwide.  Download the report to gather data-driven insights and make informed decisions based on Coalfire’s innovative analysis.

In today's podcast, we speak with our partners at Accenture, as Justin Harvey discusses how hackers use OSINT for reconnaissance.

Cyber Security Summits: October 16 in Phoenix and on November 29 in Los Angeles (Phoenix, Arizona, United States, October 16, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, The CIA, Verizon, AT&T, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com

SecurityWeek 2018 Industrial Control Systems (ICS) Cyber Security Conference (Atlanta, Georgia, United States, October 22 - 25, 2018) SecurityWeek’s ICS Cyber Security Conference is the conference where ICS users, ICS vendors, system security providers and government representatives meet to discuss the latest cyber-incidents, analyze their causes and cooperate on solutions. Register today for the original ICS/SCADA Cyber Security Conference – October 22-25 in Atlanta.

Cyber Attacks, Threats, and Vulnerabilities

UK, US Security Agencies Deny Investigating Chinese Spy Chips (SecurityWeek) The US Department of Homeland Security and the UK National Cyber Security Centre deny investigating the presence of Chinse spy chips in Supermicro servers

Super Micro China super spy chip super scandal: US Homeland Security, UK spies back Amazon, Apple denials (Register) Officials: Not saying Bloomberg was wrong, we just believe biz saying Bloomberg was wrong

Statement from DHS Press Secretary on Recent Media Reports of Potential Supply Chain Compromise (Department of Homeland Security) Statement from Press Secretary Tyler Houlton on recent media reports of a potential supply chain compromise.

Read Apple’s letter to Congress denying spy chip report (The Verge) The letter is penned to some of Congress’s top tech watchdogs following the explosive Bloomberg report last week

Risky Business Feature: Named source in "The Big Hack" has doubts about the story (Risky Business) Risky Business Feature: Named source in

Why I don’t believe Bloomberg’s Chinese spy chip report (CSO Online) China can and has stolen the information it wants from US companies without using secretly embedded hardware, so why would it jeopardize its massive semiconductor industry?

The biggest cybersecurity threat you never thought that much about is the factory (Marketplace from APM) Why it's so hard to lock down the supply chain that makes our electronics.

Russian Hackers Are Trying To Interfere In Brazilian Elections, Cybersecurity Firm Says (Folha de S.Paulo) Russian hackers tried to interfere in the Brazilian elections using social media to artificially amplify discussions that questioned democracy in Brazil and other topics connected to the presidential run. Moscow's activities were discovered by cybersecurity firm FireEye, a company that usually

Primary season cyberattacks illuminate campaign vulnerabilities (TheHill) The spotlight on cyber vulnerabilities of political campaigns has grown brighter after three Democratic campaigns in California were hacked during the state’s primary elections.

Researchers: No Evidence That Russia Is Messing With Campaign 2018—Yet (The Daily Beast) By the first week of October 2016, Russia’s pawprints were all over the presidential race. Not this year, researchers say.

Trump says China is meddling in our elections. Cyber firms disagree (POLITICO) Beijing is still involved in cyberattacks against other targets, they say.

Google Exposed User Data, Feared Repercussions of Disclosing to Public (Wall Street Journal) Google exposed the private data of hundreds of thousands of users of the Google+ social network, though it didn’t find evidence of misuse. The company opted not to disclose the issue this past spring, in part because of fears doing so would draw regulatory scrutiny.

RIP Google+. We Hardly Knew Ye. (Wall Street Journal) Few tears were shed Monday over the death of Google+, the search giant’s oft-derided effort at challenging Facebook in social media.

Google Criticizes Apple Over Safari Security, Flaw Disclosures (SecurityWeek) One year after Google Project Zero released its Domato fuzzer as open source, the tool still finds a significant number of vulnerabilities in Apple's Safari

Shedding Skin – Turla’s Fresh Faces (Securelist) Turla, also known as Venomous Bear, Waterbug, and Uroboros, may be best known for what was at the time an “ultra complex” snake rootkit focused on NATO-related targets, but their malware set and activity is much broader. Our current focus is on more recent and upcoming activity from this APT.

Germany calls on Russia to halt campaign of cyberattacks (AP News) Germany has become the latest European country to blame the Russian military for a worldwide campaign of cyberattacks against sports organizations, businesses and ...

Latvia says Russia targeted its foreign and defense bodies with cyber attacks (Reuters) Russia has carried out cyber attacks on Latvia's foreign and defense appara...

Denmark Reportedly Calls for Attacking Russia in Cyberspace (Sputnik) Earlier this week, the US and the Netherlands accused Russian intelligence services of cyberattacks against different international organizations, including the Organisation for the Prohibition of Chemical Weapons, anti-doping agencies and sports federations. Moscow responded by saying about Western governments' "spy mania."

Russia slams US over cyber attack claims (euronews) Kremlin accuses Washington of taking a "dangerous path"

Russia dismisses suspected spy actions as routine Dutch trip (AP News) Russia's foreign minister on Monday dismissed accusations made in the Netherlands against suspected Russian spies, saying they were intended to distract public attention...

Moscow to summon Dutch envoy over cyber-attack claim (RTE.ie) The Russian foreign ministry was to summon the Dutch ambassador today after the Netherlands said it had foiled a cyber attack by Russians, state news agencies reported.

Russian spies in new humiliation as hundreds of GRU agents' names found online (The Telegraph) Russia's GRU spy agency has suffered a new humiliation after a list of over 300 names of suspected agents was discovered online.

Russia is Winning the Information War in Iraq and Syria: UK General (Defense One) Moscow is “better than us” in using social media to shape the strategic landscape, says a former deputy commander of the West’s anti-ISIS coalition.

Why the Department of Energy is worried about turbine hacking (Fifth Domain) Hackers are taking aim at America's power grid, making renewable energy infrastructure such as wind turbines an increasingly tantalizing target.

Fact Sheet: DOE Award Selections for the Research, Development, and Demonstration of Next-Generation Cybersecurity Tools and Technologies for Critical Energy Infrastructure (US Department of Energy) On October 1, 2018, the Department of Energy (DOE) announced the award of up to $28 million to support the research, development, and demonstration (RD&D) of next-generation tools and technologies that will improve the cybersecurity and resilience of the Nation's energy critical infrastructure, including the electric grid and oil and natural gas infrastructure.

Code Execution Flaws Found in WECON Industrial Products (SecurityWeek) Many vulnerabilities, including serious flaws that allow arbitrary code execution, found recently in ICS products from China-based Wecon

Five Trends in Attacks on Industrial Control Systems (eWEEK) Attacks on industrial control systems are up, according to Kaspersky and Symantec. Yet, there are specific trends in the attack data: Developing countries are being hit harder than Western Europe and the United States; most attacks come via the internet, removable drives or email; and between 1 and 4 percent of IC systems are attacked by cryptocurrency malware each month.

DHS Warns of Cybersecurity Threats to Agriculture Industry (BleepingComputer) A new report from the U.S. Department of Homeland Security called Threats to Precision Agriculture warns against the cybersecurity risks faced by the emerging technologies being adopted by the agricultural industry.

North Korea is the most destructive cyber threat right now: FireEye (ZDNet) DPRK hackers are cybering every way they can, and according to FireEye their destructiveness and unpredictability makes them dangerous.

FBI ATM Warning: What Banks Need to Know (PaymentsJournal) A recent warning issued to banks by the FBI reads like the script for a Hollywood movie: cybercriminals are plotting

Silence: Moving into the Darkside (Group-IB) Group-IB has exposed the attacks committed by Silence cybercriminal group. While the gang had previously targeted Russian banks, Group-IB experts also have discovered evidence of the group's activity in more than 25 countries worldwide.

A 'Scarily Simple' Bug Put Millions of Cox Communications Customer Accounts at Risk (WIRED) The most straightforward insecurities can sometimes be the riskiest.

Experian credit freeze flaw may have revealed your PIN to fraudsters (USA TODAY) The credit bureau’s process to retrieve a PIN that safeguards a frozen Experian credit report had a security defect that's since been fixed.

PoC Attack Escalates MikroTik Router Bug to 'As Bad As It Gets' (Threatpost) Researchers say a medium severity bug should now be rated critical because of a new hack technique that allows for remote code execution on MikroTik edge and consumer routers.

Fallout Exploit Kit Now Installing the Kraken Cryptor Ransomware (BleepingComputer) The Fallout Exploit has been distributing the GandCrab Ransomware for the past few weeks, but has now switched its payload to the Kraken Cryptor Ransomware.

Attackers use voicemail hack to steal WhatsApp accounts (Naked Security) The Israeli National Cybersecurity Authority issued an alert warning that WhatsApp users could lose control of their accounts.

Chrome Extension Devs Use Sneaky Landing Pages after Google Bans Inline Installs (BleepingComputer) Distributors of unwanted Chrome extensions are coming up with new, sneaky, and simple methods to trick users into installing their extensions now that Google has banned inline installs.

Hackers target the Queensland government with online attacks (Canberra Times) Cyber security experts blocked almost 20 denial of service attacks targeting the Queensland government last year.

Security Patches, Mitigations, and Software Updates

Data-deletion bug forces Microsoft to suspend rollout of Windows 10 update (Ars Technica) The bug had been reported by insiders, but it looks like nothing was done about it.

Git Project Patches Remote Code Execution Vulnerability in Git (BleepingComputer) The Git Project announced yesterday a critical arbitrary code execution vulnerability in the Git command line client, Git Desktop, and Atom that could allow malicious repositories to remotely execute commands on a vulnerable machine.

Apple fixes iOS 12 passcode bypass vulnerabilities (Help Net Security) Apple has released security updates to address a number of vulnerabilities in iCloud for Windows and two iOS 12 passcode bypass bugs.

VMware, Apache, Mozilla push out patches (SC Magazine) A series of patches and updates were issued by VMware, Mozilla and Apache to patch critical and moderately rated vulnerabilities.

Cyber Trends

Cryptomining Dethrones Ransomware as Top Threat in 2018 According to Webroot’s Mid-Year Threat Report Update (Webroot) Also, Phishing Attempts Seen by Webroot Increased by More Than 60 percent

Marketplace

Analysis | The Cybersecurity 202: Google faces calls for privacy legislation, FTC probe after exposing user data (Washington Post) Its secrecy could get them in the most trouble.

Google's Privacy Whiplash Shows Big Tech's Inherent Contradictions (WIRED) Google announced on Monday that it is shuttering its Google+ social network, following revelations in a Wall Street Journal report that the company did not disclose a recently discovered bug that had exposed data from up to 500,000 Google+ users users since 2015.

Managed security services a sweet spot for service providers—report (Fierce Telecom) With security concerns continuing unabated, carriers stand to make a tidy profit in delivering managed security solutions to their customers.

India invites Huawei for 5G trials despite security concerns (TelecomLead) India Government has invited Huawei, the largest telecom equipment maker, for conducting the 5G trials in the country. India aims to conduct 5G spectrum auction towards the end of 2019 due to weak financial conditions of the telecom industry.

Durchbruch: Senat gibt grünes Licht für Siemens-Campus (Berliner Morgenpost) Konzept innerhalb kurzer Zeit erarbeitet. Nun muss der Konzern über das 600-Millionen-Projekt entscheiden

BluVector's quiet win speaks plenty about cyber opportunity (Washington Technology) BluVector is coy about a recent contract win but even without details the deal says plenty about where the government is in need of cybersecurity support.

Leaving the NYSE was 'best decision yet,' Barracuda CEO says (Silicon Valley Business Journal) BJ Jenkins discusses what security investors and executives can learn from Barracuda's success going private, and how Campbell is a hotbed for talent.

NSA whistleblowers come out of retirement to launch data intelligence startup - StartUp Beat (StartUp Beat) If you’re looking for an ordinary story of Silicon Valley startup founders, then keep looking, because Bill Binney ...

How Maryland’s Cybrary Turned a Mechanic into a Cybersecurity Analyst in 3 Months (DC Inno) A career change can be daunting, but for Gabrielle Hempel, it only took a few months.

Akamai Opens Its Second Largest Facility in the World, in Bengaluru (NDTV Gadgets360.com) It would house more than 2,000 employees over the next few years

Products, Services, and Solutions

GlobalPlatform enhances Secure Element deployment for payment-enabled wearables (GlobalPlatform) New configuration supports financial services sector to manage multiple applications including payment, access control and transport ticketing

Polyverse Partners with Soliton to Expand into Japanese Cybersecurity Market (Polyverse) Polyverse Corporation has expanded into the Japanese cybersecurity market through a distribution partnership with Soliton Solutions, K.K., a leading Japanese technology company serving industries across the globe.

New AT&T Alliance Introduces Affordable Cybersecurity Insurance for Businesses (AT&T) In partnership with industry leaders Lockton and CNA, AT&T will help make broad cyber insurance policies and cybersecurity solutions available to small and midsize businesses.

Technologies, Techniques, and Standards

Trump administration tackles pipeline cybersecurity (Utility Dive) The U.S. Department of Energy and the Department of Homeland Security this week co-chaired a meeting with the oil and gas industry to address how pipelines can be protected from cyberattacks.

NHS Digital to ignore IT security recommendations despite WannaCry (Computing) £1bn estimated cost not considered worth it, despite ongoing attacks targeting NHS data

Researchers Call for a Shared Dark Web Taxonomy (Infosecurity Magazine) Researchers Call for a Shared Dark Web Taxonomy. Terbium Labs argues that current reports on pricing are inconsistent and misleading

How to Protect Against Software Supply Chain Attacks (OPSWAT) Cyber security solutions to identify, detect, and remediate advanced security threats from data and devices coming into and out of enterprise networks.

Cybersecurity disclosure benchmarking (EY) EY explores how various types of governance stakeholders have expressed interest in the ways companies guard against and respond to cybersecurity incidents.

How Can Brick-and-Mortar Retailers Make Payment Acceptance Work for Them? (Rambus) Retailers are racing to deliver engaging and experiential buying experiences to differentiate themselves from the competition.

Design and Innovation

Hey Alexa, asks BlackBerry: Want to learn security? (CRN Australia) In talks with Amazon to add authentication smarts to speakers.

Research and Development

Catching hackers in the act (Santa Fe New Mexican) At Los Alamos National Laboratory, where some of the nation’s most precious secrets are kept, we’re not only working to guard our own information; we’re also developing tools to help

China's tech giants spending more on AI than Silicon Valley  (The Telegraph) China’s biggest tech companies have overtaken the giants of Silicon Valley in the race to invest in artificial intelligence and machine learning this year, according to new research for The Daily Telegraph.

New patent for cybersecurity firm LogRhythm (BizWest) LogRhythm, a Boulder-based cybersecurity firm, was granted a new U.S. patent.

Graduate Student Solves Quantum Verification Problem (Quanta Magazine) Urmila Mahadev spent eight years in graduate school solving one of the most basic questions in quantum computation: How do you know whether a quantum computer has done anything quantum at all?

Academia

Norwich University kicks off Cybersecurity Awareness Month, public presentations (VTDigger) Norwich University officials kicked off Cybersecurity Awareness Month, with a presidential declaration proclaiming Norwich University’s participation in the national campaign and information on a public speaker series along with other activities. Each Thursday, guest …

Legislation, Policy, and Regulation

Russia's Hackers Long Tied to Military, Secret Services (SecurityWeek) The skills of Russian hackers today developed from a tradition of excellent computing and programming skills dating back to the Soviet era.

EU, NATO will need to do more to confront Russia in cyberspace - expert (UKRINFORM) The EU and NATO have over the last few years stepped up strategic interaction in countering Russia's cyberattacks, but they need more capabilities to strengthen steadfastness.

UK war-games cyber attack on Moscow (Times) Defence chiefs have war-gamed a massive cyber-strike to black out Moscow if Vladimir Putin launches a military attack on the West, after concluding that the only other way of hitting back would be...

Trump’s Looser Reins on Offensive Cyber Get Positive Reviews from Army (Nextgov.com) Trump rescinded Obama-era rules that required White House sign off for most offensive cyber operations.

State Department needs a makeover for the digital age (TheHill) To be credible and effective, the State Department needs a top “digital diplomat” with the rank of ambassador.

Silicon Valley congressman unveils an Internet Bill of Rights (Washington Post) A list of consumer protection calls for network neutrality, consumer choice for Internet service providers, greater transparency into data collection practices and opt-in consent.

California’s IoT Security Law – Will this Law Really Improve Security? (cyber/data/privacy insights) California’s legislature recently passed SB-327, which is designed to require Internet of Things (IoT) and other “connected device” manufacturers to implement security features into internet connec…

Former NSA deputy is Mattis’s leading choice to head the spy service if it splits from Cyber Command (Washington Post) Senior officials are still debating whether Cybercom is ready to stand on its own.

Cybercrime and cybersecurity surveys reveal important answers (WeLiveSecurity) Public support for efforts to reduce negative incidents in cyberspace is critical to society’s efforts to preserve the benefits of digital technologies. By having regular surveys on cybercrime and cybersecurity we can better gauge public opinion in relation to the topic.

Analysis | The Cybersecurity 202: California's new Internet of Things law only protects against a small portion of cyberthreats (Washington Post) It's a step forward. But an elementary step.

What New Calif. Law Means For Connected Medical Devices (Law360) Last month, California passed the first-ever state legislation aimed at regulating "internet of things" devices. The new law restricts liability to manufacturers of physical hardware — drawing a narrower line than the U.S. Food and Drug Administration's previous guidance, say Michael Buchanan and Michelle Bufano of Patterson Belknap Webb & Tyler LLP.

How state governments bolster cybersecurity (GCN) States are strengthening their election infrastructure, institutionalizing threat information sharing and implementing software-defined access solutions.

How the Army Cyber Center of Excellence fits into the high-tech battlefield (C4ISRNET) Maj. Gen. John Morrison, the commanding general of Fort Gordon, talks about the Army's role in the cyber mission force, training electronic warfare officers and more.

Litigation, Investigation, and Law Enforcement

Mass lawsuit against Google over data collection thrown out (Computing) 'Google You Own Us' legal action had claimed that Google collects a vast range of private and personal information about individuals

Military doctor named as second novichok spy (Times) The second suspect in the Salisbury poisoning was unmasked last night as a military doctor working for Russian intelligence. Alexander Yevgenyevich Mishkin, 39, allegedly travelled to Britain in...

Investigators fail to ascertain at what price FSB's Centre for Information Security officers sell homeland (Crime Russia) The case on high treason is brought to trial with no amount of compensation for disclosure of state secrets pointed out.

Sources tell Russian newspaper that FSB agents leaked secret data to the FBI for 10 million dollars (Meduza) The newspaper Kommersant reported on October 5 that former FSB Information Security Center agent Sergey Mikhailov and his three accomplices allegedly received $10 million for giving the FBI classified data about Pavel Vrublevsky, the former head of the payment services company Chronopay.

Staffer who 'doxed' GOP senators faces nearly 50 years in federal prison (Washington Examiner) The former Democratic congressional staffer who posted personal information about Republican senators online faces nearly 50 years in prison.

Rick Gates Sought Online Manipulation Plans From Israeli Intelligence Firm for Trump Campaign (NYTimes) The company pitched plans for fake avatars that would try to persuade Republican delegates to back the Trump campaign over that of Senator Ted Cruz and to gather intelligence on Hillary Clinton.

GOP Operative Secretly Raised at Least $100,000 in Search for Clinton Emails (Wall Street Journal) A veteran Republican operative and opposition researcher solicited and raised at least $100,000 as part of a project to obtain what he believed to be emails stolen from Hillary Clinton, an effort that remains of intense interest to federal investigators.

‘Bob Smith’ was a Black Lives Matter sympathizer with lots of Facebook friends. It turned out he was a white undercover cop. (NBC News) Facebook is teeming with fake accounts created by undercover law enforcement officers. They're against the rules — but cops keep making them anyway.

Jamal Khashoggi's Disappearance Is a Slap in the Face to the United States (Foreign Policy) Washington should explore retaliatory measures that impose real costs on Saudi Crown Prince Mohammed bin Salman.

Man Pleads Guilty to Hacking Websites of New York City Comptroller and West Point (SecurityWeek) Billy Ribeiro Anderson admitted to obtaining unauthorized access to websites and to defacing them by replacing publicly available contents of the website with hacker-generated content.

Silk Road Admin Pleads Guilty (SecurityWeek) Gary Davis of Ireland pled guilty in a United States court to his role in the administration of Silk Road, a black-market website, and now faces up to 20 years in prison.

Navy cyber unit commander fired (Navy Times) The commander was relieved last month after an investigation raised questions about his

Anti-malware patent survives obviousness claims over internet posts (Out-Law) A series of messages posted on an internet bulletin board about how certain anti-malware software could be used did not invalidate a patent covering that technology, the High Court in London has ruled.

Feds to judge: We still think we can put GPS trackers on cars entering US (Ars Technica) Top HSI official makes assertion after judge already ruled against this legal position.

Amazon Fires Employee for Sharing Customer Emails (Wall Street Journal) Amazon.com said it has terminated an employee responsible for an incident in which a third-party seller on the tech giant’s website got access to email addresses of some Amazon customers.

Italy police ID suspect in 2013 NASA hack (AP News) Italian authorities say they have placed a 25-year-old Italian under investigation for allegedly hacking eight NASA web domains in 2013.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

4th International Cybersecurity Forum, HackIT 4.0: Exploit Blockchain (Kiev, Ukraine, October 8, 2018) The 4th International Cybersecurity Forum, HackIT 4.0: Exploit Blockchain will be held October 8 – 11, CEC Parkovy, Kyiv, Ukraine. The annual Hacken Cup – the onsite bug bounty marathon – happens on October...

4th European Cybersecurity Forum – CYBERSEC (Krakow, Poland, October 8 - 9, 2018) CYBERSEC Forum is an unique opportunity to meet and discuss the current issues of cyber disruption and ever-changing landscape of cybersecurity related threats. Our mission is to foster the building of...

4th European Cybersecurity Forum – CYBERSEC (Krakow, Poland, October 8 - 9, 2018) CYBERSEC is a public policy conference dedicated to strategic aspects of cyberspace and cybersecurity. CYBERSEC 2017 brought together record-breaking 150 speakers and more than 1,000 delegates from all...

8th Annual (ISC)2 Security Congress (New Orleans, Louisiana, USA, October 8 - 10, 2018) The (ISC)2 Security Congress brings together the sharpest minds in cyber and information security for over 100 educational sessions covering 17 tracks. Join us to learn from the experts, share best practices,...

CyberMaryland 2018 (Baltimore, Maryland, USA, October 9 - 10, 2018) The CyberMaryland Conference is an annual two-day event presented jointly by The National Cyber Security Hall of Fame and Federal Business Council (FBC) in conjunction with academia, government and private...

HoshoCon 2018 (Las Vegas, Nevada, USA, October 9 - 11, 2018) Over 3 days, attendees will gain firsthand knowledge about blockchain security. You are invited to converse with technologists working on blockchain and cryptocurrency projects, hear key insights from...

U.S. Department of Transportation Cybersecurity Symposium (Washington, DC, USA, October 9 - 10, 2018) The U.S. Department of Transportation (DOT) Cybersecurity Symposium is 2 days of training sessions and educational seminars focused on the mission of protecting government networks and privacy. Hosted...

SecureWorld Dallas (Dallas, Texas, USA, October 10 - 11, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Florida Cyber Conference 2018 (Tampa, Florida, USA, October 10 - 11, 2018) The Florida Cyber Conference has quickly become the “can’t miss” networking event for Florida’s stakeholders in cybersecurity, bringing together a diverse audience from multiple sectors to encourage dialogue,...

Geneva Information Security Day (Geneva, Switzerland, October 12, 2018) Geneva Information Security Day (GISD) is a leading European cybersecurity conference created as a vendor-independent platform for open and actionable discussion of emerging digital threats and remedies,...

FAIRCON18 (Pittsburgh, Pennsylvnia, USA, October 14 - 18, 2018) Focused on advancing cyber, operational risk management.The event will feature in-depth training seminars, insightful presentations from industry leaders, candid executive and practitioner-led discussions...

The Cyber Security Summit: Phoenix (Phoenix, Arizona, USA, October 16, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Zero Day Con: Hacking Democracy (Washington, DC, USA, October 16, 2018) Join Zero Day Con and Strategic Cyber Ventures on October 16th in Washington, D.C. to examine the path forward in reducing our attack surface, managing risk, regaining control of our networks and data,...

FAIRCON18 (Pittsburgh, Pennsylvania, USA, October 16 - 17, 2018) Hosted by the FAIR Institute and Carnegie Mellon University’s Software Engineering Institute (SEI) and the Heinz College of Information Systems and Public Policy, the 2018 FAIR Conference brings leaders...

PCI Security Standards Europe Community Meeting (London, England, UK, October 16 - 18, 2018) The PCI Security Standards Council’s 2018 Europe Community Meeting is THE place to be. We will provide you with the information and tools to help secure payment data. We lead a global, cross industry effort...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.