skip navigation

More signal. Less noise.

2017 cyberattacks proved more numerous, sophisticated, and ruthless than in years past.

WannaCry, NotPetya, ransomware-as-a-service, and fileless attacks abounded. And, that’s not everything. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. Read The Cylance Threat Report: 2017 Year in Review Report and learn about the threat trends and malware families their customers faced in 2017.

Daily briefing.

SecurityWeek's ICS Cyber Security Conference

We're in Atlanta for SecurityWeek's 2018 ICS Cyber Security Conference, organized by SecurityWeek. We'll have updates on the proceedings throughout the week.

The murder of Jamal Khashoggi in Saudi Arabia's Istanbul consulate continues to arouse international outrage. Turkey's President Erdogan addressed the death early today in an address to his Development and Justice Party, calling for Saudi Arabia to be more forthcoming about its role in the death and suggesting that any trial be held in Turkey. Hackers have defaced the Davos-in-the-Desert site with a picture showing both Khashoggi and, behind him, a sword-wielding Saudi Crown Prince Mohammed bin Salman. The site has been taken down; the attack looks like hacktivist work.

As Brazil's elections enter their final phase, WhatsApp messaging in that country is seeing a surge in politically-oriented questionable stories.

Bleeping Computer says it's receiving attention from the masters of the Kraken Cryptor Ransomware, who released version 2.0.6 of their tool over the weekend.

Zimperium reports finding remote-code-execution vulnerabilities in FreeRTOS, the open-source OS widely used in embedded systems. The bug's effects are seen across the IoT spectrum, from smart homes to critical infrastructure.

Cisco Talos has discovered remote-code-execution flaws in Live Networks LIVE555’s streaming media RTSPServer. Exploitation could trigger a stack-based buffer overflow.

US authorities continue to investigate a breach in Healthcare.gov that affects about seventy-five-thousand people. Hackers got in through the Federally Facilitated Exchanges (FFE).

Amazon and Supermicro have joined Apple in demanding that Bloomberg retract its story about Chinese supply-chain poisoning of motherboards with spy chips.

Russia's FSB intelligence service recommends that the Internet be brought under "proper governance." Few will receive this as unproblematic good-government advice.

Notes.

Today's issue includes events affecting Brazil, China, France, Germany, Russia, Saudi Arabia, Turkey, United Kingdom, United States.

A year in, companies unsure of risk under China's Cyber Security Law, says Control Risks.

Over a year into China’s Cyber Security Law, Control Risks experts say its vague definition and application leaves multinational companies struggling to understand their risk. Further, how strictly the government will crack down and the extent of penalties for non-compliance remain open questions. Nonetheless, companies operating in China must understand their unique exposure and specific cyber, physical and procedural requirements. Let Control Risks help you make the critical decisions to seize your opportunities in China.

In today's podcast we hear from our partners at Bristol University, as Awais Rashid from the University of Bristol shares thoughts on supply chain security. Our guest is IJay Palansky from Armstrong Teasdale, who reviews legal liability concerns arising from the Internet-of-things.

Our special edition podcast is out as well. The topic is "Making the business case for privacy." Our guest is Cisco’s Chief Privacy Officer Michelle Dennedy, who joins us to discuss what exactly a chief privacy officer does at a global organization like Cisco, why she thinks we’re in the early stages of a privacy revolution, why we all tend to shake our heads cynically when a company claims, “Your privacy is important to us” and how, maybe, respecting the privacy of your users and customers could be a competitive advantage. 

And Recorded Future's podcast, produced in cooperation with the CyberWire, is also up. In this episode, Nicolas Cairns, director of Aegis 9 Security Intelligence, joins us to talk about his part in building Australia’s first intelligence collection system.

SecurityWeek 2018 Industrial Control Systems (ICS) Cyber Security Conference (Atlanta, Georgia, United States, October 22 - 25, 2018) SecurityWeek’s ICS Cyber Security Conference is the conference where ICS users, ICS vendors, system security providers and government representatives meet to discuss the latest cyber-incidents, analyze their causes and cooperate on solutions. Register today for the original ICS/SCADA Cyber Security Conference – October 22-25 in Atlanta.

New York Times Event: Cyberwarfare with Google, Department of Justice & more (Washington, DC, United States, October 30, 2018) David Sanger, national security correspondent for The New York Times will moderate a discussion on cyberwarfare, one of the greatest threats to American democracy and commerce. He will be joined by John Demers, assistant attorney general for the national security division at the Department of Justice; Yasmin Green, the director of research and development for Jigsaw, a Google company; and Dmitri Alperovitch, co-founder of CrowdStrike, who discovered Russian hacking of the Democratic National Committee.

Maryland Cybersecurity Career & Education Fair (Rockville, Maryland, United States, November 9 - 10, 2018) Join us for two dynamic days that put on display why Maryland is where cyber works. Friday will feature a career and education fair, connecting cybersecurity job seekers with opportunities across the state of Maryland. On Saturday, high school and undergraduate students compete in our cyber challenge.

Dateline SecurityWeek's ICS Security Conference

New Data Finds Industrial Control Systems Soft Targets for Adversaries (CyberX) Plain-text passwords, direct internet connections, and weak anti-virus protections place industrial control systems at risk NotPetya leads to some

Mocana to Demonstrate Secure and Scalable IoT Security at Upcoming Events (GlobeNewswire News Room) Mocana’s top industrial IoT security experts will discuss the importance of securing connected devices, improving supply chain integrity, and complying with standards

RiskSense CEO to Present New Approach for Assessing Industrial Threats at the 2018 ICS Cyber Security Conference USA (BusinessWIre) New model uses human-assisted AI to assess risk and vulnerabilities, and even predict cyber attacks.

Indegy CEO to Discuss Insider Threats at 2018 ICS Cyber Security Conference USA (AP NEWS) Indegy , a leader in industrial cyber security, today announced Co-Founder and CEO Barak Perelman will present a session on insider threats to operational technology networks at the SecurityWeek 2018 ICS Cyber Security Conference USA in Atlanta, Georgia.

Cyber Attacks, Threats, and Vulnerabilities

Hackers Allegedly Alter ‘Davos in the Desert’ Site to Show Image of Murdered Journalist Jamal Khashoggi (Motherboard) One of the images allegedly included a representation of Saudi Crown Prince Mohammed bin Salman executing Washington Post columnist Jamal Khashoggi.

Facebook's WhatsApp flooded with fake news in Brazil election (Reuters) Facebook Inc's popular messaging service WhatsApp has become a political ba...

Up to 9.5 million net neutrality comments were fake (Naked Security) New York has expanded its probe to subpoena 14 industry groups and lobbyists, saying that fake comments “distort[ed] public opinion.”

Amazon exec and Super Micro CEO call for retraction of spy chip story (The Verge) ‘[Tim Cook] is right. Bloomberg story is wrong about Amazon, too.’

Critical RCE Bug Impacts Streaming Server Libraries: VLC, MPLayer Not Impacted (Threatpost) A critical streaming bug impacts Live Networks LIVE555 RTSPServer, but not the popular VLC and MPLayer client-side software.

Remote Code Execution Flaws Found in FreeRTOS - Popular OS for Embedded Systems (BleepingComputer) FreeRTOS, the open-source operating system that powers most of the small microprocessors and microcontrollers in smart homes and critical infrastructure systems has 13 vulnerabilities, a third of them allowing remote code execution.

Who Is Agent Tesla? (KrebsOnSecurity) A powerful, easy-to-use password stealing program known as Agent Tesla has been infecting computers since 2014, but recently this malware strain has seen a surge in popularity — attracting more than 6,300 customers who pay monthly fees to license the software.

Kraken Cryptor Ransomware Connecting to BleepingComputer During Encryption (BleepingComputer) Over the weekend, the Kraken Cryptor Ransomware released version 2.0.6, which now connects to BleepingComputer during different stages of their encryption process. It is not known what they are trying to achieve by doing this, but it does provide BleepingComputer with insight into the amount of its victims.

Arcserve Zero-Day Disclosure (Digital Defese) Digital Defense discloses four previously undisclosed vulnerabilities within the Arcserve Unified Data Protection platform. The vulnerabilities can open the door for potential compromise of sensitive data through access to credentials, phishing attacks and the ability for a hacker to read files without authentication from the hosting system.

Dipping Into The Honeypot (Arbor Networks Threat Intelligence) Executive Summary Brute-forcing factory default usernames and passwords remains a winning strategy for Internet of Things (IOT) botnet propagation. Botnet operators with the best list will produce the larger botnet and obtain superior firepower for launching DDoS attacks. IOT bots are indiscriminate – they will

Healthcare.gov FFE Breach Compromises 75K Users' Data (Dark Reading) Attackers broke into a sign-up system used by healthcare insurance agents and brokers to help consumers apply for coverage.

South Carolina Inmates Allegedly Posed As Underage Girls To Blackmail Soldiers On Dating Apps (Task & Purpose) South Carolina inmates are reportedly using a dating app and the threat of an underage porn charge to catfish and blackmail Army soldiers

Twitter says it has removed several accounts affiliated with Infowars and Alex Jones (TechCrunch) Twitter has cleared more Infowars related accounts off its platform. The company told CNN today that it permanently suspended 18 accounts affiliated with the far-right website, known for spreading misinformation and conspiracy theories, on Monday after “numerous violations and warnings.” It added t…

21 people defrauded every minute because of oversharing on social media (Action Fraud) New research produced by Get Safe Online shows that 21 people are targeted every minute as a result of unwittingly ‘oversharing’ on social media.

Muscatine cyber attack affects more than city (Muscatine Journal) The cyber attack that infiltrated the City of Muscatine network last week has also had an effect on county operations.

Security Patches, Mitigations, and Software Updates

Multiple Arcserve® Zero-Day Vulnerabilities Disclosed by (Digital Defense) Digital Defense, Inc., a leading security technology and services provider, today announced that its Vulnerability Research Team (VRT) uncovered four previously undisclosed vulnerabilities within the Arcserve Unified Data Protection platform. The vulnerabilities can open the door for potential compromise of sensitive data through access to credentials, phishing attacks and the ability for a hacker to read files without authentication from the hosting system.

Cyber Trends

Most consumers worry about cybercrime, but are not aware of what can be done about it (Help Net Security) Research has shown that consumers worry about cybercrime, yet the vast majority are unaware of what they can do to protect themselves.

Smishing attempts on the rise as m-banking gains popularity (Deccan Chronicle) Scammers trick users with offers or by sending links through SMS.

IoT has potential to innovate, but is it secure? (Help Net Security) The IoT revolution has tremendous potential to enhance and improve daily life by enabling our devices to connect and communicate with our other devices.

Marketplace

To Insure Cyber or Not to Insure Cyber: Cautions and Caveats for Carriers (Insurance Journal) While there are some issues with the data, virtually every report shows the cyber insurance market growing. Aon Benfield had it growing 37 percent last

CYBERCOM Seeks an Integrator for its Cyber Training Environment (Nextgov.com) The integrator will pull together disparate parts of the cyber training environment being built by other contractors.

Persistent Cyber Training Environment - W900KK-19-PCTE (Federal Business Opportunities: Opportunities) Army Contracting Command-Orlando is issuing this sources sought synopsis as a means of conducting market research to identify potential sources having an interest and industry technologies available to consolidate the integration and development of the Persistent Cyber Training Environment (PCTE) platform.

Facebook on Hunt for Big Cybersecurity Acquisition (The Information) In an effort to repair its tattered reputation around data protection, Facebook is stepping up efforts to acquire a major cybersecurity firm, according to four people familiar with the matter. Facebook has approached several security firms about an acquisition, two of the people said, although ...

Facebook is in Retail Therapy, Shopping for Security Firms (Infosecurity Magazine) After a series of damaging headlines, Facebook goes shopping to try and make things better

If Facebook buys a security company, how will it retain the staff who absolutely hate Facebook? (Graham Cluley) According to reports, Facebook is planning to acquire a cybersecurity firm. But what will the security boffins think of working for Mark Zuckerberg of all people?

Clegg can’t be Facebook’s gutless stooge (Times) Where better to go for news of Sir Nick Clegg’s move to Facebook than to his own page on the site? Our former deputy prime minister, the man who once defined the centre of British politics in much...

Oculus co-founder joins exodus of senior staff from Facebook (The Telegraph) Facebook has suffered another high-profile departure after the co-founder of its virtual reality division announced he was stepping down.

CrowdStrike considering IPO in 2019: report (CRN Australia) Looking for a valuation north of US$3 billion.

Wallarm Closes $8 Million in Series A Financing to Disrupt the Applica (PRWeb) Wallarm, the company that delivers AI-powered application security, today announced that it closed an $8 million series A financing round, bringing the company...

Applied Insight Acquires Mission IT Firm Organizational Strategies Inc. (AP NEWS) Applied Insight , a market leader in solving complex technology challenges for federal government customers and backed by The Acacia Group, announced today its acquisition of Organizational Strategies Inc ., a leading provider of analytics, mission IT, and intelligence, surveillance and reconnaissance services to government and commercial customers.

Column: We need more cyber-warriors for digital defense (The Columbus Dispatch) From self-driving cars to refrigerators that let us know when we’re out of milk, our society is internet-connected nearly everywhere.It is

Former Booz Allen Exec Joe Logue Joins Novetta Board (WashingtonExec) Joe Logue, a former longtime Booz Allen executive vice president, has joined the board of directors of advanced analytics firm Novetta. Logue has over 20 Logue has over 20 years of experience supporting defense and intelligence community customers and a former long-time Booz Allen EVP.

Products, Services, and Solutions

Fujitsu Chooses Cylance to Extend AI-Powered Endpoint Protection in Its Americas Security Operations (Cylance) Fujitsu Chooses Cylance to Extend AI-Powered Endpoint Protection in Its Americas Security Operations

D3 Security Launches CONNECTED Channel Program to Meet Global Demand for Security Orchestration, Automation and Response (SOAR) Technology (BusinessWire) D3 Security today announced its CONNECTED Global Sales Channel and Partner Program.

Rambus Unveils Vaultify Trade for Secure Transaction and Storage of Crypto Assets on Blockchain (BusinessWire) Rambus unveils Vaultify Trade for secure transaction and storage of crypto assets on blockchain, using proven tokenization and encryption technologies

NETSCOUT Takes Internet Scale Threat Protection to the Edge (NETSCOUT) New NETSCOUT Arbor Edge Defense Solution is the First and Last Line of Defense with Automated Detection and Blocking of Inbound and Outbound Threats

5.5 billion GlobalPlatform-certified Secure Elements shipped in 2017 (Global Security Mag Online) GlobalPlatform, the standard for secure digital services and devices, has conservatively calculated that more than 5.5 billion Secure Elements (SEs) deployed in 2017 were based on its specifications, an increase of over 1.5 billion from the previous year. Additionally, over the last three years, in excess of 1 billion SEs were embedded within mobile devices, 100% of which were based on GlobalPlatform technology.

CertainSafe® Announces Enhancements to Its Digital Safety Deposit Box (Tampa Bay News Wire) Secure online storage and sharing of private data for small and medium enterprises Colorado Springs, CO – October 22 2018 CertainSafe® (www.certainsafe.com), a cloud-based data security service provider, has introduced new features for its Digital Safety Deposit Box. Created to protect the most sensitive and private files of small and medium enterprises, CertainSafe’s digital vault is…

OneSpan to Demonstrate Innovations in Cloud-Based Risk Analytics, Blockchain and Digital Account Opening at Money 20/20 USA 2018 (GlobeNewswire News Room) OneSpan Inc. (NASDAQ: OSPN), a global leader in software for trusted identities, e-signatures and secure transactions, will demonstrate at Money 20/20 USA 2018 advances in cloud-based risk analytics, digital mortgage closing using blockchain technology, and identity verification and e-signatures for digital account opening.

Elisa, F-Secure Join Forces to Simplify Connected Home Security (Global Security Mag Online) Cyber Security provider F-Secure and telecommunications company Elisa have joined forces to simplify how people can secure the internet-connected devices finding their way into homes. Elisa is planning to implement a new internet service that includes routers powered by F-Secure Connected Home Security, making them the first network operator in the world to include F-Secure’s innovative smart home security solution in the routers they provide to customers.

Have Cybersecurity Training, Will Travel (Infosecurity Magazine) IBM announces the roll out of its mobile command center.

FireEye demonstrates email threat detection with no-cost cloud email evaluations (Help Net Security) FireEye's FireProof Email Threat Analysis scans email and identifies malicious threats that bypass existing security tools.

ID Analytics introduces solution to address multifaceted synthetic fraud challenges (Help Net Security) Two new products - ID Score Synthetic and Credit Optics Intentional Misuse - identify potential fraud and provide actionable insight legacy solutions miss.

Zscaler extends Cloud DLP service with inline Exact Data Match for massive data sets (Help Net Security) With the addition of EDM, Zscaler customers can identify and protect sensitive information that could potentially leave their network.

Z1 Global TrustPoint simplifies the exchange of email certificates (Help Net Security) Z1 Global TrustPoint has simplified and accelerated the publication of email certificates that will make certificate-based email encryption more efficient.

SSH and Fujitsu partner to offer privileged access as a service (Help Net Security) SSH.COM and Fujitsu have signed a partnership agreement that enables Fujitsu to offer SSH.COM’s PrivX Cloud Access Gateway to complement its IDaaS offering.

Ksmartech expands Trustonic partnership to secure authentication for iOS and Android apps (Trustonic) Trustonic secures digital One-Time-Password (OTP) service on all Android and iOS devices

NEW TECH: Silverfort extends ‘adapative multi-factor authentication’ via key partnerships (Security Boulevard) Tel Aviv, Israel-based Silverfort continues to make inroads into proving the efficacy of its innovative approach to multi-factor authentication, or MFA, in corporate settings. Related: Why a ‘zero-trust’ approach to security is necessary One recent validation comes from two long established, and much larger cybersecurity vendors – Checkpoint and Palo Alto Networks – that have

Trapx Security Introduces New Collaborative Deceptionnet Community for Cyber Defenders (PR Newswire) TrapX Security®, the global leader in cyber deception technology, today announced that it has released...

Making security and compliance accessible with SailPoint’s latest release (Security News Desk) Specialists in enterprise identity governance, SailPoint Technologies Holdings, Inc, has unveiled a series of new innovations in IdentityNow – the industry’s most comprehensive SaaS identity governance platform.

Dell EMC releases software for protection against cyber attacks (iTWire) Data centre solutions provider Dell EMC has announced the release of software that can provide an automated means for isolating and recovering critica...

HTC opens up early access to its blockchain phone (TechCrunch) After months of talk, HTC’s blockchain phone is finally arriving — albeit in limited quantities. The hardware maker announced today at a crypto conference in Berlin that it’s opening up access to an early version the Exodus 1 handset to “cryptographers and developers from all over the world” throug…

Technologies, Techniques, and Standards

Why cybersecurity intelligence is still bad (and a way to fix it) (Fifth Domain) The ability to predict an impending cyberattack is insufficient, according to a new survey, but there are systems that may help.

Addressing Cyber Risks through Public-Private Partnerships (MediaRoom) Today, we live in a world where everyone and everything are connected and it is this interconnectedness that has brought extraordinary enhancements to our professional and personal lives. The...

Analysis | The Cybersecurity 202: Google steps up security efforts as most campaigns use its email services (Washington Post) Phishing is a major concern.

Paper and the Case for Going Low-Tech in the Voting Booth (WIRED) When considered as a form of tech, paper has a killer feature set: It’s intuitive, it doesn’t crash, and it doesn’t need a power source.

Analysis | The Cybersecurity 202: Pros to government: If your defenses fail, think pen and paper (Washington Post) Experts say agencies need contingency plans that do not rely on the Internet.

Can the Guy Who Fixed Twitter’s Fail Whale Save the DNC? (Bloomberg) Democrats worry that Raffi Krikorian has taken on an impossible mission.

How to make the CFO your best cybersecurity friend (Help Net Security) Be sure to illustrate to your CFO how useful cyber tools can be across the firm, thereby increasing utility and... that’s right, ROI.

The Army successfully tests EW, SIGINT on the battlefield (C4ISRNET) Army assessors where pleased with the integration of signals intelligence and electronic warfare during a recent experiment.

How the Army is improving tactical cyber operations (C4ISRNET) The Army is maturing several concepts, capabilities and units to conduct tactical cyber, electronic warfare, intelligence and information operations to support brigade commanders.

3 new tactical cyber units the Army is prototyping (C4ISRNET) A new cyber battalion and multidomain detachment were among them.

What new cyber teams taught an infantry unit (C4ISRNET) A brigade combat team took away some key lessons for the future of warfare that will include the integration of local cyber teams.

Design and Innovation

Repairnator bot finds software bugs, successfully submits patches (Help Net Security) Can a bot create valid, high-quality fixes for software bugs more rapidly than a human can, and get them permanently merged in the code base?

Academia

UTSA College of Business receives $2 million grant to train national security analytics cyber workforce (UTSA Today) The University of Texas at San Antonio (UTSA) College of Business received a $2 million grant from the Defense Intelligence Agency (DIA) as part of its Intelligence Community Centers of Academic Excellence Critical Technology Studies Program.

Raytheon extends Cybersecurity Academy to the United Kingdom and Kuwait (PR Newswire) Raytheon Company's (NYSE: RTN) Intelligence, Information and Services business is bringing its global Cyber Academy...

Legislation, Policy, and Regulation

Russian Intel Chief: Internet Should be Controlled By ‘Proper Authorities’ (Defense One) The FSB says it’s trying to curb extremism online — but it’s also muting foreign and dissenting voices.

PM Urges New Sanctions in Response to Cyber-Attacks (Infosecurity Magazine) Theresa May wants Russia and others to be punished

Fake news ‘threat to democracy’ report gets back-burner response from UK gov’t (TechCrunch) The UK government has rejected a parliamentary committee’s call for a levy on social media firms to fund digital literacy lessons to combat the impact of disinformation online. The recommendation of a levy on social media platforms was made by the Digital, Culture, Media and Sport committee t…

The White House is wooing tech workers to do tours of duty in government (Washington Post) The White House plans to convene tech giants including Amazon, Google, Microsoft and IBM on Monday and urge them to make it easier for their workers to leave behind their big paychecks and snazzy office perks and do brief tours of duty in government.

Litigation, Investigation, and Law Enforcement

Saudi hit squad leader ‘called crown prince’s office’ after Khashoggi death (Times) The alleged leader of a 15-man killing squad made four telephone calls from the Saudi consulate in Istanbul to the crown prince’s office in the hours after Jamal Khashoggi was killed. Turkish...

Treasury Leak Case Could Chill Banks’ Reporting of Suspicious Activities (Wall Street Journal) The recent charges against a U.S. Treasury Department official for allegedly leaking sensitive financial information could give banks pause about what they submit to the government.

John Bolton: Russian meddling had no real 'effect' on US 2016 election (Washington Examiner) National security adviser John Bolton said Monday that he doesn't think Russian interference in the 2016 election had any real "effect" on the outcome.

Special counsel examines conflicting accounts as scrutiny of Roger Stone and WikiLeaks deepens (Washington Post) Prosecutors are closely examining both Stone’s public comments and alleged private assertions in 2016 suggesting he had a way to reach WikiLeaks founder Julian Assange, according to people familiar with the probe.

NSA Whistleblower Edward Snowden Fears For His Safety In Russia (HuffPost) “Russia is not my home; Russia is my place of exile,” the former NSA contractor said.

It Started as an Online Gaming Prank. Then It Turned Deadly (WIRED) A $1.50 wager on a "Call of Duty" match led to a fake 911 call reporting a violent hostage situation in Wichita. Here’s how it all went horribly awry.

Forging a Relationship With the Internet’s Most Hated Swatter (WIRED) A journalist strikes up a jail-cell correspondence with a man charged with instigating a fatal shooting. “Only by peering into the abyss of human malice can we divine how we can muster the strength to forgive the truly lost," he writes.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Army Autonomy and Artificial Intelligence Symposium and Exposition (Detroit, Michigan, USA, November 28 - 29, 2018) This symposium will explore and showcase innovative ways the U.S. Army is developing critical capabilities in robotics, autonomy, machine learning, and artificial intelligence. The goals are to explore...

Secutech 2019 (Taipei, Taiwan, May 8 - 10, 2019) As the largest regional business platform for professionals in the security, mobility, building automation and fire safety solution sectors, Secutech is the annual gathering place for key players from...

Upcoming Events

2018 ICS Cyber Security Conference USA (Atlanta, Georgia, USA, October 22 - 25, 2018) SecurityWeek’s Industrial Control Systems (ICS) Cyber Security Conference is the largest and longest-running event series focused on industrial cybersecurity. Since 2002, the conference has gathered ICS...

Energy Tech 2018 (Cleveland, Ohio, USA, October 22 - 26, 2018) The annual EnergyTech Conference & Expo is an organized event, supported by NASA and INCOSE, highlighting advancements in Energy, Smart-Grids and Microgrids, Aerospace, Critical Infrastructure, Security...

Cryptocurrency, Cybersecurity and the Law (Annandale, VIrginia, USA, October 24, 2018) Legal and security considerations for users of cryptocurrencies and blockchain technology.

Global Resilience Federation Summit on Third-Party Risk (Leesburg, Virginia, USA, October 24 - 26, 2018) The purpose of the GRF Summit on Third-Party Risk is to increase awareness of security best practices, offer an opportunity for collaboration among third-party vendors and organizations’ risk management other to improve holistic security. The Summit will provide training, education and networking on the critical cyber and physical security issues facing organizations, their vendors, and the areas where the two groups intersect. Space is limited for this complimentary event, and registration will be capped and by-approval only. Attendees will include ISAC/ISAO member organizations plus third-party vendors and suppliers.

Wild West Hackin’ Fest (Deadwood, South Dakota, USA, October 25 - 26, 2018) We’re back for another year of amazing talks, great company and exciting hands-on hacking labs. It will be hard to top our amazing inaugural year, but we’ve taken your feedback and plan to make this event...

Symposium on Securing the IoT (Boston, Massachussetts, USA, October 29 - 31, 2018) Join us for the Symposium on Securing The Internet of Things, featuring keynote speakers from the leading industry companies who are solving the issues of IoT and secure connectivity. There will also be...

Times Talks: Arming for Cyberwarfare (Washington, DC, USA, October 30, 2018) David Sanger, a national security correspondent and author of “The Perfect Weapon: War, Sabotage and Fear in the Cyber Age,” will moderate a discussion in Washington, D.C., on cyberwarfare, one of the...

SecureWorld Denver (Denver, Colorado, USA, October 31 - November 1, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Cyber Security Dallas (Dallas, Texas, USA, October 31 - November 1, 2018) Cyber Security Dallas will bring top speakers and industry experts to the Dallas-Fort Worth (DFW) metroplex, which boasts one of the largest concentrations of corporate headquarters in the United States.

InfoWarCon 18 (Leesburg, Virginia, USA, November 1 - 3, 2018) InfoWarCon 18 brings together a highly elite group of political, military, academic, DIYer, and commercial cyber-leaders and thinkers from around the world. We examine the current, future, and potential...

RETR3AT Cybersecurity Conference (Montreat, North Carolina, USA, November 2, 2018) Each year, Montreat College’s Center for Cybersecurity Education and Leadership hosts RETR3AT, a conference designed to engage, educate, and raise awareness about cybersecurity in Western North Carolina...

4th Annual Cyber Southwest (CSW) Symposium (Tuscon, Arizona, USA, November 2, 2018) Be a part of the 4th Annual Cyber Southwest (CSW) Symposium set to take place at the University of Arizona, Eller College of Management - McClelland Hall in Tucson, AZ on Friday, November 2nd, 2018. CSW...

Hybrid Identity Protection Conference (New York, New York, USA, November 5 - 6, 2018) Learn what cutting-edge industry leaders are doing to improve identity protection in the modern organization and how they are boosting enterprise security. Network with the world’s leading identity experts...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.