skip navigation

More signal. Less noise.

2017 cyberattacks proved more numerous, sophisticated, and ruthless than in years past.

WannaCry, NotPetya, ransomware-as-a-service, and fileless attacks abounded. And, that’s not everything. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. Read The Cylance Threat Report: 2017 Year in Review Report and learn about the threat trends and malware families their customers faced in 2017.

Daily briefing.

Iranian officials say President Rouhani's phone was "recently" compromised, and would be replaced. Their announcement was terse and offered neither details nor attribution.

Motherboard describes the apparent role played by Saud Al-Qahtani (a.k.a. "Mr. Hashtag"), a close advisor to Saudi Crown Prince Mohammed bin Salman, in obtaining surveillance software from Milan-based HackingTeam. The Jerusalem Post describes the Saudis' surprising willingness to purchase other espionage tools from Israeli sources—they put the Kingdom's purchases at $250 million. 

US state election officials are gratified by offers of free security tools from cybersecurity companies, but, as many CISOs would authenticate, they're finding the tools confusing and in many cases beyond their ability to use. The Department of Homeland Security is said to be thinking that this would have proceeded more happily had DHS served as a clearing house for the offers.

Malwarebytes warns that a Mac app, "Cointicker," installs keyloggers and backdoors along with its handy alt-coin price-tracker.

Researchers at Cymulate demonstrate a way of infecting Word documents by introducing malicious code into embedded video. The attack evades common forms of detection.

The Director of the Australian Signals Directorate warns that using "high-risk" Chinese telecom devices poses a threat to water and power infrastructure.

The US Commerce Department has, on national security grounds, banned US companies from selling to Chinese chipmaker Fujian Jinhua Integrated Circuit.

Russia and the US have offered the UN predictably competing proposals for international norms of conduct in cyberspace, the former favored by authoritarians, the other by liberal democracies.

Notes.

Today's issue includes events affecting Australia, China, Germany, Iran, Israel, Pakistan, Russia, Saudi Arabia, United Kingdom, United Nations, United States.

Yesterday's summary referred to Twitter's takedown of accounts linked to Iran. While Twitter has over the past few weeks taken down such accounts, the takedown that better revealed the new direction of Iranian information operations was the one more recently executed by Facebook. That's the one we intended to highlight in our summary.

Create a culture of cybersecurity awareness with Coachable Moments.

According to The Ponemon Institute, two out of three insider threat incidents are caused by employee or contractor mistakes. The good news is, these mistakes can easily be avoided ... with the right coaching. Just in time for Cybersecurity Awareness Month, the Coachable Moments series from ObserveIT gives cybersecurity teams the tools they need to empower people to understand the policies and best-practices intended to keep them safe. Check out Coachable Moments today to learn more.

In today's podcast, we talk with our partners at Dragos, as Robert M. Lee offers some thoughts on the real-world threat of electromagnetic pulse (EMP). Our guest is Rahul Kashyapp from Awake Security on the industry's skills shortage and the importance of mentorship.

And Recorded Future's latest podcast, "Blending Threat Intelligence With Cyber Risk Frameworks," produced in cooperation with the CyberWire, is also up. Rick Tracy, CSO at Telos, shares his experience from three decades in the security industry, including GDPR, managing risk, and the NIST framework.

New York Times Event: Cyberwarfare with Google, Department of Justice & more (Washington, DC, United States, October 30, 2018) David Sanger, national security correspondent for The New York Times will moderate a discussion on cyberwarfare, one of the greatest threats to American democracy and commerce. He will be joined by John Demers, assistant attorney general for the national security division at the Department of Justice; Yasmin Green, the director of research and development for Jigsaw, a Google company; and Dmitri Alperovitch, co-founder of CrowdStrike, who discovered Russian hacking of the Democratic National Committee.

Maryland Cybersecurity Career & Education Fair (Rockville, Maryland, United States, November 9 - 10, 2018) Join us for two dynamic days that put on display why Maryland is where cyber works. Friday will feature a career and education fair, connecting cybersecurity job seekers with opportunities across the state of Maryland. On Saturday, high school and undergraduate students compete in our cyber challenge.

Cyber Attacks, Threats, and Vulnerabilities

Iranian official says president's cellphone was tapped (AP News) Iranian officials say President Hassan Rouhani's mobile phone was tapped, without providing details on who was behind it or what information they might have gleaned. The semi-official ISNA news agency on Monday quoted Gen. Gholam Reza Jalali, the head of a military unit charged with combatting sabotage, as saying Rouhani's phone was tapped "recently" and would be replaced with a more secure device. He did not provide further details.

Beijing Has Learned How to Play U.S. Politics (Foreign Policy) China is listening to Trump’s phone, but what can it do with that information?

How ‘Mr. Hashtag’ Helped Saudi Arabia Spy on Dissidents (Motherboard) Saud Al-Qahtani, a close advisor of crown prince Mohammed bin Salman, was tasked with buying Hacking Team spyware, and apparently moonlighted as a member of online cybercrime website Hack Forums.

Under Attack: How Election Hacking Threatens the Midterms (PCMAG) The United States is grappling with fundamental cybersecurity threats at every level of voting infrastructure, from malware-based campaign hacks to weaponized social media posts. But there are plenty of people trying to do something about it.

US election integrity depends on security-challenged firms (Washington Post) Secretive, cybersecurity-challenged companies are gatekeepers of US election integrity

Texans say glitchy voting machines are changing their ballots. The state blames user error. (Washington Post) As Beto O'Rourke and Ted Cruz fight for a Senate seat, Texas voters say machines are erroneously changing their ballots.

DHS: Election officials inundated, confused by free cyber-security offerings (ZDNet) Official would have liked free offerings to have been coordinated through DHS.

2018 midterm election study (Ghostery) We analyzed 981 candidate websites (House and Senate candidates for the 2018 midterm elections) and found that trackers are present on 87% of all sites considered and that around 13% of all campaign pages assessed were tracker free. 41% of pages assessed had 2 – 5 trackers on them; followed by 26% of pages with …

Case study in fake news for all journalism schools (South China Morning Post) Allegations made in magazine article that the Chinese military planted spy chips on motherboards made by US company has been denied by cyber giants and security services

SBP instructs banks after ‘cyber attack’ on Bank Islami network (The News) “On the morning of October 27, 2018 certain abnormal transactions valuing Rs 2.6 million were detected by the Bank on one of its international payment card scheme. The Bank immediately took precautionary steps which, interalia, included shutting its international payment scheme. All monies withdrawn from accounts i.e. Rs 2.6 million have been credited in the respective accounts,” it said.

JuiceChecker-3PC: Introduces New Technique to Escape Malware Detection and Infect Millions of Smartphones (The Media Trust) A new malware attacks demand side platform providers serving publishers around the world.

Securonix Threat Research: British Airways Breach: Magecart Formgrabbing Supply Chain Attack Detection (Securonix) The data breach suffered by British Airways earlier this year affected around 380,000 customers and resulted in the theft of customer data including personal and financial details. The attack was highly targeted and utilized customized…

X.Org Flaw Allows Privilege Escalation in Linux Systems (Threatpost) The issue impacts many large distros with GUI interfaces.

The analysis of the attack which uses Excel 4.0 macro to avoid antivirus software detection (360 Total Security Blog) On October 18, 2018, 360 Threat Intelligence Center captured for the first time an example of an attack using the Excel 4.0 macro to spread the Imminent Monitor remote control Trojan.

Kraken Ransomware Emerges from the Depths: How to Tame the Beast (McAfee Blogs) Look out, someone has released the Kraken — or at least a ransomware strain named after it. Kraken Cryptor ransomware first made its appearance back in August, but in mid-September, the malicious beast emerged from the depths disguised as the legitimate spyware application SuperAntiSpyware.

Exposed Docker APIs Continue to Be Used for Cryptojacking (BleepingComputer) Trend Micro has recently spotted an attacker that is scanning for exposed Docker Engine APIs and utilizing them to deploy containers that download and execute a coin miner. These containers then use scripts to spread to other systems.

Campaign evolution: Hancitor malspam starts pushing Ursnif this week (SANS Internet Storm Center) Today's diary reviews noteworthy changes in recent malicious spam (malspam) pushing Hancitor.

Search for Chrome on Bing, and you might get a nasty surprise (HOTforSecurity) It's 2018, and you can still end up with your computer compromised by searching for the world's most popular browser. That fact was brought home once again by Twitter user Gabriel Landau who, immediately upon firing up his brand new Windows 10 laptop and trying to download... #bing #malvertising

DemonBot Fans DDoS Flames with Hadoop Enslavement (Threatpost) An unsophisticated but effective botnet is targeting exposed cloud servers and racking up millions of infections.

Call of Duty players caught up in cryptocurrency theft racket (Naked Security) The FBI recently busted a group of criminals who seem to be using Call of Duty to coordinate cryptocurrency thefts.

League of Legends Gamers Targeted by Phishing Scam (Security Boulevard) Who is being targeted?

UK Construction Firms Hemorrhage Log-Ins to Dark Web (Infosecurity Magazine) RepKnight finds hundreds of thousands of credentials for sale

Mac cryptocurrency ticker app installs backdoors (Malwarebytes Labs) A Mac application named CoinTicker has been found installing two different backdoors, capable of keylogging, data theft, execution of arbitrary commands, and more.

An Update on the jQuery-File-Upload Vulnerability (Akamai) In the days following the original post concerning my disclosure of the flaw in jQuery-File-Upload (CVE-2018-9206), many people reached to me with a number of questions on various related topics. I think a blog post is the best way to...

Word documents seemingly carrying videos can deliver malicious code instead (Help Net Security) A feature that allows anyone to embed a video directly in a Word document can be easily misused to trick target users into downloading and running malware.

Researchers exploit Microsoft Word through embedded video (Naked Security) A group of researchers has found a way to infect computers via Word documents without triggering a security warning.

Action Fraud warns against fake TV licensing emails, as over 2,500 reports are made in two months alone (Action Fraud) Fraudsters are sending the public fake TV licensing emails to steal their personal and financial information.

IT Security Vulnerability Roundup – October 2018 (eSecurity Planet) A look at 10 of the many security flaws reported in the past month.

Security Patches, Mitigations, and Software Updates

Windows Defender can now run inside a sandbox (Help Net Security) Windows Defender Antivirus can be run within a sandbox, a restrictive environment that separates the AV's processes from those of the underlying Windows OS

Cyber Trends

Disrupting the Flow: Exposed and Vulnerable Water and Energy Infrastructures (TrendLabs Security Intelligence Blog) Using open source intelligence techniques (OSINT), we were able to get a glimpse of possible problem areas for the energy and water sectors. Using internet scanning (mainly through Shodan) and physical location mapping, we were able to identify a number of exposed and vulnerable HMIs, all of which are from small to medium businesses. What this tells us is how important cybersecurity is for each level of the supply chain as well as for each CI sector.

Exposed and Vulnerable Critical Infrastructure: Water and Energy Industries (Trend Micro) The water and energy (W&E) sectors are critical to the economy of every nation, in fact to human life, and need to be secured.

You're Not Imagining It: Civilization is Flickering; and it can be catastrophic (Control Global) Mike Assante wrote two blogs: You're Not Imagining It: Civilization is Flickering, part 1 and 2. Mike is saying is what I have been saying: network monitoring of control system networks is necessary but not sufficient. Moreover, it has been shown in laboratory demonstrations and actual incidents that cyber vulnerabilities exist that can lead to physical damage equipment such as transformers, motors, generators, etc. Damaging this equipment can lead to long term outages of electric systems, refineries, manufacturing, etc.

Washington Journal: Blake Sobczak Discusses Energy Grid Security (C-SPAN) E&E News Reporter Blake Sobczak discusses the security of the U.S. energy grid and recent hacks to systems.

New Report: IoT Now Top Internet Attack Target (Dark Reading) IoT devices are the top targets of cyberattacks -- most of which originate on IoT devices, new report finds.

CEO and Board Risk Management Survey Report (Deloitte United States) Learn how 400 CEOs and board members are prioritizing investments in four critical risk areas.

21% of all files in the cloud contain sensitive data (Help Net Security) McAfee released its Cloud Adoption and Risk Report, which analyzed billions of events in anonymized customers production cloud use to assess the current

Americans Trust Government More than Tech Companies to Combat Election Influence Ops (Nextgov.com) A survey found that U.S. adults think it’s highly likely some nation will try to interfere in the midterms and aren’t confident government or industry can stop it.

Cybersecurity and the Middle Market (National Center for the Middle MArket) An in-depth investigation of how cybersecurity affects the Middle Market based on research from our Q3 2018 MMI Report.

Study Considers Characteristics of the Future Work Force (SIGNAL) With machines augmenting the work force, humans will perform more mission-critical work, Deloitte report predicts.

State of the States for Tech and Cyber (Government Technology) The survey results from two major government studies were released at the National Association of State CIOs (NASCIO) Annual Conference in San Diego this past week. The technology and cybersecurity results signal major change is coming — in many diverse ways. Here’s what you need to know as we head into 2019.

How People Use Connected Devices (Clutch) People own and use connected devices, particularly smart home appliances, to access personal information. Most connected devices people own, though, are used as singular technologies, according to our survey of more than 500 people who own a connected device. Read More

Marketplace

Security Implications of IBM-Red Hat Merger Unclear (Dark Reading) But enterprises and open source community likely have little to be concerned about, industry experts say.

Fugue Announces Strategic Partnership and Development Agreement with In-Q-Tel (IQT) (BusinessWire) Fugue, the leader in cloud security and compliance automation, today announced a strategic partnership agreement with In-Q-Tel (IQT). IQT is the not-f

Products, Services, and Solutions

LookingGlass Cyber Solutions Software Platform Proactively Manages Third Party Cyber Risks to Business Data and Operations (BusinessWire) LookingGlass™ Cyber Solutions, a leader in threat intelligence-driven security, today announced the general availability of its advanced Third Party R

Nyotron's PARANOID Receives Advanced Threat Defense Certification from ICSA Labs (PR Newswire) Nyotron, provider of the industry's first OS-Centric Positive Security solution to strengthen endpoint...

Dashlane Research Finds Majority of Two-Factor Authentication Offerings Fall Short (Dashlane Blog) The results of our Two-Factor Authentication (2FA) Power Rankings are in. The rankings, which examined the prevalence of 2FA offerings among 34 top consumer websites in the United States, found...

Safeguarding global critical networks now and in the future (Help Net Security) Lior Frenkel talks about the vulnerability of critical networks, challenges related to safeguarding such security architectures from 0-day attacks, etc.

LATAM Financial Institutions Tap Behavioral Biometrics Leader, BioCatch, to Strengthen Regional Cybersecurity and Combat Homegrown Fraud (Biocatch) LATAM Financial Institutions Tap Behavioral Biometrics Leader, BioCatch, to Strengthen Regional Cybersecurity and Combat Homegrown Fraud

ZeroStack delivers inter-cloud VPN-as-a-service (Help Net Security) The ZeroStack's cloud administrator can now use VPN-as-a-service to establish a secure tunnel between local networks and users in multiple sites.

Learning Tree expands end-to-end cybersecurity certification training solutions (Help Net Security) Learning Tree expanded end-to-end cybersecurity certification training solutions to help organizations invest in a people-first cybersecurity culture.

Verint and Thales join forces to deliver cyber threat intelligence approach (Help Net Security) Verint Systems and Thales partner to create a Cyber Security Threat Intelligence approach for governments, enterprises, and critical infrastructures.

wolfSSL Announces Qt Framework Support & Integration (PRWeb) wolfSSL, a leading provider of TLS cryptography and the world’s first commercial release of TLS 1.3 announces support for the Qt Framework. Qt is a GUI deve

Technologies, Techniques, and Standards

Psy-Ops, Meet Cyber-Ops: U.S. Takes on Russian Trolls (Just Security) "Hello, Ivan. This is U.S. Cyber Command. We can see your mouse from here."

7 Ways an Old Tool Still Teaches New Lessons About Web AppSec (Dark Reading) Are your Web applications secure? WebGoat, a tool old enough to be in high school, continues to instruct.

Don’t Go Once More Unto the Breach: Fix Those Policy Configuration Mistakes (Infosecurity Magazine) Examining four common security policy errors, and how organizations can avoid them.

Design and Innovation

Signal Has a Clever New Way to Shield Your Identity (WIRED) "Sealed sender" gives the leading encrypted messaging app an important boost, hiding metadata around who sent a given message.

Self-driving cars learn (from us) about who to sacrifice in a crash (Naked Security) It’s bad news for overweight, elderly, male jaywalkers.

Research and Development

Dartmouth's PhasorSec protects power grids from cyberattack (EurekAlert!) A new technique protects power grids from attacks against utility control systems that can shut down facility operations, trigger longer-term blackouts and even cause permanent physical damage.

Academia

China Is Secretly Enrolling Military Scientists in Western Universities (Defense One) Dozens of scientists and engineers linked to China’s People’s Liberation Army obscured their military connections when applying to study overseas.

2 universities getting new sites for cybersecurity training (The State) Michigan Gov. Rick Snyder says two universities will be getting new sites for cybersecurity training.

Cadillac High School Wins High School Cyber Challenge (PR Newswire) High School teams from across Michigan came to the 2018 North American International Cyber Summit (NAICS) at Cobo Center ...

Legislation, Policy, and Regulation

Angela Merkel to step down in 2021 (BBC News) The decision by Germany's veteran chancellor comes after a series of regional election setbacks.

Angela Merkel sets date to quit after election drubbing (Times) Angela Merkel will step down as chancellor and retire from German politics by 2021 in an unprecedented attempt to hand over power to a successor. Her long farewell, announced after her party...

Russia, US Offer Competing Vision of Cyber Norms to the UN (Defense One) Two proposed versions of an “international code of conduct for international information security” set up a clash between autocracies and democracies.

Report: Israel sold $250m. of sophisticated spy systems to Saudi Arabia (The Jerusalem Post) These are the most sophisticated systems Israel has ever sold to any Arab country.

Spy chief wanted ban on China telecoms from Australian 5G (AP News) Australia's critical infrastructure including electricity grids, water supplies and hospitals could not have been adequately safeguarded if Chinese-owned telecommunications giants Huawei and ZTE Corp. were allowed to help roll out the nation's 5G network, a spy chief said. Mike Burgess, director-general of the Australian Signals Directorate, said his cyber experts had backed the government's decision in August to bar the two Chinese companies that he described as "high-risk vendors." It was the first time the secretive agency had disclosed such information.

Huawei poses security threat to Australia's infrastructure, spy chief says (the Guardian) Australian Signals Directorate chief says using ‘high-risk vendor equipment’ could pose threat to water supply and electricity grid

Tech tax is a 'quick and dirty' solution that will damage UK businesses, Hammond told  (The Telegraph) The launch of a digital services tax could severely damage businesses across the UK, Chancellor Philip Hammond has been warned.

Hate speech tied to suspect in synagogue massacre rekindles calls for regulating social media (Washington Post) Some lawmakers questioned whether a decades-old law that protects social media giants from lawsuits might be in need of an overhaul.

OMB loosening the reins on major cyber programs for 2019 (Federal News Network) The Office of Management and Budget released the 2019 Federal Information Security Management Act guidance giving agencies more options to meet the intent of the CDM program.

“Right to repair” gets a boost from new DMCA software rules (Naked Security) It just got easier for owners of a wide range of home devices to hack and repair their software.

The 5 areas of emphasis in the Army’s new electronic warfare strategy (C4ISRNET) The Army's new strategy provides five broad lines of effort.

Inside the Pentagon’s struggle to build a cyber force (Fifth Domain) Experts suggest the armed forces have structural problems that prevent it from becoming a digitally cohesive force.

Army announces new director of operations at NGA (C4ISRNET) The Department of Defense announced a new director of operations at the National Geospatial-Intelligence Agency.

Litigation, Investigation, and Law Enforcement

China’s Bad Old Days Are Back (Foreign Affairs) Under Xi Jinping, China is extending political repression from its Western border regions into Hong Kong and other that once seemed relatively free by comparison. What we are witnessing is not a continuation of China’s oppressive status quo but the onset of something alarming and new.

U.S. to Restrict Chinese Chip Maker From Doing Business With American Firms (Wall Street Journal) The U.S. has raised the stakes in a battle with Beijing over intellectual property by restricting American firms from doing business with state-owned Chinese chip maker Fujian Jinhua that Micron Technology Inc. has accused of stealing its secrets.

Average ICO Fines Double in a Year (Infosecurity Magazine) Latest stats show total increased 24%

FBI investigating cyber attack at Peoria Notre Dame High School (Journal Star) Peoria Notre Dame High School has been the target of a cyber attack that had drawn the attention of federal investigators.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Symposium on Securing the IoT (Boston, Massachussetts, USA, October 29 - 31, 2018) Join us for the Symposium on Securing The Internet of Things, featuring keynote speakers from the leading industry companies who are solving the issues of IoT and secure connectivity. There will also be...

Times Talks: Arming for Cyberwarfare (Washington, DC, USA, October 30, 2018) David Sanger, a national security correspondent and author of “The Perfect Weapon: War, Sabotage and Fear in the Cyber Age,” will moderate a discussion in Washington, D.C., on cyberwarfare, one of the...

SecureWorld Denver (Denver, Colorado, USA, October 31 - November 1, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Cyber Security Dallas (Dallas, Texas, USA, October 31 - November 1, 2018) Cyber Security Dallas will bring top speakers and industry experts to the Dallas-Fort Worth (DFW) metroplex, which boasts one of the largest concentrations of corporate headquarters in the United States.

InfoWarCon 18 (Leesburg, Virginia, USA, November 1 - 3, 2018) InfoWarCon 18 brings together a highly elite group of political, military, academic, DIYer, and commercial cyber-leaders and thinkers from around the world. We examine the current, future, and potential...

RETR3AT Cybersecurity Conference (Montreat, North Carolina, USA, November 2, 2018) Each year, Montreat College’s Center for Cybersecurity Education and Leadership hosts RETR3AT, a conference designed to engage, educate, and raise awareness about cybersecurity in Western North Carolina...

4th Annual Cyber Southwest (CSW) Symposium (Tuscon, Arizona, USA, November 2, 2018) Be a part of the 4th Annual Cyber Southwest (CSW) Symposium set to take place at the University of Arizona, Eller College of Management - McClelland Hall in Tucson, AZ on Friday, November 2nd, 2018. CSW...

Hybrid Identity Protection Conference (New York, New York, USA, November 5 - 6, 2018) Learn what cutting-edge industry leaders are doing to improve identity protection in the modern organization and how they are boosting enterprise security. Network with the world’s leading identity experts...

Hybrid Identity Protection Conference 2018 (New York, New York, USA, November 5 - 6, 2018) The Hybrid Identity Protection Conference is the premier educational and networking event for identity experts. Learn what cutting-edge industry leaders are doing to improve identity protection in the...

Cyber Security & Artificial Intelligence MENA Summit (Dubai, UAE, November 6 - 7, 2018) Cyber Security and Artificial Intelligence MENA Summit has been designed to bring you a remarkable opportunity to gain fresh insights into areas such as artificial intelligence and machine learning impact...

2nd Annual Aviation Cyber Security Summit Summit (London, England, UK, November 6 - 7, 2018) Now in its 2nd year, the Cyber Senate Aviation Cyber Security and Resilience Summit (AVCIP2018) will take place on 6th and 7th in London United Kingdom 2018. This two-day executive forum will include presentations,...

Federal IT Security Conference: FITSC 2018 (College Park, Maryland, USA, November 7, 2018) Phoenix TS and Federal IT Security Institute (FITSI) are partnering to host the third annual Federal IT Security Conference (FITSC) this November. Speakers from NIST, DHS, the Defense Department as well...

SINET Showcase (Washington, DC, USA, November 7 - 8, 2018) Highlighting and advancing innovation. SINET Showcase provides a platform to identify and highlight “best-of-class” security companies that are addressing the most pressing needs and requirements in Cybersecurity.

SecureWorld Seattle (Seattle, Washington, USA, November 7 - 8, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Infosecurity North America (New York, New York, USA, November 14 - 15, 2018) With 23+ years of global experience creating leading information security events, Infosecurity Group is coming to New York in November 2018. Infosecurity North America will provide a focussed business...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.