skip navigation

More signal. Less noise.

Get the top 10 vulnerabilities used by cybercriminals.

Recorded Future researchers have scoured open web, dark web, and technical sources to discover which vulnerabilities are being actively exploited by cybercriminals. Download the report now.

Daily briefing.

Information operations directed toward influencing or disruption elections have surfaced in several countries. ClearSky reports finding an Iranian disinformation campaign aimed at planting bogus stories in and around Israel. One Hebrew-language site, Tel Aviv Times, published plagiarized stories altered to support Iranian interests. Fourteen bogus Facebook profiles and eleven inauthentic Twitter accounts were coordinated with the campaign. Several of the sites involved in the operation targeting Israel closed after exposure. The operation's playbook seems to have resembled that uncovered late last month in the US. 

Swedish authorities have warned of foreign disinformation designed to affect recently concluded elections. And in Russia a domestic campaign is running to suppress dissenting voters.

Apple continues to eject questionable security apps from its Store. Over the weekend it developed that researchers are apparently associating some of these apps with Trend Micro. This story is still developing, and early reports may be confused. Apple took the questionable apps down after Cupertino was notified of their behavior.

Group-IB thinks it likely that at least one the two members of the Silence cybercriminal crew have worked or may even still work in the security industry.

British Airways continues to struggle with its large data breach. Ubio says that the airline's payment site was loading scripts from at least seven domains other than its own. Some think the incident involves a third-party compromise similar to the one that hit Ticketmaster in the UK. The airline itself may be facing a heavy £500 million fine and a customer boycott.

Notes.

Today's issue includes events affecting Australia, Canada, China, Democratic Peoples Republic of Korea, Republic of Korea, Netherlands, New Zealand, Russia, Singapore, Sweden, United Kingdom, United States.

$8.76 million: The average yearly cost of insider threats. Get the report.

Insider threat incidents come with a hefty price tag, according to the “2018 Cost of Insider Threats: Global Organizations” report released by independent research group, The Ponemon Institute. Make sure that you understand the full context (and cost) of these threats by downloading the full report. Get your copy today.

In today's podcast, we speak with our partners at RSA, as Zulfikar Ramzan offers another reality check on blockchain hype. Our guest, Yehuda Lindell from Unbound Tech, discusses the Foreshadow vulnerability.

And, in case you missed it, Research Saturday is up. Symantec researchers recently published their findings on an active attack group named Leafminer that's targeting government organizations and businesses in the Middle East region. Vikram Thakur is a technical director at Symantec, and he joins us to share what they've found.

Rapid Prototyping Event: The Chameleon and the Snake (Columbia, Maryland, United States, September 17 - 20, 2018) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event that specifically targets malware signature diversity and signature measurement for Microsoft Windows in a simulated operational environment at a realistic pace. Join us September 17-20, 2018 at UMBC Training Center in Columbia, MD.

The force is stronger when MSPs and MSSPs come together. (Webinar, September 19, 2018) The managed service market has grown tremendously, with the demand for managed security being unprecedented. For managed service providers (MSPs) looking to answer those demands, partnering with a managed security services provider (MSSP) expands access to highly-skilled cyber security analysts and a full suite of security solutions. Join Delta Risk’s webinar, September 19 at 1 PM ET, to learn how the two sides can join forces.

Cyber Security Summits: September 25 in NYC on October 16 in Phoenix (New York, New York, United States, September 25, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, The NSA, Google, IBM, Darktrace, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com

FireEye Cyber Defense Summit 2018 (Washington, DC, United States, October 1 - 4, 2018) Get trained by a FireEye expert at our annual Cyber Defense Summit. Training opportunities at this event offer attendees hands-on, small-group, interactive sessions with some of the most experienced FireEye cyber security experts.

Dragos Industrial Security Conference (DISC) 11/5/18 (Hanover, Maryland, United States, November 5, 2018) Reserve your spot now for the Dragos Industrial Security Conference (DISC) on November 5th, 2018. DISC is a free, annual event for our customers, partners, and those from the ICS asset community. Visit https://dragos.com/disc/ for more information.

Dateline 9th Annual Billington Cybersecurity Summit

Gen. Nakasone Lays Out Vision for ‘5th Chapter’ of U.S. Cyber Command (MeriTalk) General Paul Nakasone, Commander of U.S. Cyber Command, discussed on Thursday how the service is shifting its strategy and writing the “fifth chapter” of the command’s history to address the “great powers” competition in cyberspace.

Cyber Command partners for a cyber prototyping environment (Fifth Domain) An innovation hub through U.S. Cyber Command seeks to foster greater collaboration between the government and tech firms.

Cyber Command’s acquisition authority still in its infancy (Fifth Domain) The command hopes to change this in the near future.

Ransomware Strikes Launched a Cyber Cleansing Program at Transportation (Nextgov.com) The Transportation Department started with a bug hunting campaign that turned up unexpected vulnerabilities in headquarters computer systems.

Can there be such a thing as a "cyber moonshot?" (The CyberWire) There's been considerable discussion since the Billington Cybersecurity Summit of the prospect of a "moonshot" for cybersecurity. The US Administration is expected to announce something along these lines over the next few weeks, and a fireside chat at the Summit gave two senior Federal officials an opportunity to discuss it. What are we to make of the very idea of a cyber moonshot?

The Trump administration hopes to change the ‘entire ecosystem’ of cybersecurity norms (Fifth Domain) Top administration officials previewed a “cybersecurity moonshot” — a plan they hope will increase the digital security of Americans.

White House, DHS Planning ‘Cyber Security Moonshot,’ First Study Set For November (Defense Daily Network) Department of Homeland Security and White House technology officials are working on a “cyber security moonshot” effort to fix lagging digital security issu

DHS cyber official: Federal cybersecurity is the "number one priority" (Axios) Just yesterday, DHS Secretary Kirstjen Nielsen warned of the threat from cyber attacks.

Cyber Attacks, Threats, and Vulnerabilities

Cyber firm says three Iran-run sites are targeting Israelis with fake news (Times of Israel) ClearSky also discovers fake Facebook profiles and Twitter accounts intended to push Tehran's agenda and 'influence public opinion' in Israel

New Silence hacking group suspected of having ties to cyber-security industry (ZDNet) New Russian-speaking "Silence" group linked to the theft of at least $800,000 from Russian and Eastern European banks and financial institutions.

Researchers Discover New "Fallout" Exploit Kit (SecurityWeek) The recently discovered "Fallout" exploit kit (EK) has been used in a campaign targeting users in Japan, Korea, the Middle East, Southern Europe, and other countries in the Asia Pacific region.

German power firms steel themselves for cyberattacks (Handelsblatt Global Edition) A total blackout of the European grid can’t be ruled out, Germany's information security agency says, and cyberattacks often happen in a roundabout way.

Cyber security in the energy sector: A danger to society - Part 1 (Information Age) This is the first article in a three part series looking at the state of cyber security in the energy sector

Alert: 'Ryuk' Ransomware Attacks the Latest Threat (BankInfo Security) Organizations should be on guard for an attacks involving apparent variant of Hermes ransomware – dubbed Ryuk - that attempts to encrypt network resources. It has

British Airways 'breaking credit card security rules' on its website payment page (SC Magazine) An analysis of the British Airways payment page shows that the site is loading files from seven external domains that have little or nothing to do with payment processing, according to a security expert.

Revealed: British Airways was in talks with IBM on outsourcing security just before hack (Register) El Reg leaked memo sent weeks before crooks swiped payment cards

British Airways hack: How to find out if your data was stolen and steps to stay secure (The Telegraph) Nearly 400,000 passengers have been caught up in yet another PR disaster for British Airways, with the airline the victim of a “sophisticated and malicious” security hack.

Worries arise about security of new WebAuthn protocol (ZDNet) Cryptography experts point out that new WebAuthn protocol recommends or requires the implementation of old and weak algorithms known to be vulnerable to attacks for years

Privilege Escalation Bug Found in Popular VPN Clients (BleepingComputer) Vulnerabilities in NordVPN and ProtonVPN clients allow an attacker to execute code on the affected computer with the rights of an administrator.

Some of the Mac App Store's biggest security apps found spying on users' browsing habits (Computing) Popular MacOS security apps taken down following claims they exfiltrate user data to China

Another popular privacy app in the Mac App Store caught stealing users' browser history (Boing Boing) Another popular privacy app in the Mac App Store caught stealing users' browser history

Additional Mac App Store apps caught stealing and uploading browser history (9to5Mac) [Update 9/10 4:50 am PT: The certificate issued for the domain drcleaner.com leaves no doubt that the apps are in fact distributed by Trend Micro.] [Update 9/9 7:46 pm PT: The apps discussed in thi…

Status update: you’re being spied on (Times) If you have the urge to share your holiday snaps on Instagram or Facebook, be warned — it could leave you seriously out of pocket, cost you job opportunities and even open you up to fraud. Anyone...

Security Expert's Thoughts On Aim Of Attackers Using Mikrotik Routers (Information Security Buzz) In NetLab 360’s blog it said that MikroTik routers were being compromised with malware. In its post it questioned why the attacker is paying attention to the network management protocol regular users barely use but didn’t have an answer. Sean Neman, Director of Product Management of Corero Networks commented below his thoughts as to what the aim …

Keybase Browser Extension Could Allow Sites to See Messages (BleepingComputer) The browser extension for the Keybase app fails to keep the end-to-end encryption promised by its desktop variant as sites could see the text being types into the chat area.

Bitcoin ATMs Targeted by Malware for Sale in Underground Markets (Bitcoin News) Malware aimed at Bitcoin ATMs is being sold in underground markets, according to Trend Micro security researchers. For $25,000, malware exploiting a service vulnerability allows users to nab bitcoin price equivalent in euros, USD, or British pounds.

Malware may ‘hear’ your smartphone passcode one day (Fifth Domain) Trained software can detect sonar-like patterns and reduce the guesswork in unlocking an Android phone.

Radiflow Uncovers Security Flaw in Schneider Electric Modicon Controller (PRNewswire) Company credits its threat intelligence team for its ongoing research for detecting new vulnerabilities and improving cybersecurity protection of critical infrastructure

Fortnite interest on the dark web is surging (The Independent) Mentions of the popular game have doubled in online criminal forums since the start of the year

Finally, KnowBe4 Was Spoofed By Bad Guys. Expected That For Years. (KnowBe4) When you become the worldwide No.1 player in your field with tens of thousands of organizations using your platform, you get on people's radar. Both the good guys and the bad apples.

New Malware Targets Shoppers Making Purchases from Overseas Websites (Be Korea-savvy) A new type of malware that targets shoppers making purchases directly from overseas websites has …

Cyber attack may leave Wegmans with a $900,000 loss (WHEC News10NBC) A cyber attack may have put Wegmans out $900,000...

GDPR Didn't Affect Spam? Not So Fast (CircleID) I have recently become aware of a blog post from Recorded Future that attempts to analyze the effects of the GDPR on online security. Unfortunately, it starts by asking an irrelevant question and then goes on to use irrelevant metrics to come to a meaningless answer.

Security Patches, Mitigations, and Software Updates

September Patch Tuesday forecast: Evaluate third-party updates alongside Microsoft release (Help Net Security) Chris Goettl from Ivanti offers the September Patch Tuesday 2018 forecast, and looks back at the relevant happenings since last month's patch release.

Microsoft 'Confirms' Windows 7 New Monthly Charge (Forbes) Microsoft has confirmed a new monthly charge for Windows 7...

Microsoft adds another three years of security updates for Windows 7, for a price (KitGuru) Although Windows 10 has officially surpassed Windows 7 in terms of adoption, the latter is still pro

​Symantec-secured website shutdown coming soon (ZDNet) In October, Chrome and Firefox users will be blocked from websites still using insecure Symantec/DigiCert TLS certificates. If you don't want to tick off your users, you need to replace these security certificates as soon as possible. Here's how to lock down your site properly.

Duo Security Re: Google Chrome Redesign Including A Password Manager | Information Security Buzz (Information Security Buzz) Following the news regarding Google Chrome’s redesign introducing a password manager, Richard Archdeacon, Advisory CISO at Duo Security offers the following comment. Richard Archdeacon, Advisory CISO at Duo Security: “It is good to see that a password manager is being introduced into a browser. To step back, the issue with passwords is that often they are too simple …

Cyber Trends

SECURITY: DHS chief on cyber response: 'Not a fair fight' (E&E News) A cyberattack on U.S. critical infrastructure should trigger an even more forceful response, according to Homeland Security Secretary Kirstjen Nielsen.

Crims not spies dominate cybersecurity threats: Sophos CEO (ZDNet) Ransomware, the volume of customised malware, and its commercialisation are the biggest factors affecting cybersecurity today, says Kris Hagerman. Nation-state actors less so, at least for most organisations.

Malware on ICS Increasingly Comes From Internet: Kaspersky (SecurityWeek) Kaspersky detects over 19,000 malware samples of 2,800 families on industrial automation systems and the Internet is an increasingly significant source of attacks

Talking Global Cyberwar With Kaspersky Lab's Anton Shingarev (SecurityWeek) Kasperksy's Anton Shingarev hopes that bilateral and international cyber agreements will prevent a hot cyberwar developing and ultimately spilling into a full-scale kinetic war.

Key cyber threat areas for governments, firms in the Gulf (Times of Oman) As the cyber threat landscape continues to evolve, it is imperative for the government and the private sector to pay attention to some of the most significant areas of heightened risk in the cyber environment.

Marketplace

The Netherlands Emerges as a Global Leader in Cybersecurity (Omaha.com) Long recognized as the digital gateway to Europe, The Netherlands has emerged as a hotbed for cybersecurity. There are now more than

If Huawei really cares about selling phones in the U.S., it needs to stop being so shady (Mashable) Let the product speak for itself.

British Airways' data breach gives tech upstarts a chance to shine (Quartz) No company is immune to missteps and data intrusions. But Monzo's reaction to the breach suggests a higher velocity of proactiveness customers can expect more of.

U.S. government contractor SAIC to buy Engility for $1.5 billion (Reuters) Science Applications International Corp (SAIC) said on Monday it has agreed to acquire Engility Holdings Inc for $1.5 billion in stock, a deal that will turn it into the second-largest U.S. government services contractor.

Maryland cybersecurity firm Sonatype raises $80 million from Silicon Valley investors (Washington Post) It was the latest major financing round for the D.C.-area cyber company.

Tesla Says Warranty Will Not Be Voided for Bug Bounty Hunters (1redDrop) Ever since Tesla opened up its bug bounty program on BugCrowd, dozens of security researchers have sent their Proofs of Concept (PoCs) to the company.

The Story Behind Avast: One Of Europe's Biggest Tech IPOs Of 2018 (Forbes) Avast is a shining example of 30 years of building capitalism in a post-communist country, and its recent IPO was the largest to date among tech firms in Europe. Its initial $3.1 billion valuation catapulted its cofounder, Eduard Kučera, to billionaire status.

Fortinet CEO on fending off cyber attacks in the new generation, and why he likes Fortnite (The Mercury News) At Fortinet, Chief Executive Ken Xie is stitching together the fabric companies need to better secure their networks from outside attacks.

BigID Takes On Varonis, Talend, Symantec In $19B Market (Forbes) A Manhattan-based startup is growing at 800% in the $19B business of protecting personal privacy. Should IBM, Oracle, Varonis, and Symantec be worried?

Okta, Palo Alto Networks drive cybersecurity gains on anniversary of Equifax hack disclosure (MarketWatch) Cybersecurity stocks rise following strong earnings from Okta Inc. and Palo Alto Networks Inc., adding to solid gains over the past year following the disclosure of a massive data breach at Equifax Inc.

Temasek, StarHub tie up for pure-play cybersecurity firm (The Business Times) Newly-launched cybersecurity firm Ensign InfoSecurity - a joint venture between Temasek and StarHub - will invest majorly in talent and R&D (research and development) to become Asia's leading pure-play cybersecurity firm, said its executive chairman Lee Fook Sun on Tuesday. Read more at The Business Times.

Wynyard liquidator offers glimmer of hope (Scoop News) Wynyard Group shareholders whose investments were all-but written off when the intelligence software company went bust two years ago may get a 'very small' respite, say the firm's liquidators.

Coalfire Appoints Mark Carney as Executive Vice President, Cybersecurity Services (PRNewswire) New appointment to drive continued innovation and support world-class customer service

Products, Services, and Solutions

WSJ Pro To Launch First Cybersecurity Small Business Academy (GlobeNewswire News Room) The Wall Street Journal’s professional arm, is pleased to announce its inaugural WSJ Pro Cybersecurity Small Business Academy, being held in Dana Point, Calif., on October 15 and 16, 2018.

Fortinet Releases New IoT Security Controller for Network Segmentation (Computer Business Review) California-based cybersecurity company Fortinet has added an IoT network access controller called FortiNAC to its security offering

WhiteHat Security Unveils Deeper Artificial Intelligence Capabilities for Sentinel Dynamic DAST Solution to Empower DevSecOps (BusinessWire) WhiteHat Security, the leading application security provider committed to securing digital business, today unveiled that new, artificial intelligence

Treadstone 71 Offers New Certification Model for Building Intelligence Programs (Massachusetts Newswire) Treadstone 71 announced today a revolutionary new model for building cyber intelligence programs while certifying staff. The Cyber Intelligence 12-Month Online Subscription Program guides organizations in their intelligence program build through online lectures, demonstrations, and templates covering the intelligence lifecycle and beyond.

MYPINPAD’s secure pin capture technology now embedded into Thales Payshield 9000 HSMs (Global News, Analysis, Awards for Banking, Finance, Technology sector) The release will be installed on all new payShield 9000 HSMs, and is currently being deployed to all existing HSMs in the field via a new firmware update.

Cyber security specialist Equiniti launches new threat intelligence platform (Global News, Analysis, Awards for Banking, Finance, Technology sector) Equiniti’s Cyber Security business is delighted to announce the launch of its new threat intelligence platform, EQ FirstSight.

Digital Security by ADT launches identity protection nationwide (Help Net Security) Digital Security by ADT, a new cybersecurity service that will protect a customer's personal identity, digital data, home network and financial information.

Technologies, Techniques, and Standards

GAO Urges Government Action to Combat Cybersecurity Risks (ThinkAdvisor) Its latest audit of efforts by government agencies to address these risks shows many failing to adopt previous GAO recommendations.

Refining the Defense Department’s cyberwarrior ‘carrier’ (Fifth Domain) All the service components are providing input on the development of the next-generation cyber operations platform.

Cybersecurity: Innovating staff buy-in and avoiding silver bullet tools (Healthcare IT News) Hackers are constantly innovating attack methods and organizations need to follow suit, by following trends and choosing cybersecurity tools that fit their business needs.

Why Managed Threat Hunting? (BaknkInfo Security) Increasingly, threat hunting is a practice that enterprises want to understand and implement. But it is not always feasible to do so in-house, given the demand for

Design and Innovation

Cybersecurity's Future: Powered by Hardware (Forbes) Security must no longer be an afterthought. But integrated security demands considerable horsepower. Ken Xie argues that this requires specialized chips.

Academia

Why Cyber Conflict as an Academic Discipline Struggles to Make Its Mark in Political Science (Council on Foreign Relations) It is easy to draw analogies between early nuclear scholarship and its cyber counterpart. However, three factors make scholarly research about cyber conflict a significantly more challenging task.

Legislation, Policy, and Regulation

'Not Without Our Pitchforks': Is Russia Pulling Out Stops To Tamp Down Protest Vote? (RadioFreeEurope/RadioLiberty) With public discontent in Russia running at rarely seen levels because of the government's wildly unpopular pension-reform proposal, officials appear to be managing September 9 local elections carefully.

Ahead of election, Sweden warns its voters against foreign misinformation (Sandhills Express) "If Sweden is attacked, resistance is required,” Swedes were warned this year. A 20-page leaflet, mailed to all households in Sweden and resembling a wartime government communiqué, was, in fact, part of Sweden’s effort to guard against Russian aggression — a growing concern, particularly as Swedes head to the polls for national elections [...]

The Case for a National Cybersecurity Agency (The Agenda) Our grab-bag approach isn’t working. Gen. David Petraeus says it’s time to go big.

The U.S. is losing the war for cyberspace. We can't let that happen | Opinion (PennLive.com) The United States is now lagging behind our political (Russia) and economic (China) enemies in the war for cyberspace.

Compliance Challenges With New NY And CO Cybersecurity Laws (Information Security Buzz) Complicating the challenges of complying with GDPR and the new CA data privacy law, two additional state cybersecurity laws in NY and CO went into effect over Labor Day weekend.  In particular, the NY State 23 NYCRR 500 Law now requires companies to encrypt non-public info at both rest and in transit. What does this mean …

Litigation, Investigation, and Law Enforcement

Ottawa probes Huawei equipment for security threats (The Globe and Mail) Facing U.S. pressure to ban Chinese firm’s equipment from 5G networks, federal government acknowledges for first time that it has been conducting tests since 2013

Opsec Mistakes Allowed U.S. to Link North Korean Man to Hacks (SecurityWeek) U.S. authorities detailed the evidence that allowed them to link Park Jin Hyok, a North Korean programmer, to the Lazarus Group attacks

The Indictment Of North Korea For The Sony Hack Shows How Cybersecurity Has Evolved (BuzzFeed News) Attribution of the attack to North Korea was viewed skeptically at the time. But the indictment this week of North Korea for the hack may lift that skepticism.

Industry Reactions to U.S. Charging North Korean Hacker: Feedback Friday (SecurityWeek) Industry professionals comment on the U.S. bringing charges against Park Jin Hyok, a North Korean national believed to be a member of the notorious Lazarus Group

BA faces record £500m fine over hack as flyers threaten a boycott (Times) British Airways could be fined £500 million after a data breach that led to a backlash from passengers and threats to boycott the airline. The Information Commissioner’s Office (ICO) opened an...

After claiming ‘Feds cant touch us,’ ProtonMail hacker arrested (Fifth Domain) A member of the

Banks’ Sharing of Financial Crime Data Raises Questions on Ethics (Wall Street Journal) Banks, regulators and law-enforcement agencies are sharing more intelligence through voluntary networks to deter money laundering and terrorism financing. As the practice spreads, so do the risks of data mishandling, observers said.

Former Trump aide George Papadopoulos sentenced to 14 days for lying to federal agents (San Diego Union Tribune) George Papadopoulos, the former foreign policy advisor to President Trump's campaign whose suspicious conversations triggered the Russia investigation, was sentenced Friday, nearly one year after he pleaded guilty to lying to federal agents.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Hack the Capitol (Washington, DC, USA, September 26 - 27, 2018) The National Security Institute is partnering with the Wilson Center and ICS Village to host Hack the Capitol, a two-day event focused on Industrial Control Systems (ICS) and security. ICS are used throughout...

Infosecurity North America (New York, New York, USA, November 14 - 15, 2018) With 23+ years of global experience creating leading information security events, Infosecurity Group is coming to New York in November 2018. Infosecurity North America will provide a focussed business...

Upcoming Events

2018 International Information Sharing Conference (Tysons Corner, Virginia, USA, September 11 - 12, 2018) Join representatives from fellow information sharing groups with all levels of expertise, security practitioners, major technology innovators, and well-established cybersecurity organizations, as they...

SecureWorld Detroit (Detroit, MIchigan, USA, September 12 - 13, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Cybersecurity for Small & Medium Sized Businesses (Gaithersburg, Maryland, USA, September 13, 2018) Learn about technical, legal, cultural and policy cybersecurity issues facing small and medium sized businesses. Panelists include: Markus Rauschecker, J.D. University of MD. Center for Health and Homeland...

FutureTech Expo (Dallas, Texas, USA, September 14 - 16, 2018) With over 2,000 expected attendees, 70 top-notch speakers and 100+ exhibitors from the Blockchain & Bitcoin, Artificial Intelligence, Cyber Security / Hacking, Quantum Computing, 3D Printing, and Virtual...

Insider Threat Program Development-Management Training Course (San Antonio, Texas, USA, September 17 - 18, 2018) Insider Threat Defense will hold its highly sought-after Insider Threat Program Development-Management Training Course, in San Antonio, Texas, on September 17-18, 2018. This two-day training course will...

International Consortium of Minority Cybersecurity Professionals (ICMCP) 3rd Annual National Conference (Atlanta, Georgia, USA, September 17 - 19, 2018) The International Consortium of Minority Cybersecurity Professionals (ICMCP) 3rd Annual National Conference continues to elevate the national dialogue on the very necessary strategic, tactical and operational...

Air Space & Cyber Conference (National Harbor, Maryland, USA, September 17 - 19, 2018) Gain new insights and skills to advance your career. Be among the first to see the latest innovations in airpower, space, and cyber capabilities all the while bonding with your fellow Airmen. Inspiring...

SecureWorld St. Louis (St. Louis, Missouri, USA, September 18 - 19, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

SINET Global Cybersecurity Innovation Summit (London, England, UK, September 18 - 19, 2018) SINET, an organization focused on advancing cybersecurity innovation through public-private collaboration, today announced that its annual Global Cybersecurity Innovation Summit (GCIS), will take place...

5th Annual Industrial Control Cyber Security USA (Sacramento, California, USA, September 18 - 19, 2018) Now in its 5th year, this two day executive forum will include presentations, roundtable working groups and panel sessions. Together we will address the escalating cyber risk and resilience challenges...

Security in our Connected World (Beijing, China, September 19, 2018) This year’s seminar will not only examine critical security technologies, such as the Trusted Execution Environment (TEE) and Secure Element (SE), but will also delve into their associated business and...

Detect 18 (National Harbor, Maryland, USA, September 19 - 21, 2018) Detect '18 is the single largest conference dedicated to threat intelligence. This year we're calling on fellow "Threatbusters" to wage a high-tech battle against apparitions (aka bad actors) and learn...

Cyber Beacon (Washington, DC, USA, September 20, 2018) Cyber Beacon is the flagship event of the National Defense University's College of Information and Cyberspace (NDU CIC). The conference brings together cyber experts from across the national security community,...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.