skip navigation

More signal. Less noise.

Get your copy of the definitive guide to threat intelligence.

We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.

Daily briefing.

Blackberry Cylance has a new report on OceanLotus, also known as APT32 or Cobalt Kitten. The Vietnamese threat group uses steganography (in the form of a png image file) to carry its loader to the target.

e-sushi, a self-described dabbler in cybersecurity and other things, called out Facebook Sunday for asking people to give up their third-party email credentials so Facebook can "automatically" verify those accounts. Yesterday the Daily Beast confirmed that Facebook is indeed doing this. Facebook says their intentions were good and they didn't actually store passwords, but they understand, and have stopped this form of verification. It struck most observers as appallingly bad practice.

Remote Administration Tool or Remote Access Trojan? If you ask the author of Orcus RAT, it's the former. If you ask the Mounties, it's the latter. KrebsOnSecurity has an account of last week's raid on Orcus Technologies.

Haaretz says OpIsrael preparation has begun, as hacktivists infect some one-hundred-twenty Israeli sites. OpIsrael is expected on April 7th.

Bitcoin's price spiked above $5000 early this week. The Telegraph and others think an April Fool's prank was behind the bull rush. 

In a very odd incident, the US Secret Service Saturday detained a woman who showed up at President Trump's Mar-a-Lago. She was seeking entrance to a non-existent event, and was carrying a laptop, four phones, and a number of dongles, loaded with a lot of what the Miami Herald helpfully calls "malicious malware." She also had a Chinese passport and an interest in international trade.  

Notes.

Today's issue includes events affecting Australia, Canada, Chad, China, Colombia, Democratic Peoples Republic of North Korea, Japan, Niger, Nigeria, Russia, Thailand, United Kingdom, United States, Venezuela, and Vietnam.

Outsmarting Attackers with Deep Learning

Adversaries are creating new attacks at such a speed and volume that signature and sandbox-based threat detection can’t keep up. Deep learning can help. By exposing neural nets to threat data, deep learning can learn to identify malicious traffic, even zero days seen for the first time. But why are advances possible today? How does deep learning differ from machine learning? Where’s the best place to apply deep learning? Get the answers here.

In today's podcast, out later this afternoon, we speak with our partners at Webroot, as David Dufour shares results from their most recent threat report. Our guest is Roy Zur from Cybint Solutions, who reviews the essentials of hunting and fishing for information online.

Cyber Attacks, Threats, and Vulnerabilities

Iran conducted 'major cyber assault' on key UK infrastructure (Sky News) Mobile phone numbers of MPs and peers were among data harvested during an attack last December.

ISIS’s West African Offshoot Is Following al Qaeda’s Rules for Success (Foreign Policy) The amorphous Boko Haram splinter group is taking inspiration where it can get it and bringing disaster to the Lake Chad Basin in the process.

Hackers linked to Chinese intelligence may be behind ASUS computer attack (The Hindu) Kaspersky Labs suspects Barium APT also targeted Microsoft in 2017: State Cyber department’s report

North Korea's elite hackers are funding nukes with crypto raids (WIRED UK) APT 38 is Kim Jong-un's highly skilled group of bank hackers. After raising $1 billion for the country from heists, its attention turned to cryptocurrency

Lazarus Hacker Group Continues to Target Crypto Using Faked Trading Software (Bitcoin Magazine) A Chinese security service provider has issued a warning that a large number of crypto exchanges have been targeted by the North Korean hacker group Lazarus.

OceanLotus APT Uses Steganography to Load Backdoors (BleepingComputer) The OceanLotus advanced persistent threat group (also known as APT32 or Cobalt Kitty) is using steganography-based loaders to drop backdoors on compromised systems.

Report: OceanLotus APT Group Leveraging Steganography (BlackBerry Cylance) BlackBerry Cylance recently uncovered a novel malware payload loader during our ongoing surveillance of the OceanLotus (APT32) group. The loader uses steganography to read an encrypted payload concealed within a .png image file. This white paper offers an in-depth look at two concerning technical achievements recently employed by this APT.

We found a massive spam operation — and sunk its server (TechCrunch) For ten days in March, millions were caught in the same massive spam campaign. Each email looked like it came from someone the recipient knew: the spammer took stolen email addresses and passwords, quietly logged into their email account, scraped their recently sent emails and pushed out personaliz…

Advantech WebAccess/SCADA (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 9.8ATTENTION: Exploitable remotely/low skill level to exploitVendor: AdvantechEquipment: WebAccess/SCADAVulnerabilities: Command Injection, Stack-based Buffer Overflow, Improper Access Control2. RISK EVALUATIONSuccessful exploitation of these vulnerabilities may cause a denial of service and allow remote code execution.

‘Beyond Sketchy’: Facebook Demands Users’ Email Passwords (The Daily Beast) Mark Zuckerberg admitted recently that Facebook doesn’t have a ‘strong reputation’ for privacy. An odd new request for private data probably won’t help with that rep.

Facebook Is Just Casually Asking Some New Users for Their Email Passwords (Gizmodo) Facebook has been prompting some users registering for the first time to hand over the passwords to their email accounts, the Daily Beast reported on Tuesday—a practice that blares right past questionable and into “beyond sketchy” territory, security consultant Jake Williams told the Beast.

Facebook caught asking users for the passwords to their email accounts (The Telegraph) Facebook has been caught asking new users for the passwords for their email accounts in order to verify their accounts.

Unnam3d Ransomware Moves Files Into Protected RAR Archives, Demands Amazon Gift Card (Security Intelligence) Security researchers discovered a new ransomware family called Unnam3d that moves targeted files into protected RAR archives and demands an Amazon gift card as ransom.

Skype Android bug automatically answers phone calls without permission (The Telegraph) Skype calls on Android phones are being automatically answered without the recipient's consent, according to users.

150 Million People Affected By SimBad Adware on Android (Security Boulevard) SimBad, a new strain of adware, was found installed on more than 210 Android Apps disguised as an advertisement kit and named RXDrioder.

Malware Actors Using New File Hosting Service to Launch Attacks (Security Boulevard) Bad actors are leveraging a new file hosting service in order to launch attack campaigns involving FormBook and other malware. Near the end of March, researchers at Deep Instinct observed a new FormBook attack. The infection chain for this campaign began with a phishing email that contains a malicious attachment.

Data breach exposes up to 1.3M Georgia Tech faculty, students (Atlanta Journal Constitution) It sounds a bit ironic: a data breach potentially affecting 1.3...

Pro-Palestinian hackers breach 120 Israeli websites (Haaretz) Israeli cyber security firm ClearSky's report shows hackers took over the sites to prepare for an annual cyberattack known as OPIsrael and planned for April 7

2020 Census likely target of hacking, disinformation campaigns, officials say (Washington Post) The Census Bureau is working with social media companies, cybersecurity experts to protect the count of 330 million Americans, which determines federal funding, congressional apportionment, and redistricting

Game of Thrones: a Top Malware Conduit for Cybercriminals (Threatpost) The HBO blockbuster is the most-targeted show for malware-laden pirated files.

March Madness Scams Give Attackers Fast Break (Threatpost) Researchers have seen March Madness-related phishing scams, fake domains and adware spike as cybercriminals take a pass at tournament viewers.

New scam aims to trick you into giving up your cell phone account information (USA TODAY) If someone calls you pretending to be from your cell phone carrier and asks for a verification code, don't give it to them.

Arizona Beverages knocked offline by ransomware attack (TechCrunch) Arizona Beverages, one of the largest beverage suppliers in the U.S., is recovering after a massive ransomware attack last month, TechCrunch has learned. The company, famous for its iced tea beverages, is still rebuilding its network almost two weeks after the attack hit, wiping hundreds of Windows…

Cybercriminals Fall for IoT Honeypots (Security Boulevard) On Sunday 24th February, the eve of Mobile World Congress 2019, Avast security researchers Martin Hron, Vladislav Iliushin, Libor Bakajsa, and Anna Shirokova set a project in motion: the deployment of 500 honeypots in 10 countries around the world that would run for the length of the show (four days), and beyond.

This is how cyber-thieves rob banks and easily get away with it (MarketWatch) Robbers no longer need masks — they simply exploit wide-open system security holes to plunder data and money.

Albany continues computer recovery after weekend cyber-attack (WNYT NewsChannel 13) The city of Albany continues to try and recover from a cyber-attack last weekend.

April Fool's joke may be behind Bitcoin price spike (The Telegraph) An April Fool's joke is believed by some to be behind a rally that sent Bitcoin to its highest level in almost five months on Tuesday.

Security Patches, Mitigations, and Software Updates

VMware patches critical vulnerabilities (Naked Security) VMware has released patches for several critical security vulnerabilities, days after two were unveiled at Pwn2Own.

Cyber Trends

85 percent of organizations don't meet basic levels of PAM security (BetaNews) While 78 percent of organizations now include privileged credential protection as part of their cyber security policies, their privileged access management (PAM) security practices are still lacking.

D3 Security and SANS Survey Illustrates the Need for Security Automation to Stabilize the Critical Resource and Skills Gap (BusinessWire) D3 Security, an innovator in security orchestration, automation and response (SOAR) technology, today announced the results of the 2019 Automation and

Virulent Ransomware Strains Trust in Cyber Insurance (International Policy Digest) New more potent strains of virtual ransomware attacks are emerging.

Thailand ‘Asia’s fourth-biggest source of DDoS attacks’ (The Nation) Thailand ranks fourth on a list of countries in the Asia-Pacific region from which DDoS attacks originate.

Cryptojacking Still a Foreign Concept for Many Security Pros (BleepingComputer) For over 57% of the 150 cybersecurity professionals surveyed by Exabeam the concept of cryptojacking is not something they are acquainted with, while roughly 65% said that they are also unfamiliar with shadow mining.

Marketplace

Facebook cannot guarantee interference-free EU elections: Zuckerberg (Reuters) Facebook Inc is much better than it was in 2016 at tackling election interferenc...

Facebook Had an Incredibly Busy Weekend (WIRED) Here’s all the news you may have missed, including a major News Feed change and Mark Zuckerberg calling for government regulation.

Sorry Mark Zuckerberg, your empty words still don't convince me (The Telegraph) The Facebook mea culpa has become a regular occurrence in recent months, with the giant of social media’s top execs scrambling to promise to ‘do better’ in the wake of sustained pressure and repeated controversies.

YouTube Executives Ignored Warnings, Letting Toxic Videos Run Rampant (Bloomberg) Proposals to change recommendations and curb conspiracies were sacrificed for engagement, staff say.

Google shuts down its failed social network Google+ amid security issues (Computing) Google+ was launched in 2011 but failed to attract a sizable or active user base compared to Facebook and Twitter

Rapid7 Buys Network Traffic And Security Monitoring Vendor NetFort (CRN) Purchasing NetFort will improve Rapid7’s ability to detect attacks, investigate incidents and gain more visibility into devices that pose a risk to organizations, the company says.

Israeli firm buys Ukrainian startup for nearly $4 million (KyivPost) Israeli internet company Perion is to pay $3.7 million as it acquires a small Ukrainian startup which develops artificial intelligence and works in online marketing. Septa Communications, or also known as Captain Growth, consists of only eight people. The startup produces artificial intelligence that helps companies to advertise on Facebook and through Adwords. It analyzes marketing …

Aqua Security Closes $62M in Funding to Cement Its Leadership in Cloud Native Security (Aqua) Led by Insight Partners, the investment enable Aqua to expand its platform to secure microservices applications on containers and serverless infrastructure.

Greylock leads $14 million investment in application security startup Sqreen (VentureBeat) Sqreen, a cybersecurity startup that helps developers monitor and protect their web apps from vulnerabilities and attacks, has raised $14 million.

How Splunk is working to become the 'nerve center' for cybersecurity operations (CyberScoop) Monzy Merza, VP, Head of Security Research at Splunk talks with CyberScoop’s Greg Otto on how Splunk wants to free cybersecurity analysts from doing the mundane tasks that bog down security operations.

2019 Women in Cybersecurity ((ISC)²) (ISC)² took a new approach to surveying the cybersecurity workforce. This new look at the workforce revealed that the percentage of women in cybersecurity is roughly 24%.

'Mid-career Switch from Mechanical Engineering to Cyber' (US Black Engineer) How Cedric Fletcher made the leap from mechanical engineering to cyber engineering.

What Can Your Company Do To Attract Top Cybersecurity Talent? (TechNative) Last year's cybersecurity scorecard did little to reassure consumers that large companies are serious about security and privacy Massive data leaks hit the news every month against the background buzz of hundreds of smaller breaches that didn't make the front page.

Intel to cut more than 100 jobs from headquarters (Silicon Valley Business Journal) Intel has confirmed its latest layoffs will affect IT departments at four of its Silicon Valley campuses.

Intercede shares rally amid $4.3m US fed contract (UK Investor Magazine) Intercede shares rallied on Tuesday after the company announced it had received a $4.3 million order from the U.S federal government.

VMware announces new global channel program (CRN Australia) And tweaks its Australian arrangements too.

Telos Announces Membership in Global Cyber Alliance (GCA) to Collectively Confront Cyber Risks and Improve the Connected World (BusinessWIre) Telos CSO Richard Tracy joins the GCA's Strategic Advisory Committee to provide thought leadership on cyber risk and compliance management.

SecureAuth Appoints Veteran Sales and Marketing Executives to Support Global Hypergrowth and Leadership in the Identity Security Market (SecureAuth) SecureAuth Corp., the secure identity company, today announced the appointment of John Nassar as Chief Revenue Officer, and Robert Humphrey as Chief Marketing Officer. Nassar and Humphrey join the executive team to scale the worldwide sales and marketing organization, supporting the rapid growth of the company.

FBI’s Chief Hacker Joins FTI Consulting’s Growing Cybersecurity Practice (West) Ronald Yearwood Joins in San Francisco and Brings 30 Years of Cybersecurity and Law Enforcement Expertise

Products, Services, and Solutions

Nok Nok Labs Announces Successful Deployment of Biometric Authentication for Insurance Customers of Aflac Japan (PR Newswire) Nok Nok Labs (Nok Nok), the trusted leader in next-generation authentication today announced that its partner...

Cynet Announces Free Cybersecurity Threat Assessment for Midsize and Large Organizations (PRWeb) Cynet, pioneers of the automated threat discovery and mitigation platform (http://www.cynet.com), today announced the Cynet Threat Assessment program. The free off

Zettaset Launches XCrypt Service Encryption for Cloud Foundry (BusinessWire) Cloud Foundry Summit (Booth #S7) – Zettaset, a leading provider of software-defined encryption solutions, today introduced its groundbreaking new visi

SCADAfence Chosen by Mitsui Fudosan to Secure Building Management Systems (PR Newswire) SCADAfence, the global leader in operational technology (OT) security and the most widely deployed OT ...

Are there viable alternatives to Facebook and Twitter? (Naked Security) There’s growing interest in social networks that prioritize user control. Two of the popular ones are Mastodon and Diaspora.

Spark expands use of Splunk for real-time monitoring and security (New Zealand Reseller News) Spark New Zealand is using Splunk software to help monitor mobile towers in real-time while keeping broadband internet flowing.

Technologies, Techniques, and Standards

Three Triggers Telling You It’s Time to Reconsider Your Network Security Strategy (Bricata) Businesses are more reliant on their networks to conduct business so it's important to evaluate a network security strategy as if your business depended on it.

Inside the Democrats’ Plan to Fix Their Crumbling Data Operation (WIRED) After seeing the crucial role data played in the 2016 election, the DNC has spent the past two years revamping its infrastructure to take on Trump in 2020.

Design and Innovation

How a former Apple lead plans to make developers key to security solutions (TechRepublic) Security has tended to be a bolt-on to enterprise software, but Sqreen hopes to make it part of the normal way developers work.

Legislation, Policy, and Regulation

Dutch security agency warns against Chinese, Russian technology (Reuters) The Dutch security service advised the government on Tuesday not to use technolo...

Global Consequences of Escalating U.S.-Russia Cyber Conflict (Council on Foreign Relations) U.S. offensive cyber operations might deter Russia and other U.S. adversaries online, but we should consider the global consequences of escalating cyber conflict. 

Behind the Scenes of Russia’s Military Detachment to Venezuela (Jamestown) On March 23, a Russian defense ministry Ilyushin Il-62 passenger jet and an Antonov An-124 military cargo plane arrived at Simón Bolívar International Airport, having departed from the Chkalovsky military airbase (with an intermediate stop in Syria). Carrying 35 tons of cargo, the two aircraft delivered 99 Russian military specialists, headed by the first deputy commander-in-chief of the Land Forces, …

Colombia rejects Russia warning against Venezuelan military action (Reuters) Colombia on Tuesday rejected a Russian warning against foreign military interven...

Chinese hacking groups to ramp up cyber attacks on some industries, experts say (CSO Online) Companies in industries critical to China’s five-year plan face a higher risk of nation-state-sponsored cyber attacks.

Current, former Pentagon leaders sound alarm on Chinese technology in 5G networks (Washington Post) Defense officials are concerned that future combat operations could be compromised through advanced wireless systems.

Opinion | Keep the Chinese government away from 5G technology (Washington Post) The risks are just too high.

Nuanced Approach Needed to Deal With Huawei 5G Security Concerns (Dark Reading) Governments need to adopt strategic approach for dealing with concerns over telecom vendor's suspected ties to China's intelligence apparatus, NATO-affiliated body says.

Sharpened call for an Australian cyber civil defence organisation (ZDNet) A University of NSW Canberra research group recommends forming a provisional National Commission for Cyber Civil Defence to help defend against a "cyber storm" that's already upon us.

Exclusive: U.S. senators want stiff sanctions to deter Russia... (Reuters) U.S. Republican and Democratic senators will introduce legislation on Wednesday ...

Public-private joint effort is needed to prevent a cyber Pearl Harbor (TheHill) The threat of a destructive cyber attack that could cost lives is growing every day.

How DHS is following the DOD's plan for internal cybersecurity (CyberScoop) The Department of Homeland Security (DHS) is trying to replicate a plan used by the Department of Defense to protect and defend its network.

House bill would create panel of cyber experts to help DHS (Federal News Network) In today's Federal Newscast, bipartisan legislation in the House would create a panel of cyber professionals to advise the Department of Homeland Security.

Exclusive: Homeland Security Disbands Domestic Terror Intelligence Unit (The Daily Beast) While the body counts from domestic terror attacks mount, the analysts looking into those attacks have been moved.

Litigation, Investigation, and Law Enforcement

Intel to examine deepfake videos in hearing (TheHill) The House Intelligence Committee is planning to hold a hearing in the coming months that will examine a series of national security matters, including the threat of videos manipulated by artificial intelligence that&

Woman with Chinese passports, malware arrested at Trump’s Mar-a-Lago resort (Washington Post) Court documents say the woman, Yujing Zhang, was carrying a thumb drive when Secret Service agents stopped her.

Cybersecurity experts urge skepticism over claims Saudis hacked Bezos's phone (Yahoo) When Jeff Bezos’s personal security consultant published a startling indictment of the National Enquirer on Saturday, alleging that the tabloid publication may have worked with Saudi Arabia to expose the Amazon CEO’s affair, there was one thing missing: any evidence for the claim.

Kaspersky Lab appeals to court of public opinion with 'unbiased' assessment of Russian law (CyberScoop) The legal battle between Russian antivirus maker Kaspersky Lab and the U.S. government has quieted, but the court of public opinion is still open for arguments. Countering U.S. officials and critics who say otherwise, Kaspersky Lab on Tuesday released an analysis arguing that, under Russian law, the company would not be subject to certain demands from authorities for data.

Canadian Police Raid ‘Orcus RAT’ Author (KrebsOnSecurity) Canadian police last week raided the residence of a Toronto software developer behind “Orcus RAT,” a product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. Its author maintains Orcus is a legitimate Remote Administration Tool that is merely being abused, but security experts say it includes multiple features more typically seen in malware known as a Remote Access Trojan.

Analysis | The Cybersecurity 202: Arrest at Mar-a-Lago spotlights simple but pervasive threat of thumb drives (Washington Post) USB sticks have played a role in many big government hacks.

Chinese woman carrying ‘malware’ arrested at Mar-a-Lago heading to a Cindy Yang event (Miami Herald) U.S. Secret Service arrested a woman at Mar-a-Lago on Saturday who had a thumb drive with malware. She said she had been invited to Mar-a-Lago by a Chinese friend she identified only as ‘Charles.’

Chinese woman carrying thumb drive with malware arrested at Trump’s Mar-a-Lago resort (Washington Post) Court documents say the woman, Yujing Zhang, was carrying a thumb drive when Secret Service agents stopped her.

GAO Denies Protest Over $55M Deloitte Army Cyber Deal (Law360) The Government Accountability Office on Tuesday denied MacAulay-Brown's protest over a nearly $55 million Army cyber analytics deal awarded to Deloitte, saying it has "no basis to question" the Army's evaluation of Deloitte's proposed price, which was millions less than MacAulay-Brown's.

Censorship or safeguard? Groups challenge pre-pub review (WRAL.com) Civil liberties groups have filed a lawsuit challenging a pre-publication review required for people who have had access to government secrets.

These former agents say the CIA and NSA are censoring them. Now they’re suing. (Washington Post) The lawsuit alleges the government’s pre-review process for published work is an unconstitutional “system of censorship.”

Swedbank’s Crisis Management Questioned in Walk-Up to Money-Laundering Investigations (Wall Street Journal) A sequence of events at the Swedish lender, including the firing of CEO Birgitte Bonnesen last week, provides a case study in one of the riskiest balancing acts executives attempt when faced with a corporate crisis: trying to apply the right amount of weight to reassuring investors on one side and enough weight to publicly addressing the problem on the other.

Firms Tied To Fusion GPS, Christopher Steele Were Paid $3.8 Million By Soros-Backed Group (Daily Caller) The Democracy Integrity Project was founded by a former Senate Intel staffer

Democrats preparing to unleash subpoenas over Trump security clearances (Roll Call) Chairman Elijah Cummings hinted Monday that his House Committee on Oversight and Reform is preparing to unleash a series of subpoenas starting this week for their investigation into the White House’s security clearance policy.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

IMPACT ’19 (Chantilly, Virginia, USA, April 15 - 17, 2019) Prepare for the changes ahead and get out in front of the compliance curve by attending the 34th annual NSI IMPACT Forum on April 15-17 at the Westfields Marriott in Chantilly, VA. The theme of this year’s key compliance strategies from hands-on security experts to safeguard classified information and minimize insider threats.

Cyber Security Transatlantic Policy Forum (Killarney, Ireland, May 10, 2019) The mission of the conference is to bring politicians, law enforcement, policy makers and cyber industry leaders together to create an annual dialogue. Our goal is to ensure that we expand and improve...

Insider Threat Program Development - Management Training Course (Mountain View, California, USA, July 15 - 16, 2019) The Insider Threat Defense Group will hold our highly sought after Insider Threat Program (ITP) Development - Management Training Course, in Mountain View, California, on July 15-16, 2019. This comprehensive...

Upcoming Events

InfoSec World 2019 (Lake Buena Vista, Florida, USA, April 1 - 3, 2019) Cybersecurity has come a long way in 25 years, and InfoSec World has been there through it all. That's right, InfoSec World 2019 Conference & Expo is returning to Disney's Contemporary Resort on April...

Dynamic Connection 2019 (Denver, Colorado, USA, April 2 - 4, 2019) Dynamic Connections 2019 will bring together over 1,000 attendees to learn, explore and create solutions needed today to help us thrive and operate successfully in the digital domain with confidence. Learn...

IP Expo Manchester (Manchester, England, UK, April 3 - 4, 2019) The event will showcase industry leaders and those at the forefront of technology, to encourage debate and inform attendees on the critical technological issues affecting modern business. IT and cyber...

QuBit Conference Prague 2019 (Prague, Czech Republic, April 9 - 11, 2019) Over the past 5 years, QuBit has grown to be a leading cyber security community event in CEE region. This year's highlights include: excellent speakers and educational sessions, popular networking events,...

Mississippi College Cybersecurity Summit (Clinton, MIssissippi, USA, April 10, 2019) The 2019 Mississippi College Cybersecurity Summit is a conference designed to engage, educate, and raise awareness about cybersecurity across the nation. It will provide valuable cybersecurity tools and...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.