skip navigation

More signal. Less noise.

What if your security strategy added zeros to your bottom line?

Focusing on response alone is costly. You lose data. You lose infrastructure. You lose human and capital resources that could be productive elsewhere. And you lose your reputation. When you catch threats before they execute, you contain the problem, and the rewards add up. Let Blackberry Cylance help you understand how you can reduce your total cost of security controls, bolster your organization’s security posture, and zero in on what really matters.

Daily briefing.

Cisco Talos describes "Sea Turtle," a state-directed espionage campaign that's been active since early 2017. Most of Sea Turtle's operations have been in the Middle East, and the campaign is noteworthy for its sophisticated Domain Name System (DNS) manipulation. Cisco Talos divides the victims into "two distinct groups." The first group includes the targets proper: energy organizations, defense establishments, and foreign ministries. The second group are third-parties used to reach the primary targets: telcos, ISPs, and DNS registrars. CrowdStrike and FireEye had earlier described aspects of this DNS-manipulation campaign. FireEye tentatively attributed it to Iran.

Buzzfeed says Google has booted six ad-fraud apps from the Play store.

Yesterday Facebook acknowledged inadvertently uploading email contacts of a million-and-a-half users without the users' consent. The social network regrets this, and says it will remove contacts uploaded in connection with its now-disenabled email password verification feature. The contacts may have found their way into data used to draw inferences for ad-targeting and the People You May Know feature. Whether those inferences will also be removed is, the Guardian reports, unknown.

ZeroFOX sees a wave of opportunistic scamming conducted around the Notre Dame fire: ad fraud, direct fraud, malware installation, and even stock fraud.

The Washington Post interviews a professor who sees problems with the conduct of cybersecurity research. The issues apparently derive from how research uses data entangled with marketing that are better adapted to persuasion than replication.

The Mueller report is being released this morning. CNN and others are following the story.

Notes.

Today's issue includes events affecting Brazil, Canada, China, France, India, Iran, Italy, Indonesia, Republic of Korea, Liberia, NATO/OTAN, New Zealand, Nigeria, Romania, Russia, Singapore, United Kingdom, United States.

Today is the CyberWire's third anniversary as an independent business, and we'd like to mark the occasion with a sincere thank you to all of our sponsors, patrons, listeners, and readers. On behalf of our whole team, thanks for reading and listening.

Earn Your Master’s in Cybersecurity from Georgetown

Looking to advance your cybersecurity career? Check out Georgetown University's graduate program in Cybersecurity Risk Management. Ideal for working professionals, our program offers flexible options to take classes online, on campus, or through a combination of both—so you don’t have to interrupt your career to earn your degree. You'll leave the program with the expertise you need to effectively manage risks and navigate today’s increasingly complex cyber threats. Explore the program.

In today's podcast, out later this afternoon, we speak with our partners at Dragos, as Robert M. Lee takes a look back at the evolution of ICS technology. Our guest is Nathan Katzenstein. He’s worked twenty years in IT, and he offers his perspective on the job market as he finishes up a master's degree in cybersecurity at Utica College.

And Hacking Humans is up, too. In this episode, "I have been practicing honesty and truthfulness my whole life, we share some followup from an Australian listener. Dave shares a Paypal scam leveraging Google ads. Joe describes TechCrunch reporting on a spam service that was left out in the open. The catch of the day promises a lifetime supply of gold. Dave interviews Asaf Cidon from Barracuda Networks.

Global Cyber Innovation Summit (Baltimore, Maryland, United States, May 1 - 2, 2019) This unique, invitation-only forum brings together a preeminent group of leading Global 2000 CISO executives, cyber technology innovators, policy thought leaders, and members of the cyber investment community to catalyze the industry into creating more effective cyber defenses. Request an invitation today.

Cyber Attacks, Threats, and Vulnerabilities

"LPR" reportedly behind recent phishing attack on Ukraine govt agencies, military – threat research (UNIAN) The malware is spread via emails with malicious LNK files with PowerShell scripts designed to download a second-stage payload from the command and control server.

Source code of Iranian cyber-espionage tools leaked on Telegram (ZDNet) APT34 hacking tools and victim data leaked on a secretive Telegram channel since last month.

Cyberspies Hijacked the Internet Domains of Entire Countries (WIRED) A mysterious new group called Sea Turtle targeted 40 organizations in a DNS hijacking spree.

Sea Turtle Attackers Play Shell Game With DNS (Decipher) A group of attackers has been running a DNS hijacking campaign known as Sea Turtle that targets energy, intelligence, and military organizations.

Hackers Are Messing With the 'Web's Phone Book' For Espionage (PCMAG) The suspected government-backed hackers have been infiltrating companies that run the Domain Name System, including internet service providers and web-hosting organizations, allowing them to corrupt the "phone book of the internet," security researchers warn.

CyberInt Reports: Suspected Russian-speaking Threat Actors 'TA505' Continues Cybercrime Spree against Global Retailers & Financial Institutions (PR Newswire) Investigation from CyberInt's Research Lab has connected a single gang to a range of attacks against retailers ...

CyberInt Reports: Suspected Russian-speaking Threat Actors Targeting Korea (Korea IT Times) [Tel Aviv] Investigation from CyberInt’s Research Lab announced on April 17 that has connected a single gang to a range of attacks against retailers and financial institutions around the world using legitimate remote access software. CyberInt’s managed detection and response solutions protect the wo

Meet Scranos: New Rootkit-Based Malware Gains Confidence (Dark Reading) The cross-platform operation, first tested on victims in China, has begun to spread around the world.

Romania, world’s most affected country by new cyber threat that steals passwords, payment data (Romania Insider) Security researchers have discovered an aggressive computer threat that hides on the infected devic

Russian Hackers Scrambled to Erase Digital Footprints After Triton Attribution Report (TechBizWeb) Some of the pieces of digital evidence that led to security researchers linking the notorious Triton malware to a Russian research institute were removed after the information was made public. A blog post published in October 2018 by cybersecurity firm FireEye assessed with “high confidence” that …

Malicious AutoHotkey Scripts Used to Steal Info, Remotely Access Systems (BleepingComputer) Attackers are targeting potential victims using a malicious AutoHotkey script to avoid detection and to steal information, to drop more payloads, and to remotely access compromised machines using TeamViewer​​​​​​.

Massive eGobbler Malvertising Campaign Leverages Chrome Vulnerability To Target iOS Users (Confiant) As publishers have become increasingly aware over the last week, there’s a series of rampant malvertising campaigns on the loose…

Wipro breach highlights third-party risk from large IT services providers (CSO Online) After outsourcing giant Wipro suffered a phishing incident, attackers used its email system to target the company’s customers. The breach demonstrates the dangers of supply chain and third party risk.

How Not to Acknowledge a Data Breach (KrebsOnSecurity) I’m not a huge fan of stories about stories, or those that explore the ins and outs of reporting a breach.

Popular Android Apps From A Major Chinese Developer Were Caught Committing Ad Fraud (BuzzFeed News) Following a BuzzFeed News investigation, Google removed six apps from the Play store that belonged to a major Chinese developer.

Fraudsters Exploiting the Notre Dame Tragedy (ZeroFOX) ZeroFOX is actively monitoring for malicious activity and fraudulent crowdfunding sites on social media related to the Notre Dame fire.

Facebook says it uploaded email contacts of up to 1.5 million users (Reuters) Facebook Inc said on Wednesday it may have "unintentionally uploaded" ...

Facebook uploaded email contacts of 1.5m users without consent (the Guardian) Company says it has stopped using password verification feature that collected data

Chipotle customers are saying their accounts have been hacked (TechCrunch) A stream of Chipotle customers have said their accounts have been hacked and are reporting fraudulent orders charged to their credit cards — sometimes totaling hundreds of dollars. Customers have posted on several Reddit threads complaining of account breaches and many more have tweeted at @Chipotl…

What is a side channel attack? How these end-runs around encryption put everyone at risk (CSO Online) Side channel attacks on cryptography break confidentiality by exploiting information produced by the encryption — such as van Eck phreaking in a TEMPEST attack, courtesy the van across the street.

Cyber-security firm Verint hit by ransomware (ZDNet) In an extreme case of irony, ransomware hits cyber-security firm.

Ransomware Attack Blocked Successfully, Says Cyber Company Verint (CTECH) On Wednesday night, Israeli media reported that the Israeli offices of the surveillance and business intelligence company were under attack, though the nature of the ransomware and the demands of the attackers were unclear

Ad blocker firms rush to fix security bug (Naked Security) If you’re using an ad blocker to filter out online commercials, then beware: You might be vulnerable to a new attack revealed on Monday that enables hackers to compromise your browser.

New Business Email Compromise Scheme Reroutes Paycheck by Direct Deposit (Trend Micro) A new business email compromise (BEC) scheme, where attacker tricks the recipients into rerouting paychecks by direct deposit, has emerged.

Kaspersky Lab Saga Grows Weirder as Critics of the Security Firm Say Bumbling Spy Tried to Discredit Them (Gizmodo) A man who goes by the name Lucas Lambert reportedly spent months setting up meetings with three cybersecurity experts under false pretenses last year, hoping to get them to say that they were paid to criticize Kaspersky Lab. Lambert was unsuccessful, but the attempt sheds new light on alleged covert activity potentially carried out on behalf of the Moscow-based cybersecurity firm.

New Research from Terbium Labs Shows How Criminals Use Fraud Guides to Exploit and Defraud Organizations for Less than Eight Dollars (Globe Newswire) Thorough Review of Dark Web Fraud Trade Helps Organizations Guard Against the Most Common Schemes and Tactics Used by Cybercriminals

Criminals are putting old tax returns up for sale on the dark web (CBS News) Identity theft has never been this cheap — you can buy anything from old tax returns to bank accounts on the dark web

Cybercrime a 'true economy of scale,' expert warns (Fox Business) Most Americans personal information is available to criminals on the dark web.

Security Patches, Mitigations, and Software Updates

Oracle security warning: Customers told to patch ASAP to swat 297 bugs (ZDNet) Update addresses multiple flaws that can be remotely exploited without user credentials.

Evernote Fixes Remote Code Execution Vulnerability in macOS App (BleepingComputer) A local file path traversal vulnerability which allows attackers to run arbitrary code on their targets' Macs remotely was fixed by Evernote after receiving a report from security researcher Dhiraj Mishra.

A third-party patch for Microsoft's Internet Explorer zero-day vulnerability (Graham Cluley) Don’t want to wait for Microsoft to fix the problem in how Internet Explorer handles .MHT files? Other security researchers come to the rescue.

Cyber Trends

SonicWall Detects, Reports Dramatic Rise in Fraudulent PDF Files in Q1 2019 (SonicWall) SonicWall Capture Labs threat researchers are reporting a substantial increase of fraudulent PDF files. This fraud campaign takes advantage of recipients’ trust in PDF files as a “safe” file format that is widely used and relied upon for business operations.

Protecting People: A Quarterly Analysis of Highly Targeted Cyber Attacks (Proofpoint) Among the most targeted malware and credential phishing attacks, nearly 30 percent targeted generic email aliases. These email addresses are shared typically within an organization.

Bots drove nearly 40% of internet traffic last year — and the naughty ones are getting smarter (The Next Web) Bots walk among us.

How to make AI ethics a priority at your company: 5 tips (TechRepublic) One-third of professionals see ethical risks as a top concern about artificial intelligence and technology, according to a Deloitte report.

Why India's trojan menace will only increase (Live Mint) Almost three in four banks in Asia Pacific anticipate that fraud in their country will increase in 2019, said a new report by FICO.Cybersecurity continues to be a major issue in India with 76.3% of organizations hit by cyber attacks in the last year, a global survey from security firm Sophos corroborated

Over 80% of All Phishing Attacks Targeted U.S. Organizations (BleepingComputer) U.S. entities remained the most attractive targets of phishing attacks throughout 2018, with an estimated 84% of the total volume of millions of incidents analyzed during the last year by threat intelligence company PhishLabs.

Marketplace

Manufacturers' cyber risk is about far more than data breach (Insurance Business) Following the Norsk Hydro hit, one expert reveals why the industry needs more comprehensive cyber coverage

Cyber pricing: Have carriers got it right? (Canadian Underwriter) Cyber insurance is a good tool to help clients understand their vulnerabilities, but carriers need to do a better job of pricing according to risk, speakers suggested at a recent conference. “There seems to be a lot of spit-balling on…

Astroscreen raises $1M to detect social media manipulation with machine learning (TechCrunch) In an era of social media manipulation and disinformation, we could sure use some help from innovative entrepreneurs. Social networks are now critical to how the public consumes and shares the news. But these networks were never built for an informed debate about the news. They were built to reward…

Tesserent builds cyber security strength with Rivium buy (ARN) Tesserent builds upon its cyber security business spending $3.5 million on buying Melbourne-based enterprise security specialist and Splunk reseller, Rivium.

Tech Nation's national cyber security growth programme revealed (Information Age) Tech Nation's initiative is designed to spur the UK’s cyber sector, accelerate the growth of its members and build a cross-industry network

Microsoft Unveils Two Secret Data Centers Built for Classified Government Data (Nextgov) Microsoft is building data centers and expanding security capabilities to compete with Amazon to host sensitive government data.

Orange Cyberdefense s’implante à Casablanca (afriqueactudaily) Le groupe Orange renforce ses solutions au profit des entreprises marocaines en procédant, vendredi, à l’implantation à Casablanca de sa filiale Orange Cyberdefense, spécialisée dans la sécurisation des actifs numériques.

Accenture Opens Federal Cyber Center in San Antonio (Hastings Tribune) Accenture (NYSE: ACN) has launched the Accenture Federal Services (AFS) Cyber Center, a state-of-the-art facility in San Antonio that provides cybersecurity capabilities on an as-a-service basis

Jon Rose Joins Bishop Fox as Vice President of Managed Security Services (PR Newswire) Bishop Fox, the largest private professional services firm focused on offensive security testing, announced today that...

Cofense Announces Key Additions to Leadership Team (PR Newswire) Today Cofense™, the global leader in intelligent phishing defense solutions, announced the addition of four...

Products, Services, and Solutions

BitDam Launches Email Security Penetration Testing Tool (PRWeb) BitDam, provider of cybersecurity solutions that protect enterprise communications from advanced threats hidden in files and links, today announced the ava

Mimecast Customer Case Study (Gigamon) Mimecast: Source of Better Actionable Intelligence in the Quest to Secure the Network

Ridding Email Phish at Massive Scale | SendGrid (SendGrid) Learn more about Twilio SendGrid’s Inbox Protection Rate, which measures compliance efforts to prevent malicious email from reaching SendGrid’s email recipients.

CyFlare selects Syncurity as SOAR provider to enable global scale (Help Net Security) CyFlare has announced that it has selected Syncurity as the Security Orchestration Automation and Response (SOAR) provider to enable global scale.

CyberSaint launches CyberStrong, a new integrated risk management solution (Help Net Security) CyberSaint announced the general availability of the latest version of its CyberStrong integrated risk management platform.

Verint says Video Investigator will shorten banks’ investigation time by more than 50% (IFSEC Global) Verint Systems has launched a platform designed to simplify and automate security, surveillance and fraud investigations undertaken by banks and …

You're fired: Network-driven security does it better for distributed IT (SiliconANGLE) You're fired: Network-driven security does it better for distributed IT

EY Launches Beta Test Version of Smart Contract Analyzer for Ethereum Blockchain (Cointelegraph) Big Four auditing firm EY has launched a private beta test version of its new Smart Contract Analyzer tool for the public Ethereum blockchain.

IoT device monitoring added to Nyansa Voyance (SearchNetworking) Nyansa has added IoT device monitoring to its network monitoring software. The latest version of Nyansa Voyance can monitor the activity of IoT devices found in healthcare and retail.

ThreatModeler Improves Platform Training with Launch of ThreatModeler Academy (PR Newswire) ThreatModeler Software Inc., provider of the industry's #1 Automated Threat Modeling Platform, announced...

Technologies, Techniques, and Standards

In Case of Emergency: A Disaster Recovery Plan Checklist for Data Security (Hashed Out by The SSL Store™) Hurricane season is around the corner and cyber attacks are ever-increasing — is your business prepared for any incident with a disaster recovery plan? While it’s important to plan for...

The Economic Side Of Cyber Security Risk Management (Cyber Security Hub) Robert (Bob) Vescio is the Chief Analytics Officer of Secure Systems Innovation Corporation, and he is recognized as one of the industry's foremost experts in the area of cyber risk economics. He joined Host George Rettas, president and CEO of TF 7 Radio on Monday night.

‘Locked Shields’ 2019 seeks to clarify domestic and military cyber response roles (Jane's 360) Cyber exercise ‘Locked Shields’ 2019, which was held on 8-12 April, focused on gaining a better functional understanding between technical experts and strategic decision-makers, as well as between operators from different NATO nations, the event’s organisers told Jane’s .

Locked Shields (CCDCOE) Locked Shields is a unique international cyber defence exercise offering the most complex technical live-fire challenge in the world

When malware hits an F-16, call these new Air Force cyber teams (Fifth Domain) New cyber teams will defend things like the avionics in a fighter jet.

Design and Innovation

The hot, new cyber trend: people (Fifth Domain) The security industry hasn’t spent much time thinking about security through a human-focused lens. That's changing.

Mozilla to Apple: Protect user privacy with rotating phone IDs (Naked Security) Mozilla has criticized Apple for its latest privacy marketing campaign, urging it to provide more automatic protection for users behind the scenes.

Emotionally intelligent AI will respond to how you feel (The Next Web) Artificial intelligence offers us an opportunity to amplify service and the integration of technology in everyday lives many times over. But until very recently, there remained a significant barrier in how sophisticated the technology could be. Without a complete understanding of emotion in voice and how AI can capture and measure it, inanimate assistants (voice …

Research and Development

Army researchers identify new way to improve cybersecurity (U.S. Army Research Laboratory) With cybersecurity one of the nation's top security concerns and billions of people affected by breaches last year, government and businesses are spending more time and money defending against it. Researchers at the U.S. Army Combat Capabilities Development Command's Army Research Laboratory, the Army's corporate research laboratory also known as ARL, and Towson University may have identified a new way to improve network security.

IARPA working on protecting AI training data from tampering (Federal News Network) IARPA Director Stacey Dixon said the agency has laid the groundwork for two programs focused on ways to overcome adversarial machine learning.

Researchers claim breakthrough in secure quantum communications (Computing) The researchers were able to coordinate the path of a pair of photons - one photon for each party - through different fibre network paths

Closing Quantum Cybersecurity Gap an Imperative: Industry and Government to Warn at Toronto Quantum Summit (PR Newswire) More than 100 senior-level participants from government, private industry, universities and...

Analysis | The Cybersecurity 202: This is the biggest problem with cybersecurity research (Washington Post) Private companies are wary of sharing data on hacking attempts with researchers.

Cybersecurity Research Datasets: Taxonomy and Empirical Analysis (Tandy School of Computer Science, University of Tulsa) We inspect 965 cybersecurity research papers published between 2012 and 2016 in order to understand better how datasets are used, produced and shared.

Academia

UofL, IBM create academy to teach AI, IoT, cybersecurity, quantum computing (Insider Louisville) UofL is joining forces with IBM to better be able to equip students with skills for in-demand fields such as cybersecurity and quantum computing.

Legislation, Policy, and Regulation

Want protection from online scams? Try these tips (Newsroom) Kiwis lost $33m in online scams last year, so what can we do? Dr Rizwan Asghar has some suggestions.

China criticizes telecom supply-chain proposal at WTO; U.S. says it's a 'matter of national security' (Inside Cybersecurity) China has raised concern at the World Trade Organization that a proposed Federal Communications Commission rule unfairly paints firms like Huawei and ZTE as cybersecurity threats and could exclude them from the build-out of next-generation “5G” networks by U.S. telecom providers in rural areas.

U.S. ban on Chinese telecom equipment moves forward amid concerns (Yahoo News) A ban on U.S. government business deals with several Chinese telecom companies, including Huawei and ZTE, is on track to be implemented by late summer, according to the Pentagon.

FCC chairman cites national security, opposes China Mobile's bid to access US market (TheHill) Ajit Pai, the chairman of the Federal Communications Commission (FCC), announced his opposition Wednesday to allowing state-backed Chinese telecommunications company China Mobile to enter the U.S. market.

German Spies Dismiss Trump’s Huawei Threats, Sources Say (Bloomberg) Authorities see data-sharing warning as political sparring. U.S.-German security cooperation too close to risk disrupting.

Huawei CEO offered Berlin no-spy deal to soften 5G concerns: Wirtschaftswoche (The Mighty 790 KFGO) China's Huawei offered Berlin a "no-spy agreement" to address security concerns over the Chinese company's involvement in building Germany's next-generation 5G mobile infrastructure, a German magazine said on Wednesday. "Last month, we talked to the German Interior Ministry and said that we were ready to sign a no-spy agreemen...

A Risk Analysis of Huawei 5G (Lawfare) What a country needs to consider before buying Huawei 5G equipment.

Federal CISO floats potential for new supply chain regs (FCW) The federal government's top IT security chief and canvassed industry for feedback on how to shape new rules of the road for federal acquisition and procurement.

Defining “Emerging Technologies”: Industry Weighs In on Potential New Export Controls (China Business Review) What exactly qualifies as an "emerging technology," and how would the United States go about placing export controls on them? Feedback from industry and other stakeholders continues to inform this rulemaking process.

EU Parliament Votes to Ban Ticketing Bots (Billboard) The European Parliament has voted to ban the use of automated software -- or "bots," as they are more commonly known -- to mass-purchase concert tickets which are then resold at inflated rates on the secondary market.

The Evolution Of Cyber Security In The Nigerian Banking Sector (Mondaq) Nigeria moved from a country with zero legislation on cyber security to a country with an extensive law with the enactment of the Cybercrime (Prohibition, Prevention, Etc.) Act (the Act) in 2015. Nigeria Security AELEX 16 Apr 2019

Liberia allays cyber security threat fears (Journal du Cameroun) Liberia’s Ministry of Posts and Telecommunications has assured the business community that the government will ensure that their businesses are protected against cyber security threats in the country.According to Posts and Telecommunications Minister Cooper Kruah, the Coalition for Democratic Change (CDC) led Government takes the protection of businesses and the general economy from this growing threat very …

Under 18s to be barred from porn websites under age restrictions to be introduced on July 15 (The Telegraph) Children and youths will be banned from viewing pornography in Britain on July 15 under a crackdown requiring pornographic websites to verify users are over 18.

Litigation, Investigation, and Law Enforcement

Who’s Afraid of the Mueller Report? (The Atlantic) Trump aides are serenely confident that the special counsel’s fine print won’t hurt the boss.

How to Read Between the Lines of the Mueller Report (Foreign Policy) Here’s what to expect from the long-awaited—and now heavily redacted—probe into Trump’s Russia ties.

The Courts and Canada Are Doing What the U.S. Government Won’t on Data Breaches (Slate Magazine) The federal government doesn’t care much about data breaches. Courts are stepping in.

Police launch specialist team to combat cyber criminals in Sunderland and South Tyneside (Sunderland Echo) Police have launched a specialised team aimed at tackling cyber criminals.

Feds Bust Phony Lawyer Whose Website Cribbed From Cravath (New York Law Journal) Prosecutors say John Lambert, whose website borrowed from the profiles of real Cravath lawyers, bilked thousands of dollars from people and businesses by impersonating a high-powered New York attorney.

Student used "USB Killer" device to destroy $58,000 worth of college computers (The Verge) The former student now faces up to 10 years in prison

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Cyber Security Lunch & Learn (Waltham, Massachusetts, USA, April 30, 2019) Data Security breaches happen daily. Security and protection of intellectual property, financial information and client data require the strongest levels of protection from theft or attack, both inside...

CyCon 2.0 Manassas Edition (Manassas, Virginia, USA, June 15, 2019) CyCon is touching down in Manassas with a full lineup of experts in the field of Cybersecurity to present on current topics or demo bleeding edge technologies.

Nashville Cybersecurity Conference (Nashville, Tennessee, USA, November 21, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

Dallas Cybersecurity Conference (Dallas, Texas, USA, December 4, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

St, Louis Cybersecurity Conference (St. Louis, Missouri, USA, December 5, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

Anaheim Cybesecurity Conference (Anaheim, California, USA, December 11, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

Cincinnati Cybersecurity Conference (Cincinnati, Ohio, USA, December 12, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

Upcoming Events

2019 Industrial Control Systems (ICS) Cyber Security Conference (Singapore, April 16 - 18, 2019) As the largest and longest-running cyber security-focused conference for the industrial control systems sector, the event caters to the energy, utility, chemical, transportation, manufacturing, and other...

Insider Threat Summit 2019 (ITS5) (Monterey Bay, California, USA, April 17 - 18, 2019) ITS5 brings Government and Industry organizations and cybersecurity leaders together to better understand the type of threats that impact infrastructure and overall operations. Our two-day summit will...

SecureWorld Houston (Houston, Texas, USA, April 18, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...

INSA Spring Symposium: Managing the Evolving Cyber Landscape (Arlington, Virginia, USA, April 18, 2019) Join INSA on Tuesday, April 16 for our annual Spring Symposium. The 2019 theme, Managing the Evolving Cyber Landscape, focuses on the need for a strong, secure digital infrastructure. Hear from senior...

Data Connectors Cybersecurity Conference Hartford (Hartford, Connecticut, USA, April 18, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.