skip navigation

More signal. Less noise.

Get your copy of the definitive guide to threat intelligence.

We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.

Daily briefing.

The Los Angeles Times reports that data concerning the US Department of Homeland Security's BioWatch program were exposed for over a decade on a contractor's unsecured server. The data included some sensor locations, lists of bio agents that could be detected, and some contingency plans. The vulnerable site has been shuttered, and the data moved behind a DHS firewall. 

According to ZDNet and others, attackers are weaponizing vulnerabilities in Webmin servers, Pulse Secure, and Fortinet VPNs. Users are urged to patch.

SecurityWeek reports that the US Department of Justice unsealed an indictment naming some eighty defendants in a range of online frauds ranging from business email compromise to romance scams. The two lead defendants and several co-conspirators are Nigerian nationals.

InternetUA says the cryptomining rig Ukraine's SBU dismantled at the South Ukraine Nuclear Power Station apparently exposed data about the plant's physical security. Such data are sensitive, and in Ukraine are considered state secrets.

Phishing attempts are mimicking multi-factor authentication login screens, Naked Security says. They aren't, of course: they're simply malicious links. But the appearance is more convincing than that seen in earlier attempts. Sophos advises avoiding email links, being aware of domain names, and foregoing any shortcuts to determining whether accounts are being misused by some third-party.

Crown Sterling has filed a lawsuit against Informa subsidiary UBM alleging breach of contract. Poor reception of Crown Sterling's presentation at Black Hat outlining what the company calls a "paradigm-shifting" contribution to cryptography prompted the suit. Ars Technica has a summary.

Notes.

Today's issue includes events affecting Australia, Canada, China, India, Pakistan, United Kingdom, United States.

Bring your own context.

Some observations on the convergence of hybrid war and organized crime.

"The trend really is for increasing connectivity, hyper-connectivity of everything from the financial services sector all the way through to things like industrial control systems, physical process control. And that's changing, really, the nature in which criminals operate but also changing the way in which nation-states are operating. And we've seen a real rise in what's been variously termed as hybrid war, ambiguous war, gray-zone conflict, where the nation-states are actually able to operate within the uncertain boundaries of a globalized hyper-connected environment. And so we see things like the bank of Bangladesh heist, which has been - it was an attack against the central bank and reportedly conducted by a nation-state in order to fund internal activities within that nation-state, particularly around their military program. Now, there are various conversations around that about how true or not that is. But that kind of concept that now a nation-state is performing what would've traditionally been seen as a criminal act in order to fund nation-state activities is quite an interesting and emergent of global politics within a digital environment."

—Daniel Prince, senior lecturer in cybersecurity at Lancaster University, on the CyberWire Daily Podcast, 8.21.19.

Perhaps the non-state side of the analogy is less with organized crime than to banditry, or even warlordism.

Conduct secure and anonymous research on the open and dark web.

If you are doing online research, the common web browser can betray you by exposing you and your organization to cyber attacks. Authentic8, the maker of Silo Cloud Browser and Silo Research Toolbox, ends this betrayal. Silo insulates and isolates all web data and code execution from user endpoints, providing powerful, proactive security even if you are gathering data and collections across the deep and dark web. Learn more.

In today's podcast, out later this afternoon, we speak with our partners at Cisco Talos, as Craig Williams discusses the Heaven’s Gate RAT. Our guest is Mike Weber from Coalfire, who talks us through their recently published Penetration Risk Report.

Cyber Security Summits: Chicago on August 27 and on September 17 in Charlotte (Chicago, Illinois, United States, August 27, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Google, IBM, Darktrace, and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Passes are limited, secure yours today: www.CyberSummitUSA.com

10th Annual Billington CyberSecurity Summit (Washington, DC, United States, September 4 - 5, 2019) The event will be an important Call to Action for the cybersecurity community and is the deepest examination of the cybersecurity and government at the local, state, Federal and International levels found anywhere.

Second Annual DataTribe Challenge (Online, October 1, 2019) Register now for a chance to be DataTribe's next world-class company. Finalists will split a $20,000 prize, and the winner may receive $2m in funding from DataTribe. Contestants have until October 1st to apply at www.datatribe.com/challenge­.

Zero Day Con (Washington, DC, USA, October 22, 2019) Zero Day Con hosts a day of expert discussion on security approaches to regain control over your systems, data, and information. Join us to examine insights, security technologies, and key priorities to secure your systems. Get a 30% discount for Labor Day using code LABOR30.

Cyber Attacks, Threats, and Vulnerabilities

Hackers could have breached BioWatch for years, records show (Los Angeles Times) The Department of Homeland Security stored sensitive data from BioWatch on an insecure website where it was vulnerable to attacks by hackers, records show.

Hackers are actively trying to steal passwords from two widely used VPNs (Ars Technica) Got Fortigate or Pulse Secure? Now would be a good time to make sure they're patched.

Hackers mount attacks on Webmin servers, Pulse Secure, and Fortinet VPNs (ZDNet) Enterprise networks across the world are at risk after hackers start exploiting three very popular products.

Virtual Caucus at Risk After DNC Experts Hacked Conference Call (Bloomberg) Iowa, other state officials outraged that system may change. Democrats required states to try a virtual option in 2020.

Asruex Malware Exploits Old vulnerabilities to Infect PDF, Word Docs (SecurityWeek) A recently observed variant of the Asruex backdoor acts as an infector by targeting old vulnerabilities in Microsoft Office and Adobe Reader and Acrobat 9.x, Trend Micro reports.

A new variant of Asruex Trojan exploits very old Office, Adobe flaws (Security Affairs) Experts at Trend Micro discovered a new variant of the Asruex Trojan that exploits old Microsoft Office and Adobe vulnerabilities to infect systems. Malware researchers at Trend Micro discovered a new variant of the Asruex Trojan that exploits old Microsoft Office and Adobe vulnerabilities to infect Windows and Mac systems. Asruex first appeared in the

Emotet botnet reactivated after two month break (Computing) Emotet returns following summer holiday

IRS Warns Taxpayers of New Scam Campaign Distributing Malware (BleepingComputer) The Internal Revenue Service (IRS) issued today a warning to alert taxpayers and tax professionals of an active IRS impersonation scam campaign sending spam emails to deliver malicious payloads.

Quick thinking by Portland Public Schools stops $2.9m BEC scam (Naked Security) Employees at Portland Public Schools were breathing easier this week after thwarting a business email compromise (BEC) scam that could have cost them almost $3m.

Instagram phishing uses 2FA as a lure (Naked Security) If the phishing page looks OK, and it has an HTTPS padlock, how are you supposed to spot phishes these days? Read our tips…

A State-of-the-Art Spoof  (or, Why Turning Your Users Into Grammar Nazis Won't Keep the Bad Guys Out) (KnowBe4) A State-of-the-Art Spoof  (or, Why Turning Your Users Into Grammar Nazis Won't Keep the Bad Guys Out)

Using CTFTOOL.exe to escalate privileges by leveraging Text Services Framework; and mitigation processes and steps (Insider Threat Security Blog) Overview In this post, I will be looking at a new exploit that leverages a weakness in Microsoft Windows Text Services Framework to launch a child process that allows for the escalation of privileges. I will give a brief overview of what the Text Services Framework service does, what the exploit is, and how it could be used. Then, I will go into more detail about how to run the exploit and different methods that can be used for detection...

Chinese Hackers Steal 68 Lakh Records from Indian Healthcare Site (News18) Cyber espionage actors can leverage this data for intelligence collection purposes, to further target high-profile individuals or those who may have access to valuable information, cautioned the report.

Regis University shuts down internet on campus following cyber attack (FOX31 Denver) A cyber attack forced Regis University in northwest Denver to shut down its campus internet. The shut-down began Tuesday. As of Sunday, the university's email accounts, online programs and class schedules remained unavailable. Regis officials say their systems were affected by a malicious threat from outside of the university, likely based outside the country.

City of London Hit by One Million Cyber-Attacks Per Month (Infosecurity Magazine) FOI data reveals rising number of detections in Square Mile

Cyber attack forces emergency shutdown of Lake County government servers, IT working through weekend to purge system (NWI Times) Lake County has been hit with a cyber attack that forced the shutdown of email service and several internal applications throughout county government, officials said Friday.

MLSD details July cyber attack on district’s network (Columbia Basin Herald) It was a busy Thursday night meeting for the Moses Lake School District...

Hackers behind Texas ransomware attacks want $2.5 million (The Next Web) The threat actor behind the coordinated ransomware attacks in Texas may have broke into the IT software managed by an outsourcing company.

Cybersecurity Experts: Attacks in Florida Likely to Rise (GovTech) Over just eight weeks, four Florida cities announced network security breaches, and some cybersecurity experts say that the number of attacks on cities in the state is likely to continue rising.

Nacsa: No sign of cyber attack on KLIA, klia2 network (Malay Mail) There is no incidence of cyber-attack detected so far in the network service disruption of Kuala Lumpur International Airport (KLIA) and Kuala Lumpur International Airport 2 (klia2), since the disruption was first detected on Aug 21. According to a...

Security Patches, Mitigations, and Software Updates

Kubernetes Patches Recent HTTP/2 Vulnerabilities (SecurityWeek) Software updates released by Kubernetes address HTTP/2 implementation vulnerabilities that were disclosed earlier this month.

Cyber Trends

Cyberwar: The Complete Guide (WIRED) The threat of cyberwar looms over the future: a new dimension of conflict capable of leapfrogging borders and teleporting the chaos of war to civilians thousands of miles beyond its front.

Cryptocurrency becoming terrorists' lifeblood (WND) A new report has been released by the Jihad and Terrorism Threat Monitor of theMiddle East Media Research Institute that warns terrorists already are using cryptocurrencies for their fundraisings.

Solving the Cyber Security Problem: Mission Impossible (HackRead) I spend a fair amount of time in my current role thinking about future cyber-attacks.

Misinformation Has Created a New World Disorder (Scientific American) Our willingness to share content without thinking is exploited to spread disinformation

The Top 5 Cyber Threat Misunderstandings of SMB Decision Makers (My TechDecisions) Here are 5 cyber threat misunderstandings of SMBs from 500 respondents, thanks to data gathered by a Keeper Security study.

Rising cybersecurity concerns within the industrial internet of things (Oil & Gas Middle East) Atin Chhabra, global director of digital customer experience at Schneider Electric, comments on cybersecurity in the industrial internet of things

Third of Australian connected homes vulnerable to cyber attack (The West Australian) Rapid growth in smart home technology is being driven by a new wave of budget-oriented DIY internet of things devices.

Marketplace

Cyber reskilling grads grow skills but may not be headed for cyber jobs (FCW) Federal CIO Suzette Kent is 'thrilled' with the first graduates of the Cyber Reskilling Academy and is looking to industrialize the program.

What are the cybersecurity implications of mergers and acquisitions in the GCC? (Gulf Business) The biggest mistake an organisation could make is to assume that the company it is looking to acquire is inherently secure

Palantir tech guru Alex Karp slams rivals for snubs to Washington (Times) The boss of data-mining giant Palantir has bashed Google and other big tech groups for deciding how, and with whom, their technology should be deployed. Alex Karp, who set up the $40bn (£32.2bn)...

VMware Goes Beyond Dell Family Matters (Wall Street Journal) With its stock price being beaten down, software maker VMware will have to show it can juggle two complex acquisitions and while still managing some tricky Dell family relationships.

VMware To Create Security Business Unit Post-Carbon Black Buy (Security Boulevard) VMware has signaled it plans to create a dedicated cloud security business unit in the wake of agreeing this week to acquire Carbon Black, a provider of

Cloudflare IPO: 5 things to know about the cloud-network platform (MarketWatch) Cloudflare Inc. is looking to be the next big tech company to go public, and investors who climbed on board a decade ago stand to reap huge rewards.

Rapid7 Is Underrated (Seeking Alpha) Rapid7's product diversification and growth narrative points to the need for improved valuation. The company provides one of the best vulnerability assessment s

SailPoint: Getting Ahead (Seeking Alpha) At a market cap of less than $2 billion, SailPoint appears cheap. However, the need to educate enterprises and raise awareness on cyber governance continues to weigh on growth and profitability.

Google Puts Curbs on Political Debate by Employees (Wall Street Journal) Google tightened its guidelines on how employees communicate about politics and topics not related to work, in a major shift for a company that has long prided itself on open debate.

Following Public Issues Changes Come to Valve’s HackerOne Bug Bounty Program (Computer Business Review) The Valve Corporation has made changes to the way it will interact with bug bounty hunter. Valve’s HackerOne Bug Bounty Program

Cyber tech provider to open office in Georgia Cyber Center (Albany Herald) Gov. Brian Kemp announced this week that Parsons Corporation, a leading cybersecurity technology provider, will open a new office in the Georgia Cyber Center in Augusta. The company

Australian tech news: Cybersecurity centre announced for Australia (The Lead SA) The Australian Cyber Collaboration Centre will be established at the Lot Fourteen innovation precinct in Adelaide, South Australia by July 2020.

VC-backed SecurityScorecard adds new VP to team (PE Hub) New York City-based SecurityScorecard, a provider of security ratings, has appointed Michael Sweeney as vice president of worldwide alliances and channels. In his new role, Sweeney will lead the company's global security ratings channel program. Prior to joining the company, he worked at Palo Alto Networks. SecurityScorecard's backers included Riverwood Ventures, Sequoia Capital, GV, NGP Capital, Evolution Equity Partners, Boldstart Ventures and AXA Venture Partners.

Products, Services, and Solutions

New Tool From Cisco Hunts Flaws in Automotive Computers (SecurityWeek) Cisco has released a new hardware tool designed to help researchers, developers and automakers discover vulnerabilities in automobile computers.

Malwarebytes 4 Beta released for download (Neowin) Malwarebytes 4.xx has been built from the ground up and now offers combined Anti-Malware, Anti-Exploit, Anti-Ransomware, Website Protection, and Remediation technologies all into a single product.

VMware is bringing VMs and containers together, taking advantage of Heptio acquisition (TechCrunch) At VMworld today in San Francisco, VMware introduced a new set of services for managing virtual machines and containers in a single view called Tanzu. The product takes advantage of the knowledge the company gained when it acquired Heptio last year. As companies face an increasingly fragmented land…

Nvidia and VMware team up to make GPU virtualization easier (TechCrunch) Nvidia today announced that it has been working with VMware to bring its virtual GPU technology (vGPU) to VMware’s vSphere and VMware Cloud on AWS. The company’s core vGPU technology isn’t new, but it now supports server virtualization to enable enterprises to run their hardware-a…

Technologies, Techniques, and Standards

Capital One Breach: What Security Teams Can Do Now (Dark Reading) Knowing the methods of the attacker, as laid out in the federal indictment, allow us to prevent similar attacks.

Even After Capital One's Breach, Don't Doubt the Cloud—Cyber Saturday (Fortune) Even after a data breach at Capital One bank, a poster child for Amazon Web Services, companies should not question the benefits of the public cloud.

Researchers use fake network to analyze hackers' moves for expected Olympic cyber attacks (The Mainichi) With the eyes of the world falling on Japan over the next year due to the Tokyo Olympics, the country is stepping up its online security meas

Harnessing Stunt Hacking for Enterprise Defense (SecurityWeek) Make sure you understand the root cause of the vulnerabilities or attack vectors behind the next over-hyped stunt hack and don’t have similar weaknesses in your enterprise.

Firewall best practices to protect against ransomware (Sophos News) Ransomware has recently vaulted to the top of the news again, as devastating attacks continue to impact government, education and business operations in many jurisdictions, particularly in the Unit…

How can the government improve its cyber posture? (Fifth Domain) Industry experts sat down with Fifth Domain to discuss what the government needs to do to protect itself in cyberspace.

Army Enters Cyber and Electronic Warfare Renaissance (SIGNAL Magazine) The U.S. Army is enjoying a renaissance period for cyber and EW technologies and has a chance to lay a foundation of interoperability in cyber systems.

Ask the Know-It-Alls: How Do Machines Learn? (WIRED) Don’t get swept away by the hype: Machine learning doesn’t make computers anything like people. No matter how "smart" they get, they still need us.

Rashomon of disclosure (ADD / XOR / ROL) In a world of changing technology, there are few constants - but if there is one constant in security, it is the rhythmic flare-up of discu...

Design and Innovation

Japan aims to put quantum cryptography into practical use in 2025 (Japan Today) The Japanese government plans to accelerate its research and development of quantum cryptography technology to be able to put it into practical use in 2025, sources knowledgeable of the matter said.

Twitter Trust and Safety Advisers Say They’re Being Ignored (WIRED) Members of Twitter’s safety council say the company is keeping them in the dark and want to talk to CEO Jack Dorsey, in a letter obtained by WIRED.

YouTube says it will now remove ‘violent’ and ‘mature’ videos pretending to be kid-friendly (The Verge) Sounds like a good idea

The risks of amoral A.I. (TechCrunch) Kyle Dent Contributor Kyle Dent is a Research Area Manager for PARC, a Xerox Company, focused on the interplay between people and technology. He also leads the ethics review committee at PARC. Artificial intelligence is now being used to make decisions about lives, livelihoods, and interactions in …

What Sci-Fi Can Teach Computer Science About Ethics (WIRED) Schools are adding ethics classes to their computer-science curricula. The reading assignments: science fiction.

Crypto means cryptotheology (TechCrunch) Cryptocurrencies are a religion as much as they are a technology. They almost have to be, given their adherents’ gargantuan ambition of fundamentally changing how the world works. This means they attract charlatans, lunatics, frauds, and false prophets, and furious battles are waged over doct…

Research and Development

The S&T of Multidomain Operations (SIGNAL Magazine) The Army’s modernization efforts begin with science and technology.

Army could develop new tools to help cyber operators (Fifth Domain) The Army is expected to provide the joint force with 'common access platforms.'

Facebook Said It Would Give Detailed Data To Academics. They’re Still Waiting. (BuzzFeed News) “I think the only way to feel reasonably confident about this project is if you ignore what’s happened over the past 16 months.”

Alex Stamos, Ex-Facebook Security Chief, Blames Journalists for Cambridge Analytica Fallout (Gizmodo) A Facebook initiative announced last year designed to generate “independent, credible research about the role of social media in elections” is faltering, BuzzFeed reported this week, citing multiple sources with knowledge of the program and its participants. According to Facebook’s former chief security officer, reporters who covered the company’s Cambridge Analytica scandal are at least partly to blame.

Academia

BHU to open research centre on data analytics and cybersecurity with US-based networking firm (Careers 360) The Banaras Hindu University (BHU), Varanasi, is all set to open a Centre of Research in Information Systems to study various areas of network science, data analytics and cybersecurity.

Penn State professors create nationwide cyber law and policy course for NSA (Penn State University) The National Security Agency, recognizing an urgent need for nationwide education about cyber technology, policy and law, has worked with a trio of Penn State professors to develop a comprehensive, online, and nationally offered cyber law and policy course.

Rutgers students learn cybersecurity during Big Ten internship (MY CENTRAL JERSEY) A group of students participated this summer in a one-of-a-kind internship program with a cybersecurity operations center cofounded by Rutgers.

Legislation, Policy, and Regulation

Canada's shift on strong encryption is 'irresponsible' says privacy group (Canada.com) A Canadian privacy watchdog this week said the federal government is wrong to change its policy by now urging technology companies to weaken encryption protection in products and services.

Agencies should work together to protect cyberspace (New Straits Times) The National Cyber Security Agency (NACSA) said preliminary findings are that the systems disruption at Kuala Lumpur International Airport was not due to a cyberattack.

Trump cites law, says he can force U.S. companies to leave China (The Seattle Times) President Donald Trump asserted Saturday that he has the authority to make good on his threat to force all U.S. businesses to leave China, citing a national security law that has been used mainly to target terrorists,...

Krebs: Shared services to help move federal civilian away from untenable cyber posture (Federal News Network) The director of DHS’ rebranded cybersecurity agency released a new strategic intent plan, details its vision and objectives.

Classification Concerns Over FISMA Report on Improving Agency Cybersecurity (SecurityWeek) FISMA annual report indicates considerable success in improving the cybersecurity of federal agencies, but some have voiced concerns over weakness in the method of reporting.

Information Warfare Merger Expected in Fall as USAF Adds Missions (Air Force Magazine) The long-planned merger of 24th and 25th Air Forces into a new information-warfare organization won’t happen until this fall, as its portfolio expands to cover weather specialists and several other activities, ACC chief Gen. Mike Holmes said.

Air Force Joins Army Parachuting Into InfoWar; Creates New Unified Subcommand (Breaking Defense) The Air Force wants to develop information warfare capabilities to "deter malign activities from [the] information warfare level all the way up to conflict," says Air Combat Command head Gen. Mike Holmes.

The federal-state disconnect in securing the 2016 election and how not to repeat it (Brookings) Elaine Kamarck writes that cooperation between federal agencies and state and local elections authorities broke down in 2016 in part because of information flow problems within the federal government, and in part because local actors lacked the security clearance to be fully informed.

Report: Municipal cybersecurity to be 'woefully underfunded' in 2024 (Smart Cities Dive) With many networks and tech providers interacting in a smart city, governments are "only as powerful as the weakest link," said an ABI Research analyst.  

Cyberattacks on Texas Cities Put Other Governments on Guard (SecurityWeek) Cyberattacks that hit several Texas cities have put other local governments on guard, offering the latest evidence that hackers can halt routine operations by locking up computers and public records and demanding ransoms.

Local government cyber attacks cause National Guard cyber units to look inward | Federal News Network (Federal News Network) The National Guard is rethinking its cyber unit training after responses in Texas and Louisiana.

Enrolling more security clearance holders in continuous evaluation could save billions | Federal News Network (Federal News Network) The RAND Corporation estimated government could save as much as $27.8 billion over 25 years by enrolling more security clearances into a sophisticated continuous evaluation program.

Litigation, Investigation, and Law Enforcement

Did Denmark Make the Wrong Call on Location Data? (Infosecurity Magazine) Errors in cellphone location data prompt a review of 10,700 verdicts in Denmark.

Tamil Nadu on high alert following terror threat (Deccan Herald) Major cities in Tamil Nadu have been placed under high alert following specific intelligence inputs that six terrorists, including a Pakistani national, have sneaked into the state to execute terror attacks.

Illegal Cryptocurrency Mining at Ukraine Nuclear Plant Exposed Sensitive Data (SecurityWeek) Sensitive data from a nuclear power plant in Ukraine was exposed due to an illegal cryptocurrency mining operation run by workers.

Newly released messages reveal when Facebook first knew about Cambridge Analytica breach (NBC News) Internal messages show what Facebook employees knew about Cambridge Analytica and when they first learned of its data scraping.

Document reveals how Facebook downplayed early Cambridge Analytica concerns (the Guardian) Internal correspondence provides new insight into how Facebook staff reacted to concerns about use of user data by political campaign consultants

80 defendants in U.S. and Nigeria, including 11 in L.A. County, charged in cyberfraud conspiracy to steal millions (ABC7 Los Angeles) Federal prosecutors announced a 252-count indictment that accuses 80 people in the U.S. and Nigeria of participating in a "massive conspiracy to steal millions of dollars through a variety of fraud schemes."

U.S. Charges 80 in Massive Online Fraud Scheme (SecurityWeek) The United States Department of Justice unsealed an indictment that charges 80 defendants for their roles in a massive fraud and money laundering scheme.

80 Indicted for Scams, Including Business Email Compromises (GovInfo Security) Eighty suspects, most of them Nigerian nationals, have been indicted on charges of running global business email compromise and romance scams that led to millions

US Wants Woman Accused in Capital One Hack to Stay Locked Up (SecurityWeek) Federal prosecutors say Paige Thompson, the transgender woman accused of hacking Capital One and at least 30 other organizations, is a threat to herself and society, a flight risk and should be kept locked up until her trial.

Alleged “snake oil” crypto company sues over boos at Black Hat [Updated] (Ars Technica) Crown Sterling seeks damages after attendees disrupt "controversial" talk on prime prediction.

Why the Security Industry Should Pay Attention to the Cisco Whistleblower Case (Infosecurity Magazine) The Cisco whistleblower case has significant implications for the security industry

SAIC employee who exposed alleged cheating at ethical hacking test said he was demoted at work (Z6 Mag) Ted Carrier, the employee who exposed the alleged cheating at the ethical hacking certification test by SAIC said he was demoted from his job.

NASA investigating possible first allegation of criminal wrongdoing in space (TheHill) NASA is reportedly investigating an allegation that an astronaut aboard the International Space Station improperly accessed the bank account of her estranged spouse, marking what could be the first allegation of criminal activi

NASA is investigating what may be the first space crime (Quartz) The long arm of the law reaches beyond Earth.

Anne McClain: 5 Fast Facts You Need to Know (Heavy) Anne McClain, one of NASA’s most respected female astronauts, is accused of hacking into her estranged wife’s bank account while serving aboard the International Space Station. It may be the first case of space crime.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Industrial Control Systems Joint Working Group (ICSJWG) Fall Meeting (Springfield, Massachusetts, USA, August 27 - 29, 2019) The Cybersecurity and Infrastructure Security Agency (CISA) hosts the Industrial Control Systems Joint Working Group (ICSJWG) to facilitate information sharing and reduce the risk to the nation’s industrial...

Integrate (Melbourne, Victoria, Australia, August 27 - 29, 2019) Get ready to think beyond and lose yourself in the technology of tomorrow at Integrate 2019. Integrate is Australia's leading event dedicated to helping businesses harness the power of AV technology to...

Washington DC Cybersecurity Conference (Washington, DC, USA, August 29, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

9th Annual Peak Cyber Symposium (Colorado Springs, Colorado, USA, September 3 - 5, 2019) The Peak Cyber Symposium is designed to further educate Cybersecurity, Information Management, Information Technology and Communications Professionals by providing a platform to explore some of today's...

9th Annual Peak Cyber Symposium (Colorado Springs, Colorado, USA, September 3 - 5, 2019) The Information Systems Security Association (ISSA) - Colorado Springs Chapter will once again host the 9th Annual Peak Cyber Symposium. This year's theme is "Cyber Hygiene: Everyday for Everyone." The...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.