skip navigation

More signal. Less noise.

What if your security solution could provide zero doubt?

A foundation of artificial intelligence delivers smart, simple, and secure solutions that change how organizations approach endpoint security. Cylance provides full-spectrum, predictive threat prevention and visibility across the enterprise to combat the everyday - as well as the most notorious and advanced - cyberattacks. Let Cylance help you understand how you can create real confidence in your organization’s security posture and zero in on what really matters.

Daily briefing.

Investigation into the doxing campaign ("#hackerangriff") against German political figures continues. Bild reports that the BSI intelligence service asked US counterparts (in NSA especially) to lean on Twitter to isolate and take down accounts involved in distributing the leaked material. The BSI is said to have argued to NSA that some US citizens were also victims of the incident; thus assistance would be in order (Bloomberg). Interior Minister Seehofer has promised transparency in the investigation, with an interim report due out by midweek (Süddeutsche Zeitung).

On Friday Marriott released more results of investigation into its Starwood reservation systems breach. The good news is that fewer customers than feared were affected. The bad news is that the compromised data include a lot of unencrypted passport information. Marriott had initially believed the number of guests affected was around 500 million; the hospitality company now regards 383 million as the upper limit, and believes with "a fair degree of certainty" that the actual number is lower still. But the hackers accessed 5.25 million unencrypted (and more than 20 million encrypted) passport numbers. Roughly 8.6 million encrypted paycards were also exposed in the incident. Marriott doesn't believe the attackers got the master encryption keys (Washington Business Journal).

The breach at Town of Salem (the role-playing game, not the Massachusetts city) affected around 7.6 million players (HackRead). There's reason to think security-proud gamers may present hackers surprisingly easy targets of opportunity: McAfee thinks the average PC gamer has been hacked five times (Help Net Security).

Notes.

Today's edition of the CyberWire reports events affecting Canada, China, Germany, India, Ireland, Kenya, Russia, United Kingdom, United States.

A note to our readers: the CyberWire is now on Instagram. Follow us for the latest posts.

Visualize Your Network Like the Most Infamous Hackers

Cyber threats are becoming more frequent and targeted. Bad actors are more adept at social engineering and investigating your network and infrastructure to understand your organization’s cyber strengths and weaknesses. This webinar delves into a robust threat model capable of repelling the world's most sophisticated hackers and nation-state actors. Join us for an introduction to ScoutThreat™, a threat management platform that helps analysts streamline threat analysis work and extract the maximum value from threat intelligence.

In today's podcast, up later this afternoon, we speak with our partners at the University of Bristol, as Awais Rashid discusses securing large-scale infrastructure. Our guests, Karen Waltermire from NIST and Harry Perper from MITRE, discuss the NIST National Cybersecurity Center of Excellence (NCCoE).

Rapid Prototyping Event: The Wolf in Sheep's Clothing (Columbia, Maryland, United States, January 29 - 31, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event which is interested in identifying UAM solutions that employ advanced real-time analysis of multiple data sources for detecting unauthorized activities.

Cyber Attacks, Threats, and Vulnerabilities

A Major Hacking Spree in Germany Gets Personal (WIRED) Hundreds of German politicians who have had their private digital lives exposed online are victims of a hacking campaign with unclear motives.

Ransomware Attack Against Hosting Provider Confirms MSPs Are Prime Targets (SecurityWeek) Cloud hosting firm Dataresolution.net was infected with ransomware on Christmas Eve, 2018. The firm declined to pay any ransom, and is reconstituting the files manually and from backups.

Marriott discloses new information on data hack (Washington Business Journal) Marriott International Inc. said Friday the number of guest records compromised in a data hack revealed late last year is fewer than initial estimates.

Wide-Ranging German Doxxing Incident Hits Hundreds of Politicians (Threatpost) It's not clear why the data release wasn't noticed earlier.

Russia Or The Far-Right: Who Hacked German Politics? (Forbes) As German society gets to grips with the sheer size of a data leak that encompasses public figures from Chancellor Angela Merkel to TV presenter Christian Ehring, speculation starts over who was behind the hack with both Russia and the far-right of German politics under the spotlight.

Geheimdienst: Deutschland kam ohne NSA gegen Hacker nicht weiter (Bild) Schon kurz nach Bekanntwerden des Hacks bat Deutschland die NSA um Hilfe. Es ging ausgerechnet um Twitter!

Germany Reportedly Seeks U.S. Assistance After Hacking Breach (Bloomberg) German politicians criticize technology security agency. Interior minister pledges to get to bottom of data dump.

Seehofer verspricht volle Transparenz zu Daten-Hack (Süddeutsche Zeitung) Nach Auswertung der Erkenntnisse werde die Öffentlichkeit "alles erfahren, was ich weiß", sagt der Innenminister. Bis Mitte der Woche will er sich äußern.

Cyberattaque de politiciens en Allemagne : Proofpoint commente (Global Security Mag Online) Un peu plus tôt dans la journée, le gouvernement allemand a révélé que des centaines de politiciens, incluant la chancelière Angela Merkel ont été victimes d’un vol de données. Selon les premières indications, il semble que Turla, un groupe organisé de hackers russes (APT) soit l’auteur de cette cyberattaque. Chris Dawson, Responsable Threat Intelligence au sein de Proofpoint commente :

Germany defends handling of data attack (BBC News) Cybersecurity officials say they did not know the full extent of data breach affecting politicians.

Before Germany’s Massive Hack, We Learned What Not to Do With Sensitive Stolen Information (Motherboard) A new massive hack and leak in Germany renews the debate over how to cover and share sensitive stolen data.

Serious DoS Flaw Impacts Several Yokogawa Products (SecurityWeek) High severity DoS vulnerability impacts several Yokogawa ICS products, including control and safety instrumented systems, a SCADA tool, a plant resource manager, and an OPC interface package.

The Dark Overlord Decrypts More 9/11 Insurance Files (Motherboard) After apparently raising thousands of dollars through a crowdfunding effort, The Dark Overlord have decrypted a set of the 9/11 attack connected litigation documents.

Fewer Affected in Marriott Hack, but Passports a Red Flag (SecurityWeek) Marriott says that it now believes that the number of potentially involved guests is 383 million, lower than the 500 million originally estimated.

Marriott: Breach included 5 million unencrypted passport numbers (NBC-2) The stolen passport numbers and travel itineraries represent a potential espionage bonanza.

Marriott unveils extent of massive Starwood hack (Financial World) On Friday, the 4th of January, the Marriott International Inc. had unveiled the extent of massive cyber-attack on Starwood.

Security researcher cracks Google's Widevine DRM (L3 only) (ZDNet) Widevine hack is clever, but it won't spur any waves of Netflix piracy any time soon.

CERT/CC Details Critical Flaws in Microsoft Windows, Server (Dark Reading) The vulnerabilities could be remotely exploited and give attackers control over affected systems.

Biometric Security Can Be Hacked, but It's Really Hard to Do (eWEEK) Last month, a pair of security researchers demonstrated how it’s possible to fool a vein recognition system, but they also showed just how hard that actually is to do. New-gen scanners work a lot better now than they did previously, but like any biometric reader, they can be fooled.

Be aware! There is a critical scripting flaw in Internet Explorer! (CyberByte Blog) All users need to immediately update their IE browsers because cybersecurity researchers discovered a scripting engine flaw in it. The vulnerability, known as

Security researchers find over a dozen iPhone apps linked to Golduck malware (Long Room) Security researchers say they’ve found more than a dozen iPhone apps covertly communicating with a server associated with Golduck, a historically Android-focused malware that infects popular classic game apps.

Hacker posts ransom demand on Dublin's Luas tram system site (CSO Online) The website for Dublin’s tram system Luas was hacked, with the hacker threatening to leak the company’s private data if the ransom was not paid within the next five days.

Whistler reports security breach on municipal website (NEWS 1130) The Resort Municipality of Whistler says it's website has seen a security breach. Personal information may have been compromised and stolen.

Town of Salem data breach: Personal data of 7.6M gamers stolen (HackRead) Over 7.6 million players have been impacted by a massive data breach suffered by the well-known browser-based role-playing game “Town of Salem.” BlankMediaGames, the owner of the game, has confirmed on its online forum that the breach did occur.

27% of Passwords From Town of Salem Breach Already Cracked (BleepingComputer) Over the holiday, the popular browser-based game Town of Salem had a data breach that exposed the hashed passwords for approximately 7.6 million unique accounts. At the time of this writing, over 27% of the passwords have already been cracked.

Dual Data Leaks of Blur, Town of Salem Impact Millions (Threatpost) Password-manager Blur and role-playing game Town of Salem both disclosed data breaches this week that impacted a combined 10 million.

The average PC gamer has experienced almost 5 cyberattacks due to poor security habits (Help Net Security) McAfee has released results from its survey, Game Over: The Future of Gaming Security, finding that while gamers profess to exhibit good cybersecurity

Abine Blur Password Manager exposed data of 2.4M users (HackRead) The password manager exposed the data due to a misconfigured S3 bucket.

Thousands Complain About TV License Phishing Emails (Infosecurity Magazine) Users are tricked into entering personal and financial details

Security Patches, Mitigations, and Software Updates

January 2019 Patch Tuesday forecast: Partly cloudy followed by heavy fog around Java (Help Net Security) Fingers crossed, we might be looking at a lighter Patch Tuesday in January with a few more releases spread across the month.

Microsoft wants a world without passwords, starting with Windows 10 (AndroidPIT) Last year, Microsoft announced that they want to create a 'world without passwords' and it seems that they're now moving closer to their goal. The next version of Windows 10 will support passwordless Microsoft accounts.

Major Avast and AVG update adds 64-bit support, drops XP/Vista (BetaNews) When an existing user purchases a new activation code, they often have problems installing the 'latest' version of their security suite because they often overlook that as part of their subscription they will always have the latest version.

Cyber Trends

The attack surface is growing faster than it has at any other point in the history of technology (Help Net Security) The Avast Threat Landscape Report details the biggest security trends facing consumers in 2019 as collected by the Avast Threat Labs team.

Will AI be the 21st-century nuclear threat? (The Telegraph) Like a bookie, Nick Bostrom is an odds man.

Cyber Attacks: Igniting The Next Recession? (Forbes) Nightmare RECESSION on its way within 2 years from a cyber attack?

The emperors of cyberspace who control democracy (Daily Nation) Ironically, social media threatens to destroy the very liberal society that created it.

Marketplace

Akamai To Add Customer Identity Access Management Capability To Enhance Digital Trust By Acquiring Janrain Inc. (Akamai) Leading CIAM solution to make identity core to real-time security controls on Akamai’s Intelligent Edge offerings

Security analytics to reach $12 billion by 2024 (Help Net Security) Amid a maelstrom of cybersecurity threats and rampant hacking attempts that leverage the power of the IoT against itself, organizations are forced to

Federal Government Shutdown Could Hit These Tech Stocks But Spare Security (Investor's Business Daily) The partial federal government shutdown could impact the revenue of technology companies such as Pure Storage (PSTG), NetApp (NTAP) and Nutanix (NTNX), analysts said. Cybersecurity companies like Palo Alto Networks (PANW), CyberArk Software (CYBR), and Fortinet (FTNT) seem better positioned to weather any spending cuts, however.

Huawei CEO defiant on security claims, vows to be so good, 'no market can keep us away' (Register) Company 'will never present a threat', claims letter to staff

Letting Huawei into Canada's 5G could threaten U.S. security, says American senator (CBC) Vice-Chair of the U.S. Senate Intelligence Committee Mark Warner joined CBC's Power & Politics Thursday to talk about why he thinks Canada's use of Huawei 5G technology would pose a risk to the U.S.

China's ZTE Hires Lieberman, Drawing Fire From Elizabeth Warren (Bloomberg) Presidential hopeful slams Lieberman’s work for Chinese telco

Neustar Completes Acquisition of Leading Caller Authentication and Fraud Solution Provider TRUSTID (BusinessWire) Neustar Completes Acquisition of TRUSTID - Combination Creates Powerful Capability to Combat Consumer Fraud

Wall Street Seems Skeptical Of Palo Alto's Transition (Seeking Alpha) Palo Alto's increasing focus on cloud security should keep it in step with the security needs of its enterprise clients, but firewalls are far from dead.

BlackBerry's Successful Transformation (Seeking Alpha) BlackBerry is a transformed company. With the acquisition of Cylance, BlackBerry's growth profile changes dramatically.

KnowBe4 hits sales record (St Pete Catalyst) Increased business demand for cybersecurity training is driving double-digit sales gains at KnowBe4. The Clearwater security awareness training firm said sales were up 61 percent in the fourth quarter of 2018, compared to Q4 2017, and the three months that ended Dec. 31 were the most successful quarter to date for the company. KnowBe4 did […]

Maryland still outpacing California among nation's best science, tech environments, report finds (Baltimore Business Journal) Maryland is the third-best environment in the U.S. for tech and science companies and employees, according to a new national report.

Products, Services, and Solutions

New Jersey Manufacturer Offers Rave Review of Website Update by eMazzanti (Benzinga) eMazzanti Technologies, a NYC area digital marketing agency and IT services provider, has published a new case study relating how...

Citrix Analytics unifies threat intel with Microsoft Security Graph (Citrix Blogs) Integrating security risk indicators from the Microsoft Security Graph API with Citrix risk indicators gives security admins a unified threat-intelligence view.

Cylance launches virtual CISO (Channel Life) Cylance has launched a virtual CISO service to give a helping hand to enterprises that need stronger security resources but may lack a real-life CISO.

CUJO AI and Cylance Partner to Provide Best-in-Class Cross-Spectrum Cybersecurity Solutions (PR Newswire) CUJO AI, a network intelligence company that provides AI-driven security and device management solutions,...

The NSA to Release its Reverse Engineering Toolkit GHIDRA (Computer Business Review) The NSA is releasing a long-rumoured software reverse engineering tool for free public use in March. The NSA GHIDRA tool...

Technologies, Techniques, and Standards

How to Decrypt the Aurora Ransomware with AuroraDecrypter (BleepingComputer) If you have been infected with a Aurora Ransomware variant, then you are in luck as a program called AuroraDecrypter has been created by Michael Gillespie that allows you recover your encryption key without having to pay the ransom.

How To Remove Cadillac.407@aol.com Phobos Ransomware (MalwareTips Guides) If your documents are encrypted with a [Cadillac.407@aol.com].phobos extension, then your PC is infected with the Phobos ransomware. Phobos is a file-encrypting ransomware, which encrypts the personal documents found on victim’s computer, then displays a message which offers to decrypt the data if a payment in Bitcoin is made. The instructions are placed on the …

What if we could verify npm packages?` (Hacker Noon) Reproducible steps for identifying unwanted and malicious code

Humans Are the Best Security Backup (Foreign Policy) When the grid goes down, old-fashioned skills save lives.

10 Reasons Why Computer Running Slow? (PUPUWEB) There's a huge amount of information that flows into an enterprise every day, but only some of that information is used while the rest is left as stale data

10 Alexa Skills for CIOs (GovernmentCIO Media & Research) Since smart assistants are proliferating, agency CIOs should take note of these skills for everyday tasks.

Modern IT underlines need for zero-trust security (ComputerWeekly.com) The increasing complexity of supply chains and interconnectivity of IT systems means the attack surface is widening and security has to evolve accordingly, warns British computer scientist.

Shifting the burden: Long-term magnifying consequences (Help Net Security) Shifting the burden farther away from the source of the problem can make the problem harder to find and fix. Worse, it could mask the impact.

Outsmart the Scammers: How You Can Avoid Fraud (Wall Street Journal) More Americans are falling victim to financial fraud, as scammers excel at identifying victims’ weaknesses and insecurities; learn to identify the signs of a scam to protect yourself.

Design and Innovation

Quantum Cryptography: Supporting or Breaking Cyber Security? (Analytics Insight) Quantum computers are based on the values of quantum mechanics and are amazingly ground-breaking machines. Quantum computing can process complex algorithms effortlessly and rapidly. Quantum Cryptography supporting present-day Internet communications and business could some time or another surrender to a quantum attack.

Bitcoin And Democracy Tech (Seeking Alpha) Threats to democracy and human rights must be faced together. As investors we can play a critical role when we allocate our capital. Democracy tech is a form of

Blockchain Can Wrest the Internet From Corporations' Grasp (WIRED) Opinion: It's time to restore the open source, community-led ethos of the original internet—with crypto.

Will cryptocurrencies ever be fully secure? (The National) UAE is set to join the ranks of top global financial markets regulating crypto-assets

Crisis averted? Bitcoin's energy consumption drops amid price crash (The Telegraph) Bitcoin’s energy consumption has dropped dramatically amid its falling price, easing concerns about the cryptocurrency’s environmental impact.

Ethereum Plans to Cut Its Absurd Energy Consumption by 99 Percent (IEEE Spectrum) The cryptocurrency is going on an energy diet to compete with more efficient blockchains

Research and Development

Space and Time Could Be a Quantum Error-Correcting Code (WIRED) The fabric of space-time may get its robustness from a network of quantum particles, according to a principle called quantum error correction.

Academia

Norwich University Cybersecurity Program Partners with Respond Software (GlobeNewswire News Room) The goal of the partnership is to develop student cybersecurity competencies with hands-on experience, as well as to introduce students to next generation cyber security tools incorporating artificial intelligence and advanced data analytics.

U.S. Government Taps into Nation’s Colleges for Cybersecurity Expertise (Technology Solutions That Drive Education) Grants and other programs help higher ed institutions working to fill the projected IT skills gap.

Legislation, Policy, and Regulation

Huawei and ZTE could be blocked from US networks this month (TheINQUIRER) Don dons divisive decision dictating swansong ding dong for data delivery,Hardware,Friction ,Hardware,Friction,huawei,zte,china

Demystifying the India Data Protection Bill, 2018: Part 1 of 3 (Security Boulevard) The ‘Personal Data Protection Bill, 2018’ was built on the edifice that ‘Right To Privacy’ is a fundamental right of Indian citizens, the Personal Data Protection Bill, 2018 is expected to completely transform the way organisations collect, store, share and process the personal data of Indian citizens. Learn more about the nine stated objectives of the bill, how the bill defines sensitive personal data, applicability, compliance, penalties, and more.

Give Up the Ghost: A Backdoor by Another Name (Just Security) We must reject GCHQ’s newest “ghost” proposal for what it is: a mandated encryption backdoor that weakens the security properties of encrypted messaging systems and fundamentally compromises user trust. By EFF's Nate Cardozo

CISA Feeling the Effects of the Shutdown (Meritalk) Cybersecurity experts are growing concerned that the Department of Homeland Security (DHS) hasn’t indicated which critical cybersecurity capabilities the Cybersecurity and Infrastructure Security Agency (CISA) has ceased during the on-going partial government shutdown.

Bipartisan bill proposes new White House office to fight Chinese technology threats (TheHill) A pair of senators on Friday introduced bipartisan legislation that would establish a new federal office focused on combatting Chinese and other foreign threats to U.S.

China is hacking America’s secrets. Can legislation stop it? (Fifth Domain) Proposed legislation would create a new office in the White House that tackles the theft of state-sponsored technology and secure the American supply chain through a new national strategy and promotion of better cyber hygiene.

COMMENTARY: Canada needs to take a harder line on Huawei — and China itself (Global News) The Trudeau government clearly did not foresee Canada's relationship with China deteriorating as much as it has. Things may have to get worse before they get better.

Indian government not studying any ban on Huawei: report (RCR Wireless News) Last month, Huawei confirmed that it had been invited by the Indian government to conduct 5G trials in the country

House Dems unveil election security, voting measures in sweeping anti-corruption bill (TheHill) House Democrats on Friday unveiled several election security measures as part of their first sweeping legislation of the session.

Congress should learn from Canada on preventing extremist violence (Brookings) The new Congress has a long list of priorities, and included on it should be the development of a national framework for preventing extremist violence in the United States—whether jihadist or otherwise.

Redefining Critical Infrastructure for the Age of Disinformation (Dark Reading) In an era of tighter privacy laws, it's important to create an online environment that uses threat intelligence productively to defeat disinformation campaigns and bolster democracy.

The Future of Vulnerabilities Equities Processes Around the World (Lawfare) Recent actions by the U.K. and Germany set a new bar for how nations can and should use a vulnerabilities equities process.

HR1 Bill Includes Provisions to Improve U.S. Election Security (SecurityWeek) The House of Representatives has unveiled its first Bill: HR1, which includes a requirement that any paperless voting systems are replaced, and will provide new grants to help states enhance election security.

Gov’t Launching First Employee Reskilling Academy for Cybersecurity (Executive Gov) The Office of Management and Budget is launching the government’s first cyber reskilling academy to

Litigation, Investigation, and Law Enforcement

Russia Says It's Too Early To Consider Swap After Mutual Arrests (RadioFreeEurope/RadioLiberty) Russia says it is too early to discuss a swap of individuals with the United States after the two countries detained citizens of the other in alleged espionage-related cases.

Brother questions why Marine vet being held by Russia (Marine Corps Times) The brother of an American man being held in Moscow on suspicion of spying is raising the possibility that his sibling is being used as a pawn in a potential exchange for a Russian woman behind bars in the U.S.

The confounding case of alleged spy Paul Whelan (Washington Post) Shane Harris tells the story about a former Marine being detained in Russia on suspicion of spying. Annie Linskey on how the “likability” question will affect female 2020 candidates. Plus, voices from the government shutdown.

Tesco Bank fined £16.4m over cyber attack (Hermann Herald) The Financial Conduct Authority (FCA) said deficiencies at the bank had left account holders vulnerable to an incident that netted cyber criminals £2.26m.

Class Action Lawsuit Against Apple Over Meltdown and Spectre Vulnerabilities Dismissed (iPhoneFirmware.com: all the latest from Apple and the Web) Back in January 2018, a class action lawsuit was filed against Apple for the Meltdown and Spectre vulnerabilities that affected a wide range of processors from Intel and ARM, including those used in Apple's Macs

Weather Channel App in a Deluge of Legal Trouble for Data Misuse (Threatpost) The lawsuit alleges that the Weather Channel app misled users about why it was collecting their (extremely precise) geolocation data.

Police warn of 63pc rise in ‘SIM swapping’ scams that allow hackers to clear out your bank account (The Telegraph) Police have warned about a dramatic rise in 'SIM swapping” scams, which sees fraudsters exploit weaknesses in mobile phone networks to gain access to private data and bank accounts.

Cyber cops nab Vidisha resident for duping many (Hitavada) Cyber cops nab Vidisha resident for duping many

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

SecureWorld Charlotte (Charlotte, North Carolina, USA, March 14, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...

SecureWorld Boston (Boston, Massachussetts, USA, March 27 - 28, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...

SecureWorld Philadelphia (Philadelphia, Pennsylvania, USA, April 10 - 11, 2019) Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry...

SecureWorld Houston (Houston, Texas, USA, April 18, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...

SecureWorld Toronto (Toronto, Ontario, Canada, April 24, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...

SecureWorld Kansas City (Kansas City, Missouri, USA, May 8, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...

SecureWorld Cincinnati (Cincinnati, Ohio, USA, May 16, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...

SecureWorld Atlanta (Atlanta, Georgia, USA, May 29 - 30, 2019) Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry...

SecureWorld Chicago (Chicago, Illinois, USA, June 13, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...

Upcoming Events

SINET Global Institute CISO Series (Scottsdale, Arizona, USA, January 15 - 16, 2019) By invitation only. These intimate CISO workshops address the challenges that Board of Directors are placing on security and risk executives, and how to successfully manage and communicate today’s enterprise...

CPX Asia 360 2019 (Bangkok, Thailand, January 21 - 23, 2019) CPX 360 - the industry’s premier cyber security summit and expo - brings together the world’s leading cyber security experts to one venue. Gain a deep understanding of current challenges cyber security...

CPX Americas 360 2019 (Las Vegas, Nevada, USA, February 4 - 6, 2019) CPX 360 promises to be the premier cyber security summit. CPX 360 is where you’ll receive up-to-the-minute intelligence about global threats and other vital topics from the world’s leading cyber security...

QuBit Conference Belgrade 2019 (Belgrade, Romania, February 7, 2019) QuBit is a Cybersecurity Community Event connecting the East and West. We create a unique way to meet the best and the brightest minds in the information security fields across multiple industries, and...

NITSIG Meeting: Insider Threat Detection & Mitigation Using External Data Sources (Laurel, Maryland, USA, February 12, 2019) Gathering and analyzing Internal data sources is very important for Insider Threat Detection. Equally important is knowing what External data sources are also available to create the "Big Picture" of potential...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.