skip navigation

More signal. Less noise.

Worried About Your Data? Research From Forrester Says You’re Not Alone.

Data is the lifeblood of digital businesses; protecting it from theft, misuse, and abuse is the top responsibility of every security and privacy leader. Download this free Forrester report on ‘The Future of Data Security and Privacy’ to understand why security executives see privacy as a source of growth and differentiation in 2019. Click here to get your copy.

Daily briefing.

Microsoft's Bing search engine was blocked in China yesterday, which prompted speculation in the Telegraph and elsewhere that this was another brick in the Great Firewall. But Bloomberg reports that service has been restored, and that the outage was due to a technical mistake. Redmond itself has been quiet about the incident.

The Intercept argues that concerns about supply chain meddling are real, and that more than one nation-state is involved in such activity.

Kaspersky reports that Russian threat actors Grey Energy and Zebrocy (one of the GRU group Fancy Bear's paws) share tools and techniques.

Military cyber operational capabilities develop into tactical realities: the US Army is establishing two organizations built around the 17th and 41st Field Artillery Brigades to, as Breaking Defense puts it, "hack, jam, sense, and shoot."

Since information campaigns can be expected to follow great power and regional tensions, watch Venezuela. Russia has warned the US against military intervention in the failed Chavista state, NBC News reports. Venezuela is Russia's "strategic partner," Deputy Foreign Minister Ryabkov said, and deposition of President Maduro "would shake the foundations of the development model which we see in Latin America." The US (joined, as Reuters notes, by the UK) supports opposition leader Juan Guaido's constitutional claim to an acting presidency.

Bellingcat seems to have had success in countering Moscow's (and others') information operations. Foreign Policy interviews the citizen journalists.

The Washington Post reports that Microsoft urges adherence to the Paris Call for norms with respect to conduct in cyberspace.

Notes.

Today's issue includes events affecting China, European Union, Iran, Israel, Poland, Russia, Saudi Arabia, United Arab Emirates, United Kingdom, United States, and Venezuela.

The note in the summary above about the Bing outage in China originally credited the "Telegram." This should, of course, be the "Telegraph," and has been so corrected.

FedRAMP-ready in less than six months.

It usually takes a year to get FedRAMP assessment-ready. But this can be cut in half--just six months to confident readiness. Learn how cybersecurity leader Coalfire helped Innovest prepare for its FedRAMP assessment through Security Automation and Orchestration (SAO). Innovest's CSO, Erick Lindley, said, “Coalfire helped us fast-track our path to FedRAMP compliance and save between six and twelve months of work we would have had to do ourselves.” Find out how.

In today's podcast, up later this afternoon, we speak with our partners at Virginia Tech's Hume Center, as Dr. Charles Clancy discusses some confusing marketing claims about 5G cellular technology. Our guest is Peter W. Singer, strategist and senior fellow at New America. He'll riff on topics from his book LikeWar, the Weaponization of Social Media.

Tomorrow's Research Saturday will feature the latest episode, "Twitter amplification bots and how to detect them." We speak with Duo Security, whose researchers have been analyzing the behavior of Twitter bots in a series of posts on their web site. Their most recent dive into the subject explores amplification bots, which boost the impact of tweets through likes and retweets. Jordan Wright is a principal R&D engineer at Duo Security, and he joins us to share their findings.

State of the Phish Webinar (Online, January 30, 2019) Phishing is the number one attack vector. Wombat's State of the Phish Report provides the data-driven intelligence your team needs to manage end-user risk effectively within your organization. In this report, the focus mirrors that of cyber attackers: people. Register for their webinar and learn more.

DreamPort Event: The Red Hat Ansible Tower Workshop (Columbia, Maryland, United States, February 7, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM is hosting the Red Hat Ansible Tower Workshop. This workshop will enable you to create playbooks, while building in security. Automation features will save time, empower junior staff, offload senior staff and automate your most tedious tasks!

CYBERTACOS RSA (San Francisco, California, United States, March 4, 2019) Join us for ALL YOU CAN EAT FREE TACOS! What better way to start your week at RSA? On Monday, March 4, CYBERTACOS is coming back to San Francisco as part of RSA. Join us from 7:00-10:00pm for networking, food and drinks.

5th Annual Cyber Security Conference for Executives (Baltimore, Maryland, United States, March 13, 2019) The 5th Annual Cyber Security Conference for Executives, hosted this year by The Johns Hopkins University Information Security Institute and Ankura, will be held on Wednesday, March 13th, in Baltimore, Maryland. This year’s theme is cybersecurity compliance and regulatory trends, and the conference will feature discussions with thought leaders across a variety of sectors. Join the discussion and learn about current and emerging cyber security threats to organizations, and how executives can better protect their enterprises. Register today!

Cyber Attacks, Threats, and Vulnerabilities

Everybody Does It: The Messy Truth About Infiltrating Computer Supply Chains (The Intercept) The danger of China compromising hardware supply chains is very real, judging from classified intelligence documents, even if a Bloomberg story on the matter is highly disputed.

Two suspected Russian hacking groups share tools and techniques, Kaspersky says (CyberScoop) Multiple groups of suspected Russian hackers have a relationship with one another that includes sharing malicious software code and hacking techniques, according to new research.

GreyEnergy’s overlap with Zebrocy (Securelist) We have identified an overlap between GreyEnergy, which is believed to be a successor to BlackEnergy group, and a Sofacy subset called “Zebrocy”. Both used the same servers at the same time and targeted the same organization.

Exclusive: Google Caught Hosting Hezbollah's Violent Android Games (Forbes) Google has kicked off two games created by Hezbollah, deemed a terror organization by the U.S. One depicted children deflecting bombs onto Israeli soldiers, the other saw the protagonist defend a holy site from ISIS soldiers.

Cisco uncovers critical vulnerability in SD-WAN Solution (CRN Australia) Issues a fix, but customers can't install it themselves.

Check Point ZoneAlarm Anti-Virus Exploit (illumant llc) Local Exploitation of WCF Services within ZoneAlarm Anti-Virus Software to Escalate Privileges General Overview Illumant has discovered a critical vulnerability in Check Point’s ZoneAlarm anti-virus software. This vulnerability allows a low-privileged user to escalate to SYSTEM-level privileges. A service endpoint within ZoneAlarm exposes powerful functionality, including the ability to start new processes as SYSTEM. Efforts...

PHP PEAR supply chain attack: Backdoor added to installer (Help Net Security) Some additional details have emerged about the recent security breach involving the PHP PEAR webserver, but much is still unknown.

Threat Spotlight: IoT application vulnerabilities (Barracuda) This Threat Spotlight investigates how attackers can use vulnerabilities in web and mobile applications to compromise IoT devices.

China Blocks Microsoft's Bing Due to Technical Error, Sources Say (Bloomberg) Microsoft Corp.’s search engine Bing was blocked in China due to an accidental technical error rather than an attempt at censorship, according to people familiar with the matter, and the search engine is once again accessible in the country.

Bing Went Down in China and No One Will Say Why (WIRED) It could be technical issues or the government blocking Microsoft's search engine. Regardless, the service is back online.

Microsoft's Bing is blocked in China as tensions between Beijing and Washington escalate (The Telegraph) Microsoft's Bing search engine has been blocked in China as tensions between Beijing and Washington escalate.

UK courts IT meltdown 'not caused by cyber attack' (Evening Standard) The Ministry of Justice said a massive IT meltdown which lawyers claim has brought the courts system “to its knees” was not caused by a cyber attack.  Thousands of cases across England and Wales have been affected by a breakdown of the central computer system, which stopped working last week.  The secure email system for lawyers and judges was also affected, prompting many to complain that they have been unable to prepare for hearings and trials. 

Massive mortgage and loan data leak gets worse as original documents also exposed (TechCrunch) Remember that massive data leak of mortgage and loan data we reported on Wednesday? In case you missed it, millions of documents were found leaking after an exposed Elasticsearch server was found without a password. The documents contained highly sensitive financial data on tens of thousands of ind…

Google URL Inspection Tool flaw lets anyone inspect URLs without authorization (HackRead) Last year, Google launched its URL Inspection Tool for webmasters using Search Console. The purpose of this tool is to provide information about Google’s indexed version of a specific page.

ThinkPHP Vulnerability Abused by Botnets Hakai and Yowai (TrendLabs Security Intelligence Blog) We found a new Mirai variant we’ve called Yowai and Gafgyt variant Hakai abusing a ThinkPHP flaw for propagation and DDoS attacks.

You're an admin! You're an admin! You're all admins, thanks to this Microsoft Exchange zero-day and exploit (Register) Easily swapped hashed passwords gives Domain Admin rights via API call. Fix may land next month

Sneaky Malvertisers Target Apple Users with Hidden Malware (Infosecurity Magazine) VeryMal campaign uses steganography techniques

Voicemail Phishing Campaign Tricks You Into Verifying Password (BleepingComputer) A new phishing campaign is underway that utilizes EML attachments that pretend to be a received voicemail and prompts you to login to retrieve it. This campaign also uses a clever tactic of tricking you into entering your password twice in order to confirm that you are providing the correct account credentials.

Cyberattackers Bait Financial Firms with Google Cloud Platform (Dark Reading) A new wave of attacks abuses the Google Cloud Platform URL redirection in PDF decoys, sending users to a malicious link.

ThreatList: Phishing End Goal Credentials, Not Malware (Threatpost) Credential compromise emerged the main target for phishing campaigns in 2018 – rather than infecting victims' devices with malware.

Damaged Undersea Cable Causes Near-Total Internet Blackout in Island Nation Tonga (Motherboard) The island has just one submarine cable that provides internet access for the entire island.

Hacker cracks into Nest security cameras to demand that users subscribe to PewDiePie's YouTube channel (Computing) Hacker says he used credential stuffing technique to crack Nest surveillance camera passwords,

Hacker demonstrates how to remotely Jailbreak iPhone X (HackRead) A China-based security researcher associated with the Qihoo 360 Vulcan Team has published a proof-of-concept exploit for a kernel vulnerability, which he claims to be the second stage of an exploit chain that he was successfully able to jailbreak iPhone X remotely.

'Worst' ransomware attack hits Maryland police department (AP NEWS) A Maryland police department says it experienced its "worst computer network attack" in its history, after the attacker accessed its network through a longtime software vendor. Salisbury police Capt. Rich Kaiser tells The Daily Times of Salisbury the department's entire internal computer network was compromised Jan. 9 in a ransomware attack. He said negotiations with the attacker who asked for an undisclosed sum "quickly disintegrated."

DHSS cyber attack impacts more than 100,000 Alaska households (KTUU) A cyber attack in April has impacted more than 100,000 Alaska households. The Department of Health and Human Services says the breach applies to people who applied for programs through the Division of Public Assistance.

Security Patches, Mitigations, and Software Updates

Check Point Fixes Privilege Escalation Bug in ZoneAlarm Free (BleepingComputer) A security issue in Check Point's free edition of ZoneAlarm antivirus and firewall solution allowed a user with limited rights on the machine to inject and execute code with the highest privileges.

Running Sysmon 8.0.0? Update to 8.0.4 to Avoid a Memory Leak (BleepingComputer) A memory leak exists in recent version of the Sysmon utility that could cause a computer to run out of memory and crash if they routinely update its configuration file through a scheduled task or some other manner. 

Cyber Trends

Cisco 2019 Data Privacy Benchmark Study Shows Organizations Gaining Business Benefits from Data Privacy Investments (PR Newswire) Organizations worldwide that invested in maturing their data privacy practices are now realizing tangible...

GDPR-ready organizations see lowest incidence of data breaches (Help Net Security) Organizations worldwide that invested in maturing their data privacy practices are now realizing tangible business benefits from these investments,

83% of global respondents experienced phishing attacks in 2018 (Help Net Security) Most experienced phishing attacks in 2018, and nearly 60 percent saw an increase in employee detection following security awareness training.

Why cyberwar is contributing to a potential doomsday (Fifth Domain) The rise of cyberattacks and information warfare is a contributing factor to an existential threat to humanity, according to the Bulletin of the Atomic Scientists

Seven Out of Every Ten Open Vulnerabilities Belong to Just Three Vendors (Computer Business Review) Seven out of every ten open vulnerabilities observed by customers belongs to just three vendors, Oracle, Microsoft and Adobe.

Scamming Grandma: Financial Abuse of Seniors Hits Record (Wall Street Journal) U.S. banks reported 24,454 suspected cases of elder financial abuse to the Treasury Department last year, more than double the amount five years earlier.

Crime stats show switch in focus by cyber criminals (ComputerWeekly.com) The latest crime statistics suggest that cyber criminals are turning their attention to organisations and social engineering attacks as they become more sophisticated

Marketplace

How the government shutdown is flushing away federal cyber-talent (Ars Technica) As some feds miss a second paycheck and contractors sit idle, a brain drain is imminent.

Enterprises turn to MSPs to mitigate huge skills gap concerns (Help Net Security) A huge skills gap coupled with security worries is driving IT decision makers to engage Managed Service Providers (MSPs) to handle their IT needs,

New report urges action against Huawei, ZTE (TheHill) A new report is urging the Trump administration to take action against a pair of Chinese telecommunication giants over the firms’ alleged misconduct, including claims that they work on behalf of the Chinese sta

Another Reason U.S. Fears Huawei: Its Gear Works and It's Cheap (Bloomberg) Trump administration has stepped up action on Chinese company. U.S. has long alleged Huawei equipment poses a security risk.

Palantir CEO rips Silicon Valley, accuses it of selling out America and failing to protect the country (CNBC) Alex Karp, CEO of the secretive data miner, is slamming the tech community for what he considers a breach of its social contract.

McAfee cuts 200 employees after eroding sales: report (CRN Australia) Could be gearing up for an IPO.

Apple lays off 200 staff from autonomous vehicle group Project Titan (Computing) Other staff will be moved to different projects,

Raytheon to maintain and cybersecure U.S. Air Force Global Hawk ground control stations (GuruFocus) Raytheon to maintain and cybersecure U.S. Air Force Global Hawk ground control stations, Stocks: NYSE:RTN, release date:Jan 23, 2019

You’d be surprised how many VPNs are owned by the same company (Qrius) The company with the most brands under its belt is AnchorFree

Christopher Kennedy Joins AttackIQ as CISO and Vice President of Customer Success (GlobeNewswire News Room) AttackIQ hires former Military, Federal, and Financial Security leader to round out its executive team

AttackIQ Taps Vinod Peris as Vice President of Engineering (MarketWatch) Former Cisco Executive Brings Deep Technology Leadership Skills to the AttackIQ Team

Data Privacy Innovator Virtru Appoints Neville Letzerich as Chief Marketing Officer (AP NEWS) Virtru , a leading innovator in enterprise data protection and data privacy solutions , has named Neville Letzerich as its new chief marketing officer (CMO). Letzerich brings more than 20 years of enterprise software marketing, sales and product experience to the role. He will support Virtru’s next phase of global expansion in the enterprise data privacy sector, scaling the reach and impact of the company’s brand and delivering world-class go-to-market execution.

Cisco Security Exec And Sourcefire Founder Martin Roesch Is Departing (CRN) Longtime tech executive Martin Roesch, founder and CTO of Sourcefire and current Cisco Security Business Group chief architect, says he's leaving the company.

Products, Services, and Solutions

New infosec products of the week: January 25, 2019 (Help Net Security) Threat Stack announces new API for streamlined DevOps and security workflows The new API will allow for the suppression and dismissal of alerts from

Pulse Secure Launches Access Now Partner Program to Accelerate Channel Sales and Service Opportunities (GlobeNewswire News Room) Pulse Secure, the leading provider of Secure Access solutions to both enterprises and service providers, today announced the global launch of their new Access Now Partner Program. Designed to offer partners the means to establish themselves as a go-to source with an industry-leading solution in Secure Access,

JFrog Xray Drives DevSecOps, Announces Inclusion of the Industry's Broadest Software Security Vulnerability Dataset via VulnDB (PR Newswire) JFrog, the DevOps technology leader known for enabling liquid software via Continuous Update flows, is...

Threat Stack announces new API for streamlined DevOps and security workflows (Help Net Security) Threat Stack's API endpoints enable SecOps teams to integrate Threat Stack Cloud Security Platform into existing DevOps and security workflows.

SIOS Protection Suite for SAP optimized on AWS available in AWS Solution Space (Help Net Security) SIOS Protection Suite for SAP optimized on AWS provides availability, data replication, and disaster recovery in a solution on AWS.

Cisco and AppDynamics unveil vision for the Central Nervous System for IT (Help Net Security) The Central Nervous System for IT gives enterprises the visibility into multi-cloud environments, delivers machine learning insights, and automates tasks.

Saudi Arabia and UAE to launch new banking crypto-currency (Asia Times) The Middle East is another region exploring the application of blockchain and private crypto-currencies to improve banking and cross border payments

Technologies, Techniques, and Standards

Hack, Jam, Sense & Shoot: Army Creates 1st Multi-Domain Unit (Breaking Defense) A new Army unit will hack and jam enemy networks and provide targeting data for both long-range missiles and missile defense.

Six Things to Consider Before CCPA Goes Into Force (PR Newswire) Netwrix, provider of a visibility platform for data security and risk mitigation in hybrid environments,...

The most effective security strategies to guard sensitive information (Help Net Security) With security as the biggest barrier to cloud and SaaS adoption, Ping Identity reveals the most effective security strategies for organizations.

NIST Guidance for Financial Services: Protecting Privileged Access is a Business Imperative (Security Boulevard) Success in today’s financial services market means constantly innovating to meet evolving customer expectations, such as enhanced personalization, mobile banking and cloud-based digital service options.

How a Security Vendor Tricked Social Media Phishers (Infosecurity Magazine) UK-based Fidus Information Security was targeted by angler phishing

Design and Innovation

Chinese ‘white hats’ strive to bring security to crypto (Asia Times) Token theft is a blockchain headache but security specialist SlowMist, often linked to the Chinese state, says it has the tech to stop the attacks

Hewlett Packard Enterprise launches interactive game teaching young girls critical cybersecurity skills (HPE Newsroom) HPE’s new cybersecurity game and curriculum to educate Girl Scouts on safely and defensively navigating the internet and social media

Research and Development

Researchers Create Algorithm to Protect Kids from Disturbing YouTube Videos (BleepingComputer) A team of researchers has developed a high accuracy deep learning-based classifier designed to detect YouTube videos with disturbing content for kids. This was done after finding that the current recommendation algorithm used by the platform to suggest related content is quite lacking.

Yes, “algorithms” can be biased. Here’s why (Ars Technica) Op-ed: a computer scientist weighs in on the downsides of AI.

Academia

U.S. universities unplug from China's Huawei under pressure from Trump (Reuters) Top U.S. universities are ditching telecom equipment made by Huawei Technologies...

Legislation, Policy, and Regulation

Analysis | The Daily 202: 10 sobering quotes from the new National Intelligence Strategy (Washington Post) The intelligence community aims to increase transparency after sustained attacks from the president.

Poland set to exclude China's Huawei from 5G plans (Reuters) Poland is set to exclude Huawei from its future 5G network in favour of European...

Senior UK.gov ministers asked: So, are we going to ban Huawei or what? (Register) All our Five Eyes mates have shown them the door

Analysis | How Huawei Became a Target for the U.S. Government: QuickTake (Washington Post) Huawei Technologies Co., one of China’s most-global companies, is increasingly in the cross-hairs of the U.S. government and its Western allies, just as it’s pushing for a leadership role in the new wireless standard known as 5G. After years of tension, the telecommunications giant is facing multiple battles, including the arrest in Canada of its chief financial officer, possible criminal charges in the U.S. and the prospect of being shut out of new infrastructure projects around the world. The

Russia warns U.S. against military intervention in Venezuela (NBC News) "Venezuela is friendly to us and is our strategic partner," Vladimir Putin's deputy foreign minister said. "We have supported them and will support them."

Analysis | The Cybersecurity 202: Microsoft chief urges Trump administration to stand with democracies in cyberspace (Washington Post) The U.S. is notably absent from the "Paris Call" international cyber agreement.

McCaul & Engel Introduce Cyber Diplomacy Act of 2019 (Committee on Foreign Affairs) Today, House Foreign Affairs lead Republican Michael McCaul (R-TX) and Chairman Eliot Engel (D-NY) introduced H.R. 739, the Cyber Diplomacy Act of 2019, to ensure American leadership on the world stage in keeping the Internet open, reliable and secure. Ranking Member McCaul: “The threats to America’s security, economy, and the Internet itself …

Cyber Diplomacy Act of 2019 (US House of Representatives) A bill to support United States international cyber diplomacy, and for other purposes.

Shutdown Could Damage Homeland Security for ‘Months, if Not Years,’ Says Ex-DHS Chief (Nextgov.com) Efforts to strengthen the country’s cyber posture have come to a halt, and if a crisis were to strike, there wouldn’t be enough people to respond, former agency officials said.

Litigation, Investigation, and Law Enforcement

Trump, Huawei, and the Politics of Extradition (Foreign Affairs) Trump’s comments about the Meng case jeopardize the presumption of good faith and regular process that make cross-border law enforcement cooperation possible.

Longtime Trump adviser Roger Stone indicted by special counsel in Russia investigation (Washington Post) Stone, who has been under scrutiny for months by special counsel Robert S. Mueller III, was charged on seven counts.

United States of America v. Roger Jason Stone, Jr. (United States District Court for the District of Columbia) The Grand Jury for the District of Columbia charges...

One Man’s Obsessive Fight to Reclaim His Cambridge Analytica Data (WIRED) David Carroll has been locked in a legal war to force the infamous company to turn over its files on him. He’s won a battle, but the struggle continues.

Letter from 15 Senators to the FCC and FTC (US Senate) We write to urge the Federal Trade Commission and the Federal Communications Commission to broadly investigate the sale of Americans' location data by wireless carriers, location aggregators, and other third parties.

Data Broker That Sold Phone Locations Used by Bounty Hunters Lobbied FCC to Scrap User Consent (Motherboard) Zumigo, which sold the location data of American cell phone users, wanted the FCC to remove requirements around user consent.

Google to appeal €50m fine by French data protection regulator CNIL (Computing) Google claims it 'worked hard' to achieve GDPR compliance,Security,Cloud and Infrastructure ,Google,CNIL,GDPR,Coffin Mew,Guy Cartwright

Google doesn’t want employees to use work email to organize, per report (Ars Technica) Should workplace email be considered a "natural gathering place"?

Google pushed to curb employee protests while claiming to support walkouts, documents show (The Telegraph) Google is under fire from its own employees after it asked the US government to change rules which allow staff to plan activism on their work email accounts.

Lessons for Corporate Boardrooms From Yahoo’s Cybersecurity Settlement (New York Times) Shareholders haven’t been successful in holding companies accountable for data breaches. But that changed in the first month of 2019.

Bitcoin blues: This is how much cyptocurrency was stolen last year (ZDNet) Hackers targeting bitcoin, monero and other cryptocurrencies made a lot of money from hacking exchanges, businesses and consumers last year.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

2019 Innovator's Showcase (McLean, Virginia, USA, May 2, 2019) The Intelligence and National Security Alliance (INSA) will showcase IR&D projects with national security applications at its 2019 Innovators’ Showcase. Held in partnership with the Office of the Director social media for protecting or removing anonymity utilizing social media, internet-connected data stores, and other assets associated with life in a fully digital world, and ephemeris identity telemetry. including identifying characteristics such as biometrics, geolocation, digital signatures, and geo-environmental association..

Upcoming Events

Zero Trust Technology Showcase (Columbia, Maryland, USA, January 28, 2019) Register for the Zero Trust Technology Showcase. The working group, mainly consisting of US Government employees, will be organized into four teams to include teams exploring data, networking, analytics...

CPX Americas 360 2019 (Las Vegas, Nevada, USA, February 4 - 6, 2019) CPX 360 promises to be the premier cyber security summit. CPX 360 is where you’ll receive up-to-the-minute intelligence about global threats and other vital topics from the world’s leading cyber security...

QuBit Conference Belgrade 2019 (Belgrade, Romania, February 7, 2019) QuBit is a Cybersecurity Community Event connecting the East and West. We create a unique way to meet the best and the brightest minds in the information security fields across multiple industries, and...

NITSIG Meeting: Insider Threat Detection & Mitigation Using External Data Sources (Laurel, Maryland, USA, February 12, 2019) Gathering and analyzing Internal data sources is very important for Insider Threat Detection. Equally important is knowing what External data sources are also available to create the "Big Picture" of potential...

National Security Technology Forum and Exposition (NSTFX) (San Diego, California, USA, February 12, 2019) AFCEA International and the University of California, San Diego are proud to host a new and innovative event entitled “The National Security Technology Forum and Exposition (NSTFX)”. NSTFX will bring...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.