skip navigation

More signal. Less noise.

Get your copy of the definitive guide to threat intelligence.

We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.

Daily briefing.

Global Cyber Innovation Summit

The Global Cyber Innovation Summit concluded yesterday in Baltimore.

Yesterday's highlights included some perspective on what creates crisis instability from cybersecurity and policy expert Richard Clarke. You get dangerous crisis instability when an aggressor concludes they have a decisive advantage over the defenders. You're at risk when your opposition concludes that your defenses aren't credible.

Several speakers expressed concerns about data integrity, or data provenance. NSA's Rob Joyce warned that, as governments increase their efforts to impose national will in cyberspace, data will come under correspondingly greater attack. If data come to be perceived as untrustworthy, that would erode public trust and confidence in the institutions of both government and civil society. This is a slow-motion problem, and it may be upon us before we realize the severity of the threat.

Amid the usual warnings, however, were some surprising and distinctly encouraging notes. Tenable's Amit Yoran said that they've seen a "tremendous difference" between the cyber haves and the cyber have-nots. It's possible to protect yourself today. Richard Clarke had a similar observation about the possibility of successful defense, taking NotPetya as grounds for optimism. NotPetya was a Russian military action against Ukraine, but many companies around the world were collateral damage, and that damage was severe. But a lot of other companies deflected the attack, and "these are the dogs that didn't bark." Existing technology properly applied can defend the corporate network, he concluded.

We'll have more on the Summit in subsequent issues of the CyberWire.

US Federal authorities have been "tight-lipped" (as E&E News, which broke the story, puts it) about a cyber incident affecting electrical utilities in three western states. But they have said, according to TechCrunch, that the distributed denial-of-service attack affected neither power generation nor distribution.

Chinese security services are making effective use of online surveillance domestically, particularly against its largely Muslim Uighur population. A New York Times op-ed fears the tools perfected in-country will proliferate internationally.

The exploit blackmarketeer known as Volodya or BuggiCorp continues to hawk malware. ZDNet has a round-up of some of his (her? their?) activities and customers. He seems in part a government contractor, as his clients include (Kaspersky says) SandCat, FruityArmor, and Fancy Bear.

Proofpoint says the Retefe banking Trojan is back, with some enhancements.

Sophos tweeted that they may have discovered a novel ransomware strain, possible being delivered via Emotet. The ransom note alludes to Belshazzar's feast: your defenses "have been weighed, measured, and have been found wanting."

Ad fraud will cost businesses $5.8 billion this year an Association of National Advertisers study predicts, but that's good news: it's down from $6.5 billion over the previous year.

Mixed news (on balance more good than bad) comes from CrowdStrike, which sees a drop in hacktivism's effectiveness even as hacktivism becomes more frequent, WIRED reports. Common hacktivist actions include website defacement and distributed denial-of-service.

Russia's new autarkic Internet, complete with isolation switch, is now officially law, and many, NDTV says, fear censorship. Who could've seen that coming?


Today's issue includes events affecting Austria, Brazil, China, European Union, Germany, India, Indonesia, Libya, Malaysia, Myanmar, Netherlands, Pakistan, Russia, Sri Lanka, Sudan, Turkey, United Kingdom, United States, and Venezuela.

Bring your own context.

Resident everyman Joe Carrigan expresses his frustration with social media:

"When it comes to political discourse, Facebook is little more than a political echo chamber, and Twitter is a spite-filled dumpster fire!" Joe Carrigan, of the Johns Hopkins University Information Security Institute and co-host of Hacking Humans, offering some form criticism in this week's episode.

Sez him. Don't sugar-coat it, Joe. But he's got a point. Out, damned bot!

Get a Backstage Pass to LookingGlass’ Digital Business Risk Roadshow

When it comes to digital business risk, you don’t want a general admission perspective. Get a backstage pass for the LookingGlass Digital Business Risk Roadshow to learn the industry-latest on effective third party risk management, taking a proactive security approach, and get a cybercriminal mastermind's insights on manipulating your organization’s cyber strengths and weaknesses. Come see us in a city near you. The tour includes NYC, D.C., and Houston!

In today's podcast, out later this afternoon, we speak with our partners at Terbium Labs, as Emily Wilson talks about the Dynamic Connections conference, hosted by General Dynamics. Our guest is Joseph Carson from Thycotic on lessons he’s learned (the hard way) on communications with the board.

Cybersecurity Impact Awards (Arlington, Virginia, United States, May 14, 2019) Winners of the Cybersecurity Impact Awards will be announced and recognized at the May 14, 2019 CYBERTACOS event. The event will start at 5:30 p.m. and the award presentation will begin at 6:00 p.m.! Join us afterwards for tacos and networking!

Cyber Investing Summit (New York City, New York, United States, May 16, 2019) The Cyber Investing Summit is a conference focused on financial opportunities and strategies in the cybersecurity sector. Join key decision makers, investors, and innovators to network, learn, and develop new partnerships May 16th in NYC. More information:

Cyber Security Summits: May 16 in Dallas and in Seattle on June 25th (Dallas, Texas, United States, May 16 - June 25, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, U.S. Secret Service, Verizon, Center for Internet Security, and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Passes are limited, secure yours today:

Dateline Global Cyber Innovation Summit

Analysis | The Cybersecurity 202: Iran’s the scariest cyber adversary, former NSA chief says (Washington Post) Keith Alexander says the U.S. has fewer diplomatic levers to pull.

Cyber Attacks, Threats, and Vulnerabilities

Big Brother’s watching: Turkey secretly tracked US airmen, documents allege (Air Force Times) The fact that a host nation kept tabs on U.S. operations isn’t necessarily malicious, or surprising, U.S. officials said.

Chinese app tracks every move that Muslims make (Times) Chinese Muslims are unable to use their phone, fill up their car with petrol or even leave the house without being recorded by an unprecedented surveillance operation in the country’s far west...

Opinion | We Should Worry About How China Uses Apps Like TikTok (New York Times) Illiberal innovations created for China’s vast surveilled and censored domestic market are increasingly popular overseas.

ISIS’s New Target: South Asia (Foreign Policy) The Sri Lanka attacks should put the region on alert.

SECURITY: 'Denial of service' attack caused grid cyber disruption: DOE (E&E News) Details are emerging about an unprecedented "cyber event" reported this week that disrupted Western grid networks. But officials are keeping quiet about which utility was hit, and why.

An alarmingly simple cyberattack hit electrical systems serving LA and Salt Lake, but power never went down (CNBC) Cyberattackers successfully interrupted electrical systems in Los Angeles County and Salt Lake County in March, according to the Department of Energy.

‘Denial of service condition’ disrupted US energy company operations (TechCrunch) An energy company providing power in several western U.S. states experienced a “denial-of-service condition” serious enough to warrant reporting it to the government’s energy authority. The “cyber event” resulted in “interruptions of electrical system operations&…

2019: The Return of Retefe (Proofpoint) Proofpoint researchers describe recent updates to the Retefe banking Trojan and changes to related actor TTPs.

Mysterious hacker has been selling Windows 0-days to APT groups for three years (ZDNet) Hacker has sold Windows zero-days to the likes of Fancy Bear, FIN groups, and cyber-crime gangs.

A Hacker Is Selling Windows Zero-Days To World's Most Dangerous Hacker Groups (International Business Times) A shadowy hacker, going by the pseudonyms Volodya or BuggiCorp, was found selling Windows zero-day vulnerabilities to APT groups like the Fancy Bear, SandCat, and others.

Extortionists leak data of huge firms after IT provider refuses to pay (Naked Security) The data was published after “Boris Bullet-Dodger” failed to get Citycomp to cough up.

D-Link Cloud Camera Flaw Gives Hackers Access to Video Stream (Threatpost) Researchers warn customers to reconsider the use of the camera’s remote access feature if the device is monitoring highly sensitive areas of their household or company.

D-Link camera vulnerability allows attackers to tap into the video stream (WeLiveSecurity) ESET researchers have identified a series of security holes in a device that is intended to make homes and offices more secure.

Attackers actively exploiting Atlassian Confluence and Oracle WebLogic flaws (Help Net Security) Attackers are actively exploiting recently fixed vulnerabilities in Oracle WebLogic and Atlassian Confluence to deliver ransomware, mine cryptocurrency.

Sierra Wireless AirLink ALEOS (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 9.1ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are availableVendor: Sierra WirelessEquipment: AirLink ALEOSVulnerabilities: OS Command Injection, Use of Hard-coded Credentials, Unrestricted Upload of File with Dangerous Type, Cross-site Scripting, Cross-site Request Forgery, Information Exposure, Missing Encryption of

Orpak SiteOmat (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 9.8ATTENTION: Exploitable remotely/low skill level to exploit/public exploits availableVendor: Orpak (acquired by Gilbarco Veeder-Root)Equipment: SiteOmatVulnerabilities: Use of Hard-coded Credentials, Cross-site Scripting, SQL Injection, Missing Encryption of Sensitive Data, Code Injection, Stack-based Buffer Overflow2.

GE Communicator (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 8.1ATTENTION: Exploitable remotely/low skill level to exploitVendor: General ElectricEquipment: CommunicatorVulnerabilities: Uncontrolled Search Path, Use of Hard-coded Credentials, Improper Access Controls2.

Wipro Breach Looks a Case of Gift Card Fraud (Decipher) The attack on IT outsourcing giant Wipro appears to have been motivated by gift card fraud, not espionage or a supply-chain attack against another company.

50,000 companies running SAP installations open to attack via publicly released exploits (Help Net Security) Two exploits publicly released in late April at a security conference in Dubai could be leveraged to compromise a great number of SAP implementations.

New Exploits for Unsecure SAP Systems (US-CERT) The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this activity alert in response to recently disclosed exploits that target unsecure configurations of SAP components.

Why Hidden Malware May Be Potential National Catastrophe (eWEEK) SECURITY ANALYSIS: Command-and-control servers execute commands that could range from stealing personal information to ransomware attacks to pulling email (and getting insider information) to emptying accounts. This is a growing threat, and here's what some companies are doing about it.

Facebook Bans Louis Farrakhan, Alex Jones and Others as ‘Dangerous’ (Wall Street Journal) Facebook banned an array of personalities whose views it deemed too inflammatory to be shared on its social network, including Nation of Islam leader Louis Farrakhan, far-right talk-show host Alex Jones and conservative Jewish activist Laura Loomer.

Facebook bans Alex Jones and Laura Loomer for violating its policies (The Verge) Milo Yiannopoulos and Louis Farrakhan have been banned as well

Google spends hundreds of millions of dollars on content review:... (Reuters) Alphabet Inc's Google unit told a U.S. House panel it spends hundreds of mi...

The Existential Crisis Plaguing Online Extremism Researchers (WIRED) Chronicling the internet's worst impulses can be depressing, and every remedy only seems to make things worse.

Watertown Daily Times Experiences Another Cyber Attack (WWNY) The Watertown Daily Times says it's experiencing another cyber attack. 

Newspapers to be published today, cyber attack be damned (Watertown Daily Times) The cyber attack that began at the Watertown Daily Times on Saturday reared its head again Thursday, but staff rallied to work without hard-wired internet to get the papers out.

Austrian construction group Porr hit by cyber attack (Reuters) Austrian construction company Porr detected a cyber attack on its communication ...

Security Patches, Mitigations, and Software Updates

Microsoft 365 updates for better enterprise data privacy (Help Net Security) Microsoft offers new privacy controls to Microsoft 365 enterprise customers: encrypted email access revokation, new data investigation capabilities, etc.

Cyber Trends

Atlantic Council 8th Annual International Conference on Cyber Engagement - Observations (Control Global) I attended the April 23rd Atlantic Council’s 8th Annual International Conference on Cyber Engagement. This was a policy, not technical, conference. As best as I could tell, there were very few “practicing” engineers that attended. The Atlantic Council should consider having more engineers participating to support the policy makers on the technical issues underpinning policy.

OneTrust-IAPP Research: Most US Companies are Not Ready for the CCPA (MarTechSeries) With Only Six Months Until the CCPA's Implementation Date, Research Reveals Less than Half Will be Prepared International Association of

Coinhive Dead but Browser-Based Cryptomining Still a Threat (BleepingComputer) Hacked routers running the Coinhive script for cryptocurrency mining have been injected with new code to mint digital coins after Coinhive service shut down.

No longer clicking: Online ad fraud has fallen in the past year (CyberScoop) Online advertising fraud will cost digital marketers $5.8 billion this year, down from $6.5 billion the year before, according to new research.


10 Hot IoT security startups to watch (Network World) With the internet of things growing unchecked, entrepreneurs are working to build security systems that can protect IoT infrastructure and the data it gathers. Here’s a look at 10 of them.

Facebook to create privacy oversight committee with Zuckerberg personally accountable for data privacy, claims report (Computing) Move comes as Facebook faces fine of up to $5bn over lackadaisical attitude to users' privacy

Digital Defense, Inc. Seeing Dramatic Partner Sales Growth (Digital Defense) Partners Increase Revenues by Helping Customers Transition to SaaS Security

Network Designs, Inc. (NDi) Opens Cyber Operations Office in the Georgia Cyber Center (PR Newswire) Network Designs, Inc. (NDi) announced today that it has opened the NDi Cyber Operations Office in the Georgia Cyber...

Security Intelligence Leader Exabeam to Open New East Coast Office in Atlanta (Exabeam) Exabeam, the Smarter SIEM™ company, today announced[...]

FireEye Secures Army Cyber Command Support Subcontract; Ron Bushar Quoted (ExecutiveBiz) FireEye has received a subcontract from Perspecta to support the U.S. Army Cyber Command's operations and global mission as part of a potential five-year, $905M task order.

Hacker-turned-CEO: Too much money is being thrown at Cybersecurity (Yahoo) Dug Song, co-founder of Duo Security which Cisco bought last year for $2.35 billion dollars, joins Yahoo Finance's Akiko Fujita, Dan Roberts, and Ethan Wolff-Mann. Song explains why cybersecurity isn't being fought in the most cost-efficient way. He highlights the biggest threats.

NSS Labs Appoints New Chief Executive Officer (NSS Labs, Inc.) NSS Labs, Inc., a global leader and trusted source for independent cybersecurity product testing, today announced that Jason Brvenik has been named Chief Executive Officer (CEO); he had been serving as Chief Technology Officer (CTO) since January 2017

JASK Fortifies Key Executive Positions as it Continues to Scale (Yahoo) JASK, the provider of the industry’s first cloud-native SIEM platform, today announced that it has made several key promotions to its leadership team in support of its rapid growth. Further strengthening its executive leadership, the advancements lay the groundwork for customer enablement and scalability

Lares appoints Andrew Hay as COO (Help Net Security) Lares, a global leader in security assessment, testing, and coaching, announced that veteran technology executive Andrew Hay has joined the company as COO.

Products, Services, and Solutions

CyberaVUE Brings Remote Network Operations into Clear Focus (WFMJ) Cybera network insight strategy delivers increased visibility and control for remote sites

Culinda and ecfirst Collaborate to Deliver Specialized Medical IoT Cybersecurity Solutions (PR Newswire) Culinda Inc., a medical IoT security company based in Irvine, CA, and ecfirst, a leading healthcare cybersecurity...

CyberaVUE Brings Remote Network Operations into Clear Focus (Cybera | Network Services Platform) Cybera has announced CyberaVUE, a new cloud-based management solution to extend network insights and provide customers with a comprehensive, real-time view of remote site networks. CyberaVUE is part of the company’s multi-tenant platform, CyberaONE...

Modus Launches Digital Earnest Money Deposit to Eliminate Wire Fraud Plaguing Home Buyers (Yahoo) Seattle based start-up Modus, a real estate technology company that applies cutting-edge software to title and escrow operations, announces the launch of its unique ...

SAP announces secure, scalable business-to-business solutions for marketers (Marketing Land) Software and technology provider SAP announced the launch of a new B2B software-as-a-service (SaaS) solution that will allow users to securely grant third parties access to first-party data, share sensitive information and manage regulatory compliance without the threat of exposure to security risks. Why we should care The experience economy is rapidly expanding as more …

Microsoft Declares 'General Availability' of Threat Experts Security Service (Redmondmag) Microsoft announced this week that part of its new threat-hunting service for organizations has reached the 'general availability' (GA) commercial release stage.

CrowdStrike tackles BIOS attacks with new Falcon features (SearchSecurity) CrowdStrike announced it is enhancing its endpoint security platform, Falcon, to provide organizations with the visibility needed to detect and protect against BIOS attacks.

Technologies, Techniques, and Standards

Venafi: Five Ways Organizations Use Machine Identities (Global Banking & Finance Review) On May 2, World Password Day reminds consumers to layer up their logins by enabling multifactor authentication on their devices and online accounts. Held a

Avira Password Security Report: Tidy up your digital life (Avira - Antivirus made in Germany) Avira is pleased to release its first Password Security Report, reinforcing our mission to protect people in the connected world. The report details how the increasing number of data breaches are impacting people’s digital lives and online behavior and includes tips on protecting personal data.

GAO urges Census Bureau to stay on track with cybersecurity to-do list (Federal News Network) The Government Accountability Office has urged the Census Bureau to step up its efforts to implement hundreds of action items on its cybersecurity to-do list.

Cybersecurity Experts Share Tips And Insights For World Password Day (Forbes) Cybersecurity experts weigh in for World Password Day with their thoughts on the current state of password security and their insights on best practices for better authentication security moving forward.

How To Safeguard Against Social Engineering Hacks (Forbes) The heightened awareness of cybercrime has opened up the space for a conversation about how hackers use social engineering to lure victims into their schemes.

Design and Innovation

Rafael uses puzzles to recruit algorithm specialists (Globes) The government defense company has devised an eight-stage puzzle to attract the attention of and select potential employees.

Research and Development

The solution to quantum computers cracking cryptography is already here (Quartz) It's a problem that doesn't exist yet—and it's already been solved.

Cybersecurity firm Forcepoint patents a blockchain cybersecurity solution (CRYPTONEWSBYTES.COM) Adaptive cybersecurity solutions need more and more data, and analytics. A new blockchain cybersecurity patent owned by Forcepoint can help in managing this high volume of data.


Spot the not-Fed: A day at AvengerCon, the Army’s answer to hacker conferences (Ars Technica) Army unit's effort brings hacker con culture to the home of military cyber.

Legislation, Policy, and Regulation

Putin signs Russian internet isolation bill into law (Engadget) Russia will have even more control over the information shown to its citizens.

Russia's Controversial New Internet Law Stokes Censorship Fears (NDTV Gadgets 360) Putin on Wednesday signed into law a "sovereign internet" bill which will allow Russian authorities to isolate the country's internet, a move decried by rights groups.

Analysis: Russia’s Plans for a National Internet (New America) Much has been made of the Russian initiative to wall off its internet (the RUnet) from the global internet, but what's really going on?

The Growing Russian Challenge and What Should Be Done About It (Atlantic Council) All around the world, Russia is increasingly asserting itself, propping up dictators, and, in some instances, posing a direct challenge to US interests. Russian President Vladimir Putin held his first-ever meeting with North Korean leader Kim...

Venezuela thrust to forefront of US-Russia clashes (Military Times) The crisis in Venezuela has been thrust to the top of a list of long-simmering spats between the United States and Russia, with both sides entrenched in diametrically opposed positions from which they are unwilling to retreat.

Pentagon’s Shanahan, Dunford cancel overseas travel to plan for Venezuela contingencies (Washington Examiner) CHANGE OF PLANS: Acting Defense Secretary Patrick Shanahan and Joint Chiefs Chairman Gen. Joseph Dunford canceled plans to preside over a change of command ceremony today in Germany to remain in Washington to plan for military contingencies for Venezuela.

Maduro in show of loyalty with Venezuela’s military chiefs (Times) The “brutal repression” of Venezuelans by the Maduro regime must end soon, President Trump said yesterday as he tried to rally the country’s opposition, left despondent by their failed uprising.

Venezuela Is at a ‘Tipping Point’ (Foreign Policy) The former head of U.S. Southern Command says, despite the failed uprising, Maduro’s regime is crumbling.

Juan Guaidó’s Operation Freedom Gives Venezuela a Shot at Democracy (Atlantic Council) At dawn in Caracas on April 30, security personnel carried out two bold moves in support of the interim government—and in defiance of Nicolás Maduro’s regime. These developments mark the best chance yet for Venezuelans to begin the next wave of...

Global security officials to hammer out united 5G security approach (Reuters) Global cooperation is key to ensuring the security of 5G networks, cyber securit...

US pressure on UK after Defence Secretary dismissed in Huawei row (The National) Gavin Williamson sided with Washington to ban Chinese group

The Huawei Challenge (Atlantic Council) Despite an effort by the United States to persuade its friends and allies not to use 5G wireless communications technology developed by Huawei, many will find it hard to avoid doing business with the Chinese telecom giant altogether. Robert A....

Does Huawei really pose a security risk? A straightforward guide (The Telegraph) Huawei, a Chinese company once little-known outside of the technology industry, has found itself at the centre of a political firestorm that has already toppled one UK minister and triggered a row over the future of the security of the UK's telecoms networks.

Feds seek to up their cybersecurity game (Security Boulevard) Recent government cybersecurity initiatives assume that the federal government has a role to play in securing the IoT and critical infrastructure. Does it? The post Feds seek to up their cybersecurity game appeared first on Software Integrity Blog.

Is a sticky label the answer to the IoT’s security problems? (Naked Security) How can IoT security be improved? The UK Government just published new details of its surprising and unfashionable answer.

White House ramps up efforts to expand cyber workforce (Fifth Domain) A May 2 executive order will require agencies to plan for new cybersecurity workforce initiatives, both in and out of federal government.

DHS policies allow unlimited, warrantless device search (Naked Security) Newly revealed policies show border agents can search devices for pretty much any reason, including if some other agency asked them to.

Litigation, Investigation, and Law Enforcement

3rd ex-intelligence official this year guilty of conspiring with Chinese government (Federal News Network) In today’s Federal Newscast, another former member of the intelligence community was found to have conspired with Chinese intelligence services.

UK opposition leaders called for a criminal investigation into Huawei leak (Defense News) Britain’s former defense secretary ferociously denied allegations that he leaked details from private government discussions about a Chinese telecommunications company. Meanwhile, military analysts expect little fallout.

Snapchat admits age checks 'do not work' during grilling by MPs (The Telegraph) Snapchat has admitted its age verification process “do not work” as it told MPs children under 13 are able to use the site.

Exclusive: New privacy oversight on the table for Facebook, Zuckerberg (POLITICO) The terms of a potential settlement with the FTC would require Facebook to place an executive and a new committee in high-level privacy roles.

Potential Facebook Settlement With FTC Likely to Include WhatsApp (Wall Street Journal) Facebook potential settlement with federal regulators over breaches of consumer data privacy is nearing completion and will likely cover related services such as its WhatsApp messaging function.

Pelosi accuses Barr of the crime of lying to Congress (Washington Post) The speaker’s accusation escalated a feud with the nation’s top law enforcement officer, who was a no-show at a House hearing on Thursday.

WikiLeaks founder Julian Assange begins long court battle against extradition (Washington Post) He has been charged with conspiring to hack a U.S. Defense Department computer.

When Coding Is Criminal (WIRED) Opinion: Programmers whose code is used to commit a crime face new and perilous legal threats.

Germany shuts down 'Darknet' criminal trading platform, detains 3 (Reuters) German investigators have shut down the world's second largest criminal onl...

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Cybertech Midwest 2019 (Indianapolis, Indiana, USA, April 24 - July 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...

Infiltrate 2019 (Miami Beach, Florida, USA, May 2 - 3, 2019) INFILTRATE is a deeply technical conference that focuses entirely on offensive security issues. Groundbreaking researchers demonstrate techniques that you cannot find elsewhere. Learn computer and network...

SecureWorld Kansas City (Kansas City, Missouri, USA, May 8, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...

RiskSec 2019 (Philadelphia, Pennsylvania, USA, May 8, 2019) RiskSec 2019 will provide insights from thought leaders across various industries, focusing on the most significant issues that CISOs and other security professionals face every day. Learn about new approaches...

Digital Utilities Europe 2019 (London, England, UK, May 8 - 9, 2019) Following three successful editions of ACI’s Digital Utilities Europe Summit, the 4th edition will be taking place in London, United Kingdom on 8th-9th May 2019. The conference will bring together key...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.