skip navigation

More signal. Less noise.

Get your copy of the definitive guide to threat intelligence.

We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.

Daily briefing.

Global Cyber Innovation Summit

We continue our coverage of last week’s Global Cyber Innovation Summit with two pieces, linked below. One describes the symposiasts’ views on two families of emerging technologies: quantum computing and artificial intelligence. And we also have an account of seven of the companies selected as the Disrupt 8. (The eighth one was equally interesting, but their presentation was off the record.)

There's been another exposure of Iranian hacking operations. Last month an unknown actor going by "Lab Dookhtegam" dumped code and other information belonging to the OilRig APT. This week another actor, perhaps independently, but more probably acting in coordination with the earlier leakers, dropped information via Telegram and various websites that describe other Iranian cyber operations.

This new group calls itself, ZDNet says, the "Green Leakers." The material released includes information on other Iranian cyber operators, specifically the MuddyWater APT and the Rana Institute. The latter has not hitherto been connected to Iranian hacking operations. This material doesn't, as the earlier leaks did, include source code, but it does contain screen shots and some information about the threat actors and their victims.

According to TechCrunch, Samsung engineers inadvertently exposed code from sensitive internal projects on GitLab.

Bloomberg reports that Amazon has filed a suit in a British court seeking redress for hacking that compromised about a hundred seller accounts, diverting funds from loans and sales to the hackers' accounts.

The US Justice Department has indicted two Israeli nationals on charges connected with operating the DeepDotWeb, a general directory that linked prospective buyers with dark web sites dealing in contraband, some of it lethal.

Clippy, the irritating anthropomorphic paperclip that cumbered Microsoft products in the 1990s, is back in an undead form. But it's proof-of-concept from Dutch cybersecurity consultancy Outflank, so no harm, no foul. Evil Clippy uses VBA stomping to prevent most antivirus tools from detecting the macros it's compromised.


Today's issue includes events affecting Canada, China, European Union, India, Iran, Ireland, Israel, Macedonia, Montenegro, Russia, Singapore, Ukraine, United Kingdom, United States.

Bring your own context.

"Coordinated inauthenticity," Facebook calls it. It's how information operators use bots in social media to go after human opinion. If you wanted to tell the bots from the authentic people, what might you do?

"It requires that, if you see something clickbaity and exciting, that you actually check other sources to see if it's true. Look at the account itself. Look at when it was created. Look out for signs that it looks a bit suspicious, like having published tens of thousands of tweets. Or scroll down its timeline. See if it's all just retweets. There are lots of ways of just eyeballing an account and sort of getting an idea of how valid it is, how real it is. And the problem is that a vast majority of the accounts you'll find on the platform are a little bit dodgy looking." Andy Patel, from F-Secure, on Hacking Humans, 5.2.19.

Dodgy is as dodgy does. And practiced eyes get good at recognizing bots.

The CISO's ultimate guide to AppSec: 11 essential best practices you should know

By now, we are all too aware of the consequences of a data breach: brand damage, loss of customer confidence, potentially costly litigation, regulatory fines, and more. But most organizations aren’t as familiar with how to prevent these attacks. This guide highlights 11 data security best practices to minimize risk and protect your data.

In today's podcast, out later this afternoon, we hear from our partners at Accenture, as Justin Harvey provides an overview of cyber insurance. Our guest, Mariah Kenny, was captain of the University of Virginia's winning team at the Raytheon-sponsored National Collegiate Cyber Defense Competition (NCCDC). She discusses the competition and the work that led up to it.

Hacking Humans is also up. In this episode, Joe describes a church scammed out of millions of dollars. Dave shares good news about a group of scammers being apprehended and arrested. The catch of the day involves a Vietnamese investment offer that's almost too good to pass up on. Finally, Dave speaks with Dr. Richard Ford from Forcepoint about the models of trust.

And some of our correspondents are down in Florida this week for KB4-Con. Stand by for notes in our social media channels (TwitterInstagram, or Facebook), and for special editions of Hacking Humans.

Cybersecurity Impact Awards (Arlington, Virginia, United States, May 14, 2019) Winners of the Cybersecurity Impact Awards will be announced and recognized at the May 14, 2019 CYBERTACOS event. The event will start at 5:30 p.m. and the award presentation will begin at 6:00 p.m.! Join us afterwards for tacos and networking!

Cyber Investing Summit (New York City, New York, United States, May 16, 2019) The Cyber Investing Summit is a conference focused on financial opportunities and strategies in the cybersecurity sector. Join key decision makers, investors, and innovators to network, learn, and develop new partnerships May 16th in NYC. More information:

Cyber Security Summits: May 16 in Dallas and in Seattle on June 25th (Dallas, Texas, United States, May 16 - June 25, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, U.S. Secret Service, Verizon, Center for Internet Security, and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Passes are limited, secure yours today:

Uniting Women in Cyber (Arlington, VA, United States, May 17, 2019) Join us as we celebrate the women in today’s cybersecurity ecosystem at the Uniting Women in Cyber Symposium on May 17, 2019! This full-day event features dynamic women speakers discussing the future of tech, cybersecurity and business. Network among 300–400 business and technical professionals and attend our awards reception recognizing women in tech and business.

DreamPort Event: Tech Talk Series: How DevOps and Automation Can Accelerate Warfighting Readiness (Columbia, Maryland, United States, June 19, 2019) Come hear NetApp's own DevOps journey and lessons learned and see how NetApp has equipped large enterprises to change fast and manage risk, with its deep integration with DevOps tools. In this interactive demonstration and discussion, NetApp will guide conversation towards a DevSecOps vision that can be realized immediately with capabilities that are available today to Defense Department developers.

DreamPort Event: RPE- 006: The Defense at Pemberton Mill (Columbia, Maryland, United States, June 21, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM is hosting RPE -006: The Defense at Pemberton Mill. For this event, we'll be looking for solutions that monitor a fictitious network for vulnerabilities and detect attacks in progress. We want participants to bring solutions for monitoring both information technology (IT) and operational technology (OT) networks both in live (with network taps) and offline (PCAP) mode. This event is June 21.

Dateline Global Cyber Innovation Summit

Global Cyber Innovation Summit Recap (Security Weekly) Matt, Jason, and Paul do a recap on the Global Cyber Innovation Summit that was held in Baltimore last week!

Emerging fields for innovation: quantum computing and artificial intelligence (The CyberWire) A look at two trends with the potential to reshape the cybersecurity sector.

Innovator's Showcase: the Disrupt 8 (The CyberWire) Eight innovative companies were selected to represent the future of disruptive innovation. We can talk about seven of them.

Cyber Attacks, Threats, and Vulnerabilities

New leaks of Iranian cyber-espionage operations hit Telegram and the Dark Web (ZDNet) This time no hacking tools were released, but the leakers exposed a previously unknown Iranian APT group.

Russia and Iran expected to conduct disruptive cyber-attacks in Middle East (TechRadar) FireEye expects Pakistan and Turkey to become active this year

Experts Doubt Russian Claims That Cryptographic Flaw Was a Coincidence (Vice) At a recent international standards meeting, experts said they weren’t convinced by a Russian explanation about a potentially flawed new encryption algorithm.

Can NSA Stop China Copying Its Cyber Weapons? (Breaking Defense) China is copying malware the NSA has used against them. Is this preventable or is it an inherent weakness of cyber warfare?

Samsung spilled SmartThings app source code and secret keys (TechCrunch) A development lab used by Samsung engineers was leaking highly sensitive source code, credentials and secret keys for several internal projects — including its SmartThings platform, a security researcher found. The electronics giant left dozens of internal coding projects on a GitLab instance hoste…

How to Exploit EternalBlue on Windows Server with Metasploit (WonderHowTo) Particular vulnerabilities and exploits come along and make headlines with their catchy names and impressive potential for damage. EternalBlue is one of those exploits. Originally tied to the NSA, this zero-day exploited a flaw in the SMB protocol, affecting many Windows machines and wreaking havoc everywhere. Here, we will use EternalBlue to exploit SMB via Metasploit.

Dharma Ransomware Uses Legit Antivirus Tool To Distract Victims (BleepingComputer) A new Dharma ransomware strain is using ESET AV Remover installations as a "smoke screen" technique designed to distract victims while their files are encrypted in the background as detailed by Trend Micro.

Researchers’ Evil Clippy cloaks malicious Office macros (Naked Security) A team of security researchers has exploited Microsoft’s patchy macro documentation to hide malicious code inside innocent-looking macros.

Database With Millions of Indian Personal Records Exposed and Hijacked (Security Discovery) On May 1st, I have discovered an unprotected and publicly indexed MongoDB database which contained 275,265,298 records with personal identifiable information (PII) on Indian citizens, including the following fields: Name Email Gender Education level and area...

Attack of the Killer USBs: Don't Be the Next Victim (Security Boulevard) Analyzing the threat of 'Killer USBs' to a company's sensitive data and networks, as a report shows lack of employee awareness of the risk.

Cybereason’s Nocturnus Research Team Discovers Hackers are Using New, (PRWeb) Cybereason, creators of the leading Cyber Defense Platform, today announced that researchers detected and prevented a new, stealthy, mechanism aimed at delivering Gand

Amazon Hit by Extensive Fraud With Hackers Siphoning Merchant Funds (Bloomberg) Amazon asked U.K. court for bank details linked to hackers. Hackers break into about 100 accounts, according to documents.

China to bid on D.C. Metro rail deal as national security hawks circle (Reuters) China's CRRC plans to bid on a big Washington D.C. subway project as it dou...

Security Patches, Mitigations, and Software Updates

Latest Android security updates, and Google to fix patch delays for Pixel (Naked Security) Google’s May security update for Android is out – but will you be lucky enough to get it this week? If you own one of a Pixel device, then yes.

Google Patches Critical Remote Code Execution Flaws in Android (Threatpost) The Android security update patches 15 bugs, four rated critical, 10 rated high and one ranked moderate in severity.

Microsoft releases buggy Office 2016 Patch KB4462238 (gHacks Technology News) Office 2016 applications may stop responding after installing the update KB4462238 and clicking on any hyperlink.

Cyber Trends

Cyber Espionage Targeting Public Sector Rose 168% In 2018 ( “Government incident responders must either be cape-and-tights-wearing superheroes, or so stressed they’re barely hanging on by their fingernails.”

The Future of Cybersecurity Budgeting (Inside Out Security) How has spending on cybersecuirty changed over the years? See what companies are prioritizing in their budgets and our tips for managing your own budget.

Information Security Professionals – Today’s Unsung Heroes (Lastline) Our 2019 RSA Conference survey highlights what information security professionals – today’s unsung heroes – must deal with. But as a group, they soldier on, against stiff odds, driven by some very compelling and admirable goals.

Infoblox Reveals Top Cybersecurity Challenges in Healthcare Organizations (PR Newswire) Almost two years since WannaCry, the ransomware attack that brought the NHS (National Health Service) to a...

Is curiosity killing patient privacy? (Help Net Security) With the growth of electronic health records and online patient portals, a wealth of sensitive medical information can negatively impact patient privacy.


Cybersecurity Jobs Abound. No Experience Required. (Wall Street Journal) Companies like IBM and Palo Alto Networks are scrambling to hire hundreds of thousands of corporate hackers to defend their networks and data, pursuing workers without traditional four-year degrees or formal experience.

Immigration Cops Just Spent A Record $1 Million On The World's Most Advanced iPhone Hacking Tech (Forbes) The GrayKey promises access to locked iPhones. And ICE is its biggest fan.

Huawei Sends Blunt Message To U.S., Announcing High-Tech Chip Plant In U.K. (Forbes) Huawei has announced plans to build a high-tech chip plant near to ARM's HQ in the U.K. They have also let it be known that the plant may also develop AI. Coming shortly after the U.K.'s decision on 5G and with Xinjiang in the news, this will be seen as a blunt message to Washington.

‘Not a single issue’: Huawei touts 10-year security record in Canada amid Ottawa’s 5G review (Financial Post) Chief security officer Olivera Zatezalo said Huawei has been working closely with the government and provided it with the information needed to conduct its risk assessment

Google Wanted to Rule the World. Now They’re Just Here to Help (WIRED) Google executives outlined new privacy-focused services at its annual I/O conference—while omitting that they still need to make money.

Facebook talked privacy, Google actually built it (TechCrunch) (Quartz) Mark Zuckerberg: “The future is private”. Sundar Pichai: ~The present is private~. While both CEO’s made protecting user data a central theme of their conference keynotes this month, Facebook’s pro...

Google Fights Back (Stratechery by Ben Thompson) At Google I/O, Google was the opposite of defensive: the company set out to make the case that its approach made for better products that makes people’s lives better

Instagram is working on new rules for banning accounts (Engadget) Instagram is working on a new policy for removing accounts.

Instagram still doesn't have vaccine misinformation under control (CNN) Two months after Facebook pledged to fight vaccine misinformation on its platforms, Instagram is still serving up posts from anti-vaccination accounts.

Facebook's EU elections operation centre based in Dublin ( In the run up to this month’s local and European elections and divorce referendum, Facebook’s Dublin centre will attempt to tackle misinformation, foreign interference and coordinated inauthentic behavior. Similar centres have previously been set up in the United States, Brazil and India in an effort to prevent wide-scale election influencing campaigns. With specialists from all [&hellip

Zix Acquires the Assets of Email Security Provider DeliverySlip (Yahoo) Zix Corporation (Zix) (ZIXI), a leader in email security, has acquired the assets of Cirius Messaging Inc. and wholly owned subsidiary, DeliverySlip Inc. related to the DeliverySlip product. DeliverySlip is a provider of email encryption, e-signatures and secure file sharing solutions. The asset

After massive acquisition, Dallas tech company is shopping again, but spending less (Dallas Business Journal) Zix Corp. is making another acquisition — just not one that transforms its size this time.

Led by F5 founder, Seattle cybersecurity startup Tempered Networks raises $17M (GeekWire) Seattle-based Tempered Networks has raised an additional $17 million to invest in engineering, sales resources, and partnerships. The company confirmed the new funding to GeekWire this week. The fresh…

Virtual Infrastructure Provider HyperQube Closes Seed Round of $500k (HyperQube) HyperQube to use funds to meet immense demand for simplified and automated web-browser based virtualization services.

Sumo Logic joins unicorns after pinning down $110M in new funding (Silicon Valley Business Journal) Redwood City-based cloud analytics business Sumo Logic passed $1 billion in valuation in a new $110 million funding round.

San Jose unicorn Cohesity expands backup offerings with first acquisition (Silicon Valley Business Journal) Cohesity has been expanding rapidly since moving into its downtown San Jose headquarters. Its global workforce has more than tripled to 1,000 in the past year and it hit a valuation of $1 billion last year.

Indian origin cybersecurity startups seek Singapore funding (The Economic Times) The latest cohort of startups was chosen to participate in the three-month ICE71 Accelerate programme, supporting the development and acceleration of their growth, Edgar Hardless, CEO of Singtel Innov8, said.

HackerOne CEO Mårten Mickos on the Devil, Zero Days, and White Hats (Computer Business Review) "We're building a hacker army!" says Mårten Mickos and it’s briefly tempting to imagine the HackerOne CEO seeking the Iron Throne for himself.

SailPoint’s Cam McMartin Assumes Role of Chief Operating Officer and Jason Ream to be Appointed Chief Financial Officer (AP NEWS) SailPoint Technologies Holdings, Inc. (NYSE: SAIL), the leader in enterprise identity governance, today announced that Cam McMartin will transition from Chief Financial Officer to Chief Operating Officer. Jason Ream will join the organization as incoming Chief Financial Officer, effective June 10, 2019.

Threat Stack Hires Matt Knutsen as SVP of Sales (Sys-Con Media) SYS-CON Media, NJ, a leading technology and computing media company on breaking news in the Cloud.

Products, Services, and Solutions

Connecting Software Launches Outlook Content Censor, an Innovative Solution to Secure Internal Data (StartUp Beat) Connecting Software, a technological innovator providing integration, synchronization and productivity solutions, announced the launch of the Outlook Content ...

MobileIron announces zero trust platform making the world’s most ubiquitous product – the mobile device – your ID and secure access to the enterprise (MobileIron) Introduces zero sign-on technology to eliminate passwords9 out of 10 security leaders believe that mobile devices will soon serve as digital ID to access enterprise services and data

Botnet-led DDoS Attacks Are Hitting Record Intensities. Imperva is Mitigating All of Them. (Imperva Blog) DDoS attacks are usually ranked by the amount of bandwidth involved, such as the 2018 GitHub attack that peaked at 1.35 Terabits per second and is often cited as the largest DDoS attack ever. From Imperva’s long history of successfully mitigating DDoS attacks, we know that the TRUE measure of attack intensity is something else …

F-Secure Security Engineering Awarded IEC 62243 Certifications (Financial IT) Cyber security provider F-Secure has earned two new International Electrotechnical Commission (IEC) certifications that recognize the company’s expertise in developing secure components for industrial control systems (ICSs). The certifications, IEC-62243-4-1 and IEC-62243-4-2, define the cyber security requirements for the development lifecycles and products used in industrial control and automation systems.

Cynet Free IR tool offering empowers responders to know and act against active attacks (Help Net Security) The saying that there are two types of organizations, those that have gotten breached and those who have but just don’t know it yet, has never been more

Introducing the Bromium Threat Insights Report (Security Boulevard) This report is made possible by customers who opted to share their Bromium-isolated threat data with Bromium, which our experts compiled into a Threat Insights Report Bromium Threat Insights Report is designed to share intelligence about the most notable malware that our experts have analyzed, and highlight new techniques used by attackers Learn practical and The post Introducing the Bromium Threat Insights Report appeared first on Bromium.

Technologies, Techniques, and Standards

How Much Will It Cost to Protect America's Electrical Grid? Who Will Pay? (Defense One) The answers are: Likely tens of billions of dollars, and probably us, the electricity customers.

Why ASEAN CIOs must understand GDPR ( If a firm performs data processing activities in the European Union, the General Data Protection Regulation applies to them, even if that firm is not ..

How the Corps is amplifying intel to prevent terror attacks at Marine training events, birthday balls, 5Ks (Marine Corps Times) An overhauled anti-terrorism program now gives the officers and staff noncommissioned officers a dial-up resource to understand real, recent and relevant threats when planning those events.

Deployment Diversity for DNS Resiliency (Security Boulevard) Fast, reliable, and secure edge services kick start by optimizing DNS for the global edge.

When "Customers" Attack DNS (Security Boulevard) Be real. A Communications Service Provider's (CSP's) customer will not use their home to attack the Domain Name System (DNS). They might as well unplug from the Internet. Yet, customers get infected, CPEs get violated, and miscreants all over the...

This man's job was to hack the Pentagon. Now he invests millions in security startups. (Business Insider) Ron Gula was a hacker for the National Security Agency and now runs the VC firm Gula Tech Adventures with his wife.

Design and Innovation

Calls for "Lightweight" Encryption are Short-Sighted and Dangerous (Private Internet Access Blog) NIST's decision to seek out a standard for a "lightweight" encryption algorithm is dangerous and largely a waste of time with hardware advancements.

Legislation, Policy, and Regulation

ISIS’s Church Attacks Break Mohammed’s Own Pledges (Foreign Policy) Assaults on Christian sites show terrorists are apostates as well as murderers.

US lifts sanctions on Venezuela spy chief to spur Maduro defections (ABC News) Vice President Pence announced that the US lifted sanctions on Venezuela's spy chief after he defected from Nicolas Maduro who maintains power despite US-backed protests

FCC's Pai to Senate: Huawei is National Security Threat (Broadcasting & Cable) Said suspect tech in 5G nets is unacceptable

Huawei Urges US to Adopt German Approach to Security (Light Reading) Under-fire Chinese vendor wants the US to introduce a regime for the testing of 5G products from all vendors as it fights efforts to have it banned from international markets.

Pompeo threatens UK with intel sharing cut-off if they buy Huawei 5G (RT International) US Secretary of State Mike Pompeo has warned the UK that allowing Huawei to bid on 5G contracts could spell the end of the US-UK "special relationship" – and, apparently, the UK's membership in the Five Eyes.

US risks paying high security price with stand on Huawei (South China Morning Post) Without proof of spying claims Washington appears to be fighting a losing battle, and its intelligence-sharing faces further damage as more countries turn to the Chinese tech giant

Analysis | The Cybersecurity 202: It might be time for a grand cybersecurity policy – if Trump’s on board (Washington Post) Cyberspace Solarium Commission plans a ‘contest of wills’ for the best cybersecurity ideas.

New authorities mean lots of new missions at Cyber Command (Fifth Domain) Leaders at U.S. Cyber Command have used new authorities to conduct more cyberspace operations in the last few months than in the previous 10 years, senior Department of Defense officials said.

U.S. Cyber Command Bolsters Allied Defenses to Impose Cost on Moscow (New York Times) Deployments to allied countries give the American military an early look at Russian online weapons and new tactics Moscow may intend to use on the United States.

Big Tech vs Congress: the issues Facebook, Google and Amazon lobby most (VPNMentor) Detailed analysis of the $500m Big Tech have spent lobbying the US government. Discover which issues matter most to Amazon, Apple, Facebook, Google and Microsoft.

Bipartisan Bill Introduced Would Give Tools to Fight Foreign Interference in Elections (Campaign Legal Center) Today, U.S. Senators Amy Klobuchar (D-MN), Lindsey Graham (R-SC) and Mark Warner (D-VA) introduced the Honest Ads Act, a bill that addresses some of the most pressing vulnerabilities in campaign finance law that Russia exploited in the 2016 election. Campaign Legal Center (CLC) advised on the bill when it was introduced in the last Congress and co-sponsored by the late Senator John McCain (R-AZ). Representatives Derek Kilmer (D-WA) and Elise Stefanik (R-NY) lead companion legislation in the House of Representatives, which has 26 co-sponsors.

Lawmakers Differ on Remedies for Facebook Privacy Breach (Wall Street Journal) A House hearing highlighted differences on how the government should work to strengthen tech companies’ protection of personal information, as a huge fine looms for Facebook.

Video game ‘loot boxes’ would be outlawed in many games under forthcoming federal bill (Washington Post) Video games popular among kids would be prohibited from offering "loot boxes," or randomized assortments of digital weapons, clothing and other items that can be purchased for a fee, under new federal legislation previewed by Republican Sen. Josh Hawley.

Fortnite is free, but kids are getting bullied into spending money (Polygon) The stigma of being a default

Federal agencies move to explore artificial intelligence (AI) ethics and technical policy (Military & Aerospace Electronics) The U.S. Department of Defense recently held a public comment meeting at Stanford University to discuss artificial intelligence ethics.

Imperial County officials to invest in rebuilding network following cyber attack (KYMA) On April 14, Imperial County was notified that their network had been compromised through a cyber attack.

Litigation, Investigation, and Law Enforcement

FBI to meet with Florida delegation to discuss Russian hacking (Politico PRO) Special counsel Robert Mueller last month revealed the suspected hacking in a report on Russian interference in the 2016 election.

Steele's stunning pre-FISA confession: Informant needed to air Trump dirt before election (TheHill) The FBI is keeping secret much of the information in a State Department official's notes about meeting Christopher Steele in October 2016.

Privacy Groups Target Amazon Echo Product in FTC Complaint (1) (Bloomberg Law) Inc.'s Echo Dot Kid digital personal assistant is collecting children’s data without parental consent, privacy advocates are alleging in a complaint to the Federal Trade Commission.

Administrators of DeepDotWeb Indicted for Money Laundering Conspiracy, Relating to Kickbacks for Sales of Fentanyl, Heroin and Other Illegal Goods on the Darknet (US Department of Justice) The alleged owners and operators of a website known as DeepDotWeb (DDW) have been indicted by a federal grand jury sitting in Pittsburgh, Pennsylvania, for money laundering conspiracy, relating to millions of dollars in kickbacks they received for purchases of fentanyl, heroin, and other illegal contraband by individuals referred to Darknet marketplaces by DDW. The website has now been seized by court order.

State Department office manager admits conspiring to hide contacts with Chinese agents (Washington Post) The official pleaded guilty to accepting thousands of dollars in gifts over five years, sharing diplomatic, economic information.

Article 13 threatens video game streamers in the EU: survey (Comparitech) Article 13 of the EU Copyright Directive could have a drastic impact on video game streamers and their fans in Europe, according a recent survey.

School lunch company exec arrested for skewering rival’s site (Naked Security) The Choicelunch CFO is accused of hacking student data out of The LunchMaster’s site and anonymously ratting it out for bad security.

Malvertiser behind 100+ million bad ads indicted in the US (Naked Security) A Ukrainian and his gang allegedly smeared malvertising for 4.5 years and tried to rent out a botnet full of infected computers.

Woman arrested for trespassing at CIA headquarters and asking for ‘Agent Penis’ (Military Times) Hernandez has been charged with trespassing and is being held in Alexandria, Virginia.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

NAWC Cybersecurity Symposium (Washington, DC, USA, May 21, 2019) The National Association of Water Companies (NAWC) will hold its inaugural 2019 NAWC Cybersecurity Symposium on Tuesday, May 21, 2019 at the Army-Navy Club in Washington, D.C. The day-long event will bring...

SINET Innovation Summit 2019 (New York, New York, USA, June 13, 2019) SINET New York connects the United States’ three most powerful institutions and evangelizes the importance of industry, government and academic collaboration on security initiatives.

Security in our Connected World Seminar (Shenzhen, China, September 25, 2019) This year, GlobalPlatform’s seminar will examine critical security technologies, such as the Trusted Execution Environment (TEE) and Secure Element (SE), and delve into their associated business and technical...

Upcoming Events

Cybertech Midwest 2019 (Indianapolis, Indiana, USA, April 24 - July 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...

Digital Utilities Europe 2019 (London, England, UK, May 8 - 9, 2019) Following three successful editions of ACI’s Digital Utilities Europe Summit, the 4th edition will be taking place in London, United Kingdom on 8th-9th May 2019. The conference will bring together key...

Secutech 2019 (Taipei, Taiwan, May 8 - 10, 2019) As the largest regional business platform for professionals in the security, mobility, building automation and fire safety solution sectors, Secutech is the annual gathering place for key players from...

Chicago Cybersecurity Conference (Chicago, Illinois, USA, May 9, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

Cyber Security Transatlantic Policy Forum (Killarney, Ireland, May 10, 2019) The mission of the conference is to bring politicians, law enforcement, policy makers and cyber industry leaders together to create an annual dialogue. Our goal is to ensure that we expand and improve...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.