skip navigation

More signal. Less noise.

What if your security strategy added zeros to your bottom line?

Focusing on response alone is costly. You lose data. You lose infrastructure. You lose human and capital resources that could be productive elsewhere. And you lose your reputation. When you catch threats before they execute, you contain the problem, and the rewards add up. Let Blackberry Cylance help you understand how you can reduce your total cost of security controls, bolster your organization’s security posture, and zero in on what really matters.

Daily briefing.

Hacking Humans renewed for its second season.

During the inaugural live episode of the Hacking Humans Podcast May 9th at KB4-CON 2019 in Orlando, the CyberWire announced that its popular show will be renewed for a second season as KnowBe4 renews its sponsorship. Hacking Humans, which airs Thursday mornings US Eastern Time, covers social engineering. Dave Bittner from the CyberWire and Joe Carrigan from the Johns Hopkins Information Security Institute will return as the hosts. Hacking Humans takes listeners behind the scams, phishing schemes, and criminal exploits that make headlines and take a heavy toll on individuals and organizations around the world. The show features interviews with experts on social engineering drawn from industry, law enforcement, university sciences and arts, and, of course, with those practiced in the crafts of influence and deception.

Cisco Talos has released a report on the BlackWater cyber espionage campaign. BlackWater is active largely in the Middle East, and it's associated with "persistent threat actor" MuddyWater. BlackWater is, researchers say, unusually evasive, adding three steps to MuddyWater's familiar pattern: "an obfuscated Visual Basic for Applications (VBA) script to establish persistence as a registry key," then a PowerShell stager designed to look like a red-teaming tool, and communication with a different command-and-control server than the one used in the initial attack stages. MuddyWater has been attributed by Mitre and others to Iran.

Remote connectivity solutions provider TeamViewer was indeed compromised in 2016, Spiegel reports, but did not disclose the incident at the time since in the company's view it affected only its infrastructure as opposed to its customers. The attack is attributed to Chinese intelligence services.

Upstream's security lab Secure-D says that VidMate, an Android app with about half a billion downloads, behaves badly. The app allegedly serves adware, subscribes users to paid services, and sucks their mobile data. VidMate told BuzzFeed it was investigating the matter, but declined to say much more than that.

An unsecured AWS database, apparently belonging to Mumbai-based social media marketing outfit Chtrbox, has exposed information on millions of Instagram influencers, celebrities, and brand accounts, TechCrunch reports. The data seem to have been obtained by scraping.

Bravo Emsisoft, which has released a decryptor for JSWorm 2.0 ransomware.

The US continues to be serious about strictures against Huawei, as markets sort out the ban's consequences.

Notes.

Today's issue includes events affecting China, Ecuador, European Union, Iran, Malaysia, Russia, Sweden, United Arab Emirates, United Kingdom, United States.

Bring your own context.

Sure it's secure, but does it still work?

"There are challenges when designing a medical device in prioritizing clinical features over cybersecurity features. So for example the No. 1 priority of a pacemaker is that it always continues to keep the patient's heart beating. And when you're designing a pacemaker, that's obviously the most important thing that you need to be designing for the device. Well, how many clinical features can an engineering team put off to the future in return for implementing some security features to ensure that that device is functioning safely? And designing security features into devices, as you can imagine, can be pretty tricky and pretty time-consuming. So there's this constant battle between clinical functionality, interoperability, ease of use for clinicians and actually building security features into these things so that bad guys can't do bad things with them."

—Mike Kijewski, CEO and founder of MedCrypt, on the CyberWire Daily Podcast, 5.17.19.

Reconciling the tension between functionality and security isn't trivial, and with medical devices, it can be a matter of life and death.

Cyber State of Mind: 2019 Threat Landscape Review

According to CyberEdge’s 2019 Cyberthreat Defense Report, 78% of enterprises were victimized by a successful cyberattack last year. Is your organization next? On May 22nd at 2:00 PM ET join LookingGlass’ SVP of Delivery & Support, James Carnall, and CyberEdge’s Co-founder & CEO, Steve Piper, as they review insights from CyberEdge’s sixth-annual research study. They’ll also provide answers to important questions, such as what are the weakest links in current security postures and What the hottest security technologies are in 2019.

In today's podcast, out later this afternoon, we talk with our partners at Cisco Talos, as Craig Williams discusses honeypots on Elasticsearch. Our guest is Dave Venable from Masergy, who describes cyber vulnerabilities at the infrastructure level.

And Recorded Future's podcast, produced in cooperation with the CyberWire, is also up. In this edition, "Investing in Technology, Innovative Leaders, and Yourself," Niloofar Razi Howe, technology executive, entrepreneur, board member, and investor, with service as chief strategy officer for both Endgame and RSA Security, discusses her career and some trends in technology and  security. 

National Cyber Summit Job Fair, June 5, Huntsville. (Huntsville, Alabama, United States, June 5, 2019) Cleared and non-cleared cybersecurity pros make your next career move at the free National Cyber Summit Job Fair, June 5 in Huntsville. Meet face-to-face with 22 leading cyber employers. Visit our site for more details.

Cyber Howard Conference (Columbia, Maryland, United States, June 19, 2019) Join us for our 10th annual cyber conference in Howard County. We will tackle the topic of Cyber Sensemaking which is a fluid and continuous approach for establishing better defenses and best practices as a cyber community.

Wicked6 Cyber Games (Las Vegas, Nevada, United States, August 6, 2019) Wicked6 is a fundraiser and cybersecurity exhibition in a thrilling esports arena in Las Vegas on August 8, 2019. It’s a week when cybersecurity leaders from around the world come to Las Vegas, and all are welcome to come by to experience this exciting and unique cyber competition as a player, sponsor, or avid fan. Wicked6 will raise funds for the Women’s Society of Cyberjutsu, a national 501(c)(3) nonprofit that promotes training, mentoring and more to advance women and girls in cybersecurity careers.

Cyber Warrior Women Summer Social: Sip and Paint (Columbia, Maryland, United States, August 21, 2019) Join the Cybersecurity Association of Maryland, Inc. (CAMI) for the annual Cyber Warrior Women Summer Social, an all-about-fun-and-networking event! We're adding an artistic element to this year's event with a wine glass painting exercise. No previous art experience required.

Cyber Attacks, Threats, and Vulnerabilities

'Cyberspace eases jihadists' evil acts' (NST Online) The advent of cyberspace had facilitated militant groups in carrying out dastardly acts.

Middle East-linked hacking group is working hard to mask its moves (CyberScoop) Some of the code the group has used in its attacks is the same as that used by a group known as MuddyWater, according to Cisco's Talos team.

MuddyWater Hacking Group Upgrades Arsenal to Avoid Detection (BleepingComputer) The MuddyWater threat group has been updating its tactics, techniques, and procedures (TTPs) to include a number of new anti-detection techniques designed to provide remote access to compromised systems while evading detection as part of a new campaign dubbed BlackWater.

Recent MuddyWater-associated BlackWater campaign shows signs of new anti-detection techniques (Cisco Talos) A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group

Millions of Instagram influencers had their private contact data scraped and exposed (TechCrunch) A massive database containing contact information of millions of Instagram influencers, celebrities and brand accounts has been found online. The database, hosted by Amazon Web Services, was left exposed and without a password allowing anyone to look inside. At the time of writing, the database had…

ZombieLoad: How Intel’s Latest Side Channel Bug Was Discovered and Disclosed (Threatpost) Daniel Gruss, the researcher behind Spectre, Meltdown – and most recently, ZombieLoad – Intel CPU side channel attacks, gives an inside look into how he discovered the flaws.

A Huge Chinese Video App Is Charging People, Draining Batteries, And Exposing Data Without Their Knowledge (BuzzFeed News) VidMate told BuzzFeed News it was investigating the claims, but declined to share basic information about its employees and ownership.

Brave browser concerned that Client Hints could be abused for tracking (Naked Security) Privacy-focused browser Brave has criticised an industry proposal it says would make browser fingerprinting easier.

TeamViewer Confirms It Was Hacked in 2016 (SecurityWeek) TeamViewer confirms it was hacked in 2016 -- likely by Chinese cyberspies -- but the company decided not to make the breach public as it found no evidence that it affected users.

Teamviewer: Wie Hacker das deutsche Vorzeige-Start-up ausspionierten (Spiegel) Die deutsche Tech-Firma Teamviewer wurde Opfer einer Cyberattacke, wohl im Auftrag Chinas. Warum hat das Unternehmen seine Kunden nicht informiert?

Google research: Most hacker-for-hire services are frauds (ZDNet) Survey of 27 hacker-for-hire services found that only five launched attacks against victims.

Citing data security concerns, DHS warns industry of Chinese-made drones (CyberScoop) The Department of Homeland Security is warning companies that their data may be at risk if they use commercial drones manufactured in China.

U.S. Census Vulnerable to Russian Meddling, Top Official Warns (Bloomberg) ‘We are very concerned,’ senior official tells Fed conference. Planning to prevent an outside attack remains secret, he says.

Analysis | The Cybersecurity 202: The DNC and RNC are still vulnerable to hackers, new report finds (Washington Post) It's a stark warning about political groups' cyber insecurity heading into 2020.

Root account misconfigurations found in 20% of top 1,000 Docker containers (ZDNet) Issue similar to Alpine Linux's CVE-2019-5021 impacts 194 other Docker images.

Thanks to Facebook, Your Cellphone Company Is Watching You More Closely Than Ever (The Intercept) Legal experts believe Facebook profiling may run afoul of federal law on credit checks.

Vulnerability Summary for the Week of May 13, 2019 (US-CERT) The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available. 

DHS Highlights Common Security Oversights by Office 365 Customers (SecurityWeek) As organizations migrate to Microsoft Office 365 and other cloud services, many fail to use proper configurations that ensure good security practices.

Baltimore ransomware nightmare could last weeks more, with big consequences (Ars Technica) Houses can't be sold, bills can't be paid while city networks are shuttered.

Hackers can steal your identity and bank details from a coffee machine! (CISO MAG) Steckler stated that cybercriminals can make use of potential vulnerabilities in the Internet of Things (IoT) devices and compromise them to steal their owner's sensitive details.

Grandma says pornography has hijacked her DirecTV account (KSDK) "I'm watching TV, and all of a sudden there's a scene change and there's naked people. There were naked ladies wrestling and then there was a naked man and woman exposing themselves."

Mother's Day Online Shoppers Were Active, and So Were Threat Actors (Akamai) Mother's Day is a major online shopping event that attracts both shoppers as well as threat actors. Earlier in the year, we reported on the United Kingdom's version, called Mothering Sunday....

Security Patches, Mitigations, and Software Updates

Microsoft Releases Security Update for Remote Desktop Services Vulnerability (ICS-CERT) Microsoft has released security updates to address a remote code execution vulnerability (CVE-2019-0708) in Remote Desktop Services on the following operating systems:

Sophos tells users to roll back Microsoft's Patch Tuesday run if they want PC to boot (Register) Yes, the one with the critical security fixes

Cyber Trends

2019 State of Enterprise Secure Access (Pulse Secure) IT is more complex than ever today as organizations accelerate digital transformation and broadly adopt public and private cloud infrastructure.

'Why do we need to wait for people to be hurt?' Medical cyber attacks soar 1400% (SFGate) Strapped to a stretcher, surrounded by medics, nurses and doctors, a middle-aged man was about to play patient zero in what America's health care industry fears could be the next major pandemic: "cybergeddon."

As Cyberattacks Rise, U.S. Business Readiness Falls (The National Law Review) Two recent reports reflect that cyberattacks and resulting data breaches continue to threaten U.S. companies and public entities. The Hiscox Cyber Readiness Report (April 23, 2019), compiled

Marketplace

Huawei ban: Don’t underestimate us, firm’s chief warns after Google curbs (Times) Millions of Britons could be at greater risk from hackers after Google announced that it was cutting services to Huawei smartphones to comply with an order from President Trump. The US technology...

Huawei responds to Android ban with service and security guarantees, but its future is unclear (TechCrunch) Huawei has finally gone on the record about a ban on its use of Android, but the company’s long-term strategy on mobile still remains unclear. In an effort to appease its worried customer base, the embattled Chinese company said today that it will continue to provide security updates and afte…

Millions of UK smartphones rendered dumb as Google pulls Android services from Huawei (The Telegraph) Millions of smartphones will become 'dumbphones' in the UK after Google vowed to stop working with Huawei in the latest twist to the US-China trade war.

U.S. Plans Temporary Exemptions to Huawei Blacklist (Wall Street Journal) U.S. officials said they would grant a handful of temporary exceptions to an export blacklist against Huawei Technologies Co., giving suppliers and customers of China’s telecom giant a 90-day reprieve from tough trade penalties.

Blacklisting Huawei from Android upgrades will end up hurting Google (New Scientist) Huawei may end up making its own operating system, after Donald Trump put the company on a blacklist forcing Google to revoke its Android licence

AP Explains: US sanctions on Huawei bite, but who gets hurt? (Washington Post) AP Explains: US sanctions on Huawei bite, but who gets hurt?

F5 Networks expert on fantastic (ethical) hackers and where to find them (Intelligent CIO Middle East) Tabrez Surve, Regional Director – Gulf, Levant and Turkey, F5 Networks, discusses how ethical hackers could be the missing puzzle piece for cybersecurity teams.  Data breaches and cyberattacks are …

KnowBe4 Acquires CLTRe; Shines Spotlight on Security Culture Measurement (KnowBe4) KnowBe4 Acquires CLTRe; Shines Spotlight on Security Culture Measurement

Identity platform provider Auth0 raises $103 million at a valuation of $1 billion (VentureBeat) Bellevue, Washington-based Auth0, which developers a cloud-based identity authentication platform, has raised $103 million at a valuation of $1 billion.

Bitglass Strengthens Leadership Team with New Vice President of Worldwide Channels and Vice President of Worldwide Business Development (BusinessWire) Bitglass, the Next-Gen CASB, today announced the appointments of Jon Peppler as Vice President of Worldwide Channels and Benjamin Rice as Vice Preside

Products, Services, and Solutions

ExpressVPN Launches an Industry-First TrustedServer Technology (PRWeb) ExpressVPN, a top-ranked VPN provider, today announced their industry-first TrustedServer technology, which completely re-imagines server administation...

Data Vault Alliance Launches to Unite Global Community of Data Vault Experts, Vendors and Practitioners (WRCB TV) Today, at the World Wide Data Vault Consortium, Dan Linstedt, inventor of Data Vault 2.0 and renowned expert in data warehousing and BI implementation launched the Data Vault Alliance, a new global community which seeks to...

Lattice’s New MachX03D FPGA Enhances Security with Hardware Root-of-Trust Capabilities (SYS-CON Media) Lattice Semiconductor Corporation (NASDAQ: LSCC), the low power programmable leader, today announced the MachXO3D™ FPGA for securing systems against a variety of threats

Crossword Cybersecurity Consulting unit launches new information security product (Proactiveinvestors UK) "We are delighted to have launched our virtual CISO service with a three-year contract, Crossword's largest value contract to date,” said Stuart Jubb, managing director of the unit

TrapX Security Launches an Army of Artificial Users to Expose Cyber Attackers (Yahoo) The latest version of DeceptionGrid 6.3, enables unpreceded visibility of attacks against devices and users SAN JOSE, California , May 20, 2019 /PRNewswire/ —  TrapX Security ®, the global leader in cyber ...

Firefox Lockwise Aims to Revamp Browser Password Management (BleepingComputer) Mozilla is rebranding their LockBox password management service as Lockwise and getting ready to start a trial for the desktop versions of Firefox.

Cubic to Showcase Industry-leading Expeditionary C4ISR Solutions at Special Operations Forces Industry Conference (PR Newswire) Cubic Corporation (NYSE: CUB) today announced that its Cubic Mission Solutions (CMS) business division will demonstrate ...

The CyberWire's Hacking Humans podcast renewed for a second season (PR Newswire) During the inaugural live episode of the Hacking Humans Podcast May 9th at KB4-CON 2019 in Orlando, the CyberWire...

Technologies, Techniques, and Standards

Appealing for collaboration, DHS nudges ICS companies toward a more 'proactive' defense - CyberScoop (CyberScoop) With the private industrial cybersecurity market thriving, the Department of Homeland Security is continuing to push for closer coordination with experts on the front lines of defending facilities like power plants from hackers. In speeches last week to vendors, security researchers, and state officials, DHS personnel said they wanted to help put companies on a more proactive defensive posture to thwart hacking threats to industrial environments. The department has been working with ICS vendors to test security products before they go to market, but more needs to be done, Jeanette Manfra, assistant director for cybersecurity at DHS’s Cybersecurity and Infrastructure Security Agency, said last Wednesday at Hack the Capitol, an ICS security conference in Washington, D.C. “In this space, unlike really, frankly, any other, we have got to have much more capability to prevent the attacks from happening before they get in there – or at least detect them quickly so …

Current and future tips for Huawei Users (Avira Blog) Trade issues have shut out Huawei users from Google updates. While they can still use Google services, the lack of updates is a serious longterm issue.

How to Evaluate Threat Intelligence Vendors That Cover the Deep & Dark Web (SecurityWeek) Because all dark web sites are technically deep web sites but not vice versa, it’s also important to ensure a vendor covers not just dark web sources—but also deep web sources that fall outside the dark web.

How to check if my computer has a virus: Top 10 symptoms of malware infection | Emsisoft | Security Blog (Emsisoft | Security Blog) Is your PC showing signs of a computer virus? Here are the 10 most common symptoms of malware and how you can keep your PC clean from future malware infections.

How security leaders can minimize human error (Fifth Domain) Hackers aren’t doing technical gymnastics to navigate through agency firewalls or network defenses. Instead, they’re favoring some particularly vulnerable targets: employees.

Emsisoft releases a free decrypter for JSWorm 2.0 Ransomware | Emsisoft | Security Blog (Emsisoft | Security Blog) Our malware research team just released a decrypter for the new ransomware we nicknamed JSWorm 2.0. JSWorm 2.0 is written in C++ and uses Blowfish encryption. We call it “2.0” because there was another C# ransomware that used the “.JSWORM” extension. Some strings also suggest this ransomware may be from the same author. Notable callouts …

Could behavioural analytics have stopped the Binance crypto hack? (iTWire) A recent, sophisticated attack on the popular Binance cryptocurrency trading platform saw users’ accounts compromised and simultaneous withdrawals mad...

Design and Innovation

Xbox chief Phil Spencer outlines plans for fighting toxicity in gaming (The Verge) Spencer says Microsoft is treating safety as a paramount issue for the industry.

Research and Development

Evaluating Login Challenges as a Defense Against Account Takeover (IW3C2) In this paper, we study the efficacy of login challenges at preventing account takeover, as well as evaluate the amount of friction these challenges create for normal users.

You `Might' Be Affected: An Empirical Analysis of Readability and Usability Issues in Data Breach Notifications (Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems) Data breaches place affected individuals at significant risk of identity theft. Yet, prior studies have shown that many consumers do not take protective actions after receiving a data breach notification from a company

Academia

University of Central Florida's cyber defense team competing in national competition (WOFL) The University of Central Florida’s Cyber Defense Competition Team is competing against 10 universities across the country in the 2019 National Collegiate Cyber Defense Competition.

Legislation, Policy, and Regulation

Cyber attacks are rewriting the 'rules' of modern warfare -- and we aren't prepared for the consequences (GCN) The inevitable blending of traditional warfare and cyber warfare will pose intellectual and regulatory challenges that will get more complicated as technology develops.

Huawei ban sparks fears of technology Cold War (Times) Tens of billions of dollars have been wiped off the value of some of Silicon Valley’s biggest players over fears that a technology Cold War is breaking out between the two economic superpowers.

Lawmakers applaud Google for revoking Huawei’s Android license (The Verge) ‘Huawei and ZTE pose a threat to our privacy and national security,’ Sen. Van Hollen said

Huawei 5G in Europe and Beyond (Carnegie Endowment for International Peace) In the past five years, there have been growing cybersecurity concerns about the Chinese company Huawei’s involvement in the deployment of 5G across the world. This timeline shows over 100 events related to Huawei and 5G in the EU and NATO member states, as well as Australia, Japan, New Zealand, the Philippines, and South Korea.

Europe was worried Russia would mess with its elections. Now it has other fears. (Washington Post) Domestic disinformation and U.S. money are raising alarms.

Sajid Javid prepares to clamp down on spies with new treason laws (Times) Hostile state actors including spies are to be targeted under Home Office plans to update espionage and treason laws, the home secretary announced. Sajid Javid said that he is planning a new...

U.S. Slows Hiring of Chinese Nationals by Chip Makers (Wall Street Journal) The U.S. has sharply slowed approvals for the nation’s semiconductor companies to hire Chinese nationals for advanced engineering jobs, limiting access to talent.

Do not underestimate the depth of US concern over Huawei (The Telegraph) There is a mistaken impression concerning the US national security policy-making process that says somehow our government is not serious because decision-making in the Trump administration can be capricious and arbitrary.

Lack of Secure Coding Called a National Security Threat (InfoRisk Today) The lack of secure coding is a pervasive and serious threat to national security, according to a new paper from the Institute for Critical Infrastructure

DOJ Leans Against Approving T-Mobile’s Takeover of Sprint (Bloomberg) Carriers’ concessions don’t resolve DOJ’s competition concerns. Antitrust officials consider different standard than FCC.

Bipartisan group of lawmakers seeks restraints on export of surveillance tools (Washington Post) The request follows media reports indicating some companies may be providing powerful capabilities to foreign governments that in turn are using them to surveil journalists, political dissidents and U.S. citizens.

U.S. lawmakers call on spy chief to rein in spread of hacking tools (Yahoo News) The effort, led by Democratic Representative Tom Malinowski, is the second request in the last week asking the State Department to provide information about its approval process for U.S. companies that sell offensive cyber capabilities and other surveillance services to foreign governments. The letter

How government can finally move beyond the OPM data breach (Fifth Domain) One of the largest cyberattacks in U.S. government history, the Office of Personnel Management hack prompted the government to look at the root cause of the incident. Where should public agencies continue to focus to make sure they are protected from cyberthreats?

CCPA Amendments: Expanded Private Right of Action Blocked; Exclusion of HR Data Advances (Cooley) A number of bills seeking to amend the California Consumer Privacy Act of 2018 (CCPA) have been introduced this year, none more closely watched than SB 561, which would have extended the private ri…

Bills aim to protect Louisiana from cyber attacks (The Advertiser) The bills passed without objection and now move to the House floor.

Litigation, Investigation, and Law Enforcement

NZ mosque attacker charged with terrorism (BBC News) Christchurch mosque attacker Brenton Tarrant is formally charged with terrorism for the March killings.

Battle breaks out for WikiLeaks founder Assange’s computers (Washington Post) With Julian Assange locked away in a London jail, a new battle has broken out over what may contain some of the WikiLeaks founder’s biggest secrets: his computers

Trey Gowdy: FBI withheld 'game changer' transcript material from FISA Court (Washington Examiner) Former Rep. Trey Gowdy, R-S.C., says there are unreleased transcripts of recorded conversations between FBI informants and former Trump campaign associate George Papadopoulos that “has the potential to be a game changer.”

CEO told to hand back 757,000 fraudulently obtained IP addresses (Naked Security) A company accused of fraudulently obtaining 757,000 IPv4 addresses has been ordered to hand them back.

'Organized crime' behind TrickBot cyberattack on Coventry schools, says FBI (Akron Beacon Journal) A cyberattack that closed Coventry Local Schools on Monday and compromised the district’s computer system has drawn the attention of the FBI,

Cybersecurity Co. Sued Over Jacobs' Planned $815M Deal (Law360) A stockholder hit KeyW with a proposed class action in Maryland federal court Friday, alleging that the cybersecurity firm failed to disclose key details about its planned $815 million acquisition by Texas-based Jacobs Engineering.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Gateway Innovation Center: Partners in Cyber (Columbia, Maryland, USA, June 6, 2019) The Howard County Economic Development Authority will host a multifaceted panel event on June 6. Each of our speakers represents leading cyber and technology organizations in the region which provide valuable...

NetDiligence® Cyber Risk Summit (Philadelphia, Pennsylvania, USA, June 12 - 14, 2019) The NetDiligence® Cyber Risk Summit in Philadelphia is attended by more than 600 cyber insurance, legal/regulatory, and technology leaders from all over the globe. A premier education and networking event,...

ICX Insurance Summit with Pindrop and MassMutual (Springfield, Massachusetts, USA, June 19 - 20, 2019) MassMutual, together with Pindrop, is hosting the Identity & Customer Experience (ICX) Summit specifically for insurance organizations to discuss current issues and share strategies and ideas around security...

Upcoming Events

Cybertech Midwest 2019 (Indianapolis, Indiana, USA, April 24 - July 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...

NAWC Cybersecurity Symposium (Washington, DC, USA, May 21, 2019) The National Association of Water Companies (NAWC) will hold its inaugural 2019 NAWC Cybersecurity Symposium on Tuesday, May 21, 2019 at the Army-Navy Club in Washington, D.C. The day-long event will bring...

Kansas City CyberSecurity Conference (Kansas City, Missouri, USA, May 22, 2019) Join us to interact with CISOs & Senior Level Executives who have effectively mitigated the risk of Cyber Attacks. The keynote at Kansas City will be delivered by John Dickson, Principal, Denim Group Ltd,,...

2019 Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 22 - 23, 2019) It is more important than ever that in-house and outside counsel stay abreast of the most current developments and best practices in cybersecurity.Those lawyers who ignore cyber threats are risking millions...

SecureWorld Atlanta (Atlanta, Georgia, USA, May 29 - 30, 2019) Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.