skip navigation

More signal. Less noise.

Get your copy of the definitive guide to threat intelligence.

We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.

Daily briefing.

India continues to receive the attention of North Korean cyber operators. A phishing campaign is underway that poses as a job opportunity at Hindustan Aerospace (HAL), the Herald Publicist says.

The US State of Louisiana yesterday activated its cybersecurity response team after some of its servers were hit with ransomware. Affected agencies have begun restoring service, which is expected to be complete in about two days. The Office of Motor Vehicles, for example, will be back in business for the most part at noon today, KPLC reports. ZDNet says the state's Office of Technology Services contained the infestation quickly: Louisiana, unlike some other state and local governments, had a sound plan it executed quickly.

Zscaler has discovered two campaigns using compromised WordPress sites to distribute a remote access Trojan. One uses a bogus Flash Player update as the vector, the other an equally phony "font update" (the font it helpfully offers to update is "PT Sans").

Prevailion warns it's found a clever spearphishing campaign conducted by the HydSeven criminal group. The campaign, which Prevailion calls "Operation BlockChain Gang," is distributing Linux and Windows versions of the macOS Trojan HydSeven used against Cambridge University this summer.

US department store giant Macy's is the latest retailer to suffer a data breach. Computing calls the incident a Magecart attack. Macy's mailed affected customers breach disclosures on November 14.

Huawei has received a ninety-day reprieve from the US, and China hawks are concerned that the US Administration has gone wobbly, the Washington Post reports.

Notes.

Today's issue includes events affecting China, India, Iran, Democratic Peoples Republic of Korea, Pakistan, Russia, United Nations, United States, Venezuela, and Vietnam.

Bring your own context.

Virtue, rewarded.

"So what we're seeing, you know, across the board is the more mature your security program is, the less of a target that you'll be. So there are some fundamentals that we continue to see not happening in practice, you know, fundamentals that we've all been talking about for years and years."

—Jennifer Ayers, vice president of OverWatch and security response at CrowdStrike, on the CyberWire Daily Podcast, 11.14.19.

Sometimes effort (intelligent effort) really can equal results.

Work with the world’s experts in Dark Web analysis.

Based on years of law enforcement and military experience plus current work with international agencies, ReSecurity’s Hunter Unit pulls and analyzes the best data and delivers it in the most actionable format. We provide human-curated, in-depth analysis layered on top of the most comprehensive, exclusive sets of data from the Deep and Dark Web. 

In today's Daily Podcast, out later this afternoon, we talk with our partners at the University of Maryland's Center for Health and Homeland Security, as Ben Yelin discusses your rights to images you post of yourself online. Our guest is Tom Miller from ClearForce, and he talks us through continuous discovery of insider threats.

And Recorded Future's podcast, produced in partnership with the CyberWire, is also up. In this episode, "Solving the Business Challenges of Governance, Risk, and Compliance," their guest is Syra Arif, a senior advisory solutions architect in the security and risk practice at ServiceNow, a global cloud computing company. Syra shares her insights on providing customers with solutions to the business challenges of governance, risk, and compliance. She shares her experience coming up through the industry as a woman, and we also get her perspective on threat intelligence and why it’s critical for organizations to embrace diversity.

Cyber Security Summits: November 21 in Houston and December 5 in Los Angeles (Houston, Texas, United States, November 21, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The US Department of Homeland Security, The FBI, US Department of Justice, Verizon, Center for Internet Security and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Your full day’s attendance will earn you 6 CPEs / CEUs. Passes are limited, secure yours today: www.CyberSummitUSA.com

CyberMaryland Job Fair, December 5, Baltimore. Visit ClearedJobs.Net or CyberSecJobs.com for details. (Baltimore, Maryland, United States, December 5, 2019) Cleared and non-cleared cybersecurity pros make your next career move at the free CyberMaryland Job Fair, December 5 in Baltimore. Meet face-to-face with leading cyber employers. Visit our site for more details.

Cyber Attacks, Threats, and Vulnerabilities

Chinese Internet users are fascinated by a mysterious Web browser promising legal access to banned sites. They’re also very skeptical. (Washington Post) After the launch this week of the Kuniao browser, China's tech-savvy circles have been lit up with a mix of curiosity and suspicion. But mostly suspicion.

Amid trade talks, officials worried about China’s access to US data (Yahoo) Morgan Wright, former senior adviser in the U.S. State Department, cybersecurity expert and Sentinelone chief security adviser, gives his insights on China’s access to U.S. data via companies like Apple and TikTok.

Beware! Fake HAL job vacancy e-mail contains malicious North Korean malware (Herald Publicist) The hoax mail containing Manuscript malware claims of a job emptiness for a supervisor at HAL with a wage of Rs 1.eight lakh monthly. [Representational

NetSupport RAT installed via fake update notices (Zscaler) The Zscaler ThreatLabZ team observed fake Flash Player and font update campaigns, which lead to the download of the NetSupport RAT. The Zscaler cloud security platform blocked 40,000 such attempts during the past three months.

Prevailion — HydSeven Attack Escalates From Mac OSX to Windows and Linux (Prevailion) The scope of a sophisticated email phishing scam that exploited Mac OS X clients on Firefox this summer dramatically broadened after Prevailion's research team identified Linux and Windows trojans associated with the advanced threat actor known as HydSeven.

Threat Summary: Operation BlockChain Gang; Advanced Exploits, Commodity Tools (Prevailion) This is Prevailion's first Threat Summary Report. For more information on this type of report and why we publish them, click here . Au...

Cybersecurity Research Report: Organizations Are Blind to Attacker-Exposed Assets (CyCognitio) Attack Surface Data Analysis Trends: Data shows that organizations with well-funded security teams are blind to 75% of their attacker-exposed assets.

Vulnerability in ABB Plant Historian Disclosed 5 Years After Discovery (SecurityWeek) It took ABB five years to inform customers of a critical vulnerability affecting one of its plant historian products and the researcher who found it believes threat actors may have known about the flaw

New NextCry Ransomware Encrypts Data on NextCloud Linux ServersNew NextCry Ransomware Encrypts Data on NextCloud Linux Servers (CSIRT-CY) A new ransomware has been found in the wild that is currently undetected by antivirus engines on public scanning platforms. Its name is NextCry due to the extension appended to encrypted files and that it targets clients of the NextCloud file sync and share service.

Louisiana government computers knocked out after ransomware attack (Reuters) Louisiana state government computers were knocked out following a ransomware att...

Louisiana Government Suffers Outage Due to Ransomware Attack (BleepingComputer) The state government of Louisiana was hit by a ransomware attack today that impacted numerous state services including the Office of Motor Vehicles, the Department of Health, and the Department of Transportion and Development.

Ransomware hits Louisiana state government systems (ZDNet) Ransomware contained and some systems have already been recovered.

OMV locations to reopen at Noon Tues. following ransomware attack (https://www.kplctv.com) An apparent “ransom” attack crippled much of Louisiana state government Monday, Nov. 18.

Ransomware Bites 400 Veterinary Hospitals (KrebsOnSecurity) National Veterinary Associates (NVA), a California company that owns more than 700 animal care facilities around the globe, is still working to recover from a ransomware attack late last month that affected more than half of those properties, separating many veterinary practices from their patient records, payment systems and practice management software.

Shade Ransomware Is the Most Actively Distributed Malware via Email (BleepingComputer) During the first half of 2019, the Shade Ransomware (also known as Troldesh) was the most actively distributed malware via malicious email phishing campaigns according to Singapore-based Group-IB security outfit.

This Holiday Season, Watch Out for These Cyber-Grinch Tricks (McAfee Blogs) Whether it be that their shoes are too tight, their heads aren’t screwed on just right, or they’re expressing a little bit of “Bah Humbug,” cyber-grinches

Ironic Android malware poses as an ad-blocker, spams users with ads instead (Phandroid) Popup ads on websites can be annoying, especially on mobile, and as a result there is a rise in apps and browser extensions designed to block them. Now, before you rush off and install the latest ad

Malware on Official Monero Website Can Steal Crypto: Investigator (Cointelegraph) The software available for download on Monero’s official website was compromised to steal cryptocurrency.

Macy's Customer Payment Info Stolen in Magecart Data Breach (BleepingComputer) Macy's has announced that they have suffered a data breach due to their web site being hacked with malicious scripts that steal customer's payment information.

US department store Macy's the latest company to be compromised in Magecart attack (Computing) Macy's claims that it discovered the Magecart compromise of its payment pages within seven days

Facebook ads targeted Fox News fans for shady silver coin scheme (Quartz) A Quartz investigation found that dozens of older conservatives drained their retirement savings into a silver coin scheme supercharged by fear-mongering Facebook ads.

Burglars Really Do Use Bluetooth Scanners to Rob Cars (Wired) Bluetooth scanners are readily available and easy to use—which means that smash-and-grab car break-in might not have been pure chance.

Cyber Attack Methods: How Code Injection Works (IT Pro) The code injection cyber attack method can be a serious threat to the business. Here's what you need to know about heading off a code injection attack.

National Milk Records revenue hit by cyber attack (Shares Magazine) Shares provides unbiased commentary, ideas, views and news on stocks, funds, pensions and savings. Great investment tools with live data. Free registration.

Vulnerability Summary for the Week of November 11, 2019 (CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.   

Cybercrime Booms As Scammers Hack Human Nature To Steal Billions (NPR) Cybercrime is ballooning as scammers learn to research their victims and fine-tune their psychological tricks.

The Language Of Cybercrime (NPR) Cybercriminals have learned to refine the language they use in scams, making scams harder to detect and more likely to fool potential victims.

Security Patches, Mitigations, and Software Updates

Google patches ‘awesome’ XSS vulnerability in Gmail dynamic email feature (ZDNet) The bug bounty hunter who disclosed the issue says the bug is a prime example of DOM Clobbering.

Cyber Trends

Hacking and cyber espionage: The countries that are going to emerge as major threats in the 2020s (ZDNet) Nation-state backed cyber groups have been responsible for major incidents over the last decade. And now more countries want the same power.

Ho Ho OUCH! There are 4x more fake retailer sites than real ones (Naked Security) Beware, holiday shoppers! The phishers hiding under typosquatting domains are waiting for your keyboard fumbles.

Q3 2019 Cyber Threats and Trends Report (Neustar) Download our free report to understand the latest developments in DDoS attacks and how to mitigate them. What steps will you take to defend against these threats?

Most Americans feel powerless to prevent data collection, online tracking (Help Net Security) A study took a closer look at USA digital privacy attitudes and found that most Americans feel that they have little or no control over their personal data.

‘Data Privacy’ Searches Skyrocket to All-Time Highs in the U.S. (PreciseSecurity) According to data provided by PreciseSecurity.com, interest for data privacy surged in October to the highest point in the United States since 2004.

Healthcare spikes data breach fever, endpoint threat detections grow 60% (Help Net Security) The healthcare industry has been overwhelmingly targeted by Trojan malware during the last year, which increased by 82 percent in Q3 2019.

Fortinet CEO: Network and security technologies give rise to security-driven networking (Network World) A conversation about the future of network security with Fortinet CEO Ken Xie

Security Predictions 2020 (Watchguard) In this year’s Cyber Security Predictions, the WatchGuard Threat Lab has imagined the top cyber attacks we’ll see in 2020 and has also provided tips for simplifying your approach to stopping them.

Top 6 Emerging Cybersecurity Trends for 2020 (CIO Applications) In the last decade itself, we’ve witnessed the emergence and integration of smart...

Survey: Most HR managers aren't taking employee data security seriously (HR Dive) As the workplace becomes increasingly disparate thanks to remote work, HR may have to pay closer attention to data protection.

2019 Global Security Attitude Survey Takeaways (CrowdStrike) Get a summary of the key findings from the 2019 Global Security Attitude Survey and see where your organization stacks up among the 1,900 IT-decision makers.

Marketplace

London-based Kape snaps up US cybersecurity firm for $95m (CityAM) London-based security software firm Kape Technologies today said it has acquired US online privacy company Private Internet Access (PIA) for $95.5m (£74m).

IntSights Raises $30 Million to Drive Expansion of Automated External Threat Intelligence, Led By Qumra Capital; Announces Key Executive Appointments (IntSights) IntSights Raises $30 Million to Drive Expansion of Automated External Threat Intelligence, Led By Qumra Capital; Announces Key Executive Appointments

1Password Raises $200 Million in Series A Funding (SecurityWeek) Popular password manager 1Password has closed a $200 million Series A round, which the company says is the first outside investment following 14 years of growth and profitability.

CyCognito Secures $23 Million US in Funding to Address Shadow Risk with Next-Generation Platform that Defines a New Market Category, Solving a Fundamental Enterprise Security Challenge (West) Lightspeed, Sorenson Ventures, John W. Thompson Lead Funding Round for New Next-Gen Platform that Continuously Maps, Prioritizes and Guides Remediation of Unknown, Unsecured Conduits

Sonatype takes long view as it sells out to Vista Equity Partners (DEVCLASS) Code hygiene specialist Sonatype has been taken over by Vista Equity Partners, joining the private equity group’s roster of software firms you might, or might not, remember. Vista has acquired a majority interest in the firm, whose Nexus product helps customers keep track of the open source components in their software, and ensure security fixes …

U.S. Air Force Directorate Selects Checkmarx to Enable Software Cyber Resiliency (BusinessWire) Checkmarx, a global leader in software security solutions for DevOps, today announced that it has been awarded a contract with the U.S. Air Force (USA

Salient CRGT Wins $482M Task Order to Help DoD Modernize Warfighter IT Networks; Tom Ferrando Quoted - GovCon Wire (GovCon Wire) Salient CRGT has won a potential five-year, $482M task order to provide telecommunication and engine

Thiel Marks Palantir’s Asia Push with $150 Million Japan Venture (Bloomberg) Partnering with Sompo Holdings and targeting public sector. Health and cybersecurity are the initial areas of focus.

BIO-key Launches ‘BIO-key Africa’ Subsidiary to Pursue Large, High-Growth Biometric Security Opportunity Across the Continent (West) Dr. Maduawuchi “Steve” Uwazie appointed Managing Director

Pulse Secure Recognized as Great Place to Work Certified Company (West) Pulse Secure, the leading provider of software-defined Secure Access solutions, has been recognized as a Great Place to Work Certified Company.

Cyber Risk Advisory Firm Affirms Corporate Values with Support of the Northern Virginia Human Trafficking Initiative (PR Newswire) Nehemiah Security, the industry leader in automated cyber risk quantification, today announced planned fundraising support of the Northern...

A Note from Michael Skelton, Bugcrowd’s New Head of Researcher Enablement (Bugcrowd) A few years ago, I was a software developer with a passion for security but had limited people around me to learn from. Bug bounties, and the communities around

Products, Services, and Solutions

NeuVector First to Bring “Security Policy as Code” to Kubernetes Workloads (Container Journal) DevOps and DevSecOps teams can now more quickly deliver secure cloud-native apps by using Kubernetes Custom Resource Definitions (CRDs) to define, manage,

BigID Introduces Data Discovery for Data Pipelines (BusinessWire) BigID, the leader in data-centric personal data privacy and protection, today announced the industry’s first data discovery solution for data pipeline

Castle Expands User-Centric Account Security Platform with Risk Policies (PR Newswire) Castle, the user-centric account security company, today announced it has enhanced its platform with Castle Risk Policies, providing...

BigID Introduces Data Discovery for Data Pipelines (BusinessWire) BigID, the leader in data-centric personal data privacy and protection, today announced the industry’s first data discovery solution for data pipeline

Lacework/Datadog Integration Brings Security Visibility to Cloud Monitoring (Lacework) The Lacework + Datadog integration unites security and observability data for customers for a complete cloud security platform, from build-time to run time.

CyCognito Announces Next-Generation Platform to Eliminate Shadow Risk, Addressing a Fundamental Security Gap (West) CISOs Cite Need for Platform That Continuously Maps, Prioritizes and Guides Remediation of Unknown, Unsecured Conduits

Open Invention Network Teams with IBM, Linux Foundation and Microsoft to Further Protect Open Source from Patent Trolls (West) Group to support Unified Patents’ Open Source Zone with substantial annual subscription

Threat Stack Announces New Comprehensive Partner Program; Partnership with Optiv (BusinessWire) Threat Stack announced its new partner program that will cover all aspects of the partner ecosystem including VARs, MSPs, and MSSPs.

SoftBank Corp. Chooses Fortinet Secure SD-WAN to Accelerate Managed SD-WAN Services (West) Fortinet’s Security-Driven Networking Approach to SD-WAN Enables SoftBank to Offer Seamless, Secure and Cloud-Ready SD-WAN Services to Enterprise Customers

Fortinet and Siemens partner to provide protection for OT networks (Intelligent CIO Africa) Fortinet, a global leader in broad, integrated and automated cybersecurity solutions, has announced a technology alliance partnership with Siemens, a global

Orange Business Services Chooses Fortinet Secure SD-WAN to Expand its Flexible SD-WAN Portfolio (Yahoo) Orange Business Services, a global communications solutions provider and digital services integrator, and Fortinet (NASDAQ: FTNT),.

Keyfactor Brings Enhanced Security for Cloud, DevOps and IoT with Keyfactor Command 7 Release (Yahoo) New Functionality Strengthens Compliance and Security for PKI Operations

When humans fail, AI may be solution to phishing attacks (150sec) Phishing is the leading cyber threat to European businesses. 150sec spoke to a cyber security expert to find out how AI may be the answer.

OPSWAT's Access Control Certification Program Now Protects Over 100 Million Enterprise Endpoints Worldwide (PR Newswire) OPSWAT, a leader in critical infrastructure protection, today announced that its Access Control Certification Program now protects over 100...

Aryaka Cloud-First WAN Offering Disrupts Traditional SD-WAN and Legacy Service Provider Models (BusinessWire) Aryaka Cloud-First WAN Offering Disrupts Traditional SD-WAN and Legacy Service Provider Models

Sixgill Launches Integrity, The Blockchain Data Authenticity Solution (BusinessWire) Sixgill, a leader in data automation and authenticity, announced the commercial launch of Sixgill Integrity for blockchain-enforced data authenticity.

Cyberbit Aligns Cyber Range Training Scenarios With NICE Knowledge, Skills and Abilities (Olean Times Herald) Cyberbit today announced that it has mapped training scenarios for Cyberbit Range, its cybersecurity training and simulation platform, to the NICE Cybersecurity Workforce Framework.

Technologies, Techniques, and Standards

With New Surveillance Technology, Are Encryption Backdoors Still Needed? (CPO Magazine) With the use of surveillance technology by law enforcement to target suspected criminals and terrorists, is the argument for encryption backdoors still valid?

CISQ Begins Creation of New Standard to Address Software Quality in Model-Based Systems Engineering (CISQ - Consortium for Information & Software Quality) Growth of Digital Twins drives need for improved design testing.

Databases for actual control system cyber incidents exist – and they are important for many reasons (Control Global) Obtaining control system cyber incident case histories is possible (my database has more than 1,200 actual cases) but it needs to be done with trusted individuals working with industry experts. There is also a need for “whistle blower protection” for individuals and companies that report these incidents. It is important because these incidents often are generic and can, or have, affected multiple different organizations.

Why you should shift your cloud security strategy up stack (TechBeacon) Today's cloud security concerns are more about threats further up the stack, like configuration and authentication. Here's what your team should know.

Practical Tips Leaders Can Use to Build a Culture of Cybersecurity (Bricata) Organizations must build a culture of cybersecurity to reduce the risk that human interaction can bring and cannot be mitigated through technical solutions.

()

()

Download Mapping the Multi-Cloud Enterprise (BPI Studies) The Business Performance Innovation (BPI) Network is dedicated to identifying, exploring and sharing emerging trends and transformational ideas and practices that are reshaping world markets and competitive landscapes.

6.2 Billion GlobalPlatform-Compliant Secure Elements Deployed in 2018 (GlobalPlatform) The standard for secure digital services and devices

Design and Innovation

Why Facebook will keep on letting politicians lie (The Telegraph) As another General Election looms, the battle for No 10 will fundamentally be fought and won online.

Revenge porn ‘whack-a-mole’: Inside Facebook’s fight against nonconsensual nudes (NBC News) The Facebook team tasked with fighting nonconsensual intimate images spoke for the first time about their research, early missteps and hopes for AI.

Why Is Google Slow-Walking Its Breakthroughs in AI? (Wired) The company’s new facial-recognition service comes with limitations to prevent abuse, which sometimes lets competitors take the lead.

Reflections on AI: Are humans up to the task of controlling what they've built? (SiliconANGLE) Thanks to artificial intelligence and facial-recognition technology, mirrors in retail stores are now making judgments about people reflected in the glass. Is that progress or a descent into digital apocalypse?

Academia

EBHS Students Place First in Cybersecurity Competition (TAPinto) A team of four students from Haim Cohen’s AP Computer Science classes took home 1st place and a Raspberry Pi on Friday, November 15, 2019.

Polis urges high school girls to sign up for cybersecurity challenge (Colorado Politics) Gov. Jared Polis on Monday invited Colorado girls in grades 9-12 to participate in Girls Go CyberStart, an online challenge that introduces players to Linux, cryptography and programming, and leads

Legislation, Policy, and Regulation

China’s Achilles’ heel when it comes to cyberspace (Fifth Domain) If “mutually assured cyber destruction

A new process for an old problem — governing state behaviour in cyberspace (OpenCanada) With the next session of a new UN working group on cyber activity around the corner, Paul Meyer reviews the state of the debate.

The U.N. passed a resolution that gives Russia greater influence over internet norms (CyberScoop) The resolution calls for stopping “use of information and communications technologies for criminal purposes." The activities it aims to curb is unclear.

Why Iran’s Internet Shutdown Is A Stark Warning For Russia (Forbes) Iran's almost total internet shutdown was complicated. For Russia, though, that may not be the case.

The US gives Huawei its third 90-day support exemption from export ban (Ars Technica) US kicks the can down the road again, hopes carriers will replace Chinese equipment.

Analysis | The Cybersecurity 202: Trump administration's failure to follow through on Huawei ban worries China hawks (Washington Post) The ban won't go into effect until at least nine months after it was announced.

House panel moves 5G protection bills (FCW) A House telecommunications subcommittee approved several measures aimed at sharpening supply chain protections and security for 5G wireless networks.

Senate Democrats urge DHS to fund cyber threat information sharing programs (TheHill) A group of three Senate Democrats is urging the Department of Homeland Security’s (DHS) cyber agency to help fund cybersecurity threat information sharing centers involved in election security efforts.

U.S. National Guard's Evolving Mission Includes Assisting Local Governments Experiencing Cyber Attacks (CPO Magazine) The National Guard is serving as something of a stopgap to defend against cyber attacks for state and local governments that are running behind the curve in terms of cyber capabilities.

USAF establishes Cyberspace Capabilities Center under ACC (Airforce Technology) The US Air Force (USAF) has established a new Cyberspace Capabilities Center (CCC) during a ceremony at Scott Air Force Base.

()

Litigation, Investigation, and Law Enforcement

U.S. Fails to Counter Chinese Efforts to Recruit Scientists, Acquire Research, Senate Report Says (Wall Street Journal) Federal agencies have failed to adequately respond to the threat of Chinese government-funded programs that systematically exploit U.S. research to strengthen China’s own economy and military, a new Senate report concludes.

Are Twitter Spies Part of a Trend? (Tufts Now) The simple act of signing up for a Twitter account or using the WhatsApp messaging service could expose users to international spying and malicious surveillance, according to two current legal cases—and the implications are particularly concerning for journalists and dissidents who criticize the leaders of authoritarian regimes. The threats also go far beyond what most individuals can defend themselves against, according to a Fletcher School professor.

Cops put GPS tracker on man’s car, charge him with theft for removing it (Ars Technica) Cops tracked the man's car because they suspected he was dealing meth.

First Cypriot to Be Extradited to US, on Hacking Charges (SecurityWeek) A 20-year-old Cypriot wanted for hacking offences in the United States is set to be the country's first citizen to be extradited there.

Second time lucky: Sweden drops Julian Assange rape investigation (Register) US Dept of Justice books one-way plane ticket in his name

Professor Who Wrote Book on Drug Crime Is Accused of Money Laundering (Bloomberg) Bagley charged in U.S. with laundering cash from Venezuela. Professor edited book on drug trafficking and organized crime.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

CyberCon 2019 (Anaheim, California, USA, November 19 - 20, 2019) CyberCon 2019 targets executives, leaders and decision makers from the power and utilities and cybersecurity industries, including CEOs, CFOs, COOs, CSOs and CISOs, as well as national security advisors,...

CyberCon (Anaheim, California, USA, November 19 - 21, 2019) CyberCon is a solutions-based cybersecurity conference connecting executives and decisions makers in the power and utilities sector to cybersecurity experts and industry specific solutions. By attending,...

Infosecurity and ISACA North America Expo and Conference (New York, New York, USA, November 20 - 21, 2019) In November 2019, Infosecurity North America and ISACA will align in the field of security, cybersecurity and risk management to create an incredible experience for attendees in programming, solutions...

PCI SSC 2019 Asia-Pacific Community Meeting (Melbourne, Australia, November 20 - 21, 2019) The PCI Security Standards Council’s 2019 Asia-Pacific Community Meeting is the place to be. We will provide you with the information and tools to help secure payment data. We lead a global, cross-industry...

Cyber Security X Atlanta (Atlanta, Georgia, USA, November 20 - 21, 2019) Cyber Security X Atlanta is part of the fastest growing cyber security event series, providing events that uniquely cover the entire security landscape. The event will offer invaluable security insight...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.