skip navigation

More signal. Less noise.

Get your copy of the definitive guide to threat intelligence.

We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.

Daily briefing.

Microsoft describes how Iran's APT33 ("Elfin" or "Refined Kitten") is engaged in attacks against industrial control systems, WIRED says.

Microsoft has also rebutted claims that Microsoft Teams served as the vector for the Doppelpaymer ransomware infestation suffered earlier this month by some Spanish companies, ZDNet reports. Redmond has also quashed rumors that the ransomware is being spread via the BlueKeep vulnerability.

CNN has obtained a warning the FBI has quietly circulated within the auto industry, warning that the US automobile sector is at heightened risk of cyberattack.

Nyotron today published the results of research into ransomware that exposes an attack technique that escapes detection by most anti-ransomware products. They call the technique “RIPlace;” they’ve also released a free tool that allows users to check their Windows systems for susceptibility to the attack.

Bugcrowd's CTO makes a glum prediction about Phineas Fisher's $100 thousand offer for anti-corporate hacktivist work: it will, he thinks, have some takers--it's certainly large enough.

End-to-end encryption seems likely, according to the New York Times, to be the next "bullseye" on the back of Big Tech, who may find themselves playing an unfamiliar role as paladins of civil liberties.

Some US Senators are arguing that 5G is a matter of such vital national importance that there ought to be a Federal 5G czar, the Washington Post reports.

Concerned about potential exploitation by foreign intelligence services, five US Senators have written Amazon to request an explanation of the data-handling and security practices of its smart doorbell subsidiary Ring.

Notes.

Today's issue includes events affecting Australia, European Union, India, Iran, Democratic Peoples Republic of Korea, NATO/OTAN, Russia, United Kingdom, United States.

Bring your own context.

Personnel security involves, among other things, identifying insider threats as they develop, catching them before they do their damage. It's not easy, and there's obviously a human dimension to the ways an organization handles and helps the troubled and the "disengaged."

"It really is identifying this disengaged individual. And what we find time and again is, when somebody becomes disengaged, whether it's from their job or quite frankly in the community, if you become disengaged and nobody notices, then bad things tend to happen. And so from an employer's perspective, you have to find these early indicators that that employee that you brought into the organization - a trusted, productive part of the corporate organization - all of a sudden has issues. They have stress. They have problems either inside or outside of work that have created this situation. And so, you know, oftentimes, that can range from arguments or problems that they're having with their colleagues, so let's say internal incidents. Perhaps it's with customers, perhaps it's with co-workers, but having an efficient and effective way of having those incidents communicated into leadership becomes really important."

—Tom Miller, CEO at employee risk management firm ClearForce, on the CyberWire Daily Podcast, 11.19.19.

You want to help them, and also protect the business, but that's got to be done with clear respect for their rights and privacy.

Work with the world’s experts in Dark Web analysis.

Based on years of law enforcement and military experience plus current work with international agencies, ReSecurity’s Hunter Unit pulls and analyzes the best data and delivers it in the most actionable format. We provide human-curated, in-depth analysis layered on top of the most comprehensive, exclusive sets of data from the Deep and Dark Web. 

In today's Daily Podcast, out later this afternoon, we speak with our partners at Booz Allen Hamilton, as Michael Sechrist discusses third-party malware risks. Our guest is Bill Conner from SonicWall, sharing results from their Q3 Threat Data Report.

And Hacking Humans is up. In this episode, "Security has to be friendly," Dave wonders about Juice Jacking warnings. Joe shares findings from Agari's latest email fraud and identity deception report. The catch of the day promises romance in exchange for airline tickets. Our guests are David Spark and Allan Allford, cohosts of the Defense in Depth podcast.

Cyber Security Summits: November 21 in Houston and December 5 in Los Angeles (Houston, Texas, United States, November 21, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The US Department of Homeland Security, The FBI, US Department of Justice, Verizon, Center for Internet Security and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Your full day’s attendance will earn you 6 CPEs / CEUs. Passes are limited, secure yours today: www.CyberSummitUSA.com

CyberMaryland Job Fair, December 5, Baltimore. Visit ClearedJobs.Net or CyberSecJobs.com for details. (Baltimore, Maryland, United States, December 5, 2019) Cleared and non-cleared cybersecurity pros make your next career move at the free CyberMaryland Job Fair, December 5 in Baltimore. Meet face-to-face with leading cyber employers. Visit our site for more details.

Cyber Attacks, Threats, and Vulnerabilities

Microsoft: Iranian hacker group homing in on industrial systems (Axios) Researcher warns this may be a foothold for future

Iran’s APT33 Hackers Are Targeting Industrial Control Systems (Wired) The recent focus on ICS raises the possibility that Iran's APT33 is exploring physically disruptive cyberattacks.

ISIS expected to revamp operations in Syria, grow ability to target the West, says Pentagon watchdog (Military Times) Without counterterrorism pressure, the Defense Intelligene Agency anticipates ISIS will have a better opportunity to cultivate its covert networks, the report said.

Analysis | How Russia weaponized social media, got caught and escaped consequences (Washington Post) Russia weaponized social media in an attempt to influence the 2016 presidential election. But its efforts didn't end after it was caught.

Dtrack: In-depth analysis of APT on a nuclear power plant (Cyberbit) Dtrack is a RAT (Remote Administration Tool) allegedly written by the North Korean Lazarus group.

Nyotron Discovers Technique That Renders Ransomware Invisible to Security Software (PR Newswire) Nyotron, provider of the industry's first automatic Endpoint Detection and Response (EDR) solution that both detects malware and prevents...

RIPlace Evasion Technique (Nyotron) In Spring 2019, Nyotron’s Research team discovered an evasion technique that could allow malicious actors to alter files (including encryption) in a way that enables them to bypass most antivirus, anti-ransomware and Endpoint Detection and Response (EDR) solutions’ detection capabilities.

Microsoft Denies Bluekeep Ransomware Rumors (Infosecurity Magazine) Microsoft Denies Bluekeep Ransomware Rumors. Redmond also says no Teams link to recent Spanish outages

Microsoft rebukes rumors that Microsoft Teams is being used in ransomware attack (ZDNet) Microsoft also knocks down rumor that hackers are using the BlueKeep exploit to install the DoppelPaymer ransomware.

Customer Guidance for the Dopplepaymer Ransomware (Microsoft Security Response Center) There is misleading information circulating about Microsoft Teams, along with references to RDP (BlueKeep), as ways in which the Dopplepaymer malware spreads. Our security research teams have investigated and have found no evidence to support these claims. In our investigations we have found that the malware relies on remote human operators using existing Domain Admin credentials to spread across an enterprise network.

FBI says hackers are targeting US auto industry (CNN) The American automotive industry has been the target of malicious cyber actors since at least late 2018, according to an FBI report obtained by CNN.

Report: AccorHotels Subsidiary Exposes Hotels and Travelers in Massive Data Leak (vpnMentor) Led by Noam Rotem and Ran Locar, vpnMentor’s research team discovered a data breach belonging to Gekko Group, a subsidiary of Accor Hotels. Based in France,

XSS security hole in Gmail’s dynamic email (Naked Security) The bug was fixed at least a month ago so users receiving dynamic email content have one less thing to worry about.

WeWork Developers Exposed Contracts and Customer Data on GitHub (Vice) The agreements contain phone numbers and addresses of individuals, and others have bank account information.

Official Monero website is hacked to deliver currency-stealing malware (Ars Technica) GetMonero.com delivers Linux and Windows binaries that steal users' funds.

Instagram stalker app Ghosty yanked from Play store (Naked Security) It was sucking up private profiles by requiring users to hand over their logins, giving it access to whatever accounts they follow.

Cyber thieves target medical group in Sikeston, Mo. (KFVS 12) According to Saint Francis Healthcare System, the computer network at Ferguson Medical Group, LP (FMG) experienced a cyber attack on Sept. 20.

Beware the Gift Card Scam: How One Family Learned the Hard Way (Wall Street Journal) Scammers are calling or emailing people, often seniors, under a variety of pretenses—grandchildren, tech support, tax collectors, etc.—that culminate in requests to purchase retail gift cards.

Security Patches, Mitigations, and Software Updates

Google introduces new G Suite security options (Help Net Security) Google has introduced new G Suite security options, including Advanced Protection for enterprise users and access control for apps accessing account data.

Update WhatsApp now: MP4 video bug exposes your messages (Naked Security) A now-patched-hole could have allowed remote code execution that could have exposed files and messages. Update your WhatsApp now.

Adobe Acrobat and Reader 2015 reach end of support (Naked Security) If you’ve been happily using Adobe Reader 2015 software for the last few years, you’re in for a rude awakening.

Microsoft starts releasing fixes for Access bugs introduced in Office security patches this month (Computerworld) If you’ve been seeing new Access 'Query is corrupt' errors, they’re likely caused by buggy Office patches released on Patch Tuesday last week. Microsoft has started releasing fixes for the bad Office security patches. One of them, for Access 2016, arrived yesterday.

Cyber Trends

Retail E-Commerce Report 2019: The Rising Tide of Fraud (Signals Intelligence) Download the 2019 Retail E-Commerce Report from Signal Sciences to learn our key findings...

Attackers increasingly embrace small-scale DDoS attacks to evade detection (Help Net Security) Neustar research on cyber threats and trends reveals continued increase in both large- and small-scale DDoS attacks, new threat vectors.

Forcepoint Presents Cybersecurity Predictions for 2020 (ExecutiveBiz) Forcepoint called on its strategists, researchers and engineers to identify and discuss cybersecurity trends they forecast for the coming year and one of those predictions concerns with the Cloud Smart strategy. Eric Trexler, vice president of global government at Forcepoint, shared that more organi

Food firms ‘invest least’ in cyber attack security (Food Manufacture) Food firms rank the lowest in terms of investment to prevent the threat of cyber attacks, according to the latest government data.

Miners not taking cybersecurity risks seriously, report finds - International Mining (International Mining) “In an increasingly automated and interconnected world, the risk of rogue systems and equipment is growing rapidly," Graeme Stanway says

Marketplace

Banyan Security Raises $17 Million to Help Enterprises Modernize their Secure Remote Access Infrastructure (PR Newswire) Banyan Security, a leading provider of cloud-centric secure remote access solutions based on Zero Trust security principles, today announced it...

Perimeter 81 Announces $10 Million Funding Round to Expand its Network as a Service Platform; Partners with SonicWall to Add Unified Security Services (PR Newswire) Perimeter 81, a leading Zero Trust network provider for enterprises and organizations, announced today a $10 million Series A investment round...

SonicWall Leads Series A Round Funding In Zero Trust Security Provider Perimeter 81 (PR Newswire) SonicWall, the trusted security partner protecting more than 1 million networks worldwide, today announced that it is leading the Series A...

ZecOps raises $10.2 million to automatically detect and remediate cyberattacks (VentureBeat) Cybersecurity startup ZecOps announced that it's raised $10.2 million in seed funding for its automated threat detection and remediation technology.

CI Security raises another $6.4M to help hospitals implement cybersecurity tech (GeekWire) New funding: CI Security, a 85-person cybersecurity startup with offices in Seattle, Bremerton, and Ellensburg, Wash., has raised an additional $6.4 million, adding to its $16 million Series B round.

CyberGhost owner buys PIA for $95.5m to create VPN giant (TechRadar) Private Internet Access will become part of a huge global VPN operation

Facebook and Google surveillance is an ‘assault on privacy,’ says Amnesty International (The Verge) The tech giants’ business model is at odds with human rights, according to new report

How UK tech is confounding Brexit uncertainty to attract record investment  (The Telegraph) The UK's world-leading fintech sector is one of the main reasons why its tech companies are receiving unprecedented levels of investment

Britain will prosper regardless of politics, says ex-Google boss Eric Schmidt (The Telegraph) Britain’s technology industry has reached a critical mass where it will continue to prosper “independently of what happens politically in the country”, according to one of Silicon Valley’s most powerful figures.

Google Hires Firm Known for Anti-Union Efforts (New York Times) After nearly two years of unrest, the company appears to be cracking down on employee activism.

MSSP giant Optiv to shutter UK operation - sources (CRN) Optiv launched in the UK last year but is rumoured to be pulling out of the market

Westpac and Microsoft are collaborating on a new intelligence hub (Business Insider) Westpac designed an intelligence hub with Microsoft, enabling it to analyze user data in real time and offer tailored services and account analytics.

U.S.Air Force Awards ReFirm Labs $1M Contract to Accelerate IoT Security Innovation (Yahoo) ReFirm Labs, a provider of the industry's first proactive IoT and firmware security solutions, today announced it has been awarded a $1 million Phase II Small Business Innovation Research (SBIR) contract from the U.S. Air Force (USAF) Life Cycle Management

Enveil Awarded Air Force Contract to Address Mission-Critical Supply Chain Needs (West) Engagement will utilize the company’s groundbreaking ZeroReveal® solution to advance supply chain security

Network Designs, Inc. (NDi) on Team Selected to Provide Open Source Intelligence Support to the U.S. Army (PR Newswire) Network Designs, Inc. (NDi) announced today that it is a key member of a team led by prime contractor BAE Systems, Inc. that was recently...

Lockheed wins $3.3 billion contract for anti-jamming support (C4ISRNET) Lockheed Martin will perform support services for a trio of anti-jamming satellite communications systems.

IronNet Cybersecurity Announces Growth Plans in EMEA (IronNet) New regional leadership and headquarters in London, along with a new strategic partnership to drive growth in EMEA for IronNet Cybersecurity’s collective defense platform

Carbon Black to open Australia datacentre in 2020 (ComputerWeekly.com) The Australia datacentre comes on the heels of VMware’s acquisition of Carbon Black and will serve organisations with data sovereignty requirements

GrammaTech Appoints Vince Arneja as Chief Product Officer (Herald-Mail Media) GrammaTech, a leading developer of software-assurance tools and advanced cyber-security solutions, today announced that it has appointed Vince Arneja as

Products, Services, and Solutions

IBM Launches Open Technology to Speed Response to Cyber Threats Across Clouds (PR Newswire) IBM (NYSE: IBM) today announced Cloud Pak for Security, featuring industry-first innovations to connect with any security tool, cloud or...

Arctic Wolf Introduces Account Takeover Risk Detection (Arctic Wolf) SOC-as-a-Service Leader Augments Portfolio with Corporate Credential Exposure Detection

ReversingLabs Enhances Splunk Integration to Improve SOC Automation and Decision Making (Yahoo) ReversingLabs, the leading provider of destructive object insights delivering SOC decision support, automation and threat analytics solutions.

Shared Assessments Introduces 2020 Third Party Risk Management Toolkit Updates (BusinessWire) Shared Assessments Introduces 2020 Third Party Risk Management Toolkit Updates; Expanded Privacy Tools for GDPR and CCPA

Acceptto's Continuous Behavioral Authentication™ Verified as Citrix Ready. (PR Newswire) Acceptto today announced that its Continuous Behavioral Authentication solution has been verified as Citrix Ready. The Citrix Ready Program is...

Bugcrowd Adds Asset Inventory to Attack Surface Management (Bugcrowd) For more than seven years, organizations around the world have trusted Bugcrowd to help identify more than 300,000 vulnerabilities in their known IT ecosystems.

Tripwire Teams with Baker Hughes on Industrial Cybersecurity (Tripwire) Nexus Controls, a Baker Hughes business, to Integrate Tripwire ICS Capabilities into SecurityST Solution

Fugue Announces Free Tier to Empower Engineers to Build and Operate Secure Cloud Systems (Fugue) Fugue Developer provides automation tools to visualize cloud infrastructure, identify misconfiguration risks, and demonstrate compliance

Ooredoo Kuwait Chooses Fortinet to Deliver the Region’s First Secure SD-WAN Managed Service to Enterprise Customers (Yahoo) Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced that it has been.

Perception Point Announces SOC 2 Compliance (PR Newswire) Perception Point, a leading cybersecurity firm that protects content-exchange channels from file and URL based attacks, today announced that it...

Illumio Updates ServiceNow App with Support for New York Release (Yahoo) Illumio, the leader in segmentation for workload security, today announced an enhancement to its application for ServiceNow, available now in the ServiceNow Store with support for ServiceNow’s New York release, in addition to the London and Madrid releases. Certification by ServiceNow is only granted

KPMG & nsKnox Partner to Mitigate Payment Fraud with Innovative Anti-Fraud Cyber Solution (BusinessWire) KPMG & nsKnox Partner to Mitigate Payment Fraud with Innovative Anti-Fraud Cyber Solution.

Technologies, Techniques, and Standards

Emsisoft releases new decryptor for Jigsaw ransomware (Emsisoft | Security Blog) We just released a new decryptor for Jigsaw ransomware.

Exclusive: Labour sticks to 'basic' $20 cyber defence after attacks, emails show (Reuters) Britain's opposition Labour Party was using a $20-a-month "basic secur...

How far behind is the Pentagon in electronic warfare? (C4ISRNET) A new report warns of ground lost and suggests asymmetries the Department of Defense can exploit to help regain advantage in the electromagnetic spectrum.

CISA Leads Incident Response Exercise at BOK Center and Cox Business Center in Tulsa (CISA) On Tuesday, November 19, the Cybersecurity and Infrastructure Security Agency (CISA), in coordination with public and private sector partners, held a tabletop exercise in Tulsa, Okla. to test emergency response plans.

What is Password Recovery and How It Is Different from Password Cracking (ElcomSoft blog) Why wasting time recovering passwords instead of just breaking in? Why can we crack some passwords but still have to recover the others? Not all types of protection are equal. There are multiple types of password protection, all having their legitimate use cases. In this article, we’ll explain the d

An open conversation about cyber-risk reporting to the BOD (Balbix) An insightful open conversation with 17 CISOs on the topic of cyber-risk reporting for board of directors.

Design and Innovation

Privacy Engineering Challenge Winner: Geofencing to Prevent Unauthorized Access (Virtru) To inspire innovative, privacy-preserving data protection solutions, Virtru hosted a privacy engineering challenge during the fall of 2019. Today, we are pleased to announce the winner of this challenge: Krish Suchak’s Audit Map submission introduced geolocation features to help prevent unauthorized data access.

Facebook launches new safety tools for advertisers as criticism continues over false political ads (CNBC) Facebook plans to announce a slate of changes Wednesday to help advertisers control the kind of content their ads show up on.

Google to Restrict Political Ad Targeting on Its Platforms (Wall Street Journal) Under the new policy, political ads can only be targeted based on users’ age, gender and postal code.

An update on our political ads policy (Google) An update on some changes we’re making to how we handle political ads on our platforms globally.

How an Ex-Twitter Adman Plans to Squash Email’s Most Pernicious Threats (Fortune) Abnormal Security is taking on "business email compromise," a social engineering attack that has victimized Facebook and Google and attracted the attention of the FBI.

Research and Development

Much of what's being sold as 'AI' today is snake oil, says Princeton professor (Computing) AI companies have raised millions of dollars in funding from investors - but their technology isn't really artificial intelligence.

Why AI will be Inhuman (APN) Cyber security provider F-Secure has launched a new research project to further develop the decentralized artificial intelligence (AI) mechanisms currently used in its detection and response technologies. The initiative, dubbed Project Blackfin, aims to leverage collective intelligence techniques, such as swarm intelligence, to create adaptive, autonomous AI agents that collaborate with each other […]

The problem with the Army’s ‘Go’ metaphor — besides being 2,500 years old (C4ISRNET) AI development is under-served by metaphors that obscure instead of illuminating.

IBM: The Fight Against A.I. Bias Is Never Over (Fortune) Bias needs to be fought even in the design process, IBM Research A.I. ethics chief Francesca Rossi said at the Fortune Global Forum in Paris.

To tackle 5G, the key will be collaboration (C4ISRNET) New 5G technology offer capabilities to our warfighters, such as more data, more speed, reduced latency, and the ability to “operate through” untrusted networks that will likely be the next discriminator on the battlefield.

Academia

The top colleges at the Energy Department’s cyber competition (Fifth Domain) The Department of Energy hosted its fifth CyberForce Competition on Nov. 16, during which 105 college teams worked to defend simulated energy infrastructure from cyberattacks.

Prairie View A&M University Selects Spirent Technology to Expand Cybersecurity Research and Teaching (Yahoo) Spirent Communications plc (SPT.L), the trusted provider of test, measurement, assurance and analytics solutions for next-generation devices and networks, today announced that the Prairie View A&M University (PVAMU), a member of the prestigious Texas A&M University System, has procured the Spirent CyberFlood

Legislation, Policy, and Regulation

Here are the problems offensive cyber poses for NATO (Fifth Domain) Speaking at CyCon U.S., international legal experts expressed some doubts regarding how seamless cyber can be integrated into NATO operations.

UN passes Russian cyber crime resolution critics say will be used to justify state internet control (Computing) Final vote to adopt the resolution in the UN General Assembly will be held next month

What Is End-to-End Encryption? Another Bull’s-Eye on Big Tech (New York Times) After years of on-and-off debate over nearly snoop-proof security, the industry is girding for new pressure from law enforcement around the world.

Don’t Believe the Hype. Russia Is Losing in the Middle East—and Around the World. (Foreign Policy) Putin’s apparent victories in spreading Russian influence are mirages, some of which have come at a great cost.

Information sharing is critical. So will DHS fund it in 2020? (Fifth Domain) Three Senate Democrats are concerned that the Department of Homeland Security’s cyber unit won’t provide adequate funding to an information sharing program with less than one year until the 2020 presidential election.

Senate Committee Approves $250 Million to Fund the Electric Grid Security (Nextgov.com) The PROTECT Act would create a federal grant program to help small utility companies improve their digital defenses.

House committee advances legislation to secure telecom networks against foreign interference (TheHill) A key House committee on Wednesday advanced legislation that would ban the government from buying telecommunications equipment from companies deemed to be national security threats, such as Chinese telecom giant Huawei.

Sec. of Commerce Ross: ZTE, Huawei extensions were made to help rural America (Fox Business) U.S. Commerce Secretary Wilbur Ross defends the decision to grant extensions to companies doing business with China’s Huawei Technologies

Attorney General Barr rehashes failed arguments in the encryption debate (American Enterprise Institute - AEI) The Department of Justice’s renewed push for tech companies to grant law enforcement access to encrypted communications ignores the historical record and expert opinions: Weakening strong encryption would compromise Americans’ cybersecurity and national security.

Jeanette Manfra, senior DHS cyber official, to step down (CyberScoop) Jeanette Manfra, a senior cybersecurity official at the Department of Homeland Security, plans to step down from her position.

Does the federal government need a 5G coordinator? (C4ISRNET) A bipartisan group of senators called on the White House to name a 5G coordinator to tackle what lawmakers described as an “unprecedented security challenge” presented by the new technology.

Analysis | The Cybersecurity 202: The White House needs a 5G czar to win the race to secure next-generation networks, senators warn (Washington Post) The China threat looms large.

California IoT security law: What it means and why it matters (Help Net Security) Let’s use the California IoT security law as a lesson for how to improve future guidance and ensure better security for everyone.

Litigation, Investigation, and Law Enforcement

[Letter to Amazon from Five US Senators] (US Senate) Dear Mr. Bezos: We write to request information about the data security practices of Ring...

Turkey Surveillance: No, Not the Bird Watching Context (Beyond Search) A company that makes surveillance software and sells it assorted governments, FinFisher, is fighting back against Netzpolitik, a website working to hold such companies accountable. Bloomberg declar…

GDPR Decision on WhatsApp Delayed Over Company’s Concerns (Wall Street Journal) A decision in Ireland’s privacy investigation into Facebook’s WhatsApp has been delayed because the company’s lawyers raised concerns about how the regulator will share potentially sensitive commercial data with authorities in other European countries.

Bank Accused of Breaching Money Laundering Laws—23 Million Times (Wall Street Journal) Westpac, Australia’s second-largest bank, has been accused of the biggest breach of the country’s money laundering and terrorism financing laws in history, including failing to detect transfers that may have been used to facilitate child exploitation.

Watch: Vindman calls Ukrainian election interference conspiracy theory "a Russian narrative" (Axios) He said it was one "that President Putin has promoted."

Analysis | The Cybersecurity 202: Impeachment hearing highlights Trump’s apathy toward cybersecurity (Washington Post) Gordon Sondland spoke with Trump on an open line from Kyiv. That’s risky.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

InfoSec Connect 2020 (San Diego, California, USA, March 15 - 17, 2020) InfoSec Connect is a high profile, interactive meeting of senior-level cybersecurity leaders from top credit unions, US banks, insurances, and financial services companies. It’s a forum built to share...

CyberCon 2020 (Bismarck, North Dakota, USA, October 6 - 7, 2020) Our vision for this annual event is “to bring awareness of Cyber Security through collaboration and education” and for 2020, we will again focus on the critically important roles that both cyber security...

Upcoming Events

CyberCon (Anaheim, California, USA, November 19 - 21, 2019) CyberCon is a solutions-based cybersecurity conference connecting executives and decisions makers in the power and utilities sector to cybersecurity experts and industry specific solutions. By attending,...

Infosecurity and ISACA North America Expo and Conference (New York, New York, USA, November 20 - 21, 2019) In November 2019, Infosecurity North America and ISACA will align in the field of security, cybersecurity and risk management to create an incredible experience for attendees in programming, solutions...

PCI SSC 2019 Asia-Pacific Community Meeting (Melbourne, Australia, November 20 - 21, 2019) The PCI Security Standards Council’s 2019 Asia-Pacific Community Meeting is the place to be. We will provide you with the information and tools to help secure payment data. We lead a global, cross-industry...

Cyber Security X Atlanta (Atlanta, Georgia, USA, November 20 - 21, 2019) Cyber Security X Atlanta is part of the fastest growing cyber security event series, providing events that uniquely cover the entire security landscape. The event will offer invaluable security insight...

Nashville Cybersecurity Conference (Nashville, Tennessee, USA, November 21, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.