skip navigation

More signal. Less noise.

Get your copy of the definitive guide to threat intelligence.

We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.

Daily briefing.

At the end of last week Microsoft warned that a threat group it calls "Phosphorus" (and that others call Charming Kitten or APT35) is already actively working to affect the 2020 US Presidential election. Phosphorus is Iranian, and "linked to the Iranian government." The principal target appears, Reuters reports, to be President Trump's campaign, and the activity seems to be in its reconnaissance phase. The threat actor's targets are not exclusively campaign operations: journalists, government officials, and Iranian expatriates are also of interest to Phosphorus.

Teiss reports that a cybercriminal going by the nom-de-hack of X4crow is auctioning what he, she, or they claim is a 16GB SQL database holding personal information on about ninety-two million Brazilian citizens. The data are the usual identity theft gold: names, dates of birth, taxpayer IDs, gender, and mother's names.

Prince Harry is suing the News Group Newspapers and MGN Ltd., alleging, the Guardian reports, phone hacking that invaded his privacy. The Duke of Sussex is claiming damages from an old incident: the tabloids are said to have hacked royal phones between 1994 and 2011. The New York Times published a wrap-up of the incident nine years ago.

The Tuscaloosa Post says the DCH Health System unlocked ransomware-encrypted files by paying the extortionists.

Thales and Verint have published a taxonomy of some of the more prominent threat actors.

Speakers at an Atlantic Council event last week warned that cyberattacks on power infrastructure are now a present risk, and no longer just a theoretical possibility.

Notes.

Today's issue includes events affecting Australia, Brazil, Cambodia, Canada, China, India, Iran, Ireland, Malaysia, Myanmar, New Zealand, Philippines, Qatar, Russia, Thailand, Ukraine, United Kingdom, United Nations, United States.

Bring your own context.

Threat hunting: a brief guide for the perplexed.

"So threat hunting is looking for adversaries that are already present within your network or your endpoints. Enterprises today are spending money on things like antivirus and firewalls and intrusion detection and prevention systems for their network. But what do you do if any of that fails? It really only takes a couple systems for an adversary to move around or to subvert, and then they're in and persistent within your environment. And so what threat hunting is, is the constant and continuous searching for ... the anomalous. So it's looking for things that don't smell quite right, but it could be a new patch that has changed that registry key or a new program has shown up because someone installed it or looking at things like the suspicious - things like, perhaps this registry key was added with this new potentially unwanted program, or the suspicious being someone logging in directly into a Linux system using a root login instead of logging in as the user and then becoming superuser. So threat hunting is really looking for the things that are misplaced or shouldn't be there."

—Justin Harvey, Global Incident Response Leader at Accenture, on the CyberWire Daily Podcast, 10.4.19.

If it doesn't look right, well, "Доверяй, но проверяй," as the kids say.

Federal cloud market projected for major growth.

According to Coalfire’s latest report on FedRAMP, U.S. agencies spent $6.5B in cloud services in FY2018, an impressive 32 percent year-over-year increase, with the vast majority of Federal cloud migration still to come. SaaS/PaaS/IaaS providers can gain access to this market with significantly less investment in both time and cost by taking advantage of automation and recent FedRAMP program updates. Learn how.

In today's Daily Podcast, out later this afternoon, we speak with our partners at the Johns Hopkins University's Information Security Institute, as Joe Carrigan discusses the implications of the wider availability of malicious lightning charging cables.

Cyber Security Summits: October 3 in NYC and October 17 in Scottsdale (New York City, New York, United States, October 3, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The U.S. Department of Justice, The FBI, Google, IBM, Darktrace, Center for Internet Security and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Your full day’s attendance will earn you 6 CEUs. Passes are limited, secure yours today: www.CyberSummitUSA.com

Texas Cyber Summit Job Fair, October 10, San Antonio. (San Antonio, Texas, United States, October 10, 2019) Cleared and non-cleared cybersecurity pros make your next career move at the free Texas Cyber Summit Job Fair, October 10 in San Antonio. Meet face-to-face with leading cyber employers. Visit ClearedJobs.Net or CyberSecJobs.com for more details.

The 6th Annual Journal of Law and Cyber Warfare Symposium (New York, NY, United States, October 17, 2019) The 6th Annual Cyber Warfare Symposium features discussions around emerging cybersecurity issues, focusing on cyber warfare and how companies can respond to cyber-attacks. Use discount code CyberWire50 for 50% off. Email info@jlcw.org for a chance to receive a complimentary ticket.

NXTWORK 2019 (Las Vegas, Nevada, United States, November 11 - 13, 2019) Join us at NXTWORK 2019 to learn, share, and collaborate with GameChangers from companies across the networking industry. This year’s event features keynotes from Juniper executives, as well as special guest speaker Earvin “Magic” Johnson, along with 40+ breakouts and master classes led by Distinguished Engineers, as well as various opportunities for certification testing and training.

Cyber Attacks, Threats, and Vulnerabilities

Hibiscus Petroleum suffers cyber attack (Energy Voice) Hibiscus Petroleum said today that its IT system was "subjected to an attack" last week.

No one could prevent another ‘WannaCry-style’ attack, says DHS official (TechCrunch) The U.S. government may not be able to prevent another global cyberattack like WannaCry, a senior cybersecurity official has said. Jeanette Manfra, the assistant director for cybersecurity for Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), said on stage at TechCr…

Warnings Issued For Millions Of Microsoft Windows 10 Users (Forbes) New Windows 10 warnings have been issued which millions of users need to know about...

Windows 10 KB4524147 Update May Cause Boot and Printing Issues (BleepingComputer) Windows 10 1903 users have started reporting boot, printing, and Start Menu issues after installing the KB4524147 cumulative update that go away once the update is uninstalled. Microsoft has not acknowledged any of these issues as of yet, but the amount of reports indicate that there is something going on with this update.

Report: Nation state hackers and cyber criminals are spoofing each other (ZDNet) It's difficult to tell hackers apart says Optiv as US government agencies are warned by Check Point about new threats from a Chinese government-backed group.

Novter Trojan Sets its Sights on Microsoft Windows Defender (BleepingComputer) The Novter Trojan, also known as Nodersok or Divergent, is the latest Trojan to actively target Microsoft's Windows Defender by attempting to disable it.

This mysterious hacking campaign snooped on a popular form of VoiP software (ZDNet) Researchers uncover a campaign which is snooping on call data and recordings of conversations - and could even spoof calls.

Hacker auctioning database containing info on 92m Brazilian citizens (Teiss) A 16GB SQL database that contains personal data of up to 92 million Brazilian citizens is being auctioned on underground restricted-access forums.

Cybervillains Are ‘Harvesting’ Crypto in Low-cost Hacking Campaigns (Cryptonews) Security experts are warning cryptocurrency holders to be aware of cyber thieves who are using a wide range of often low-cost software to “harvest” Bitcoin and altcoins from wallets all over the world.

Undetected cyber attack puts health details of millions at risk in New Zealand (International Business Times, Singapore Edition) After conducting a cyber investigation, it was revealed that sophisticated hacking, that occurred three years ago exposed people's personal data back to 2002.

HP Study Exposes a Different Kind of Hacker: The Creeping Peeker (PCMAG) The HP Creepers & Peekers Study has some startling revelations about how co-workers creep and peep on one another's screens and print trays. Is this a new kind of hacker threat?

Virus Bulletin 2019: Magecart Infestations Saturate the Web (Threatpost) There are dozens of known groups, hundreds of C2 servers and millions of victim websites.

Magecart: The State of a Growing Threat - RiskIQ (RiskIQ) Magecart is a rapidly growing cybercrime syndicate comprised of dozens of subgroups that specialize in cyberattacks involving digital credit card theft. By placing its malicious JavaScript skimmers on online payment forms at a massive scale, Magecart is threatening the ability of consumers worldwide to shop online safely.

WhatsApp vulnerability could compromise Android smartphones (Naked Security) A researcher has released details of a WhatsApp flaw that could be used to compromise the app and the mobile device the app is running on.

New 'Reductor' malware compromises machines' encrypted TLS traffic (SC Magazine) Malware marks victims' TLS-encrypted outbound traffic with identifiers so it can be compromised and potentially decoded later

COMpfun successor Reductor infects files on the fly to compromise TLS traffic (SecureList) In April 2019, we discovered new malware that compromises encrypted web communications in an impressive way. We called these new modules ‘Reductor’ after a .pdb path left in some samples.

Iran-backed hack attempt on government officials ‘completely routine activity’ (Fifth Domain) Microsoft observed thousands of attempts to breach email accounts of U.S. officials and a presidential campaign.

Iranian Hackers Target Trump Campaign as Threats to 2020 Mount (New York Times) The news, according to two people with knowledge of the attacks, followed a Microsoft report that said hackers had targeted a campaign, U.S. officials and journalists.

Iranian hackers targeted a US presidential campaign, Microsoft says (CNET) Between August and September, Microsoft discovered more than 2,700 attempts to hack a presidential campaign as well as US officials.

Iranians tried to hack U.S. presidential campaign in effort that targeted hundreds, Microsoft says (Washington Post) The software giant said it detected a campaign linked to the Iranian government attempted to breach email addresses belonging to a U.S. presidential campaign, government officials and journalists.

Presidential Campaign Targeted by Suspected Iranian Hackers, Microsoft Says (Wall Street Journal) Microsoft said that at least one U.S. presidential campaign has been targeted by cyberattacks linked to the Iranian government, in the latest indication that foreign actors are interested in potentially disrupting the 2020 election.

Iranian Hackers Targeted a US Presidential Candidate (Wired) A revelation from Microsoft offers a chilling reminder that Russia is not the only country interested in swaying the 2020 election.

How Iran Would Wage Cyber War Against the United States (The National Interest) Who would win? How bad could it get? Could it lead to a larger war?

Military warns of Iranian hackers targeting American troops with fake jobs website (Stars and Stripes) “Hire Military Heroes” targets servicemembers considering a transition back to civilian life via a web application that visitors are encouraged to download. However, the app actually drops malicious malware and spyware into the users’ computer system.

HildaCrypt Ransomware Developer Releases Decryption Keys (BleepingComputer) The developer behind the HildaCrypt Ransomware has decided to release the ransomware's private decryption keys. With these keys a decryptor can be made that would allow any potential victims to recover their files for free.

FBI Issues ‘High-Impact’ Cyber Attack Warning—What You Need To Know (In Homeland Security) One “high impact” and ongoing cyber threat has become such a critical concern that on Oct. 2, the FBI issued a warning to U.S businesses and organizations.

DCH Regional Medical Center pays hackers in ransomware attacks (WSFA) The medical center purchased an encryption key from hackers.

Report: Alabama hospitals pay hackers in ransomware attack (WHNT) An Alabama hospital system that quit accepting new patients after a ransomware attack said Saturday it had gotten a key to unlock its computer systems. A statement from DCH Health Systems didn't say how the three-hospital system got the information needed to unlock its data. But The Tuscaloosa News quoted spokesman Brad Fisher as saying the hospital system paid the attackers.

Cyber attack hits Bonjour-Santé (Montreal Gazette) The private Quebec medical-booking service that promises quick appointments was the victim of a cyber attack on Sunday, its president said

Prepare for the Deepfake Era of Web Video (Wired) “We’re going to get more and more of this content and it’s probably going to get of better quality,” says Sam Gregory of the human-rights nonprofit Witness.

Understand: How deepfake videos work to trick online users (KSAT) A local cybersecurity company is keeping a close eye on deepfake videos and the effect they could have on online users.

The Cyberthreat Handbook: Thales and Verint Release Their "Who's Who" of Cyberattackers (BusinessWire) Powered by the cutting-edge technologies and products of Thales and Verint, the two companies are pleased to present The Cyberthreat Handbook, a repor

Monthly Threat Actor Group Intelligence Report, August 2019 (ThreatRecon) This is a summary of activity of suspected state sponsored Threat Actor Groups analyzed by the ThreatRecon Team, based on data and information collected from July 21 to August 20, 2019.

Cyber Trends

Michael Chertoff on OT cybersecurity in the utilities industry. (The CyberWire) Threats to power production and distribution are no longer purely theoretical: they're here, and they're real.

Reducing risk by increasing visibility (The CyberWire) When defending power production and distribution, visibility is the essential first step. Defenders must see everything, from ICS sensors to business systems.

Siemens-Poneman Study: Cyber attacks on power utilities are growing in numbers, complexity (Power Engineering) The cybersecurity risks against critical power infrastructure seems to be worsening, as a new study indicates that 56 percent of respondents reported their companies suffered one or more shutdowns or loss of operational data per year. The joint report by Siemens and the Poneman Institute assesses the growing threats as utility business models connect operational...

Report finds cyberattacks on critical utility operating systems are increasing (TheHill) A new study published Friday finds that cyberattacks on the operational technology (OT) involved in running critical utilities are increasing and says these attacks have the potential to cause “severe” damage.

A third of industrial plants have no response plan for cyberattacks (Axios) A new Siemens survey prods IT staff on cyber readiness.

Cyber Security Nordic: Trickle-down effect of cyber-warfare prolongs firefighting (SC Magazine) Cyber-attacks tend to have a trickle down effect via a pyramid structure, with the top slot often occupied not by the cliched men in hoodies but by state intelligence organisation

Security Was Perfect—They Just Forgot About the Smart Aquarium (CTECH) Michal Braverman-Blumenstyk, the chief technology officer of the cloud and AI division of Microsoft, spoke with Calcalist about the public concern over security breaches of IoT devices

Coalfire Cloud Study: Security Concerns Still a Barrier to Cloud Adoption (HostReview.com) Coalfire, a provider of cybersecurity advisory and assessment services, today announced the release of a new Securealities research report:

Hiring security pros will cut cyberattack impact cost: Study (Outlook) Enterprises which deployed an internal Security Operation Center (SOC) have been able to reduce financial damage from a cyberattack at $675,000 -- less than half the average impact cost for all enterprise-level organizations at $1.41 million, a new survey from Kaspersky and market research firm B2B International has revealed.

Phishing leading cause of data breaches across Australia (Security Brief) This indicates hackers are targeting the weakest link in the security chain – end users.

Talent, funding and evolving threats: Inside Ireland's ever-changing cybersecurity scene (Fora.ie) Fora catches up with various players in the ecosystem to survey the lay of the land.

Marketplace

VMware and Carbon Black Announce Satisfaction of the Remaining Regulatory Condition for Tender Offer (Yahoo) VMware, Inc. (VMW) and Carbon Black, Inc. (CBLK) today announced that the required waiting period under the Austrian Cartel Act applicable to VMware’s Tender Offer (as defined below) for Carbon Black has expired. The termination of the waiting period under the Austrian Cartel Act satisfies the last

Questor: this British tech star is recovering well but looks cheap relative to peers. Buy (The Telegraph) Questor share tip:

Northrop hires DHS vet Phyllis Schneck (Washington Technology) Northrop Grumman adds former Homeland Security Department cybersecurity lead Phyllis Schneck to the company's leadership team.

KnowBe4 Hires Karina Mansfield as New Managing Director for Australia (AsiaOne) New managing director part of KnowBe4's efforts to build strong team and bolster activities in a new region

Products, Services, and Solutions

New infosec products of the week: October 4, 2019 (Help Net Security) The most important infosec releases of the week come from: HITRUST, Tripwire, Anomali, TITUS, ACA Compliance Group, Ping Identity,

Veristor Announces Partnership with eSentire to Deliver MDR Services to Mutual Customers (Veristor) Veristor, a leading provider of transformative business technology solutions, today announced that it has signed a partnership agreement with eSentire.

Raytheon System Would Warn Military Aviation Units of Cyber-Hijacking Attempts (Military.com) One defense company says it has a solution to detect hacks in real time and warn troops in the fight.

Box launches content security tool Shield to combat data leak (Verdict) Cloud content management company Box has launched a new content security product to assist in preventing accidental data leakages.

BULLETPROOF Expands Cybersecurity Services in Europe to Multiple Industries (PR Newswire) Leading cybersecurity firm BULLETPROOF, a GLI company has a storied history of success in the gaming...

Sophos launches managed threat response service (Security Brief) The resellable service provides organisations with a dedicated 24/7 security team to neutralise threats.

Taiwan flag emoji disappears from latest Apple iPhone keyboard (Hong Kong Free Press HKFP) The Republic of China flag emoji has disappeared from Apple iPhone’s keyboard for Hong Kong and Macau users. The change happened for users who updated their phones to the latest operating system. Updating iPhones to iOS 13.1.1 or above caused the flag emoji to disappear from the emoji keyboard. The flag, commonly used by users to …

wolfCrypt Embedded Cryptography Engine | wolfSSL Products (wolfSSL) The wolfCrypt cryptography engine is a lightweight crypto library written in ANSI C and targeted for embedded, RTOS, and resource-constrained environments.

Technologies, Techniques, and Standards

Buying a new laptop? Here’s how to secure it (Naked Security) Getting the basics right gives you a lot of protection. Here’s how.

Rolling back Ryuk Ransomware (Sophos News) To understand how to stop Ryuk ransomware we look at how the attacks unfold.

FBI Okays Paying in a Ransomware Attack (Decipher) The FBI does not advocate paying a ransom because there’s no guarantee the organization will get the data back, but acknowledged in an updated guidance that sometimes, for some organizations, paying the ransom makes a lot of sense.

Microsoft: Any form of MFA takes users out of reach of most attacks (Help Net Security) Users need to know that not all MFA options are equally secure but that, generally, they are all a safer option than using just a password.

DNS-over-HTTPS causes more problems than it solves, experts say (ZDNet) Several experts, companies, and national entities have voiced very convincing concerns about DoH and its features.

Design and Innovation

An Open Source License That Requires Users to Do No Harm (Wired) Open source software can generally be freely copied and reused. One developer wants to impose ethical constraints on the practice.

Artificial intelligence isn’t very intelligent and won’t be any time soon (Salon) For all of the recent advances in artificial intelligence, machines still struggle with common sense

New Department of Homeland Security biometrics system will identify people by scars, tattoos and palm prints (Computing) The cloud-based system will be able to identify people through scars and tattoos

Academia

Top Ten Finalists Named In Governor's High School Cyber Challenge (MITechNews) Round 1 of the Governor’s High School Cyber Challenge has closed. The top 10 teams named this week now move on to Round 2 to be hosted during the North American International Cyber Summit Oct. 28 at the TCF Center.   The Governor’s High School Cyber Challenge is designed to test students’ knowledge …

Legislation, Policy, and Regulation

27 Countries Agreed on ‘Acceptable’ Cyberspace Behavior. Now Comes the Hard Part (Legaltech News) While dozens of countries were able to come together on a joint agreement outlining principles of behavior in cyberspace, the actual consequences for cyber crimes may be drafted away from the world stage.

Wilbur Ross warns India about Huawei but says the country must 'make its own decision' (CNBC) U.S. Commerce Secretary Wilbur Ross says he hopes India "does not inadvertently subject itself to untoward security risk" by using 5G equipment from Huawei.

Myanmar to Keep Huawei Despite Security Concerns (VOA) Myanmar has decided to keep using China’s Huawei to develop its new mobile communications system. The decision comes despite national security concerns about Huawei by the United States and some other nations.

UAE telecom du sees no evidence of ‘security holes’ in Huawei's 5G technology: CTO (Reuters) United Arab Emirates (UAE) telecoms company du saw no evidence of security conce...

Cybersecurity and geopolitics: why Southeast Asia is wary of a Huawei ban (The Strategist) ‘The race to 5G is a race America must win’, US President Donald Trump said on 12 April. Just over a month later, on 15 May, he issued an executive order banning Huawei equipment in ...

China Masters Political Propaganda for the Instagram Age (New York Times) Leveraging celebrities, the know-how of tech companies and images built for social media, the Communist Party can effectively stir patriotism among the youth.

US and UK sign deal to speed up electronic evidence collection from tech firms in serious criminal cases (Computing) The current process for receiving evidence can take years

The Same Old Encryption Debate Has a New Target: Facebook (Wired) Attorney general William Barr seems eager to reignite the encryption wars, starting with the social media giant.

Should governments be given keys to access our messages? (BBC News) Facebook has been asked to roll back plans to bring end-to-end encryption to its platforms.

What Would Facebook Regulation Look Like? Start With the FCC (Wired) Opinion: Platform giants need to meet the public interest standard, just like broadcast media.

Senior technologist returns to Army Cyber Command as first Science Advisor (DVIDS) Mark A. Mollenkopf will serve at the Defense Intelligence Senior Level, a senior technician position equivalent to a Senior Executive Service federal civilian employee.

Navy Cyber Defense Operations Command Retires a Plank Owner (DVIDS) Navy Cyber Defense Operations Command’s (NCDOC) Senior Policy Advisor, James Granger, retired from government service after thirty-four years, during a ceremony in the Hall of Heroes Auditorium, Sep. 20.

Litigation, Investigation, and Law Enforcement

Qatar seeks enhanced international cooperation in combating cyber crimes (The Peninsula Qatar) The State of Qatar has said that it is actively seeking to enhance information security within the country and to encourage international cooperation in combating cybercrime, noting that it was a victim of cyber-piracy, which was a cover for creating a plotted regional crisis that has severely harmed regional and international security and stability.

US researchers on front line of battle against Chinese theft (The Mercury News) As the U.S. warned allies around the world that Chinese tech giant Huawei was a security threat, the FBI was making the same point quietly to a Midwestern university.

FBI investigating if attempted 2018 voting app hack was linked to Michigan college course (CNN) An attempted hack into a mobile voting app used during the 2018 midterm elections may have been a student's attempt to research security vulnerabilities rather than an attempt to alter any votes, three people familiar with the matter told CNN.

Half a million customers can sue BA over huge data breach (Times) Half a million British Airways customers have been given the go-ahead to sue the airline over its cybersecurity breach last summer. Yesterday a High Court judge granted a group litigation order...

£3 billion Safari iPhone privacy lawsuit given go-ahead (Naked Security) A UK class action lawsuit against Google, that represents around 5 million iPhone users, can go ahead, according to the UK Court of Appeal.

Prince Harry sues newspapers over hacking claims (Times) The Duke of Sussex has raised the prospect of appearing in the witness box at the High Court as it emerged that he is suing two newspaper groups over the alleged hacking of his mobile phone. Court...

Risk & Repeat: Trump takes aim at DNC hack and CrowdStrike (TechTarget) This Risk & Repeat podcast looks at how a conversation between President Trump and Ukraine President Volodymyr Zelensky, in which Trump asked for assistance in finding 'the server,' has sparked controversy once again around the DNC hack and CrowdStrike.

House Democrats subpoena White House for Ukraine documents (POLITICO) They also demanded Ukraine documents from Vice President Mike Pence.

GOP House Intel Committee members speak out against chairman Adam Schiff (OAN) Breaking News, Latest News and Current News from OANN.com. Breaking news and video. Latest Current News: U.S., World, Entertainment, Health, Business, Technology, Politics, Sports.

Marine who uncovered Russia 2016 hack says Trump is 'babbling old conspiracy theories' (WUSA) Robert Johnston was the first to discover Russia hacked the Democratic National Committee’s servers.

Pence's Chief of Staff Marc Short says impeachment subpoena based on 'fake news' (Fox News) A letter sent from House Democrats to Vice President Mike Pence requesting documents as part of the impeachment inquiry was based on "fake news," Chief of Staff Marc Short said Saturday. 

The tough war against cyber criminals in the dark Web (Techgoondu) International cooperation among law enforcement agencies is needed to nab increasingly sophisticated cyber criminals using the dark Web.

Iowa Chief Justice Mark Cady apologizes for courthouse break-ins (CBS2 Iowa) Chief Justice of the Iowa Supreme Court Mark Cady apologized to state lawmakers on Friday for the alleged break-ins at county courthouses that were ordered by judicial branch officials as part of a cybersecurity test.

Hacker’s parents sentenced for selling his cryptocurrency (Naked Security) “You misguidedly tried to help your son” by moving his cryptocurrency, but it “didn’t help him at all,” a judge said.

IT contractor charged over cyber attack on property valuation firm (ComputerWeekly) Australian police charge 49-year-old man with stealing and posting more than 170,000 data records belonging to ASX-listed Landmark White on the dark web.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Cyber Hygiene: Why the Fundamentals Matter (Online, Software Engineering Institute at Carnegie Mellon University, October 16, 2019) In this webcast, as a part of National Cybersecurity Awareness Month, our experts will provide an overview of the concept of cyber hygiene, which bears an analogy to the concept of hygiene in the medical...

Upcoming Events

Australian Cyber Conference 2019 (Melbourne, Victoria, Australia, October 7 - 9, 2019) The Australian Information Security Association (AISA) is the premier industry body for information security professionals in Australia. As a nationally recognised not-for-profit organisation, AISA champions...

CyberNext Summit (Washington, DC, USA, October 8 - 10, 2019) Cybersecurity is shifting toward more distributed and dynamic models. Decentralized security infrastructure brings its challenges and opportunities. CyberNext Summit (#CNS19) 8-10 October, 2019 in Washington...

Borderless Cyber (Washington, DC, USA, October 8 - 10, 2019) OASIS Borderless Cyber and The Integrated Adaptive Cyber Defense (IACD)'s Integrated Cyber merge conferences this year to bring you a three-day program addressing advances in automation and autonomous...

SecureWorld Dallas (Dallas, Texas, USA, October 9 - 10, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...

Jacksonville Cybersecurity Conference (Jacksonville, Florida, USA, October 10, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.