skip navigation

More signal. Less noise.

Get your copy of the definitive guide to threat intelligence.

We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.

Daily briefing.

Reports of a cyber incident at India's Kudankulam Nuclear Power Plant have been confirmed. Reuters quotes a statement from the Nuclear Power Corp of India Ltd. acknowledging that it had found malware on a computer connected to administrative systems, but that control systems were unaffected. Various sources say the malware was DTrack, an information-stealer associated with North Korea's Lazarus Group. DTrack has recently affected Indian financial and research institutions.

Facebook yesterday announced that it had taken down thirty-five accounts, fifty-three Pages, seven Groups and five Instagram accounts for coordinated inauthenticity. All originated in Russia, and have been connected to Russian oligarch Yevgeniy Prigozhin ("Putin's chef"). Their messaging focused on Africa, specifically on Madagascar, the Central African Republic, Mozambique, the Democratic Republic of the Congo, the Ivory Coast, and Cameroon. The campaigns' objective was election influence, generally aligned with Russian regional objectives.

Ars Technica reports that Facebook has cancelled accounts belonging to NSO Group personnel. The action follows Facebook subsidiary WhatsApp's lawsuit against NSO Group.

Twitter has decided that it won't try to fact-check or police paid political content. The social medium will simply no longer accept political ads. The exclusion affects ads for candidates and issues, but not voter registration drives.

In the US, NIST has asked for comments on proposed cryptographic standards.

Credit rating company Moody's made a presentation at EnergyTech 2019 on the credit and financial implications of cyber risk. Control Global welcomed Moody's perspective as providing those responsible for control system security "a key to the boardroom."

Notes.

Today's issue includes events affecting Australia, Cameroon, Central African Republic, China, Democratic Republic of the Congo, Côte d’Ivoire, Egypt, Georgia, India, Iran, Israel, Kenya, Democratic Peoples Republic of Korea, Madagascar, Montenegro, Mozambique, Russia, Spain, United States.

Bring your own context.

People are accustomed to thinking of risk as something readily quantifiable, and quantifiable in a deterministic way: find all the possible outputs and assign them probabilities. But is this possible?

"And that leads us into, really, the concepts of uncertainty, where we can - we know some of the possible outcomes, but we just don't know all of the possible outcomes. And therefore, it becomes much more complicated to have a quantitative-based system to understand where all the probabilities of all the different outcomes happen. And so for me, this is really important when we start to talk about things like systemic risk within systems. So systemic risk is this concept that there is an underlying big problem that could actually change the way that people behave. But that assumes that, one, we can identify all the possible outcomes and assign probabilities, and two, that we know the whole system. My point here in thinking is that we can't know all the possible outcomes so we have to start thinking about systemic uncertainty."

—Daniel Prince, senior lecturer in cybersecurity at Lancaster University, on the CyberWire Daily Podcast, 10.29.19.

Many, maybe most, decisions about risk are necessarily decisions taken under conditions of uncertainty.

Federal cloud market projected for major growth.

According to Coalfire’s latest report on FedRAMP, U.S. agencies spent $6.5B in cloud services in FY2018, an impressive 32 percent year-over-year increase, with the vast majority of Federal cloud migration still to come. SaaS/PaaS/IaaS providers can gain access to this market with significantly less investment in both time and cost by taking advantage of automation and recent FedRAMP program updates. Learn how.

In today's Daily Podcast, out later this afternoon, we speak with Ben Yelin from our partners at the University of Maryland's Center for Health and Homeland Security; he discusses the EU's right to repair. Our guest is, again, Tanya Janca from Security Sidekick who returns with part two of her discussion of web application inventory and vulnerability discovery.

And Hacking Humans is up. In this episode, "Don't dismiss the fraudsters," Dave describes a credential gathering scam targeting users of the Stripe online payment system. Joe responds to an email message from his boss, and learns a valuable lesson. Our catch of the day follows someone as they string along a text messaging scammer. Carole Theriault returns with an interview with J. Bennett of Signifyd, and AI firm fighting romance scams.

IMAGINE, A MISI salon-style bespoke dinner event (Columbia, Maryland, United States, November 1, 2019) IMAGINE a world where more young women can see themselves in the faces of the legendary women of science & technology – and say, "Yes I can!" The event on November 1 is a fundraiser in support of the region's unique and inclusive STEM program and will be held at the DreamPort Facility in Columbia Maryland. While its focus is on the under-represented young women, young men are also included in MISI's STEM programs.

Cyber Security Summits: November 6 in Boston and November 21 in Houston (Boston, Massachusetts, United States, November 6, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Google, IBM, Verizon, Center for Internet Security and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Your full day’s attendance will earn you 6 CEUs. Passes are limited, secure yours today: www.CyberSummitUSA.com

NXTWORK 2019 (Las Vegas, Nevada, United States, November 11 - 13, 2019) Join us at NXTWORK 2019 to learn, share, and collaborate with GameChangers from companies across the networking industry. This year’s event features keynotes from Juniper executives, as well as special guest speaker Earvin “Magic” Johnson, along with 40+ breakouts and master classes led by Distinguished Engineers, as well as various opportunities for certification testing and training.

Cyber Attacks, Threats, and Vulnerabilities

Russia isn't the only threat to 2020 elections, says U.S. intel (The Christian Science Monitor) Russia, China, and Iran used social media to target the 2018 midterm elections and could try again in 2020.

Thousands of Websites Offline as Georgia Suffers Major Cyber-Attack (Infosecurity Magazine) Thousands of Websites Offline as Georgia Suffers Major Cyber-Attack. Broadcasters also disrupted in unprecedented operation

Georgia Web Attack: What We Can Learn and Do Better (Indusface) Largest cyberattack hit the country of Georgia on October 28, 2019. Lean what caused this attack, lessons learned from Georgia attack and what can be done better.

Facebook says it suspends accounts tied to Putin ally for meddling in Africa (Reuters) Facebook said on Wednesday it had suspended three networks of Russian accounts t...

‘Putin’s chef,’ architect of interference in 2016 U.S. election, is now meddling in African politics, Facebook says (Washington Post) The man behind Russia's Internet Research Agency trolls that worked to elect Donald Trump has been active in Africa, too, according to Facebook, which took down more than 170 accounts with nearly 1 million followers overall.

Removing More Coordinated Inauthentic Behavior From Russia (Facebook Newsroom) We removed three networks of accounts, Pages and Groups for engaging in foreign interference on Facebook and Instagram.

The Conditions That Created ISIS Still Exist (Foreign Policy) Abu Bakr al-Baghdadi’s death won’t eliminate the threat of Islamist extremism so long as autocratic regimes continue to hold sway in the Middle East.

Nuclear Power Corp of India says detected malware in its systems (Reuters) State-run Nuclear Power Corp of India Ltd (NPCIL), which runs nuclear reactors a...

Indian nuke plant’s network reportedly hit by malware tied to N. Korea (Ars Technica) Information, not nuclear reactor controls, were the target.

Kudankulam Cyber Attack Did Happen, Says NPCIL A Day After Denial (The Quint) NPCIL confirmed on Wednesday that identification of malware in Kudankulam Nuclear Power Plant is correct. 

What is DTrack: North Korean virus being used to hack ATMs to nuclear power plant in India (India Today) A virus, which originated in North Korea, could be the weapon used in the cyberattack on Kudankulam nuclear power plant.

Microsoft Users Hit with Phishing Kits Hosted on Thousands of Domains (BleepingComputer) Microsoft's users were the most targeted by phishing campaigns among the top targeted brands with attackers using a thousands of domains specifically registered to be used for harvesting credentials from their targets.

World's First Domain Registrar Network Solutions Discloses Breach (BleepingComputer) World's first domain registrar Network Solutions disclosed a security breach that happened in late August 2019, and allowed a third-party to infiltrate some of the company's computing systems without authorization and potentially access some customers' personally identifiable information (PII).

Upstream | Trick or treating Android Emoji keyboard app makes millions of unauthorized purchases (RealWire) $18 million of fraudulent charges from the app blocked by malware security platform Secure-DLondon, October 31, 2019 – A popular Android keyboard app, ai.type, downloaded more than 40 million ti

16M passwords from Fortune 500 companies found on the dark web (SiliconANGLE) 16M passwords from Fortune 500 companies found on the dark web - SiliconANGLE

UniCredit discloses 2015 data breach, three million Italians affected (SC Magazine) Italian banking and financial services company UniCredit discloses data breach incident involving a file containing roughly three million records

Misconfiguration: most common IT mistake by SMBs (SC Magazine) Misconfiguration - weak passwords, default log-ins and poor patching -- remain the most common IT mistakes made by small and medium businesses, say MSP execs

Happy Dyn Attack Anniversary! (Radware Blog) There is a vast underground that thrives and grows on the digitization of our economy, and demonstrate no signs of slowing down any time soon.

Sextortion scammers are hijacking blogs – and victims are paying up (Naked Security) Sextortion scammers have started hijacking poorly managed or defunct blogs to expand an increasingly profitable business.

Card skimming scam discovered in West Lafayette bank ATM (13 WTHR Indianapolis) Police in West Lafayette are looking for suspects after the discovery of a skimming device last week at a local ATM.

Security Patches, Mitigations, and Software Updates

Chrome 78 Disables Code Integrity Check to Mitigate "Aw Snap!" Crashes (BleepingComputer) Google decided to temporarily disable the Code Integrity feature activated in Chrome as users report more "Aw Snap!" crashes caused by incompatible software on the system.

Got an early iPhone or iPad? Update now or turn it into a paperweight (Naked Security) Calling Apple iPhone 5, iPhone 4s or early iPad owners – your device may be about to turn into a vintage technology paperweight.

Cyber Trends

A Turning Point for Tech – Global survey on digital regulation (Hogan Lovells) Technological developments and tech-based business models have become a focus for global regulation across borders and industries in recent years.

Akamai Security Research: Cybercriminals Using Enterprise-Based Strategies For Phishing Kit Development And Deployment (Akamai) Latest State of The Internet / Security Report indicates that cybercriminals use enterprise strategies such as phishing as a service (PaaS) to leverage the world's largest tech brands.

Cofense Releases Annual Phishing Report; Flips Myth that Employees Are the Weakest Link in Cyber Defense (PR Newswire) Armed with data generated by millions of real people, along with intelligence collected from more than 10 million...

Phishing — Baiting the Hook (Akamai) Data science is hard. But data itself is malleable and open to interpretation.

Threat Spotlight: Cyberattacks against schools (Barracuda) A new school year is underway, and cyberattacks against schools are increasing dramatically.

More than 1 in 3 Enterprises Say Cloud Apps Are the Most Vulnerable to Insider Threat (West) New Insider Threat Report Reveals How Cloud Affects Risk from Insiders and How Enterprises are Protecting Themselves

Opportunities growing for MSPs, so are threats, says Datto CEO (SC Magazine) MSPs globally manage business worth £78 billion, making attractive targets for cyber-criminals, says Datto Inc CEO Tim Weller

Are Cybercriminals Winning the Mainframe Security Cat-and-Mouse Game? (Security Intelligence) The current state of mainframe security often amounts to bringing a knife to a gun fight: The number of available fighters is shrinking as skilled mainframe security practitioners hang up their hats.

Finally, a key to the Boardroom for control system cyber security – Moody’s steps up (Control Global) It is critically important for the safety and reliability of our infrastructures that credit rating agencies such as Moody’s consider control system cyber security in their risk ratings assessments. For that, there needs to be control system metrics for evaluating technology and people. Based on history, Moody’s (and other credit rating agencies) participation may be the only way to get senior management to take appropriate actions to address control system cyber security, and thus, reduce enterprise risk.

Email Threats Poised to Haunt Security Pros into Next Decade (Dark Reading) Decentralized threat intel sharing, more public-private collaboration, and greater use of automated incident response are what's needed to combat phishing

Growing up with technology doesn’t make you more cyber-secure: Report (Express Computer) In today’s multigenerational workforce, the over-30s are more likely to adopt cybersecurity good practice than their younger colleagues who have grown up with digital technology

Deepfakes and the New Disinformation War (Foreign Affairs) Thanks to the rise of “deepfakes”—highly realistic and difficult-to-detect digital manipulations of audio or video—it is becoming easier than ever to portray someone saying or doing something he or she never said or did, with potentially disastrous consequences for politics.

Marketplace

Twitter to Ban Political Ads (Wall Street Journal) Twitter is banning political advertising from its platform, a move that comes as social-media firms have faced scrutiny over promoting messages that potentially contain false or misleading information.

Twitter to ban all political ads amid 2020 election uproar (Washington Post) The policy announced by Twitter CEO Jack Dorsey on Wednesday will take effect in November.

Twitter bans political adverts before UK election (The Telegraph) Twitter is banning all political advertising ahead of the UK's general election in December.

FireEye CEO coy on sale rumours (CRN) Kevin Mandia swerves analyst question after reports of a private equity buyout surfaced earlier this month

ConnectWise Redefines Business Automation for Technology Solution Providers with Acquisitions of Continuum and ITBoost (West) The company also announces a strategic partnership and an industry-wide initiative

Major Employers Commit to Build a Stronger Cybersecurity Workforce Pipeline (The Aspen Institute) Major Employers Commit to Build a Stronger Cybersecurity Workforce Pipeline Date: 10/30/2019 By: John Carlin Chair, Cyber & Technology Program, The Aspen Institute For the past four years, the Director of National Intelligence has named cyber threats to critical infrastructure as the top national security concern. Attacks on Atlanta, Baltimore, Louisiana, Florida, Texas show how, …

Products, Services, and Solutions

Address Persistent Threats Faster: Huntress Introduces Assisted Remediation (West) Huntress Labs, a provider of managed breach detection for Managed Service Providers (MSPs), SMBs and enterprises, today announced Assisted Remediation, a new product feature that automates execution of targeted remediation actions. Assisted Remediation enables the Huntress agent to automatically perform remediation recommendations that previously required manual response by an IT administrator

Flashpoint Extends Integration Ecosystem, Arming More Users with Uniquely Sourced Intelligence, Visibility into Threats (West) New SIEM Integrations, TIP Enrichments Powered by Technical Indicators and Data from Illicit Online Communities Bring Wealth of Contextualized Data to Users

Using Microlearning to Create Cybersecurity Awareness (PR Newswire) Even the best technology can't stop a virus from attacking if a company's employees are not aware of risks...

Syapse Selects Sumo Logic to Enhance Data Security and Operational Insights (West) Leader in Precision Medicine Leverages Continuous Intelligence to Safeguard Data Sharing Across its Global Network of Health Systems

Keeper Security Unveils Exclusive Solution for Managed Service Providers (PR Newswire) Today at ConnectWise IT Nation Connect 2019, Keeper Security, Inc., provider of the leading...

Snow Software Unveils Risk Monitor to Combat Security and Compliance Threats (AP NEWS) Press release content from Business Wire. The AP news staff was not involved in its creation.

KnowBe4 Achieves FedRAMP Authorization From U.S. Federal Government (West) KnowBe4, a security awareness training and simulated phishing provider, receives FedRAMP Authorization designation

Druva integrates with Slack, Teams, ServiceNow, Splunk and Okta (SiliconANGLE) Druva integrates with Slack, Teams, ServiceNow, Splunk and Okta - SiliconANGLE

Splunk Cloud Attains FedRAMP Authorization (Techwire.net) Splunk Inc., announced that Splunk Cloud™ has received FedRAMP authorization - moderate impact level, see link below for details.

Splunk Mission Control launch enables a unified SOC (SearchSecurity) Splunk has rolled out Splunk Mission Control, a platform aimed at enabling security analysts to detect, investigate, hunt, contain and remediate threats from one work surface.

KnowBe4 introduces two initiatives to strengthen organisational security culture (Paypers) KnowBe4, a provider of security awareness training and simulated phishing platform, has introduced two new assessment capabilities.

Delve Launches Contextual Vulnerability Prioritization (PR Newswire) Delve, the pioneer in AI-Based vulnerability assessment and prioritization, today announced the release of...

Exabeam Partners with Westcon-Comstor Americas to Accelerate Business Growth in Latin America Region (BusinessWire) Exabeam and Westcon-Comstor Americas have signed an exclusive distribution agreement to accelerate Exabeam's business growth in Latin America.

Revolut's new privacy policy assumes user consent to share data for "marketing purposes" (Reclaim The Net) You don't opt in. You have to opt out.

Technologies, Techniques, and Standards

NIST Seeking Comments on Cryptography Changes (MeriTalk) The National Institute of Standards and Technology (NIST) is looking to update the techniques used to generate digital signatures under FIPS 186-5 and is seeking public comment, as noted in an upcoming Federal Register post.

Threat Intel Versus Threat Hunting, What's the Difference? - Active Countermeasures (Active Countermeasures) I see a lot of confusion around threat hunting and threat intelligence. In fact, it’s not uncommon to hear people conflate the two. …

How can cybersecurity threat hunters measure success? (Authentic8 Blog) The answer may lie in a strategy and tool selection that avoids mission and cost creep, and results in measurable effects - and savings - to prove it.

Tips for Your Vendor Security: Closing the Most Common Cyber Gaps (Panorays) Learn about your vendors’ most common cyber gaps and how to close them. The fourth in a series on guiding companies about suppliers’ cybersecurity, as part of Cybersecurity Awareness Month.

If You Want Cybersecurity, Prepare For Cybercrime (Forbes) The probability of cybercrime committed against any business is high; the impact can be devasting, and the response is complicated. Every business, big or small, needs to have a cyber breach strategy, and it needs to practice it.

How Bitcoin And Blockchain Technology Evolved (Avast) Read why veteran cybersecurity blogger Byron Acohido believes public blockchains are in a nascent stage, approximately where the internet was in the 1990s, but headed in a very different direction.

Research and Development

Northrop Grumman and Carnegie Mellon Enter Into Research Agreement to Collaborate on Artificial Intelligence Projects (Northrop Grumman Newsroom) Northrop Grumman Corporation (NYSE: NOC) and Carnegie Mellon University (CMU) have formally signed a master research agreement (MRA) that will help foster innovation between the two organizations. The signing also ...

Academia

Okemos High School wins Governor’s High School Cyber Challenge (WSYM) Highlighting the skills needed to fill the growing demand for cybersecurity talent in Michigan and beyond, students from Okemos High School were crowned champions of the 2019 Governor’s High School Cyber Challenge.

St. Pete College Named Center of Excellence in Cyber Defense Education (Bay News 9) SPC Named Center of Excellence in Cyber Defense Education

Legislation, Policy, and Regulation

With eye to China, Israel forms panel to vet foreign investments (Reuters) Israel decided on Wednesday to form an advisory committee to weigh national secu...

US, Montenegro work together to defend against malicious cyber actors (U.S. Cyber Command) For the second year in a row, at the invitation of the Montenegrin Government, an elite cyber team of U.S. service members is working alongside Montenegrin cyber defenders to counter malicious cyber

U.S. military cyber warfare and cyber security strategies take aggressive approach, but what are the risks? (Military & Aerospace Electronics) America must consider whether concepts like offense, defense, and deterrence are applicable to continuing cyber warfare and cyber strategies.

Should Tech CEOs Go to Jail Over Data Misuse? Some Senators Say Yes (Wired) Ron Wyden turned heads this month with a bill that would put tech executives behind bars, but not all of his colleagues agree it would be effective—or constitutional.

Senators introduce bill to strengthen cybersecurity of local governments (TheHill) A bipartisan group of senators on Wednesday introduced legislation intended to shore up cybersecurity for local governments by providing resources for them to switch to secure internet domains administered by the federal government.

Analysis | The Cybersecurity 202: Free cybersecurity help for campaigns is on its way (Washington Post) The group led by Clinton and Romney vets wants to prevent another 2016.

Don’t Be Evil: The Case Against Big Tech by Rana Foroohar review — break up the giants (Times) The blimp was a portent of doom. In April footage emerged of a hulking, Amazon-branded zeppelin flying slowly over a Japanese fishing village while disgorging an army of drones that proceeded to...

Should contractors be fined for their subprimes’ cybersecurity? (Fifth Domain) In a wide-ranging confirmation hearing, DoD CIO Dana Deasy discussed holding prime contractors accountable.

Rules to stop China buying sophisticated U.S. tech should move faster: lawmaker (Reuters) A leading Republican lawmaker has called for swifter action on the U.S. governme...

Air Force Cyber launches 12N12 effort (Intelligence Community News) Leaders from the 16th Air Force, Air Force Cyber, recently launched an initiative called 12N12 to streamline its cyber weapon systems tools. Launched on July 1, 12N12 aims to replace, reduce and co…

Sen. Warner: Consider CISA chief Krebs for DHS Secretary as McAleenan exits (InsideCyberSecurity.com) Senate Intelligence ranking member Mark Warner (D-VA) is touting CISA Director Christopher Krebs as a strong candidate to take over as DHS secretary, with Acting Secretary Kevin McAleenan preparing to step down Thursday.

Kenya urges cyberspace innovators to emulate Chinese innovation (News Ghana) A Kenyan official on Wednesday called on Kenyan cyberspace innovators to embrace the concept of Chinese inventiveness to help come up with products suitable for the local market. Ababu Namwamba, chief administrative secretary in the ministry of foreign affairs, said Chinese innovators create products that are suitable to the local…

Litigation, Investigation, and Law Enforcement

Spain and GitHub Are Blocking an App That Helped Protesters Organize (Vice) As thousands of people protest in Barcelona, an app meant to organize activists was blocked by Github on request of the government.

Egypt expands its crackdown to target foreigners, journalists and even children (Washington Post) An American student was among thousands swept up in the Sissi government’s campaign. 

Facebook launches $2m suit against alleged phishing, hacking sites (Naked Security) Facebook is using trademark law to target the operators of sites that imitate or target Facebook and Instagram sites.

WhatsApp's Case Against Alleged Hackers Might Be an Uphill Battle (Wired) The Facebook-owned messaging company is taking on a notorious malware vendor in what could be an uphill battle.

Facebook deletes the accounts of NSO Group workers (Ars Technica) Deletions come after allegations NSO exploit targeted 1,400 WhatsApp users.

'SpyHunter' Ruling Undermines Congress' Approach To Malware, Security Company Argues (Media Post) Malwarebytes is asking a courtt to reconsider a recent ruling that revived a lawsuit by rival security company Enigma Software, which said its SpyHunter and RegHunter programs were wrongly flagged as potentially problematic.

Victoria Police arrest man over telco DDOS attack (CRN Australia) Allege action against telco.

2 Plead Guilty in 2016 Uber and Lynda.com Hacks (New York Times) Guilty pleas to charges of hacking and an extortion conspiracy cap a legal saga that ensnared the tech companies in data breach scandals.

Coalfire CEO says Dallas County Courthouse doors were unlocked (KCCI) The CEO of a company hired by the state to conduct security tests at Iowa courthouses and the state court building released a statement Wednesday in support of two employees now charged with trespassing.

We are supporting Coalfire (Social-Engineer) If you haven’t read the post from Coalfire’s CEO, Tom McAndrew, you should.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

AdvaMed Cybersecurity Summit (Arlington, Virginia, USA, November 6, 2019) The AdvaMed Cybersecurity Summit brings together experts across the device security spectrum. Experts will provide in-depth and timely updates on the state of medical device cybersecurity, including issues...

Chicago Suburbs Cybersecurity Conference (Chicago, Illinois, USA, November 6, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

SINET Showcase (Washington, DC, USA, November 6 - 7, 2019) SINET Showcase provides a platform to identify and highlight “best-of-class” security companies that are addressing the most pressing needs and requirements in Cybersecurity. Each year, SINET evaluates...

Health Data Stewardship & Privacy Summit (Arlington, Virginia, USA, November 7, 2019) AdvaMed’s inaugural Health Data Stewardship & Privacy Summit will bring together leading experts and health care industry stakeholders to explore the current data privacy landscape and forecast what may...

ACSC 2019: Collaborate (Boston, Massachusetts, USA, November 7, 2019) The 2019 Annual Conference is a chance for ACSC members and people from the New England cybersecurity community to come together and share information, network, and learn about the latest information in...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.