skip navigation

More signal. Less noise.

Cybersecurity Fabric: The Future of Advanced Threat Response

Today, it is not enough to protect your assets by collecting high quality threat intelligence – organizations need inline detection & mitigation at line-speed to protect themselves from incoming or existing threats on the network. As cyber strategy shifts towards a “Zero Trust” model, your organization needs to ensure that every device, user, workload, or system is being monitored with a Cybersecurity Fabric. Join LookingGlass for our upcoming webinar October 2, 2pm EST to learn more.

Daily briefing.

News from the 10th Annual Billington CyberSecurity Summit

We've been attending the 10th annual Billington CyberSecurity Summit in Washington, which began yesterday and wraps up today. The theme this year is "top government priorities: a call to action," and the presenters represent a strong mix of industry and government leaders. This year's Summit has a strongly international tone: Canada, Israel, and the United Kingdom. We share here a few highlights from yesterday's presentations.

Perspective from the Federal CISO. Grant Schneider, currently the US Federal Chief Information Security Officer, working from the Office of Management and Budget, explained that while his organization does have oversight responsibility, he sees it essentially as a “support structure” designed to enable sound cyber practices throughout the Federal Government. Schneider's predecessor and co-presenter, Brigadier General (retired) Greg Touhill (now president of Cyxtera Federal), said that his own views shifted over the course of his service. At one time he would have attributed most incidents to “careless, negligent and indifferent people.” But he eventually came to add "overworked," and that may be the most important risk factor. Learning how to manage risk under these conditions is a challenge, and Government personnel need to fully understand the new reality: “If you use a computer or a mobile phone, you are a cyber operator, and a target.” When both current and former Federal CISOs were asked what keeps them up at night, Touhill [corrected] pointed to the exposure of critical infrastructure to attacks against industrial control systems. As the Internet-of-things expands, risk exposure grows, and the cost of entry to threat actors declines. Schneider [corrected] gave a one-word answer: "China."

Notes on data and artificial intelligence. There are, a panel pointed out, two sides to artificial intelligence in cybersecurity: AI's use in cybersecurity, and the cybersecurity of AI systems themselves. Jack Shanahan, (Director of the US Department of Defense Joint Artificial Intelligence Center) described a challenge the Government has with artificial intelligence and data. The data the Government has collected (and it's been collecting data from the earliest days of the republic) is that collection obviously didn't assume that the data would be used with artificial intelligence. Commercial businesses like Amazon, Google, and Facebook aren't in this position. They don't have two centuries of legacy collection to reconsider. Dean Souleles (Chief Technology Advisor to the US Principal Deputy Director of National Intelligence) noted that a major problem with artificial intelligence is that we don’t really know what ‘normal’ is, and without some such baseline, it's unclear how we might detect anomalous behavior. Lynne E. Parker (Assistant Director of Artificial Intelligence, White House Office of Science and Technology Policy) raised the question of data integrity as a problem that grows sharper with the deployment of AI. Data poisoning attacks are a very real threat, and ensuring that data are trustworthy is a challenge, Weighing in from the private sector, Swami Sivasubramanian (Vice President, Amazon Web Services) compared stage of development of machine learning to the internet. "If the internet is still in Day 1 after 30 years, machine learning just awoke and hasn’t yet had a cup of coffee."

And thoughts from NSA's Cybersecurity Directorate. The day concluded with a fireside chat between Anne Neuberger, the director of the NSA’s new Cybersecurity Directorate, and Niloofar Razi Howe, a well-known cybersecurity venture investor. Howe asked if there was a strategy behind the directorate, which is set to launch on October 1st, and Neuberger said the goal was to “prevent and eradicate cyber actors from critical infrastructure.” She said NSA needed to change its approach in response to a drastically changing threat landscape. In particular, information operations changed with the rise of social media, and criminal operations changed with cryptocurrency. With the Cybersecurity Directorate, Neuberger plans to increase information sharing with other agencies and with the private sector, emphasizing how important it is to cooperate with social media companies to fight information operations. Neuberger also highlighted the threat posed by ransomware, saying that there are about 400,000 of these attacks per day. The intelligence community’s main objective is looking at threats posed by nation states, and Neuberger pointed to China as a major focus. She said the OPM hack, the Cloud Hopper activities, and rampant intellectual property theft reveal China’s goals.

We'll have more notes from the Billington CyberSecurity Summit tomorrow.

Facebook has sustained a significant data exposure incident. TechCrunch reports that a researcher found an unsecured database that contained data on some 419 million users. The data contained for the most part user phone numbers linked with account IDs, but in many cases it also included users' real names, gender, and country. The data were scraped: the exposed database was not maintained or controlled by Facebook. Facebook said that the information appear to have been scraped at some time before Facebook restricted third-party access to its data last year. Who scraped the data is so far unknown.

The head of NSA's Cybersecurity Directorate said yesterday at the Billington CyberSecurity Summit that ransomware represents an "interesting" threat to upcoming US elections. TheHill quotes Anne Neuberger as saying ransomware will be a "focus" of her Directorate during the election cycle. The ongoing wave of ransomware attacks against US local governments thus acquires another level of menace. Emsisoft thinks extortionists are choosing targets likely to pay. An IBM study concludes that taxpayers oppose paying.

There are fears currently finding expression in social media that big corporations routinely eavesdrop on phone calls and ambient conversations, the better to serve up targeted ads to chatty naïfs. The BBC says these fears are on balance unfounded, Wandera studied the concerns and concluded that they were mostly hooey. 

The Feds got a guilty plea from one Kenneth Schuchman who copped to involvement in the Satori botnet. The Register's unkind lede is "One moron down, two to go."

Notes.

Today's issue includes events affecting China, European Union, Iran, Ireland, Thailand, United Arab Emirates, United Kingdom, United States.

Bring your own context.

It's back-to-school time, as we've been noticing. It's easy to overlook the need kiddos have for some security help. That can sound preposterous, like helicopter parenting, but consider this:

"I think it was a couple years ago that my daughter was playing a game on her cellphone, and it sent her a text message, asking, we need some kind of authorization code for you to get more toys for the game. And she texted back, saying, my dad's sleeping right now so let me get back to you once he's awake. And I realized being in the cybersecurity profession myself, I haven't taught my own daughter the right skills. And there's a huge gap when it comes to teaching kids about cybersecurity. They're introduced to new technology very, very early on. You see 2-, 3-year-olds with iPads and phones, and they know how to use technology. And yet we're not teaching them the most important part, which is around cybersecurity."

—Rinki Sethi, chief information security officer at Rubrik, on the CyberWire Daily Podcast, 9.3.19.

You want to allow the children their Huck Finn time, but nowadays the Duke and the Dauphin are online, and it that don't fetch 'em, we don't know Arkansaw.

Correction: In the account above on the Billington CyberSecurity Summit, the section "Perspective from the Federal CISO" has been corrected. General Touhill was kept awake by ICS threats, Mr. Schneider by China. The attribution was originally reversed.

Conduct secure and anonymous research on the open and dark web.

If you are doing online research, the common web browser can betray you by exposing you and your organization to cyber attacks. Authentic8, the maker of Silo Cloud Browser and Silo Research Toolbox, ends this betrayal. Silo insulates and isolates all web data and code execution from user endpoints, providing powerful, proactive security even if you are gathering data and collections across the deep and dark web. Learn more.

In today's podcast, out later this afternoon, we talk with our partners at Bristol University, as Awais Rashid discusses the notion of bystander privacy. Carole Theriault speaks with Dov Goldman, Director of Risk and Compliance at Panorays, on the most noteworthy third-party breaches 2019 has so far seen. 

And Hacking Humans is up. In this week's episode, "Think before you post," We have some follow-up from down under. Joe shares the story of a Mom scammed out of Gaelic Football League tickets. Dave describes a bounty hunter hoaxing suicide threats to get location information from mobile providers. The catch of the day requires a response from the grave. Our guest is Ben Yelin, senior law and policy analyst from the University of Maryland Center for Health and Homeland Security. He digs in to a particular Facebook scam that refuses to die.

Second Annual DataTribe Challenge (Online, October 1, 2019) Register now for a chance to be DataTribe's next world-class company. Finalists will split a $20,000 prize, and the winner may receive $2m in funding from DataTribe. Contestants have until October 1st to apply at www.datatribe.com/challenge­.

Zero Day Con (Washington, DC, USA, October 22, 2019) Zero Day Con hosts a day of expert discussion on security approaches to regain control over your systems, data, and information. Join us to examine insights, security technologies, and key priorities to secure your systems. Get a 30% discount for Labor Day using code LABOR30.

Dateline 10th Annual Billington CyberSecurity Summit

Top NSA cyber official points to ransomware attacks as key threat to 2020 elections (TheHill) Anne Neuberger, director of the newly formed Cybersecurity Directorate at the National Security Agency (NSA), on Wednesday pointed to ransomware attacks as a key danger to the 2020 elections.

AI, Cybersecurity, & The Data Trap: You Don’t Know Normal (Breaking Defense) "How do I even know what’s normal and what’s abnormal so I can detect anomalies? We simply don’t know," says Dean Souleles, chief technology advisor for the Director of National Intelligence.

Pentagon, NSA Prepare to Train AI-Powered Cyber Defenses (Defense One) The giant effort starts by trying to standardize data across the Defense Department's sprawling IT ecosystem.

CISO Schneider: OMB Focused on ‘Maximum Support’ for Agency Cyber (MeriTalk) Grant Schneider, the Federal government’s chief information security officer, said the Office of Management and Budget (OMB) is aiming to provide “maximum support” to Federal agencies as they work to improve network security.

DHS Cyber Chief Chris Krebs and New NSA Cybersecurity Director Anne Neuberger Join Israel and UK Cyber Leaders for 10th Annual Billington CyberSecurity Summit - Executive Gov (Executive Gov) Christopher Krebs, the first director of the Department of Homeland Security's Cybersecurity and

OMB's CyberStat program is 'evolving' (FCW) Following an audit that found the Office of Management and Budget could be making better use of the cybersecurity reviews, Federal CISO Grant Schneider said agency is looking at revamping the program ahead of next fiscal year.

A FedRAMP plan to strengthen cloud security (Federal Times) The Federal Risk and Authorization Management Program wants threat intelligence reports to make its audit process smarter.

NSA Reportedly Developing Quantum-Resistant 'Crypto' (CoinDesk) The National Security Agency's new Cybersecurity Directorate may be working to develop its own, uncrackable "crypto." But which crypto?

ISARA Leads Discussion to Keep Government Data Safe from Looming Quantum Threat (Yahoo) As governments increasingly recognize the coming threat that quantum computers pose to the encryption that protects everything from military secrets to tax records, ISARA Corp., the world's leading provider of quantum-safe and crypto-agile security, will

Cyber Attacks, Threats, and Vulnerabilities

Iran-led state-sponsored attacks remain a major threat to Middle East stability (The National) Microsoft linked Iranian hackers to cyber attacks that targeted thousands of people in more than 200 companies

A huge database of Facebook users’ phone numbers found online (TechCrunch) Hundreds of millions of phone numbers linked to Facebook accounts have been found online. The exposed server contained more than 419 million records over several databases on users across geographies, including 133 million records on U.S.-based Facebook users, 18 million records of users in the U.K…

Forget Politics. For Now, Deepfakes Are for Bullies (Wired) The surging popularity of Chinese app Zao has reignited concern that deepfakes could influence an election. Researchers say that's not likely.

An artificial-intelligence first: Voice-mimicking software reportedly used in a major theft (Washington Post) Once the realm of science fiction, voice-mimicking software is now "well within the range of any lay criminal who's got creativity to spare,” one cybersecurity expert said.

Hackers exploiting popular social engineering 'toolkits' to refine cyber attacks (IT PRO) Victims are being asked to download malware through visually compelling fake update prompts

SalesPharce: Hackers Exploit Salesforce, Phish Partners and Customers (Avanan) A new attack uses a compromised Salesforce account to send phishing invoices that bypass Office 365 security checks.

Ransomware wreaks havoc in the South, generates $1 million for hackers (Emsisoft | Security Blog) Hackers have combined three deadly malware strains to carry out devastating ransomware attacks on cities across the southern states in the US. Learn how these attacks work.

Why phones that secretly listen to us are a myth (BBC News) A mobile security firm carries out a research investigation to test the popular conspiracy theory.

Hackers selling stolen personal details for less than Dh200 (The National) Companies can spend a fortune on sophisticated cyber security but they will still be vulnerable if employees use weak passwords

Security Patches, Mitigations, and Software Updates

Twitter disables tweeting via SMS after CEO gets hacked (The Verge) Twitter says it’s making the change "to protect people’s accounts."

Cyber Trends

Blevene/Crimeware-In-The-Modern-Era (GitHub) Paper and Links to Crimeware in the Modern Era. Contribute to Blevene/Crimeware-In-The-Modern-Era development by creating an account on GitHub.

The ‘weaponisation’ of vulnerabilities (ITWeb) Cyber criminals are exploiting vulnerabilities to launch co-ordinated attacks against individuals, businesses and specific groups, says Craig Jett, VP, Global Security Consulting at Dimension Data.

Marketplace

Splunk buys SaaS startup Omnition (ZDNet) Splunk said the Omnition team brings more than a dozen engineers with significant expertise in tracing and observability.

Splunk Buys Omnition, Its Second Acquisition in Two Weeks (SDxCentral) Splunk today said it acquired Omnition, a startup developing a observability platform for cloud-native, microservices-based applications.

Crypto Sleuthing Firm Elliptic Raises $23 Million in Fundraise Led by SBI (CoinDesk) Blockchain forensics firm Elliptic has raised $23 million in Series B round led by Tokyo-based financial institution (and XRP holder) SBI.

Deutsche Telekom Capital Partners and Salesforce invest in PerimeterX (FierceTelecom) Perimeter X has upped its Series C financing round to $57 million with an additional $14 million from DTCP and Salesforce's venture arms. The latest round brought the malware and bot protection company's funding to a total of $91.5 million

Palo Alto says on track to grow sales at double digit pace over next three years (Reuters via WTVB) Cybersecurity firm Palo Alto Networks said it expects to grow sales at a double-digit pace over the next three years and forecast robust free cash flow, sending its shares up 8% in volatile after-hours trading on Wednesday.

ZeroNorth Appoints Karen Higgins as Chief Financial Officer (ZeroNorth) Cybersecurity Industry Veteran Joins ZeroNorth to Drive Growth, Scale to Meet Demand for Risk-Based Vulnerability Orchestration Across the SDLC BOSTON – September 4, 2019 – ZeroNorth, the industry’s first provider of risk-based vulnerability orchestration across applications and infrastructure, today announced the appointment of Karen Higgins as chief financial officer (CFO). Reporting to John Worrall, chief …

Cyren Names Vice President of Sales for Americas (Yahoo) Cyren (NASDAQ:CYRN) today announced the appointment of Bruce Johnson as Vice President of Sales for the Americas. Reporting to CEO Brett Jackson, Johnson now ...

SailPoint appoints Matt Mills as Chief Revenue Officer (Help Net Security) SailPoint Technologies Holdings, the leader in enterprise identity governance, announced the appointment of Matt Mills to Chief Revenue Officer (CRO).

Products, Services, and Solutions

Zeguro Announces Cyber Safety Platform Designed to Simplify Risk Manag (PRWeb) Zeguro (https://www.zeguro.com), an end-to-end cyber safety platform and insurance provider for small to mid-sized businesses (SMBs), today announced its

Privilege Without the Pain (STEALTHbits) STEALTHbits Privileged Activity Manager (SbPAM) Significantly Reduces Attack Surface with Unique Permission Controls

New Trustwave Fusion Platform Redefines Cloud-Based Cybersecurity (Trustwave) Trustwave Fusion platform gives enterprises unprecedented visibility and control over how security resources are provisioned, monitored and managed across any environment.

Nozomi Networks Cyber Security Solution Embedded in RUGGEDCOM (Nozomi Networks) Fortinet and Nozomi Networks achieved another partnership milestone with two new integrations that deliver full security visibility and management across IT and OT environments. Now with comprehensive integrations for FortiGate, FortiNAC, and FortiSIEM, we’re helping eliminate the gap between IT and OT. Read on to learn how the integrations provide full visibility across IT and OT, allowing customers to detect and respond to threats more effectively.

CyberSaint Releases New California Consumer Privacy Act (CCPA) Framework for Rapid Assessment and Compliance Management (Yahoo) CyberSaint Security, the leading cybersecurity software firm powering automated, intelligent compliance and risk management, today announced the availability of the new California Consumer Privacy Act (CCPA) framework within the CyberStrong platform. This new release enables customers to measure, track

Darktrace Cyber AI Analyst Investigates Threats at Machine Speed (Darktrace) Augments Human Security Teams Reducing Time to Triage by 92%

Silverfort Joins RSA® Ready Technology Partner Program (Yahoo) Silverfort’s Agentless Authentication Platform enables joint customers to seamlessly extend RSA SecurID® Access to any sensitive system and apply Zero-Trust security policies acros

F-Secure Countercept continues to win trust from US enterprises (Global Security Mag Online) F-Secure Countercept, an award-winning managed detection and response (MDR) solution from cyber security provider F-Secure, has won the trust of another US-based enterprise in a new deal. The contract, valued at over one million dollars (USD) per year, affirms F-Secure Countercept’s position as a world-class solution that enterprises trust to help them contain today’s increasingly advanced threats.

Scale Computing & Acronis Partner On Data Protection, Continuity, & DR (Storage Reviews) Today Scale Computing and Acronis announced a partnership for OEMs that will offer Acronis Backup through Scale Computing channels. This can bring all of the benefits of Acronis Backup (including archiving, enhanced data protection, disaster recovery, and threat mitigation) to the Scale Computing HC3 platform. 

ANSecurity strengthens New College Oxford’s network security with move to a Zero Trust model (FE News) ANSecurity delivers 6 week project to refresh college network infrastructure, improve security and reduce licensing and maintenance costs ANSecurity, a specialist in advanced network and data security, has announced the successful delivery of a project with New College Oxford to streamline its network architecture and strengthen its security by moving...

AlgoSec adds new features to its core Network Security Management Suite (Help Net Security) AlgoSec enhances app visibility and network auto-discovery, extends support for Cisco ACI in the new version of its Network Security Management Suite.

Darktrace launches “Cyber AI Analyst” as skills shortage intensifies (NS Tech) Darktrace has launched a "Cyber AI Analyst" that it claims can generate written reports outlining the path of complex cyber attacks. Industry researchers claim the technology could alleviate the cyber

Illumio-Made Cybersecurity Platform Certified for DoD Use (ExecutiveBiz) Information technology firm Illumio has achieved information assurance certification for the firm’s cybersecurity platform, allowing the product for use by the Department of Defense.

Technologies, Techniques, and Standards

NIST Publishes Second Draft of Cyber Resilience Guidance (MeriTalk) The National Institute of Standards and Technology (NIST) has released draft two of Special Publication (SP) 800-160 Volume 2: Developing Cyber Resilient Systems. NIST Is seeking public comments on the draft through Nov. 1.

What prevents companies from achieving effective security performance management? (Help Net Security) Study commissioned by BitSight demonstrates that effective security performance management is crucial for enterprise success in the 21st century.

Is Personality the Missing Piece of Security Awareness Training? (Security Intelligence) What if we have been approaching security awareness training all wrong? One way to start individualizing security education is by recognizing and working with personality types.

3 security strategies for charities that are more secure than passwords (Charity Digital News) Passwords alone are no longer fit for purpose in an organisation that handles sensitive data - here are three security strategies that can provide extra peace of mind.

Messaging Architects Shares Tips for Effective Cyber-Security Training (Benzinga) Messaging Architects, an eMazzanti Technologies Company and information governance consultant, discusses effective cyber-...

Design and Innovation

Splintered passwords stump hackers (Tide Foundation) Tide Foundation’s Splintering Mechanism Givens Passwords the Effective Security of Cryptographic Key

First Blockchain-Only Birth Certificates Recorded By IBM, Raising Stakes for Security (Dash News) The first blockchain-only birth certificates have been issued in Brazil through a partnership with IBM, achieving a major milestone in blockchain technology, as well as significantly raising the stakes for network security. On September 01 2019, the birth of Álvaro de Medeiros Mendonça became the first child to be registered only on the blockchain. This …

Research and Development

Military vehicles with new technology could remove the need for humans on the battlefield (CNBC) Autonomous vehicles could undertake a number of important tasks.

Legislation, Policy, and Regulation

Life in an Internet Shutdown: Crossing Borders for Email and Contraband SIM Cards (New York Times) Internet shutdowns have become one of the defining tools of government repression in the 21st century — but citizens bear the cost at work and at home.

Big Tech Companies Meeting With U.S. Officials on 2020 Election Security (New York Times) Security teams from Facebook, Google, Twitter and Microsoft met with members of the F.B.I., Department of Homeland Security and others on Wednesday.

DOD Seeks Ethicist to Guide Deployment of Artificial Intelligence (U.S. DEPARTMENT OF DEFENSE) The Joint Artificial Intelligence Center has plans to hire an ethicist to help guide the Defense Department's development and application of artificial intelligence technologies.

Coming Soon to a Battlefield: Robots That Can Kill (The Atlantic) Tomorrow’s wars will be faster, more high-tech, and less human than ever before. Welcome to a new era of machine-driven warfare.

IBM Security Study: Taxpayers Oppose Local Governments Paying Hackers in Ransomware Attacks (IBM News Room) Majority Not Willing to Pay Higher Taxes to Protect Local Resources, 63% Prefer Paying Higher Repair Cost Over Using Tax Dollars for Ransom

Litigation, Investigation, and Law Enforcement

Shocking Huawei 'Extortion And Cyberattack' Allegations In New U.S. Legal Fight (Forbes) The latest response from Huawei to reports of new U.S. legal action against the company was its hardest-hitting​ yet.

YouTube will pay $170 million to settle claims it violated child privacy laws (CNBC) The FTC's probe found that the company violated privacy policies aimed at protecting children.

Google accused of secretly feeding personal data to advertisers (Financial Times) Evidence to Irish regulator suggests tech company is using hidden web pages

Google could be this century's Standard Oil - will it be broken up? (The Telegraph) Fines and investigations have become a part of everyday life for Google.

Google's paid search ads are a 'shakedown,' Basecamp CEO says (CNBC) Basecamp CEO Jason Fried says Google search ads force businesses to pay just to be findable in search results.

Thai Gang Member Arrested Over Alleged $16 Million Crypto Fraud (CoinDesk) A Thai man has been arrested for alleged involvement in a crypto crime ring that fleeced investors for 500 million baht.

Newb admits he ran Satori botnet that turned thousands of hacked devices into a 100Gbps+ DDoS-for-hire cannon (Register) One moron down, two to go

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

RSA Conference 2020 (San Francisco, California, USA, February 24 - 28, 2020) Be part of a conversation that has the power to change the world. Join top cybersecurity leaders and a dedicated community of peers as we exchange the biggest, boldest ideas that will help propel the industry...

Upcoming Events

9th Annual Peak Cyber Symposium (Colorado Springs, Colorado, USA, September 3 - 5, 2019) The Peak Cyber Symposium is designed to further educate Cybersecurity, Information Management, Information Technology and Communications Professionals by providing a platform to explore some of today's...

9th Annual Peak Cyber Symposium (Colorado Springs, Colorado, USA, September 3 - 5, 2019) The Information Systems Security Association (ISSA) - Colorado Springs Chapter will once again host the 9th Annual Peak Cyber Symposium. This year's theme is "Cyber Hygiene: Everyday for Everyone." The...

10th Annual Billington CyberSecurity Summit (Washington, DC, USA, September 4 - 5, 2019) This year's theme is, "Reinventing Cybersecurity: Addressing Tomorrow's Top Cyber Challenges." The summit has become the world's leading summit on government cybersecurity. It will convene again U.S. and...

2019 Intelligence and National Security Summit (National Harbor, Maryland, USA, September 4 - 5, 2019) The Intelligence & National Security Summit, powered by AFCEA International and the Intelligence and National Security Alliance (INSA), is the premier forum for unclassified dialogue between U.S. Government...

Derbycon 2019 (Louisville, Kentucky, USA, September 4 - 8, 2019) DerbyCon isn’t just another security conference. We’ve taken the best elements from all the conferences we’ve ever been to and put them into one. DerbyCon is a place you can call home, where you can meet...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.