skip navigation

More signal. Less noise.

MVISION Insights: Move Beyond Intelligence to Insights that Empower You to Change Your Environment.

Harnessing the power of one billion threat sensors worldwide, McAfee designs security fueled by Insights. MVISION Insights enables you to move beyond intelligence and empowers you to change your environment. Identify with Machine Learning. Defend and correct with Deep Learning. Anticipate with Artificial Intelligence. Move your security out of reactive mode to a proactive posture. McAfee, the device-to-cloud cybersecurity company. Go to McAfee.com/insights to learn more.

Daily briefing.

Recorded Future reports a PupyRAT infestation in an unnamed European energy sector organization. PupyRAT's command-and-control was communicating with the infected organization’s mail server from late November through January 5th of this year. The RAT is an open-source tool available on GitHub. It’s been used by Iranian threat groups APT33 (also known as Elfin, Magic Hound, or HOLMIUM) and COBALT GYPSY (which Recorded Future says overlaps with APT34, that is, OilRig). The researchers stress that the current activity predates recent escalation of US-Iranian tension

Reuters writes that the Saudi Foreign Ministry has again dismissed claims of Crown Prince Mohammed bin Salman’s involvement in hacking Amazon founder Jeff Bezos’s phone as “absurd.” Investigations are in progress, and it certainly seems that something was done to Mr. Bezos’s device. Is it possible the Crown Prince may himself have been hacked, as some have suggested? Well, sure, maybe. In any case, as BuzzFeed notes, Saudi-aligned Twitter accounts have been doing a lot of anti-Bezos woofing.

Ukraine is considering a comprehensive law designed to suppress disinformation. RadioFreeEurope|RadioLiberty says that critics are concerned the measure will also effectively suppress journalism.

The EU is also deliberating adoption of measures that would counter disinformation. Facebook doesn’t like them, New Europe says, and characterizes the proposed regulations as a threat to free speech.

Canada’s government is prepared to “impose costs” on those responsible for cyberattacks on the Dominion, according to 660 News.

The Economist looks at Huawei, concludes it’s a threat, but says the risks can be managed.

Notes.

Today's issue includes events affecting Canada, China, European Union, Germany, Democratic Peoples Republic of Korea, Russia, Ukraine, United Kingdom, United States.

Bring your own context.

What's going on these days with authentication?

"So I think the biggest things are there's an uptick in awareness and usage of multifactor. And I think that that's kind of due to a few different reasons. One is I think a lot of users in their personal lives are being required to use multifactor authentication. Now if you log in to a bank account or you log in to Facebook or eBay or pretty much everything - anything you use online, you're almost either required or strongly encouraged to use multifactor. So I think that's helping create more awareness, and certainly more awareness in the enterprise. And I think the enterprise side is kind of coming at it from that perspective as well. They're kind of saying, OK, for enterprise applications, we're going to require you to use multifactor for these things and not just allow you to use username and password. So we see the both of these things, from awareness to usage, trending up. So they're not quite doubled from last year, but they're pretty close."

There's still more SMS multifactor than one would like to see, but on the whole the trend is positive.

—Sean Frazier, advisory CISO for Federal at Cisco Duo, on the CyberWire Daily Podcast, 1.22.10

Coming soon: CyberWire Pro.

Our new subscription program, CyberWire Pro, will be available soon. Designed for cyber security professionals and others who want to stay abreast of our rapidly evolving industry, CyberWire Pro is a premium news service that will save you time and keep you informed. Learn more and sign up to get launch updates here.

Investigating China’s Disinformation Campaigns

Cyber influence campaigns have plagued countries across the globe in the past few years, with foreign policy objectives, economic goals, and public opinion caught in the crossfire. LookingGlass researchers have tracked over 2000 People’s Republic of China-related influence operators on Twitter to better understand the current landscape. In our next webinar, Tom Creedon will explore these findings to gain an understanding of operator account patterns and targets. Save your seat for February 6 at 1pm ET.

In today's CyberWire Daily Podcast, out later this afternoon, we speak with our partners at Accenture, as Justin Harvey offers an outlook on 2020. Our guests are Hank Thomas and Mike Doniger from SCVX, describing their plan to bring a funding mechanism, "SPAC," to cyber security.

CyberTech Tel Aviv (Tel Aviv, Israel, January 28 - 30, 2020) Cybertech Tel Aviv is a 3-day event with 200+ organizations, 180+ speakers and 18,000+ attendees with a goal to create business and networking opportunities across borders. For 15% off, use code tcwtlv20dis on the registration page and enter the “Full-Pass" option. https://www.cybertechisrael.com/

Cyber Security Summits: February 5 in Atlanta and on March 20 in Tampa (Atlanta, Georgia, United States, February 5, 2020) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, U.S. Secret Service, IBM Security, Google and more. Register with promo code cyberwire20 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com

Suits & Spooks (Washington, DC, United States, February 6 - 7, 2020) Suits & Spooks DC is the only international security summit where the attendees and speakers from government agencies and technology companies engage in discussion and debate of security challenges. World-class speakers describe their vision of future threats and leading-edge companies will exhibit novel solutions. Get 15% off with discount code cyberwire15.

RSAC 2020 (San Francisco, California, United States, February 24 - 28, 2020) Connect to the people and ideas that matter. To your growth. To your organization. At RSAC 2020, February 24 – 28, explore current and emerging trends, gain valuable skills and network with peers. Register today!

Cyber Attacks, Threats, and Vulnerabilities

Suspected Iranian hacking campaign targets European energy companies (ZDNet) Researchers at Recorded Future have linked trojan malware intrusions and espionage to a state-backed hacking operation working out of Iran.

European Energy Sector Organization Targeted by PupyRAT Malware in Late 2019 (Recorded Future) Insikt Group identified a PupyRAT C2 server communicating with a mail server for a European energy sector organization starting late last year.

Saudi foreign minister calls claim that Crown Prince hacked Bezos phone 'absurd' (Reuters) Saudi Arabia's Foreign Minister Prince Faisal bin Farhan Al Saud said on We...

As Mohammed Bin Salman Allegedly Hacked Jeff Bezos, A Network Of Accounts On Twitter Were Pushing Saudi Propaganda (BuzzFeed News) A UN official said the goal is “intimidating, creating fear, and ultimately controlling or silencing.”

Opinion | Jeff Bezos’s Phone Hack Should Terrify Everyone (New York Times) Those with the most to lose don’t always safeguard their privacy very well. You can do better.

The Fractured Statue Campaign: U.S. Government Targeted in Spear-Phishing Attacks (Unit42) Unit 42 observed several malware families typically associated with the Konni Group primarily targetting a US government agency at the height of the US interacting with North Korea.

Euro Cup and Olympics Ticket Reseller Hit by MageCart (BleepingComputer) Site belonging to a reseller of tickets for Euro Cup and the Tokyo Summer Olympics, two major sports events happening later this year, have been infected with JavaScript that steals payment card details.

FDA issues cybersecurity warning on GE medical equipment that monitors patients (CNBC) The Food and Drug Administration released a warning on Thursday to health-care providers, facilities and consumers about a vulnerability in certain electronic health-care data equipment made by General Electric.

GE CARESCAPE, ApexPro, and Clinical Information Center systems (CISA) 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: CARESCAPE Telemetry Server, ApexPro Telemetry Server, CARESCAPE Central Station (CSCS) and Clinical Information Center (CIC) systems, CARESCAPE B450, B650, B850 Monitors Vulnerabilities: Unprotected Storage of Credentials, Improper Input Validation, Use of Hard-coded Credentials, Missing Authentication for Critical Function, Unrestricted Upload of File with Dangerous Type, Inadequate Encryption Strength

Security Advisory for Signed TLS Certificate Private Key Disclosure on Some Routers, PSV-2020-0105 (NETGEAR) NETGEAR is aware of a Transport Layer Security (TLS) certificate private key disclosure vulnerability on the following product models: R8900 R9000 RAX120 XR700 These products use Certificate Authority-signed certificates to provide secure HTTPS access to the router web interface. You might see a security certificate error or warning when you try to access your router’s web interface using HTTPS. NETGEAR plans to release firmware hotfixes for all affected products as soon as possible.

That text you got about a package isn’t from FedEx. It’s a scam. (Washington Post) The ‘smishing’ campaign starts by asking users to set up delivery preferences and ends with a request for credit card information

FBI issues warning about lucrative fake job scams (Naked Security) What’s the difference between a real job and a fake one found on the internet? The fake ones are suspiciously easy to get interviews for.

LastPass Mistakenly Removes Extension from Chrome Store, Causes Outage (BleepingComputer) An accidental outage was caused by LastPass yesterday by mistakenly removing the LastPass extension from the Chrome Web Store, leading to users seeing 404 errors when trying to download and install it on their devices.

US County Suffers Two Cyber-attacks in Three Weeks (Infosecurity Magazine) Albany County has been targeted twice in three weeks by cyber-criminals

Cyber attack knocks Tillamook County employee computers offline (KGW) The computer problem was noticed Wednesday morning and affects both computer and phone systems

Security Patches, Mitigations, and Software Updates

Citrix: These are new patches for your vulnerable servers (ZDNet) Citrix has released a fresh set of patches for ADC and NetScaler bug, with more patches due out tomorrow.

Looking for silver linings in the CVE-2020-0601 crypto vulnerability (Naked Security) Is there some good news hidden in the story of the CVE-2020-0601 crypto vulnerability?

Sonos’s tone-deaf legacy product policy angers customers (Naked Security) Stopping software updates for legacy kit is nothing new, but it’s the way the company has done it that has Sonos customers’ hackles up.

Cyber Trends

Von Spaß-Hackern zur organisierten Kriminalität (IT-BUSINESS) Die Hacking-Versuche von früher waren der unschuldige Anfang der kriminellen Untergrundszene von heute. Laut Kai Figge von G Data spielt Künstliche Intelligenz sowohl auf der hellen wie auch auf der dunklen Seite des Internets eine immer wichtigere Rolle.

5G promises faster speeds and greater security risks (TechRepublic) TechRepublic's Karen Roby talks with Radware exec Mike O'Malley about the growing security risks that accompany 5G for providers, smart cities, and the enterprise.

The terrifying power and reach of the unregulated $12bn spyware industry (The Telegraph) Joaquín Archivaldo Guzmán, known as El Chapo, was holed up in the Mexican city of Los Mochis, Sinola.

The Cybersecurity 202: Disinformation threat pushes Doomsday Clock closer to midnight (Washington Post) Online disinformation campaigns are not just a threat to the 2020 election. They may be a harbinger of the end of the world.

Current Time - Bulletin of the Atomic Scientists (Bulletin of the Atomic Scientists) It is 100 seconds to midnight.

The State of Vulnerabilities in 2019 | Imperva (Imperva) As a web application firewall provider, part of our job at Imperva is to continually monitor for new security vulnerabilities. To do this, we use internal software that collects information from various data sources such as vulnerability databases, newsletters, forums, social media and more, integrating it into a single repository, and assessing each vulnerability’s priority. …

Voice of the Channel and 2020 Predictions (Untangle) The latest Untangle survey explored the current state and trends of Channel Partners. Untangle surveyed a segment of these international security professionals to understand current cybersecurity trends the channel is seeing, as well as their predictions

Marketplace

Should Investors Trust the Cybersecurity Sector? (TheStreet) A former NYSE trader weighs in on the cyber security sector.

Cybersecurity SPAC SCVX Corp. files for a $200 million IPO (Nasdaq) SCVX Corp., a blank check company led by industry veterans targeting the cybersecurity sector, filed on Monday with the SEC to raise up to $200 million in an initial public offering. The Washington, DC-based company plans to raise $200 million by offering 20 million units at $10

CloudKnox Secures $12M in Funding to Further Accelerate Customer Growth and Product Innovation (CloudKnox) CloudKnox Security, a leader in identity authorization for hybrid and multi-cloud environments, today announced that it closed $12M in a new round of funding. Led by Sorenson Ventures with participation from early investors, including ClearSky Security, Dell Technologies Capital and Foundation Capital, the round brings CloudKnox’s total funding to $22.75M.

White Ops Adds Former FBI Computer Scientist Dr. Russell Handorf as Principal Threat Intelligence Hacker (BusinessWire) White Ops, the global leader in bot mitigation, verifying the humanity of more than 1 trillion digital interactions per week, today announced the appo

Products, Services, and Solutions

SlashNext Announces Multi-Vector Phishing Protection Solutions For Mobile Devices And Endpoint Web Browsers (PR Newswire) SlashNext, a leading provider of real-time anti-phishing and incident response solutions, today announced two new products designed to protect...

LocatorX Launches Product Certificate Authority™ to Fight Product Counterfeiting (Globe Newswire) LocatorX, which provides accurate, inexpensive and flexible tracking technology to companies across a variety of industries, today announced the launch of its Product Certificate Authority™ (PCA) solution to further help manufacturers, retailers and consumers fight product counterfeiting at every level.

Invixium Launches IXM WEB 2.1, an All-in-One Platform for Access Control and Workforce Management (Invixium) Revolutionary new software IXM WEB 2.1 will be available to existing customers with an Annual Support Contract (ASC).

Ooh, watch out Google. You've got competition. Verizon has a new 'privacy-focused' search engine (Register) Yep, the Verizon that sold subscribers' location data

Technologies, Techniques, and Standards

Mitigating Cloud Vulnerabilities (National Security Agency) While careful cloud adoption can enhance an organization’s security posture, cloud services can introduce risks that organizations should understand and address both during the procurement process and while operating in the cloud.

Deployed 82nd Airborne unit told to use these encrypted messaging apps on government cell phones (Military Times) “Unfortunately, those apps are more secure than texting in the clear, which is more or less the alternative. Granted, if a hostile party has access to the handset, that encryption isn’t particularly helpful.”

Elections Globally Are Under Threat. Here's How to Protect Them (Wired) A new report calls for safeguards to reduce the dangers posed by misinformation, online extremism, and social media manipulation.

Inside the World's Highest-Stakes Industrial Hacking Contest (Wired) At Pwn2Own, hackers had no trouble dismantling systems that help run everything from car washes to nuclear plants.

Design and Innovation

DEVCON Announces Protect Elect 2020: Providing Free Access to Security Software For Media Companies (MarTechSeries) Industry-Leading Influencers and 10 Major Fortune 500 Media Companies to Launch Public Research Initiative to Defeat the Weaponization of Marketing

Research and Development

Projects funded for autonomous vehicle cyber security (The Engineer) Seven projects whose participants include Honda, Thales and WMG have won funding to develop cyber security solutions for connected and autonomous vehicles.

Academia

CSU offering new cybersecurity degree (https://www.wtvm.com) CSU’s nexus cybersecurity degree will give students hands-on experience in efforts to fill positions with qualified candidates.

IU Maurer cybersecurity programs keep pace with technology (The Indiana Lawyer) In his practice at Mallor Grodner in Bloomington, attorney D. Michael Allen is seeing more and more cases that have a digital component. While he learned on the job, he also enrolled in the IU Maurer School of Law cybersecurity master’s program.

UT Dallas announces cybersecurity degree program (impact) Implementation of the program was motivated by the rising threat of cyber attacks, according to the university.

Students learn about the growing industry of cybersecurity (KGNS) The twisted, dark web was a topic of conversation for students while being educated on the dangers of modern-day technology.

Terre Haute college ranks as one of the best for its cybersecurity program (WTHI News) Some of the nation's best in cybersecurity are coming out of Terre Haute.

Enhancing a law enforcement career with a Penn State cybersecurity education (Penn State University) With a law enforcement career spanning more than 20 years and an established private investigations firm of his own, Ron Long could be considered an expert in the field of investigative work. Now, he’s pursuing a degree in security and risk analysis through Penn State World Campus to better understand how the internet is changing the dynamic of police and investigative work in the country.

Legislation, Policy, and Regulation

Why the Saudi Crown Prince Needs Cyberweapons (Yahoo) It’s hard to underestimate just how much damage Crown Prince Mohammed bin Salman of Saudi Arabia has done to his country in the last 15 months. Yet it’s also difficult to see how the U.S. can defend its interests in the region without his cooperation.

Canada ready to 'impose costs' on malicious cyberactors, advisers tell Trudeau - 660 NEWS (660 NEWS) Canada will work with allies to strike back at foreign cyberattackers and “impose costs” that make them understand the price of their wrongdoing, advisers have told Prime Minister Justin Trudeau. “Malicious state-sponsored cyber acts affect national security and economic prosperity interests,” says a newly released briefing note to Trudeau on the dangers to Canada from the …

Brussels steps up disinformation fight, Facebook warns of free expression (New Europe) Facebook has warned over freedom of expression as the European Union considers measures to stop disinformation campaigns across online platforms. Nick Clegg, Facebook’s VP for Global Affairs warned that in the online world, “the scope of what we deem to be acceptable speech has narrowed over rece

Media Freedom Groups Express Unease Over Ukrainian Disinformation Bill (RadioFreeEurope/RadioLiberty) Media freedom watchdogs and journalists’ associations are expressing concern over a bill aimed at combating Russian disinformation.

OSCE concerned over Ukraine's new draft law on disinformation (UNIAN) The public has one month to discuss the bill before it is sent to the government and the parliament.

Outdated laws put UK's cybersecurity at risk: report (Andalou Agency) Laws meant to prevent hacking also expose cybersecurity researchers to risk of prosecution, says CLRNN - Anadolu Agency

Huawei is a cyber-security risk (The Economist) But risks can be managed

Pentagon Blocks Clampdown on Huawei Sales (Wall Street Journal) The Commerce Department has withdrawn proposed regulations making it harder for U.S. companies to sell to Huawei from their overseas facilities following objections from the Pentagon and the Treasury Department.

What new documents say about US-partner cyber operations (Fifth Domain) New documents made available through Freedom of Information Act shed light on anti-ISIS cyber operations.

The Big Change in Cybersecurity Regulation That No One Is Talking About (JD Supra) The close of 2019 witnessed a significant development in data security law that impacts companies regulated with respect to or engaged in the trading...

Iran tension ‘heightened awareness’ for state and local cybersecurity, CISA chief says (StateScoop) Chris Krebs, the Department of Homeland Security’s top cybersecurity official, told a group of mayors to use the moment as an opportunity to improve their defenses against ransomware.

States name three ways feds can help with cybersecurity (StateScoop) NASCIO is still looking for regulatory reform, along with the passage of two cybersecurity aid bills.

Information sharing anchors CISA crisis response strategy (Federal News Network) CISA thinks of itself as the nation’s risk advisor. To that end, Director Chris Krebs shared five areas of focus for the next few years, and six tips for a successful cybersecurity program.

After Russian Hack Of Illinois Voter Database In 2016, State Beefed Up Election Cybersecurity (CBS News) Three-and-a-half years after a Russian breach of voter databases, the fight against foreign influence on voters continues nationwide.

Mendocino County increasing preparations to combat cybersecurity threats (The Ukiah Daily Journal) The Mendocino County Board of Supervisors on Tuesday heard a presentation on the growing threat to cybersecurity in Mendocino County and what the county can do to protect itself from cyberattacks i…

A bill to amend the Foreign Intelligence Surveillance Act of 1978 to protect privacy rights, and for other purposes. (US Senate) Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled, 3 SECTION 1. SHORT TITLE; TABLE OF CONTENTS. 4 (a) SHORT TITLE.—This Act may be cited as the 5 ‘‘Safeguarding Americans’ Private Records Act of 2020’’.

Secret Service to launch private-sector cybercrime council (CyberScoop) The Secret Service has recently hand-picked a small group of private-sector cybersecurity experts to advise the agency’s investigations team on how it can better take down cybercriminals, CyberScoop has learned.

How to eliminate ransomware: No one pay, ever. And get compensation (SC Magazine) In 2020 “A local government somewhere will ban public-sector ransomware payments,” suggested Markus Braendle, CEO, Airbus CyberSecurity. Now extrapolate that thought.

Litigation, Investigation, and Law Enforcement

How a Russian disinfo op got Trump impeached (POLITICO) The Kremlin may have been laying the groundwork for blaming Ukraine for 2016 as early as 2015.

Top intel office fails to meet deadline to give Khashoggi report to Congress: report (TheHill) The top intelligence office failed to meet a deadline this week to provide a report to Congress on Washington Post journalist Jamal Khashoggi’s killing,

U.N. Suggests Bezos’ Phone Was Hacked Using Saudi Crown Prince’s Account (Wall Street Journal) Two United Nations officials called for further investigation into the alleged hacking of Washington Post owner Jeff Bezos’ phone, suggesting it was an attempt to influence news coverage of Saudi Arabia.

Think Your iPhone 11 Is Secure? FBI Cracks Through Apple's 'Walled Garden,' Again (International Business Times) FBI has been repeatedly requesting Apple for unrestricted access to its iPhones since the 2015 San Bernardino shooting.

Apple allegedly made nice with FBI by dropping iCloud encryption plan (Naked Security) Sources told Reuters that Apple may have been convinced by arguments made during the legal fight over cracking the San Bernardino iPhone.

A la carte Phone Hacking Is Scary, But Better Than Government Backdoor | Digital Trends (Digital Trends) Law enforcement says it's easier than ever to break into a person's phone, even as the government continues to demand encryption backdoors. But a private company hacking your phone is still better than your government having full access, say ex-NSA and ex-CIA analysts.

Warren calls for Brazil to drop charges against Glenn Greenwald (TheHill) Sen. Elizabeth Warren (D-Mass.) called on Brazil to drop cyber crime charges against an American journalist who reported on leaked cell phone messages from Brazilian officials in a story raising concerns about corruption inside the government.

Analysis | The Cybersecurity 202: Glenn Greenwald says Brazil charges are part of a global trend to criminalize journalism (Washington Post) Even in democracies, the American journalist says, "there’s a real struggle to make the law fit criminalizing leaks of this sort.”

Another Poor Cybersecurity Audit at State Department Draws Scrutiny (Nextgov.com) Auditors have been reporting weaknesses in IT security controls for over a decade.

Equifax Breach Affected 147 Million, but Most Sit Out Settlement (New York Times) A little more than 10 percent of consumers affected by the Equifax breach had made settlement claims as of Dec. 1.

Lawsuit: Lax cybersecurity let hackers get away with $1.7M (MahoningMatters.com) A Boardman manufacturer suffered a "catastrophic" cybersecurity breach in January 2018, according to a new civil suit.

Another Methbot suspect, Sergey Denisoff, arrested more than a year after initial charges (CyberScoop) U.S. police have arrested another suspect in connection with an advertising fraud conspiracy that relied on run-of-the-mill hacking techniques to scam American companies out of roughly $30 million, according to new court documents.

Wells Fargo Ex-CEO Banned, to Pay $17 Million in Fake-Account Scandal (Wall Street Journal) A regulator barred John Stumpf from the banking industry over the firm’s fake-accounts scandal, an extraordinary sanction for a top executive at a large bank.

Metropolitan Police to roll-out live facial recognition across London (Computing) Met plans to use live facial recognition at 'specific location' in London to 'help protect the vulnerable'

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

CPX 360 New Orleans (New Orleans, Lousiana, USA, January 27 - 29, 2020) Mark your calendar now for CPX 360 2020, the world’s premiere cyber security summit of the year. Globally renowned industry experts will take to the stage to share analysis, core insights, and actionable...

SINET: Global Cybersecurity Innovation Summit (London, England, UK, January 30, 2020) Advancing global collaboration and innovation, SINET convenes a summit of international cybersecurity leaders at the British Museum. The conference will bring together innovators, investors, researchers,...

CPX 360 Vienna (Vienna, Austria, February 4 - 6, 2020) At CPX 360, you’ll gain an in-depth understanding of today’s dynamic threat landscape and the emerging challenges within cyber security. Get a look at the next wave of Check Point innovation and discover...

5t​h​ Annual Atlanta Cyber Security Summit (Atlanta, Georgia, USA, February 5, 2020) C-Suite & Senior Level Executives: Register with Promo Code CYBERWIRE95 to receive $95 Admission (Standard Price is $350). Learn from renowned experts from The FBI, U.S. Secret Service, U.S. Dept. of Homeland...

Suits & Spooks, 10th Anniversary: Taking Ownership of the Future of our Security (Washington, DC, USA, February 6 - 7, 2020) Suits & Spooks DC is the only international security summit where the attendees and speakers engage in discussion and debate of cyber/physical security challenges over the course of two days. World-class...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.