skip navigation

More signal. Less noise.

MVISION Insights: Move Beyond Intelligence to Insights that Empower You to Change Your Environment.

Harnessing the power of one billion threat sensors worldwide, McAfee designs security fueled by Insights. MVISION Insights enables you to move beyond intelligence and empowers you to change your environment. Identify with Machine Learning. Defend and correct with Deep Learning. Anticipate with Artificial Intelligence. Move your security out of reactive mode to a proactive posture. McAfee, the device-to-cloud cybersecurity company. Go to McAfee.com/insights to learn more.

Daily briefing.

The University of Toronto’s Citizen Lab reports its conclusions that a New York Times journalist was hit with Pegasus spyware in June of 2018. The vector was a text message that contained a hyperlink to a site associated with a “Pegasus operator” Citizen Lab calls “KINGDOM,” and which the Lab says is connected to Saudi Arabi. Other KINGDOM targets included Saudi dissidents and an Amnesty International staffer.

A joint inquiry by Motherboard and PCMag disclosed that Avast subsidiary Jumpshot was selling anonymized user data to companies who found it valuable for various marketing purposes. Avast’s free antivirus software collects such data on behalf of Jumpshot, which then provides the information to its customers. Some, perhaps most, customers are unaware that their data are being sold. While those data are anonymized, they’re sufficiently rich to offer some prospect of de-anonymization. It’s a bad look for the company, whose browser extensions were removed from Mozilla, Google, and Opera stores over similar data collection. Avast stopped collecting via extensions, but appears to have shifted to collecting via its antivirus software.

Avast has sought to make a fresh start, offering users of its product a chance to opt out of the collection, but some remain unmollified: PCMag writes that US Senator Warner (Democrat of Virginia) has asked the Federal Trade Commission to increase enforcement actions against such sale of customer data.

Computing reports that the British Government has reached a compromise on Huawei: let the vendor into 5G’s non-core, peripheral parts, but no farther.

Notes.

Today's issue includes events affecting China, Estonia, European Union, Indonesia, Iran, Latvia, NATO/OTAN, Pakistan, Saudi Arabia, Singapore, United Kingdom, United States.

Bring your own context.

If you're a politician, foreign intelligence services are interested in you.

"Well, given that this is the year 2020 and that we are looking at what could be one of the most contested and contentious election years in American history, I believe that nation-states will look to continue to interfere in the election. And one way that they could do that is through getting out ahead of stories. And what I mean by that is we have seen not only in 2019 and in 2020 and in 2016, but any time that there is a scandal or a question about a person or an organization or a company and if they're up there in the news, the nation-states looking to further their cause, perhaps for the opposing candidate, they'll actually launch a cyberattack against that person, that individual, that organization or that company in order to get the data before anyone else can or before its release and either leak it or use it for blackmail. And we've seen that historically. So I believe that nation-states will become much more predatory when it comes to the headlines." 

—Justin Harvey, Global Incident Response Leader at Accenture, on the CyberWire Daily Podcast, 1.24.20.

There's a value to getting ahead of the headlines.

Coming soon: CyberWire Pro.

Our new subscription program, CyberWire Pro, will be available soon. Designed for cyber security professionals and others who want to stay abreast of our rapidly evolving industry, CyberWire Pro is a premium news service that will save you time and keep you informed. Learn more and sign up to get launch updates here.

Simple, secure identity and access management for your business.

LastPass Identity provides simple control and visibility across every entry point to your business through single sign-on, password management and multi-factor authentication in one unified solution. LastPass Identity provides a holistic view of end user activity to simplify security for IT, all while delivering the passwordless login experience employees want. Start a free LastPass Identity trial today.

In today's CyberWire Daily Podcast, out later this afternoon, we hear from our partners at the Johns Hopkins University Information Security Institute, as Joe Carrigan discusses evolving ransomware business models. Our guest is Dr. Christopher Pierson from BlackCloak, with insights on the alleged Bezos phone hack and the vulnerabilities of high-profile individuals.

And Recorded Future's podcast, produced in partnership with the CyberWire, is also up. In this episode, "Teachers, Trainers, and Educators," Evan Paul Jensen, CTO and co-founder of Boston Cybernetics, discusses his organization's unique approach to training and operational security issues.

Cyber Security Summits: February 5 in Atlanta and on March 20 in Tampa (Atlanta, Georgia, United States, February 5, 2020) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, U.S. Secret Service, IBM Security, Google and more. Register with promo code cyberwire20 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com

Suits & Spooks (Washington, DC, United States, February 6 - 7, 2020) Suits & Spooks DC is the only international security summit where the attendees and speakers from government agencies and technology companies engage in discussion and debate of security challenges. World-class speakers describe their vision of future threats and leading-edge companies will exhibit novel solutions. Get 15% off with discount code cyberwire15.

Cyber or Cleared Job Fair, February 13, San Antonio. (San Antonio, Texas, United States, February 13, 2020) Cleared and non-cleared cybersecurity pros make your next career move at the Cyber or Cleared Job Fair, February 13 in San Antonio. Meet face-to-face with leading cyber employers. Visit our site for more details.

RSAC 2020 (San Francisco, California, United States, February 24 - 28, 2020) Connect to the people and ideas that matter. To your growth. To your organization. At RSAC 2020, February 24 – 28, explore current and emerging trends, gain valuable skills and network with peers. Register today!

Cyber Attacks, Threats, and Vulnerabilities

Stopping the Press: New York Times Journalist Targeted by Saudi-linked Pegasus Spyware Operator - The Citizen Lab (The Citizen Lab) New York Times journalist Ben Hubbard was targeted with NSO Group’s Pegasus spyware via a June 2018 SMS message promising details about “Ben Hubbard and the story of the Saudi Royal Family.” The SMS contained a hyperlink to a website used by a Pegasus operator that we call KINGDOM. We have linked KINGDOM to Saudi Arabia. In 2018, KINGDOM also targeted Saudi dissidents including Omar Abdulaziz, Ghanem al-Masarir, and Yahya Assiri, as well as a staff member at Amnesty International.

FBI Releases Alert on Iranian Hackers' Defacement Techniques (BleepingComputer) The FBI Cyber Division issued a flash security alert earlier this month with additional indicators of compromise from recent defacement attacks operated by Iranian threat actors and info on attackers' TTPs to help administrators and users to protect their websites.

Leaked Documents Expose the Secretive Market for Your Web Browsing Data (Vice) An Avast antivirus subsidiary sells 'Every search. Every click. Every buy. On every site.' Its clients have included Home Depot, Google, Microsoft, Pepsi, and McKinsey.

Avast subsidiary Jumpshot sells every click on antivirus users' PCs (Computing) Avast is embroiled in new claims that it spies on users and sells their web browsing data

Antivirus software maker Avast is reportedly selling its users' web data (CNET) Sensitive browsing data is repackaged and sold by a subsidiary called Jumpshot, according to a Motherboard and PCMag investigation.

Report: Avast and AVG collect and sell your personal info via their free antivirus programs (PCWorld) The report alleges that Avast and AVG are collecting personal information and sending it to Jumpshot, a subsidiary that provides information on every "search, click and buy" you make to corporate clients.

The average ransom demand for a REvil ransomware infection is a whopping $260,000 (ZDNet) Security researchers sinkhole the REvil ransomware servers and gain an insight into the operation of today's biggest ransomware gang.

Tracking REvil (KPN) After the message GandCrab quit, a hole was left in the scene. It was time for a new contender. In the last few months REvil/Sodinokibi seems to have filled that gap. There already have been multiple blogs describing the similarities between GandCrab and REvil affiliates. We’ll stay clear of the similarities in this blog and focus on the usage statistics of the ransomware family by looking at samples, infection rates and ransom demands.

A new piece of Ryuk Stealer targets government, military and finance sectors (Security Affairs) A new piece of the Ryuk malware has been improved to steal confidential files related to the military, government, financial statements, and banking. Security experts from MalwareHunterTeam have discovered a new version of the Ryuk Stealer malware that has been enhanced to allow its operators to steal a greater amount of confidential files related to […]

SIM Swappers Are Phishing Telecom Company Employees to Access Internal Tools (Vice) SIM swappers are particularly interested in a tool called Omni from Verizon that allows hackers to take over phone numbers.

Zoom-Zoom: We Are Watching You (Check Point Research) Alexander Chailytko Cyber Security, Research & Innovation Manager In this publication we describe a technique which would have allowed a threat actor to potentially identify and join active meetings. All the details discussed in this publication were responsibly disclosed to Zoom Video Communications, Inc. In response, Zoom introduced a number of mitigations, so this attack... Click to Read More

Citrix Flaw Exploited by Ransomware Attackers (Infosecurity Magazine) German car parts maker among the victims

Gedia Automotive hit by “massive cyber-attack” (Automotive Logistics) Gedia Automotive Group has been the victim of a cyber-attack by a gang using ransomware known as Sodinokibi...

RCE Exploit for Windows RDP Gateway Demoed by Researcher (BleepingComputer) A remote code execution (RCE) exploit for Windows Remote Desktop Gateway (RD Gateway) was demoed by InfoGuard AG penetration tester Luca Marcelli, after a proof-of-concept denial of service exploit was released by Danish security researcher Ollypwn on Friday for the same pair of flaws.

Assessing the Dangers Caused by Cryptojacking (Security Boulevard) Cryptojacking, also known as crypto mining, is an online threat hidden on a computer or a mobile device, using its resources to mine for cryptocurrencies.

Loophole closed, service members’ medical images no longer accessible online (Military Times) Some troops' sensitive medical information can no longer be found online, according to Virginia Sen. Mark Warner.

Twitter accounts of NFL, Packers, Chiefs appear to have been hacked (USA TODAY) Twitter accounts belonging to the NFL and multiple teams all posted messages Monday claiming that "everything is hackable."

Contra Costa County Cyber Attack Has Officials On Alert Ahead of Elections (NBC Bay Area) A recent cyber attack in Contra Costa County libraries has officials looking closely at how to keep the upcoming elections safe.

Vulnerability Summary for the Week of January 20, 2020 (CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.  

Security Patches, Mitigations, and Software Updates

Intel Is Patching the Patch for the Patch for Its ‘Zombieload’ Flaw (Wired) Intel's made two attempts to fix the microprocessor vulnerability it was warned about 18 months ago. Third time’s the charm?

Intel to release more patches for 'Zombieload' vulnerabilities affecting its processors (Computing) Security researchers criticise Intel for its piecemeal approach towards micro-architectural data sampling flaws

Starting the Decade by Giving You More Control Over Your Privacy (About Facebook) We're sharing some of the work we’ve been doing to give you more control over your privacy on and off Facebook.

Tinder to get panic button, catfish-fighting facial recognition (Naked Security) It’s both a genius move to protect from assault and fraud and a personal data grab.

Cyber Trends

Is Business Ready for an Extinction-level Event? Deloitte Poll Reports Destructive Cyberattacks as Top Cyber Risk (PR Newswire) Key takeaways In an era of technological transformation and cyber everywhere, the attack surface is exponentially growing as cyber criminals...

Okta Businesses @ Work 2020 | Technology Industry Trend Report (Okta) An in-depth look into how organizations and people work today — exploring workforces and customers, and the applications and services they use to be productive.

Americans want stronger privacy over easier access to health data (HOTforSecurity) In a welcome mentality shift, Americans are starting to put their privacy first and convenience second when it comes to their health data, according to a study by America’s Health Insurance Plans (AHIP). Most surveys asking people about their experience... #health #healthdata #healthrecord

Data Privacy Day: Gaining and maintaining trust is key for data defenders (SC Magazine) Building & ensuring trust are recurrent themes from our commentators, which also include education, awareness, going beyond compliance, implementing best practice, & a host of other concerns.

Privacy Complacency: The Hidden Dangers Lurking Beneath Today’s Surface-Level Data Protection (ProPrivacy.com) For Data Privacy Day 2020, we're launching our brand new eBook on privacy complacency. Have you taken steps to secure your data online? How do you know what you're doing is effective? This new data report delves into our behavior when it comes to protecting our data and suggests solutions to protect the digital privacy of you and your family today.

What happens in cyberspace does not stay in cyberspace (The International News) We live in an era of transformation, witnessing the process of digitisation rapidly taking place in every possible sector across the globe. The development in telecommunication industry and the growing digital space has opened new avenues to...

McAfee Report Demonstrates That Data Is Widely Dispersed in the Cloud Beyond Most Enterprise Control (BusinessWire) McAfee, the device-to-cloud cybersecurity company, today released a new research study titled Enterprise Supernova: The Data Dispersion Cloud Adoption

IoT Trouble: The Sonos Example — And More (Medium) The everything-computerized-and-always-connected smarthome is a work in progress. This slow pace is a good thing because it gives us time to consider new technical and societal challenges.

The real reason tech companies want regulation (Exponential View) Clarence isn’t from the 313.

Security tools still among the fastest-growing apps in corporate America (CyberScoop) More of the tools used throughout the private sector are ones that help company staffers better manage or prevent security incidents.

Bernie Sanders and His Internet Army (New York Times) At the start of his 2020 bid, the Vermont senator told his supporters that he condemned bullying. Is it his problem if many don’t seem to listen?

Marketplace

An Industry Perspective on Closing the Cyber Workforce Gap (SIGNAL Magazine) Unfortunately, this is not a problem that is getting smaller, says Ryan Bagby, senior program manager, Cybersecurity Special Missions, Raytheon Intelligence, Information & Services.

AppOmni Raises $10 Million in Series A Funding Led by ClearSky (BusinessWire) AppOmni announces $10 million Series A funding round

Is This Acquisition One Too Many, Even For Accenture? (Seeking Alpha) Accenture’s strategy has been predicated on creating a technology platform to supplement and further the delivery of its services. Accenture has been steadily a

Products, Services, and Solutions

F Secure Oyj : Highly positive response to F-Secure ID PROTECTION signals strong demand in the operator channel (MarketScreener) Cyber security provider F-Secure has begun to roll out F-Secure ID PROTECTION and five operator partners around the world have already signed up...

AI-Hunter v3.6.1 Is in the Wild! - Active Countermeasures (Active Countermeasures) AI-Hunter 3.6.1 is out! This release is focused on fixes and smaller features. We hope you’ll give it a try!   New Features …

Datadobi Eases NAS Migrations with New DIY Starter Pack (Yahoo) Datadobi, the global leader in unstructured data migration software, is making its purpose-built NAS migration technology – already in use by hundreds of the world’s largest organizations for the biggest, most complex projects – available to companies of all sizes via a Starter Pack. The channel-ready

Corelight Announces Full Support for Elastic Common Schema for Simplified Search and Analytics Capabilities (PR Newswire) Corelight, provider of the most powerful network traffic analysis (NTA) solutions for cybersecurity, today reinforced its support for the...

Technologies, Techniques, and Standards

Federal agency offers guidelines for businesses defending against ransomware attacks (TheHill) The National Institute of Standards and Technology (NIST) published draft guidelines Monday providing businesses with ways to defend against debilitating ransomware attacks.

Facebook, Google and Twitter scramble to stop misinformation about coronavirus (Washington Post) Major social-media sites already are rushing to prevent pervasive conspiracy theories about the illness, including a hoax that wrongly claims U.S. government officials secretly created the disease in a lab.

US Space Industry to Launch Cybersecurity Portal (Infosecurity Magazine) Space ISAC cybersecurity information-sharing portal planned for spring 2020

Protector Of N.H. Primary Claims 'You Can't Hack This Pencil,' But Worries Persist (NPR.org) Some worry that New Hampshire Secretary of State Bill Gardner's office was too slow to acknowledge the scale of the election security problem and focused on addressing the wrong challenges.

One Small Fix Would Curb Stingray Surveillance (Wired) The technology needed to limit stingrays is clear—but good luck getting telecoms on board.

Can PAM Coexist with the Zero Trust Security Model? Yes says Thycotic (American Security Today) By Joseph Carson, Chief Security Scientist (CSS) & Advisory CISO at Thycotic What is the Zero Trust security model and why was it introduced? The concept of Zero Trust security isn’t new; the term was coined by Forrester back in 2010 and was initially synonymous with a network security approach known as micro-segmentation. Micro-segmentation is …

How to catch cyberattackers with traditional military deception (Army Technology) Tony Cole, CTO of Attivo Networks, NASA Advisory Council member and (ISC) ² board member, tells Harry Lye how traditional military deception techniques can be adapted for the digital domain to combat cybersecurity threats.

OT cyber monitoring is not sufficient to identify many significant control system cyber incidents (Control Global) A major news organization contacted me about my control system cyber incident database. I have been very clear the database is not public but I could provide sanitized information. Until now, that was not sufficient to get media interest as they wanted names.

How to detect and prevent issues with vulnerable LoRaWAN networks (Help Net Security) IOActive researchers found that a great number of vulnerable LoRaWAN networks, and have released the free LoRaWAN Auditing Framework.

What You Should Actually Learn From a Pentest Report (Black Hills Information Security) So you’ve been pentested. Congrats! It might not feel like it, but this will eventually leave you more confident about your security, not less. The real question is – why might it not feel like it? Pentest findings can be broken down many ways, of course – the obvious one …

How To Replay RF Signals Using SDR (Black Hills Information Security) RF Signal Replay Techniques Disclaimer: Be sure to use a faraday bag or cage before transmitting any data so you don’t accidentally break any laws by illegally transmitting on regulated frequencies. Additionally, intercepting and decrypting someone else’s data is illegal, so be careful when researching your traffic. Preface: Recently, …

Exercise Crossed Swords 2020 Reached New Levels of Multinational and Interdisciplinary Cooperation (CCDCOE) The 6th iteration of the annual cyber exercise Crossed Swords in Riga, Latvia, brought together more than 120 technical experts, Cyber Commands´ members, Special Forces operators and military police.

Cyber defense game brings together security experts, special forces and more as military prepares for warfare 2.0 (ZDNet) The Crossed Swords exercise got security professionals across the world to leverage cyberattacks to protect national interests.

More countries participate in NATO’s cyber exercise (Fifth Domain) NATO officials said they reached new levels of cooperation during the organization’s annual cyber exercise.

This Is What Hacking an iPhone Actually Looks Like + Hidden Details (iDrop News) If you’ve ever wondered what hacking an iPhone looks like, a forensic analyst has posted an image to Reddit that gives you a peek behind the curtain.

Design and Innovation

Google to redesign its redesign after criticism it made adverts blend-in with organic search results (Computing) Google to experiment with its desktop search website following criticism over its redesign

Avast Explains Cybersecurity AI at Enigma Conference (Avast) Find out from researcher Sadia Afroz how Avast uses a huge data set to quickly update new models, providing crucial, up-to-the-second protection.

Legislation, Policy, and Regulation

As Virus Spreads, Anger Floods Chinese Social Media (New York Times) The sheer volume of criticism of the government, and the sometimes clever ways that critics dodge censors, are testing Beijing’s ability to control the narrative.

Ukrainian Plane Tragedy Challenges Tehran's Narrative Of 1988 U.S. Shoot-Down Of Iranian Airliner (RadioFreeEurope/RadioLiberty) The January 8 downing of a Ukrainian passenger plane by Iran has led some to recall the 1988 U.S. shoot-down of an Iranian commercial aircraft, which Tehran has frequently used in the past 30 years to blast Washington. Analysts say the recent tragedy undermines the clerical establishment's use of the 1988 downing of Iran Air Flight 655 as propaganda against the United States.

Saudi Arabia outsources cyber arsenal, buys spyware, experts say (Alton Telegraph) If it turns out that Saudi Arabia hacked into the phone of Amazon.com Chief Executive Officer Jeff Bezos, as investigators have alleged, the oil rich nation likely utilized its preferred method of cyber espionage: outsourcing.

Huawei granted 'limited' role in UK 5G and fibre network roll-outs (Computing) Government decision to allow Huawei to supply non-core 5G equipment likely to please no-one

UK decision on Huawei's participation in 5G networks due today (Computing) Prime Minister Boris Johnson under pressure from both sides over inclusion of Huawei in the UK's 5G networks

Boris Johnson hints at compromise over Huawei and 5G (the Guardian) PM says solution will allow technological progress but not jeopardise US relationship

As Britain decides, Europe grapples with Huawei conundrum (Reuters) Britain's decision on whether to allow Huawei to supply equipment for 5G mo...

Key Republicans seek ban on intel sharing with countries that use Huawei (C4ISRNET) The legislation could potentially downgrade America’s “special relationship” with the U.K., which is reportedly expected to grant Chinese telecom giant Huawei some access to its nascent 5G network.

Analysis | The Cybersecurity 202: Mike Rogers, former Republican House Intel chief, blasts Congress for not taking action on Huawei (Washington Post) His old panel is “just broken" amid partisan warfare, Rogers says.

The Right Way to Deal With Huawei (Foreign Affairs) The United States needs to compete with Chinese firms, not just ban them.

US Rolls Out New Bill to Reform NSA Surveillance (Infosecurity Magazine) New US bill could end mass surveillance of phone records by the NSA

Senator Warner Says FTC Not Doing Enough on Sale of Browsing Data (Vice) Warner's comments come after a Motherboard and PCMag investigation found antivirus Avast selling browsing data to Home Depot, Google, and other companies.

Union Leader Says Utilities Not Incentivized to Report Cyber Incidents or Implement Protections (Nextgov.com) FERC’s recently “expanded” reporting requirements leave it up to entities to decide on qualifying events.

NY State Senate Bill Would Ban Police Use of Facial Recognition Technology (New York Law Journal) The bill would also create a task force to examine how to regulate biometric technology in the future, with seats reserved for the state police and the New York City Police Department, among other agencies.

Litigation, Investigation, and Law Enforcement

The Jeff Bezos Hack Shows Vulnerability Beyond Tech (Washington Post) The innocuous-looking video file believed to have been used to hack Jeff Bezos’s smartphone says a lot about the technological sophistication of today’s spyware.

Instagram CEO’s homes were targetted by SWATters (Naked Security) Instagram CEO Adam Mosseri’s houses were surrounded by SWAT teams after hoax phone calls claimed hostages were being held there.

People Are Calling SWAT Teams to Tech Executives’ Homes (New York Times) Online forums carry personal details of potential targets like industry leaders and their families. The police are struggling to find a solution.

Cardplanet mastermind pleads guilty to credit card fraud (Naked Security) Cardplanet offered refunds on invalid card data, along with a card checking service that ensured a stolen card was still valid.

Magecart gang arrested in Indonesia (ZDNet) First-ever arrest of a Magecart hacker gang.

VMware hit with $236M verdict in patent suit, says it plans to 'vigorously' fight ruling (Silicon Valley Business Journal) The $60 billion software company said it plans to fight the verdict.

Reichman Jorgensen Secures $236 Million Patent Infringement Verdict for Densify Against VMware (Yahoo) Reichman Jorgensen LLP has secured a $236 million patent infringement verdict on behalf of Densify against tech giant VMware, Inc.

US appeals court rejects Tennessee election security lawsuit (AP NEWS) MEMPHIS, Teen. (AP) — A federal appeals court has sided with a lower court in rejecting a lawsuit that challenges the security of voting machines in Tennessee's largest county. A...

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

CyCon 3.0 (Sterling, Virginia, USA, February 15, 2020) Our 3rd Annual NOVA CyCon event in Loudoun has a full lineup of cybersecurity experts, speakers and federal contractors presenting on cutting-edge topics! Networking, free lunch and refreshments, door...

Upcoming Events

CPX 360 New Orleans (New Orleans, Lousiana, USA, January 27 - 29, 2020) Mark your calendar now for CPX 360 2020, the world’s premiere cyber security summit of the year. Globally renowned industry experts will take to the stage to share analysis, core insights, and actionable...

SINET: Global Cybersecurity Innovation Summit (London, England, UK, January 30, 2020) Advancing global collaboration and innovation, SINET convenes a summit of international cybersecurity leaders at the British Museum. The conference will bring together innovators, investors, researchers,...

CPX 360 Vienna (Vienna, Austria, February 4 - 6, 2020) At CPX 360, you’ll gain an in-depth understanding of today’s dynamic threat landscape and the emerging challenges within cyber security. Get a look at the next wave of Check Point innovation and discover...

5t​h​ Annual Atlanta Cyber Security Summit (Atlanta, Georgia, USA, February 5, 2020) C-Suite & Senior Level Executives: Register with Promo Code CYBERWIRE95 to receive $95 Admission (Standard Price is $350). Learn from renowned experts from The FBI, U.S. Secret Service, U.S. Dept. of Homeland...

Suits & Spooks, 10th Anniversary: Taking Ownership of the Future of our Security (Washington, DC, USA, February 6 - 7, 2020) Suits & Spooks DC is the only international security summit where the attendees and speakers engage in discussion and debate of cyber/physical security challenges over the course of two days. World-class...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.