The CyberWire Daily Briefing, 2.7.20

Summary

By the CyberWire staff

Malaysia CERT (MyCERT) has issued an advisory warning that a cyber espionage campaign has been conducted against government officials in that country. They don’t specifically call out the parties responsible, but sources listed among their references suggest that it’s APT40. APT40 is generally believed, as ZDNet notes, to be a group of contractors working for the Hainan department of the Chinese Ministry of State Security.

Two more Japanese defense contractors have joined Mitsubishi Electric and NEC in delayed disclosure that they were breached by Chinese threat actors, BleepingComputer reports. Pasco Corporation was hit in May 2018; Kobe Steel was compromised in June of 2015 and again in August 2016.

A Bluetooth flaw leaves Android devices vulnerable: an attacker could compromise a device without user interaction, according to the Register, which recommends avoiding Bluetooth with Android until the flaw is patched.

VPNPro, Trend Micro, and Cofense have found malicious Android apps in Google Play. Those identified by Trend Micro are interesting in that they post their own positive reviews the better to attract downloads. VPNPro links the bad apps it found to Shenzhen HAWK Internet Co., a Chinese firm that told Forbes the whole thing is a misunderstanding.

Tom Perez, chair of the Democratic National Committee, tweeted that the Iowa Democratic Party should recanvass because of problems with the ways Monday’s caucus results were tabulated. The Des Moines Register reports that Iowa party officials now blame a last-minute security patch the DNC demanded for the problems the IowaReportingApp experienced this week.

Fast, Comprehensive, Simplified Threat Intel Delivered To Your Inbox

Notes.

Today's issue includes events affecting Brazil, China, European Union, Iran, Japan, Malaysia, Russia, Saudi Arabia, United States

Bring your own context.

Why it's important to warn people when Emotet raises its head.

"Well, so what we saw in this particular campaign was basically a compromise with some government and military customers. And then, you know, as usual, Emotet will use those accounts to move laterally within organizations. And because these were government and military, it's moving inside of government and military. And obviously, when you see that type of thing, it's very concerning because generally speaking, if people see emails from sources that they consider internal, they're much more likely to trust them. And that's why we needed to make sure the word got out that there are malicious actors using these relationships for nefarious purposes."

—Craig Williams, director of Talos Outreach at Cisco, on the CyberWire Daily Podcast, 2.5.20.

Emotet is better than most attack tools at looking legit.

Coming soon: CyberWire Pro.

Our new subscription program, CyberWire Pro, will be available soon. Designed for cyber security professionals and others who want to stay abreast of our rapidly evolving industry, CyberWire Pro is a premium news service that will save you time and keep you informed. Learn more and sign up to get launch updates here.

Aerospace news worthy of attention.

If you're interested in space and communications (technology, policy, business, and operations), take a look at Cosmic AES Signals & Space. Produced in partnership with the CyberWire, Signals & Space offers a monthly overview of news in this sector.

Protecting Your Clients with Aeonik™ From LookingGlass

Will you be at RSAC 2020? Need a break from the hectic expo floor? Join LookingGlass security experts for a FREE Lunch & Learn on Wednesday, February 26, where you will learn how to enhance your security offerings to better protect your clients with the Aeonik Security Fabric. Our experts will give an overview of how you can accelerate your business as part of the Cyber Guardian Network. Register today to save your spot!

On the Podcast

In today's CyberWire Daily Podcast, out later this afternoon, we speak with our partners at CynergisTek, as Caleb Barlow offers more insights on hospitals and ransomware, this time from the patient’s perspective. Our guest is Matt Cauthorn from ExtraHop, comparing cloud platforms’ similarities and differences.

Sponsored Events

Cyber or Cleared Job Fair, February 13, San Antonio. (San Antonio, Texas, United States, February 13, 2020) Cleared and non-cleared cybersecurity pros make your next career move at the Cyber or Cleared Job Fair, February 13 in San Antonio. Meet face-to-face with leading cyber employers. Visit our site for more details.

CyCon 3.0 (Sterling, Virginia, USA, February 15, 2020) Join us at this upcoming cybersecurity event in Loudoun, VA with a full lineup of industry experts, speakers and federal contractors presenting on cutting-edge topics in the domain of cyber. This event is FREE for everyone! Register today!

The Human Hacking Conference (Orlando, Florida, USA, February 20 - 22, 2020) The Human Hacking Conference is an all-encompassing event that teaches business, security, technology, and psychology professionals the latest expert techniques in human deception, body language analysis, cognitive agility, intelligence research, and security best practices.

RSAC 2020 (San Francisco, California, United States, February 24 - 28, 2020) Connect to the people and ideas that matter. To your growth. To your organization. At RSAC 2020, February 24 – 28, explore current and emerging trends, gain valuable skills and network with peers. Register today!

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

Iowa Caucus Results Riddled With Errors and Inconsistencies (New York Times) The mistakes do not appear intentional, but they raise questions about whether there will ever be a completely precise accounting.

Democratic chair calls for recanvass in Iowa as national leaders raise new questions about handling of app (Washington Post) A top Democratic official said Thursday he had warned Iowa Democrats last month against using an untested app to transmit returns in the Iowa caucuses, whose results were thrown into further disarray as the party’s national leader called for a recanvass.

DNC-ordered security patch fouled Iowa caucus app, ex-Democratic official says; official denies (Des Moines Register) Some state party staffers believe an update pushed by the DNC caused the malfunction between the app’s coding and the state party verification system.

Malaysia warns of Chinese hacking campaign targeting government projects (ZDNet) MyCERT security alert points the finger at APT40, a Chinese state-sponsored hacking crew.

China-linked hackers have targeted Malaysian government, officials warn (CyberScoop) A hacking group that private researchers have linked with Chinese interests has successfully targeted Malaysian government officials in an apparent data-stealing espionage campaign, cybersecurity officials in the Southeast Asian nation said this week.

Who Are the Gamaredon Group and What Do They Want? (SentinelOne) SentinelLabs latest research shows how a Pro-Russian APT wages cyber warfare to gather intel and test its capabilities. What does this mean for enterprise?

Saudi Aramco sees increase in attempted cyber attacks (Reuters) Saudi Aramco has seen an increase in attempted cyber attacks since the final qua...

Japanese Defense Contractors Kobe Steel, Pasco Disclose Breaches (BleepingComputer) Japanese defense contractors Pasco Corporation (Pasco) and Kobe Steel (Kobelco) today disclosed security breaches that happened in May 2018 and in June 2015/August 2016, respectively.

New malware impacting online banking tricks users (Insurance Business) Users are forced into retyping their passwords

Another Metamorfo Variant Targeting Customers of Financial Institutions in More Countries (Fortinet Blog) Read about the malware family of the Metamorfo targeting financial organizations, in this analysis from FortiGuard Labs.…

Critical Android Bluetooth Flaw Exploitable without User Interaction (BleepingComputer) Android users are urged to apply the latest security patches released for the operating system on Monday that address a critical vulnerability in the Bluetooth subsystem.

Warning over malware campaigns that compromised half-a-million Android users (Computing) Apps purporting to be utilities for optimising device performance downloaded malware

Malicious Optimizer and Utility Android Apps on Google Play Communicate with Trojans that Install Malware, Perform Mobile Ad Fraud (TrendLabs Security Intelligence Blog) We discovered malicious apps on Google Play that can access remote ad configuration servers, perform mobile ad fraud, and download 3,000 malware variants.

Infostealer, Keylogger, and Ransomware in One: Anubis Targets More than 250 Android Applications (Cofense) The Cofense Phishing Defense Center uncovered a phishing campaign that specifically targets users of Android devices that could result in compromise if unsigned Android applications are permitted on the device.

Shenzhen HAWK Behind 24 Apps Seeking Dangerous Permissions (VPNpro) Shenzhen HAWK is secretly behind these 24 popular apps requesting dangerous, with some apps guilty of spreading malware. Read our research to learn more.

Android pulls 24 ‘dangerous’ malware-filled apps from Play Store (Naked Security) The malware-infected apps used to harvest data and sign users up to premium services have been downloaded more than 382 million times.

Malicious apps now post their own positive reviews on Google Play (SC Magazine) The assault on Google’s Play Store continues with 30 malicious apps being revealed that have been downloaded hundreds of millions of times and having capabilities that have caused security firms suggesting end users take extraordinary steps to vet software prior to downloading.

Safari Uses Flawed Tracking Protections, Google Finds (CPO Magazine) Flaws in Safari’s Intelligent Tracking Prevention feature allow hackers to track users as they navigate the Internet and gain access to their cross-site browsing history.

Ransomware Exploits GIGABYTE Driver to Kill AV Processes (BleepingComputer) The attackers behind the RobbinHood Ransomware are exploiting a vulnerable GIGABYTE driver to install a malicious and unsigned driver into Windows that is used to terminate antivirus and security software.

Living off another land: Ransomware borrows vulnerable driver to remove security software (Sophos) Sophos has been investigating two different ransomware attacks where the adversaries deployed a legitimate, digitally signed hardware driver in order to delete security products from the targeted computers just prior to performing the destructive file encryption portion of the attack.

The Heartbleed Bug: How a Forgotten Bounds Check Broke the Internet (Netsparker) The Heartbleed bug is a critical buffer over-read flaw in several versions of the OpenSSL library that can reveal unencrypted information from the system memory of a server or client running a vulnerable version of OpenSSL. Attacks can reveal highly sensitive data, such as login credentials, TLS private keys, and personal information. This article looks at one of the most serious and widespread security vulnerabilities in web history and shows how just one buggy line of code could wreak havoc across the world.

Joker's laughing: Fresh database of half a million Indian payment card records on sale in the Dark Web (The Economic Times) The source of this new breach is unknown. The card records were uploaded on the 5th of Feb and that the total estimated value of the database, according to Group-IB, is $4.2 mn, at around $9 apiece. Till yesterday morning 16 cards details were found to have been sold. Those who buy these cards do so with the intention of committing payment card fraud.

VSDC Download Link on CNET Compromised to Distribute Malware (TechNadu) VSDC’s download link on CNET was pointing to a spoofed website that pushed trojans and malware. This is the second time in a year that VSDC is targeted.

Bug hunter finds cryptocurrency-mining botnet on DOD network (OODA Loop) Last month, a security researcher who was searching for bugs as a part of a bounty program discovered a cryptocurrency mining botnet inside a web server operated by the US Department of Defense. The researcher,

Threat Spotlight: Email Account Takeover (Journey Notes) Researchers from Barracuda and UC Berkeley conducted a large-scale analysis of email account takeover and the timeline of attacks.

'Free' downloads of Oscar-nominated movies are actually nasty bundles of malware (TechRadar) Beware phishing sites, too

Ransomware suspected after DC-lobby firm CUNA knocked offline (TechCrunch) The incident comes just months after CUNA hosted a ransomware attack simulation.

Allegheny Intermediate Unit targeted in ransomware attack (WTAE) The Allegheny Intermediate Unit, a countywide taxpayer-funded education agency based in Homestead, confirms it was recently hit by a ransomware attack.

Ryuk ransomware used to attack Volusia library computers (Daytona Beach News-Journal Online) Volusia County officials have turned over information for criminal investigation and public records indicate the cyber attacks that took down library

Phishers impersonate WHO, exploit coronavirus-related anxiety (Help Net Security) Fake, phishing emails purportedly coming from the World Health Organisation (WHO) are ostensibly offering info on coronavirus safety measures.

Coronavirus is NOT at Columbia Basin College in Pasco. Here’s how the rumor spread (Tri-City Herald) Columbia Basin College was one of the targets of a new round of scammers taking advantage of people’s fear of the Chinese norvel coronavirus.

Security Patches, Mitigations, and Software Updates

Android owners – you'll want to get these latest security patches, especially for this nasty Bluetooth hijack flaw (Register) 'Pwned with a broadcast' bug among 25 to be patched by Google

Google’s Chrome 80 clamps down on cookies and notification spam (Naked Security) Version 80 of the Chrome browser is out with some new features designed to save your security and your sanity.

Update now – WhatsApp flaw gave attackers access to local files (Naked Security) The flaw affecting WhatsApp’s desktop client when it’s paired with the iPhone app allowed attackers access to local file systems.

Cyber Trends

The Digital Dictators (Foreign Affairs) New technologies were supposed to open societies and empower individuals. Instead, they've given despots the upper hand.

Marketplace

Netskope Attracts $340 Million in Additional Investment Led by Sequoia Capital Global Equities (Netskope) Fastest-growing SASE and cloud security company valued at nearly $3 billion, with unmatched global demand for its cloud-native network and data security platform SANTA CLARA, Calif. – February 6, 2020 – Netskope, the leading security cloud, today announced that the company has closed a new $340 million investment led by new investor Sequoia Capital Global …

DFW tech firm raises $12M more as it finds big-name customers (Dallas Business Journal) The Addison company has raised just under $12 million, bringing its total funding to more than $40 million.

NSS Labs quietly acquired by private equity firm (SearchSecurity) After several tumultuous years, product testing firm NSS Labs was acquired by Consecutive, Inc., a private equity firm based in San Francisco. The acquisition was made last October but neither company publicly announced the deal.

Israeli-American cyber firm Forescout acquired in $1.9 billion deal (The Jerusalem Post) Israeli-American cybersecurity company Forescout Technologies will be acquired for $1.9 billion by private equity investment firm Advent International, the companies announced on Thursday.

IntelliWare Acquired by Trowbridge & Trowbridge (Homeland Security Today) Trowbridge & Trowbridge, a provider of technical solutions to complex federal information technology challenges in the defense and civilian markets, has acquired IntelliWare Systems.

SAIC to buy Unisys Federal (InsideDefense.com) Science Applications International Corp. said today it has agreed to acquire Unisys Federal in a $1.2 billion deal.

Germany's HDI Group Acquires Cyber Specialist Perseus (Insurance Journal) The HDI Group has acquired Berlin-based Perseus Technologies GmbH, a start-up that has specialized in the prevention of cyber risks and emergency cyber

Gula Tech Adventures Announces First Ever CyberQuest 2020 (Yahoo) Gula Tech Adventures announced its first ever cyber pitch competition today—CyberQuest 2020. The competition supports the next generation of cyber technology, strategy and policy entrepreneurs by investing in startups of all sizes, with a focus on pre-series A. The winner will receive a $150,000 investment

Skeletons In The Closet: $2 Billion Cybersecurity Firm Darktrace Haunted By Characters From HP’s Failed Autonomy Deal (Forbes) The well-regarded co-CEOs of cybersecurity firm Darktrace have deep ties to Sushovan Hussain, the convicted former CFO of British data analytics company Autonomy.

Axonius Expands to the Federal Marketplace, Appoints Bobby McLernon to Lead the Charge (PRWeb) Axonius, the cybersecurity asset management company, today announced the expansion of its Cybersecurity Asset Management Platform for use by Federal agencies.

More McAfee leadership changes follow Chris Young's departure (SearchSecurity) Several other McAfee executives have left the company in recent months amid changes in the CEO position. Former chief executive Chris Young departed the company in January and was replaced by Peter Leav.

Products, Services, and Solutions

ERP Data Security Leader Appsian Announces Strategic Partnership With Trusted Government IT Solutions Provider Carahsoft (BusinessWire) Appsian, the leading provider of ERP security solutions, today announced a partnership with Carahsoft Technology Corp., The Trusted Government IT Solu

Agio Forges Partnership with Respond Software (PR Newswire) Agio, a leading provider of cybersecurity and managed IT services for the financial services industry, has announced a formal partnership with...

Fortinet Announces the Most Affordable Secure SD-WAN Appliance with Flexible Deployment Options for SMB (Yahoo) John Maddison, EVP of products and CMO at Fortinet“Fortinet delivers the most comprehensive SD-WAN solution on the market with over 21,000.

Clango Partners with SailPoint to Offer Industry-Leading Identity Governance Solution (MarTechSeries) Clango, an independent cybersecurity advisory firm and provider of identity and access management solutions, announced a new partnership with SailPoint, the leader in enterprise identity management. The partnership will augment Clango's line of identity governance solutions.

Technologies, Techniques, and Standards

After the Iowa Caucus Meltdown, New Hampshire Says It’s Ready (Wired) The nation’s first primary is proudly low-tech, but it'll take more than paper ballots to defuse the disinformation threat.

Public disclosure: the pros and cons of naming and shaming cyber threat groups (Computing) Publishing information about cyber threat groups can have unexpected consequences, says BAE Systems’ Saher Naumaan

Cybersecurity AI is ready for prime time: why the skeptics are wrong (Fifth Domain) Government leaders need a stronger understanding of commercial offerings to better determine what artificial intelligence for cybersecurity is ... and is not.

5G could bring new speed to military operations (C4ISRNET) If the U.S. military introduced a fifth generation network in to its C4ISR systems, decision-making in high profile military operations would improve because critical information would arrive faster, according to a Jan. 31 Congressional Research Service report.

Email test finds Kingston school district employees vulnerable to phishing (Daily Freeman) More than half of the people who have Kingston school district email accounts opened a potentially damaging email sent to them by a firm that's helping the

Design and Innovation

Twitter bans deepfakes, but only those ‘likely to cause harm’ (Naked Security) Twitter isn’t interested in how the “synthetic or manipulated” media is created, but if it has the potential to cause harm it’ll be removed.

Microsoft Outlines Early Progress on PowerShell Secrets Management (Redmondmag) Microsoft described progress on its coming PowerShell Secrets Management Module in a Thursday announcement.

What electronic warfare can learn from a wagon full of smartphones (C4ISRNET) Creating a traffic jam with one vehicle is hard, unless that vehicle can fool maps into thinking it is 99 vehicles.

We Tried to Get Nonconsensual Porn Off Pornhub (Vice) Pornhub hosts hundreds of Girls Do Porn videos; a Motherboard investigation shows the high-tech solution meant to stop those videos from spreading doesn’t work.

Research and Development

Acceptto Issued Five U.S. Patents for Authentication, Orchestration and Adaptive Authorization (PR Newswire) Acceptto, a leading provider of Continuous Behavioral Authentication, today announced that the company has been issued five U.S. patents,...

Defense researchers developing software agents that can read people's thoughts (ZDNet) Is the DARPA project a bridge to a horrifying dystopia or a step toward human-machine harmony?

Legislation, Policy and Regulation

Data Protection Post-Brexit: Business as Usual (at Least Until 2020) (Cooley) The United Kingdom left the European Union at 11:00 pm on January 31, 2020. However, the UK has entered into transitional arrangements with the EU under which the existing data protection framework…

Israel is first nation to cyber regulate hazardous materials industry (The Jerusalem Post) Hazardous materials can apply to everything from facilities for water treatment, to airports, to seaports, to pharmaceutical companies, to hospitals, to swimming pools to even wineries.

Is India Betting Big on Huawei? (Foreign Policy) A divided domestic telecoms industry, disagreement within the central government, and a desire for India to develop its own systems have made the country’s calculations…

U.S., allies should consider Nokia, Ericsson investments to counter Huawei: Barr (Reuters) U.S. Attorney General William Barr on Thursday stressed the threat posed by Huaw...

It’s not just Iowa: Election tech is messy (Vox) The Iowa caucuses app won’t be the only new tech this election cycle, but Congress hasn’t been funding voting security the way it should.

The Cybersecurity 202: Senate panel wants politicians to put party aside for election security. Fat chance in 2020. (Washington Post) A bipartisan report released Thursday by the Senate Intelligence Committee says that the Obama administration mounted an insufficient response to Russia’s election interference in 2016, but that its failures were “understandable” because the government lacked information and had limited policy options at the time.

SEC Commissioner Hester Peirce Proposes 3-Year Safe Harbor Period for Crypto Token Sales (CoinDesk) SEC Commissioner Hester Peirce has unveiled her proposal to create a safe harbor for crypto startups, allowing them three years to build out their networks before having to address federal securities laws.

ODNI previews updated counterintelligence strategy, Trusted Workforce 2.0 rollout (Federal News Network) Bill Evanina, the director of ODNI’s National Counterintelligence and Security Center, said the strategy will focus on a “whole of society” response to threats that extend beyond the federal government.

Speaker: U.S. Space Command gearing up cyber operations (Colorado Springs Gazette) U.S. Space Command is gearing up its cyber operations and plans to create its cyber arm this summer, Brig. Gen. Joseph Matos III told participants in a major cybersecurity conference

Litigation, Investigation, and Enforcement

Senate report faults Obama administration’s paralysis on Russian election interference (POLITICO) The 54-page, partially redacted report marks the third installment of the panel's five-volume series outlining the scope of Russian election interference in 2016.

Russia Hacked the Election, Trump Hacked Team Obama’s Brains (The Daily Beast) A Senate report found the Obama administration botched its response to Russia, playing into the hands of Mitch McConnell who warned they “might be getting used.”

Feds are lining up more indictments related to Chinese cyber-activity, officials say - CyberScoop (CyberScoop) U.S. prosecutors are preparing to issue new charges against Chinese nationals related to alleged hacking and insider threats at U.S. organizations, senior Department of Justice officials said Thursday. “Chinese theft by hacking has been prominent,” Attorney General William Barr said in a speech at the Center for Strategic and International Studies in Washington, D.C.

O’Melveny and Electronic Frontier Foundation Score Landmark Win for Open Source Pioneer Bruce Peren (O’Melveny) Working together, O’Melveny and the Electronic Frontier Foundation secured a landmark ruling in a high-profile lawsuit that has deep implications for freedom of speech and open source licensing law.

Brazilian judge delays "for now" decision on indictment of U.S. journalist Greenwald (Reuters) A Brazilian judge indicted six people accused of hacking the phones of prosecuto...

WSJ News Exclusive | EU Deepens Antitrust Inquiry Into Facebook’s Data Practices (Wall Street Journal) Authorities have sought documents related to the social media company’s alleged efforts to identify and squash potential rivals, deepening an EU preliminary probe into Facebook, according to people familiar with the matter.

WSJ News Exclusive | Federal Agencies Use Cellphone Location Data for Immigration Enforcement (Wall Street Journal) The Trump administration has been using a database that maps the movements of millions of cellphones to monitor the Mexican border and make immigration arrests, according to people familiar with the matter.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

Techno Security & Digital Forensics Conference (San Diego, California, USA, March 9 - 11, 2020) Techno Security & Digital Forensics Conference provides a unique education experience that blends together the digital forensics and cybersecurity industries for collaboration between government and private sectors. The purpose is to raise international awareness of developments, teaching, training, responsibilities, and ethics in the field of IT security and digital forensics. Educational sessions cover topics within the following primary tracks from which CPE credits can be earned: Audit/Risk Management, Forensics, Investigations, Information Security, and Sponsor Demos. Learn from industry experts, connect with leading suppliers, and discover the latest innovations in cybersecurity and digital forensics.

Techno Security & Digital Forensics Conference (Myrtle Beach, South Carolina, USA, May 31 - June 3, 2020) Techno Security & Digital Forensics Conference provides a unique education experience that blends together the digital forensics and cybersecurity industries for collaboration between government and private sectors. The purpose is to raise international awareness of developments, teaching, training, responsibilities, and ethics in the field of IT security and digital forensics. Educational sessions cover topics within the following primary tracks from which CPE credits can be earned: Audit/Risk Management, Forensics, Investigations, Information Security, and Sponsor Demos. Learn from industry experts, connect with leading suppliers, and discover the latest innovations in cybersecurity and digital forensics.

Securing Federal Identity 2020 (Arlington, Virginia, USA, June 22 - 23, 2020) This highly focused, high-energy event will feature federal government identity and security policy issues and technology developments for today’s federal agencies and federal market security leaders. The select group of government and industry speakers on the agenda and large number of security companies in our exhibit area will highlight the present and future direction of the government’s efforts to manage identities and secure access across all federal agencies. Don’t miss this year’s event, the best venue to learn, communicate and network with fellow government security industry colleagues!

upcoming Events

Suits & Spooks, 10th Anniversary: Taking Ownership of the Future of our Security (Washington, DC, USA, February 6 - 7, 2020) Suits & Spooks DC is the only international security summit where the attendees and speakers engage in discussion and debate of cyber/physical security challenges over the course of two days. World-class speakers will describe their vision of future threats and leading edge companies will exhibit novel solutions. Our attendees come from the public and private sectors of U.S. and allied countries, and the networking is second to none.

Meeting To Discuss Insider Threat Detection On Computer Systems & Networks (Laurel, Maryland, USA, February 11, 2020) The National Insider Threat Special Interest Group will hold a meeting to discuss the findings of a workshop that was held in 2019. The workshop was done in partnership with the University of Maryland’s Applied Research Laboratory for Intelligence and Security. The goals of the workshop were to answer key questions related to Insider Threat Detection on computer systems and networks, and the use and procurement of vendor supplied software tools designed to support Insider Threat detection and mitigation efforts. Insider Threat Program Managers and Analysts from the Insider Threat Community (U.S. Government / Private Sector) attended the workshop and contributed their experiences and expertise.

2020 OurCrowd Global Investor Summit (Jerusalem, Israel, February 11 - 13, 2020) We’re expanding the Summit to three days! Invite-only events will take place February 11-12, with Summit Day on February 13. Summit Week will be packed as ever, with corporate meet ups, VC forums, insider access to accelerators and labs, touring opportunities, and legendary partying.

CyCon 3.0 (Sterling, Virginia, USA, February 15, 2020) Our 3rd Annual NOVA CyCon event in Loudoun has a full lineup of cybersecurity experts, speakers and federal contractors presenting on cutting-edge topics! Networking, free lunch and refreshments, door raffles and much much more.

Insider Threat Program Management With Legal Guidance Training Course (College Park, Maryland, USA, February 19 - 20, 2020) This 2 day training course will ensure the Insider Threat Program (ITP) Manager, Insider Threat Analyst, FSO, and others who support the ITP (CSO, CIO, CISO, IT, Network Security, Human Resources, Etc.), have the Core Knowledge, Blueprint, Resources needed for developing, managing, enhancing an ITP / Working Group. A licensed attorney with extensive experience in Insider Threats and Employment Law, will will provide legal guidance related to the legal aspects of an ITP, and on the collection, use and sharing of employee information, and on computer user activity monitoring. Our student satisfaction levels are in the exceptional range. Over 780+ individuals have attended our training course and received Insider Threat Program Manager Certificates.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.