The CyberWire expects to continue publishing normally throughout the disruptions the COVID-19 pandemic is imposing in the US and elsewhere. We wish all of our readers and listeners safety and good fortune amid the hardship.
More Signal. Less Noise.
Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
COVID-19 spoofing, phishing, disinformation, and ransomware. Secure remote work. BEC arrests.
Announcements
The CyberWire will continue to publish during COVID-19 disruptions
Summary
The COVID-19 pandemic continues to provide raw material for both state-directed and criminal campaigns. The technique has generally been to couple spoofing with coronavirus-themed phishbait, as BAE Systems notes in an infographic display of recent activity. NBC News summarizes some of the operations FireEye and CrowdStrike are seeing: Russian services working against Ukraine, North Korea against South Korea, and Chinese services against targets in Southeast Asia.
There’s also an ongoing Chinese disinformation effort to blame (through insinuation and implausible insistence) the virus on a US biological warfare program. Foreign Ministry spokesman Zhao Lijian tweeted Friday that the US Centers for Disease Control’s inability to unambiguously identify a US patient zero in some way suggested that the US Army brought the disease to Wuhan, the city where the outbreak was first noticed. CNN reports that the US State Department summoned the Chinese ambassador to Washington for a dressing down over the Foreign Ministry’s remarks.
Criminal gangs are also using COVID-19 as phishbait (“fearware,” the Independent calls it). Ransomware operators are also using the pandemic as an opportunity to hit healthcare organizations responding to the virus: a recent victim was University Hospital Brno in the Czech Republic, CyberScoop reports.
There’s much advice on offer about securing telework. The US Cybersecurity and Infrastructure Security Agency (CISA) recommends virtual private networks (VPNs), with advice on how to use them securely and effectively. Atlas VPN reports a global surge in VPN use.
US authorities have arrested two-dozen people in connection with money-laundering and BEC scams.
Notes.
Today's issue includes events affecting China, Czech Republic, European Union, India, Kenya, Democratic Peoples Republic of Korea, Pakistan, Russia, Ukraine, United Kingdom, United States
Bring your own context.
Notes on security training.
"And contrary to, you know, what may have been the old belief, it's not enough to release a kind of once-a-year security awareness training, where you make sure to cover the stuff that your employees don't know about. You've got to be regularly communicating to employees in a variety of different ways about the risks that they face if you're going to slowly, gradually nudge them in the direction of really cybersecure behavior."
—Tom Pendergast, Chief Learning Officer at MediaPRO, on the CyberWire Daily Podcast, 3.12.20.
The content of training should keep pace with the shifting threats.
Check out CyberWire Pro for new, timely briefings on developing news.
If you haven't yet, take a look at CyberWire Pro, launched just two weeks ago. A new subscription program, CyberWire Pro is designed for security professionals and all others who want to stay abreast of this rapidly evolving field. CyberWire Pro is a premium news service that will save you time and keep you informed.
How can SIEM protect against the top cybersecurity threats?
Everyone has become increasingly aware of the danger hackers pose—they can steal data, dismantle systems, and cause damage that can take years to recover from. Join us April 14 to discover the most common ways organizations unintentionally put themselves at risk. This webinar will also highlight different strategies for mitigating the threats, from Security Information and Event Management (SIEM) tools to employee education. Register for the webinar.
On the Podcast
In today's CyberWire Daily Podcast, out later this afternoon, we speak with our partners at Webroot, as David Dufour discusses their 2020 Threat Report. Our guest is Simone Petrella from CyberVista on how to assess cybersecurity skills (including some thoughts on self-assessment).
Sponsored Events
Free Webinar: Ransomware in an Industrial World (Online, April 2, 2020) Ransomware has become one of the most common methods of profit for cybercriminals – and a major cause of computer disruptions. Join Dragos and the CyberWire on April 2 to hear strategies to combat this new cyber risk.
Georgetown University Programs in Cybersecurity Webinar (Online, April 9, 2020) We invite you to learn more about the Master's and Graduate Certificate in Cybersecurity Risk Management at Georgetown University. Our programs prepare you with hands-on practice developing and executing integrated strategies, policies, and safeguards to manage cybersecurity risks across an enterprise. Register for a free webinar on Thursday, April 9, at noon ET to learn more.
Selected Reading
Cyber Attacks, Threats, and Vulnerabilities
APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT (Malwarebytes Labs) We look at a spear phishing attack from APT36, a group of threat actors posing as the Indian government and offering guidance on coronavirus.
Intelligence agencies use coronavirus information to target enemies, analysts say (NBC News) “We’ve seen Russia use it against Ukraine, China use it against Southeast Asia, North Korea against South Korea,” one cybersecurity analyst said.
US summons Chinese ambassador over coronavirus conspiracy theory (CNN) US Assistant Secretary of State David Stilwell summoned China's ambassador in Washington to the State Department Friday morning, hours after a prominent Chinese official suggested that the US military may have been responsible for bringing the coronavirus to Wuhan, the epicenter of the global pandemic.
Bio-war-of-words: US summons Chinese ambassador over ‘disinformation campaign’ about coronavirus origin (RT International) China's ambassador to Washington Cui Tiankai was summoned to the State Department after a spokesman for the foreign ministry in Beijing tweeted that the deadly coronavirus could have been seeded in Wuhan by the US military.
Iran Launched an App That Claimed to Diagnose Coronavirus. Instead, It Collected Location Data on Millions of People. (Vice) “They can actually track you. If you move your device from location A to B, they can actually see that in real time.”
Phones Could Track the Spread of Covid-19. Is It a Good Idea? (Wired) China and South Korea used smartphone apps to monitor people with the disease. But Americans have different views of privacy and data collection.
COVID-19 campaigns (BAE Systems) Moving into March 2020, countries worldwide are still struggling to manage the spread of the viral disease now known as COVID-19. In cyberspace, threat actors are using the topic of COVID-19 to their advantage with numerous examples of malicious activity using COVID-19 as lure documents in phishing campaigns.
Phishing cases explode as attackers prey on coronavirus fears (Security Brief) Attackers, ever the opportunists, are capitalising on COVID-19, pushing phishing lures and establishing newly-registered coronavirus-related domains.
How cybercriminals are taking advantage of COVID-19: Scams, fraud, and misinformation (Digital Shadows) While COVID-19 itself presents a significant global security risk to individuals and organizations across the world, cybercriminal activity around this global pandemic can result in financial damage and promote dangerous guidance, ultimately putting additional strain on efforts to contain the virus.
Coronavirus 'fearware' sees hackers exploit Covid-19 panic to target victims (The Independent) 'Coronavirus is a formidable opportunity to trick panicking people amid the global mayhem,' one cyber expert warns
Online coronavirus scams are here, watch out for these red flags (CNET) COVID-19 fears are fertile ground for malicious actors. Here's how to stay safe online.
Hackers find new target as Americans work from home during outbreak (TheHill) Experts are warning of a new wave of cyberattacks targeting Americans who are forced to work from home during the coronavirus outbreak.
Federal employees may soon be ordered to work from home. That could pose serious cybersecurity risks. (Stars and Stripes) The surge in telework will mark a first-of-its kind test for the government, which has struggled to update and secure its arcane technology systems.
U.S.-Chinese Distrust Is Inviting Dangerous Coronavirus Conspiracy Theories (Foreign Affairs) And Undermining Efforts to Contain the Epidemic
COVID-19 Testing Center Hit By Cyberattack (BleepingComputer) Hospitals around the world struggle with ever-growing waves of COVID-19 infections but the efforts in one testing center in Europe are being hampered by cybercriminal activity.
Czech Republic's second-biggest hospital is hit by cyberattack (CyberScoop) A large Czech Republic hospital responsible for running tests for the novel coronavirus said Friday that a cyberattack had hit its computer systems.
Russian ‘bot farms’: The new-old challenge to Ukraine’s national security (The Ukrainian Weekly) On February 17, the Security Service of Ukraine (known by the Ukrainian acronym SBU) disrupted the activity of a network of “bot farms” – an extensive, organized effort to create “fake” (automated) social media accounts, which was found to be active across multiple regions of Ukraine.
Report: Web Browser for Developers Leaves User Data Exposed (vpnMentor) Researchers Noam Rotem and Ran Locar, leaders of vpnMentor’s security team, recently uncovered a data breach affecting the Blisk browser, a web browser
Slack Bug Allowed Automating Account Takeover Attacks (BleepingComputer) Slack has fixed a security flaw that allowed hackers to automate the takeover of arbitrary accounts after stealing session cookies using a HTTP Request Smuggling CL.TE hijack attack on https://slackb.com/.
Exclusive: Edtech Startup Skolaro Leaks Data Of Over 50K Children, Govt Officials (Inc42 Media) Gurugram-based edtech SaaS provider Skolaro has left data of over 50K school children, teachers and parents on unsecured servers.
Phishing PDF With Incremental Updates. (SANS Insitute) Someone asked me for help with this phishing PDF.
Cyber attack on Durham County halts real estate transactions (Raleigh News-Observer) A cyber attack on the county of Durham in North Carolina has stalled real estate transactions and prevented some people from moving into homes.
Security Patches, Mitigations, and Software Updates
Slack fixes vulnerability exploitable for session hijacking, account takeovers (ZDNet) Slack’s team jumped on the critical bug and patched the flaw within a matter of hours.
WordPress to add auto-update feature for themes and plugins (ZDNet) Auto-update feature is only available for the WordPress CMS core now. To be expanded for themes and plugins.
Cyber Trends
Open source bugs have soared in the past year (Naked Security) Open source bugs have skyrocketed, according to a report from WhiteSource, with XSS flaws account for a quarter of those bugs.
Half of UK Firms Suffer Basic Cyber-Skills Gaps (Infosecurity Magazine) Government report warns many can’t complete simple tasks
Marketplace
DCMS-backed cyber accelerator postpones LORCA Live event due to coronavirus (NS Tech) <p>The UK’s government-funded cyber security accelerator has postponed its flagship event, LORCA Live, until later in the year due to the coronavirus outbreak. The London Office for Rapid Cybers
Private equity steps up cyber diligence (PE News) Buyout firms are increasingly having to examine cybersecurity in deals and at portfolio companies
SAIC - Unisys Federal Deal Gets U.S. Antitrust Approval (Nasdaq) (RTTNews) - Science Applications International Corp. (SAIC) and Unisys Corp. (UIS) announced the expiration of Hart-Scott-Rodino waiting period for SAIC's acquisition of Unisys Federal, an operating unit of Unisys.
Coronavirus updates: Xerox stalls hostile HP takeover (CRN) Live coverage on event cancellations, vendor reaction and more
Kaspersky speaks on US government ban and a closed Russian internet (ZDNet) As Eugene Kaspersky saw his chance to celebrate a decade of sponsoring the Ferrari Scuderia F1 team evaporate when the Melbourne Grand Prix was cancelled, ZDNet asked about why he was singled out by the US government, parallels with the Huawei ban, and a Russian internet.
Fort Gordon commander discusses impact of Army's new Cyber Command headquarters (Aiken Standard) The impact of the U.S. Army’s new Cyber Command headquarters at Fort Gordon in Georgia is expected to have a major impact in Aiken and the surrounding area, according to
Orion Energy and Deep Instinct Ink Leases at 292 Madison (Commercial Observer) Two new tenants are moving into Vanbarton Group’s office tower at 292 Madison Avenue in Midtown
Bill Gates to Leave Boards of Microsoft and Berkshire Hathaway (Wall Street Journal) Bill Gates announced Friday that he is leaving the boards of Microsoft and Berkshire Hathaway to spend more time with his foundation.
Products, Services, and Solutions
OSN deploys Microsoft security framework for cybersecurity (BroadcastPro ME) OSN, the region’s entertainment network has adopted Microsoft Advanced Threat Protection to protect its digital estate against an increasingly challenging
ConnectWise Strengthening its Security Posture (ConnectWise) ConnectWise, the leading provider of business automation software for technology solution providers (TSPs), today announced updates it is taking to strengthen its security posture.
PornHub Helps Italians Stay Indoors with Free Premium Access (BleepingComputer) To help ease the boredom and isolation caused by a country-wide coronavirus lockdown in Italy, PorbHub is offering a helping hand by providing Italians free access to their premium service.
Technologies, Techniques, and Standards
U.S. internet well-equipped to handle work from home surge (Washington Post) Tech experts say the U.S. internet won’t have any trouble handling spikes in traffic from the millions of Americans who are now working from home to discourage the spread of the new coronavirus
Enterprise VPN Security (CISA) As organizations prepare for possible impacts of Coronavirus Disease 2019 (COVID-19), many may consider alternate workplace options for their employees. Remote work options—or telework—require an enterprise virtual private network (VPN) solution to connect employees to an organization’s information technology (IT) network. As organizations elect to implement telework, the Cybersecurity and Infrastructure Security Agency (CISA) encourages organizations to adopt a heightened state of cybersecurity.
CISA Outlines VPN Best Practices for Supporting Teleworkers (Redmondmag) The Cybersecurity and Infrastructure Security Agency (CISA) issued an alert on Friday outlining virtual private network (VPN) best practices for organizations supporting remote workforces.
VPN usage in Italy rockets by 112% and 53% in the US (Atlas VPN) According to Atlas VPN user data, VPN usage in Italy increased by 112% in the last week. Meanwhile, there are already 24,747 cases confirmed in the country.
CISA stress tests DHS telework capacity (FCW) Not every agency will be ready to flip the switch from F2F to WFH, according to experts and former officials.
High-Stakes Security Setups Are Making Remote Work Impossible (Wired) Staffers at power grids, intelligence agencies, and more often don’t have the option to work from home, even in light of Covid-19.
Two-part Series: How the Coronavirus Impacts Cybersecurity Best Practices (EmberSec) Part 1 - The Coronavirus Isn’t Just Taking a Toll on Healthcare Patients Preying on fearful, distracted and overworked individuals during times of global concern is a tried-and-true tactic...
Two-part Series: How the Coronavirus Impacts Cybersecurity Best Practices (EmberSec) Part 2- Top 5 Things to Keep in Mind as You Implement Remote Work Policies It’s likely that by now you’ve either heard of or have been personally impacted by recent cancellations...
Working from home because of coronavirus? Be careful what you download to keep cybersafe (USA TODAY) Tips from cybersecurity experts to keep you safe and your computer (and boss) happy while you're working from home during the coronavirus outbreak.
How Coronavirus Remade American Life in One Weekend (Wall Street Journal) Shutdowns reshape society, unmooring people from the routines and activities that typically provide comfort in moments of crisis. “An invisible-but-present blizzard.”
Working from Home: COVID-19's Constellation of Security Challenges (Threatpost) Organizations are sending employees and students home to work and learn — but implementing the plan opens the door to more attacks, IT headaches and brand-new security challenges.
Coronavirus (COVID-19): Managing Cyber Security Risks of Remote Work (The National Law Review) With cases of the Novel Coronavirus (COVID-19) emerging in nearly every state, many businesses are taking swift action in an effort to curb its spread.&nbsp;&nbsp;Teleworking, &ldquo;remote working,&r
What is Elliptic Curve Cryptography (ECC)? (Gigaom) An efficient encryption technique often used for the exchange of private keys and digital signatures.
Texas Chose to Fight Ransomware and Not Pay. What About the Rest of Us? (Dark Reading) Law-abiding folks like us applauded Texas for its bravery - but would we have the steel will to stand on the side of justice if it happened to us? Probably not.
Paying ransom is often 'only logical solution' for cyberattacks: Deloitte (Smart Cities Dive) Giving in to hacker demands is never ideal for cities. Deloitte's report explains how governments can better build and operate systems to prepare for attacks.
Can 5G make you more vulnerable to cyberattacks? (Help Net Security) Many enterprises and sectors are unaware of the 5G security vulnerabilities that exist today, and should have a plan for discovering and overcoming them.
Research and Development
Patents assigned in New Hampshire from March 1 to March 8 (Concord Monitor) Targeted News ServiceThe following federal patents were assigned in New Hampshire from March 1 to March 8.***Hypertherm Assigned Patent for Cost Effective Cartridge for Plasma Arc TorchHypertherm, Hanover, New Hampshire, has been assigned a patent...
IBM Watson Gains The Ability To Understand Complex Topics (Pulse 2.0) IBM recently announced several new Watson technologies designed for helping organizations understand and analyze complex topics.
Legislation, Policy and Regulation
Prime Minister calls for 'digital Dunkirk' in fight against coronavirus (Computing) Boris Johnson called on 30 UK tech firms to volunteer their resources to help UK response to COVID-19
UK Spying Debate Leaves Post-Brexit Data Transfers Up In Air (Law360) The U.K. is facing a year-end deadline to secure a vital affirmation of its data protection standards that would allow data transfers from the European Union to continue uninterrupted, but longstanding criticisms of the country's mass surveillance regime could derail those efforts and leave companies scrambling.
We have made America our enemy (Conservative Woman) Of our allies, we can thank the US most for speaking truth to friends.
After tug-of-war, White House shows cyber memo to Congress (Fifth Domain) Following a months long battle, the White House has made available to members of Congress classified documents that describe the approval process for conducting offensive cyber operations outside the United States.
Federal agencies in DC open but with ‘maximum telework’ flexibilities, OMB says (Federal News Network) The Office of Personnel Management also announced an operating status change for the national capital region. Federal offices are open but with maximum telework flexibilities for eligible employees.
Fed Shifts to Remote Oversight of Wall Street Banks (Wall Street Journal) The nation’s biggest banks have fewer government examiners roaming their hallways as federal regulators temporarily switch to teleworking to help control the spread of the coronavirus.
US Surveillance Powers Set to Temporarily Expire (SecurityWeek) Three surveillance powers available to the U.S. government are set to temporarily expire Sunday after a trio of senators opposed a bipartisan House bill that would renew the authorities and impose new restrictions
Schiff protects intel ‘status quo’ power by sinking wide-reaching FISA reform: Source (The Washington Times) Attempts to rein in the government’s ability to spy on Americans fell flat after Rep. Adam B. Schiff intervened to protect the types of powers that the FBI used to go after the Trump campaign in 2016.
Experts Comments On Cyberspace Solarium Commission Report - US At Risk Of A "Catastrophic cyber-attack" (Information Security Buzz) The US is at risk of a “catastrophic cyber attack” and the government needs to adopt sweeping structural changes to address cybersecurity challenges, according to a report from the US Cyberspace Solarium Commission following a year-long investigation. “Our country is at risk, not only from a catastrophic cyberattack but from millions of daily intrusions, disrupting …
To Defend Forward, the U.S. Must Strengthen the Cyber Mission Force (Lawfare) One of the Cyberspace Solarium Commission’s key recommendations is to ensure the Cyber Mission Force achieves the appropriate resourcing, force size and capability mix.
The U.S. Government Can Deepen Its Operational Partnership With the Private Sector to Better Defend the U.S. in Cyberspace (Lawfare) Why does the U.S. need an enhanced public-private operational partnership, and what would it look like?
U.S. Cyber Command Ready to Combat Election Meddling, General Asserts (MSSP Alert) Election security is the U.S. Cyber Command’s “top priority,” General Paul Nakasone recently told a House Armed Services sub-committee.
We weren’t ready for pandemic. We better be ready for a cyberattack (Lowell Sun) Amid the chaos of coronavirus, it was encouraging this week to see a bipartisan, blue-ribbon commission announce a coherent plan for dealing with the next potential catastrophe &…
House passes Spanberger legislation to build national 5G strategy (Augusta Free Press) The House passed Rep. Abigail Spanberger’s bipartisan legislation requiring a national strategy to protect American 5G telecommunications systems.
EARN IT Act threatens end-to-end encryption (Naked Security) The bill, which would undercut Section 230 protections for online publishing, presents itself as a way to stop online child abuse.
US Scraps Missiles Over Cybersecurity Concerns (Infosecurity Magazine) America drops plans to adopt Iron Dome missile defense system amid cybersecurity fears
Litigation, Investigation, and Enforcement
UK Spies Hunt Down Covid-19 Threats (Infosecurity Magazine) NCSC says it’s taking steps to automatically discover and remove phishing sites
DOJ now investigating Chinese telecom giant ZTE for alleged bribery (NBC News) ZTE pleaded guilty three years ago to violating U.S. sanctions against Iran and North Korea and just ended its probation period.
U.S. Probes Chinese Telecom Giant ZTE for Possible Bribery (Wall Street Journal) The Justice Department is investigating ZTE for possible bribes of foreign officials, which could subject the Chinese telecom giant to a fresh round of criminal penalties amid increasing tensions between the U.S. and China.
FSB asset introduced LinkedIn hacker, future Group-IB executive in 2012, U.S. alleges (CyberScoop) Attorneys say tjhe Yevgeniy Nikulin case relates to at the murky relationship between Russian cybercriminals and the Kremlin’s intelligence agencies.
Big BEC Bust Brings Down Dozens (Dark Reading) Two dozen individuals have been named in the latest arrests of alleged participants in a business email compromise scheme that cost victims $30 million.
Dozens charged in Atlanta-based money laundering operation that funneled $30 million in proceeds from computer fraud schemes, romance scams, and retirement account fraud (US Department of Justice) Federal agents have arrested twenty-four individuals for their involvement in a large-scale fraud and money laundering operation that targeted citizens, corporations, and financial institutions throughout the United States. Business email compromise schemes, romance fraud scams, and retirement account scams, among other frauds, duped numerous victims into losing more than $30 million.
European Authorities Dismantle Two SIM Hijacking Gangs (SecurityWeek) European authorities managed to crack down on two cybercrime gangs responsible for stealing millions by employing SIM hijacking
How national security surveillance nabs more than spies (Madison.com) WASHINGTON (AP) — The case against Nassif Sami Daher and Kamel Mohammad Rammal, two Michigan men accused of food stamp fraud, hardly seemed exceptional. But the tool that agents used
Has The Sun Set On The Necurs Botnet? (Shadowserver) Private sector partners Microsoft and Bitsight announced their disruption of the Necurs botnet on March 10th 2020. Shadowserver supported the operation, through the use of our Registrar of Last Resort (RoLR) for helping to deal with the millions of potential DGA C2 domains involved, and by making available our victim remediation reporting channels. In this blog post we provide our take on some of the more interesting aspects of this operation, analyze the sinkholed Necurs victim populations and compared their observed demographics with data from the previous decade of spambot takedowns.
Microsoft Sues Malware Operators for Trademark Infringement - Tech (LawStreetMedia) Law Street provides accessible, client-focused legal news designed to inform readers and connect lawyers with the legal needs in their field.
Under Secretary of Defense Ellen Lord statement on misleading cybersecurity certification information (NDIA) Since I introduced the Cybersecurity Maturity Model Certification model last year, I have consistently stressed the importance of communicating and engaging extensively with industry, academia, military services, the Hill and the public to hear their concerns and suggestions.
Trump considering `full' pardon for ex-adviser Michael Flynn (Madison.com) WASHINGTON (AP) — President Donald Trump said Sunday he is considering a full pardon for former national security adviser Michael Flynn, who had pleaded guilty to lying to the FBI
Talkspace threatens to sue a researcher over bug report (TechCrunch) The therapy app sent the security researcher a cease and desist letter for his blog post describing a website bug.
The March Towards Cybersecurity Maturity in Arbitration (New York Law Journal) This progress towards cybersecurity maturity in arbitration is long overdue, but a welcome development in an industry where cyber risk is substantial and cyber resilience is imperative.
Millions to be invested into future of Northumbria Police with more officers on the beat and cyber crime specialists (Northumberland Gazette) Demands put on detectives to investigate digital evidence and more officers on the beat are at the core of plans to make Northumbria Police fit for the future.
Industry Events
newly Noted Events
Black Hat USA 2020. (Las Vegas, Nevada, USA, August 1 - 6, 2020) Now in its 23rd year, Black Hat USA is the world's leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2020 opens with four days of technical Trainings (August 1-4) followed by the two-day main conference (August 5-6) featuring Briefings, Arsenal, Business Hall, and more.
PCI Security Standards Council: Latin America Forum (São Paulo, Brazil, August 13, 2020) We provide you with the information and tools to help secure payment data. We lead a global, cross industry effort to increase payment security by providing industry-driven, flexible and effective data security standards and programs that help businesses detect, mitigate and prevent criminal attacks and breaches. Don’t miss out!
QuBit Conference (Prague, Czech Republic, September 23 - 24, 2020) The 7th annual cyber community conference, QuBit, offers its delegates as usual excellent speakers, leading edge topics, keynotes, case studies, panel discussions and popular networking events. The first day, September 22, is dedicated to full day hands-on training. The two following days, September 23-24, run in two parallel tracks (cyber and management). Our sessions are strictly educational, with marketing content strictly limited.
upcoming Events
InfoSec Connect 2020 (San Diego, California, USA, March 15 - 17, 2020) InfoSec Connect is a high profile, interactive meeting of senior-level cybersecurity leaders from top credit unions, US banks, insurances, and financial services companies. It’s a forum built to share detailed discussions, source solutions/services from leading providers, and gain valuable insights on improving strategy. It covers discovering cutting-edge security approaches and managing risk in the ever-changing threat of the cybersecurity workforce.
SecureWorld Philadelphia (King of Prussia, Pennsylvania, USA, March 18 - 19, 2020) Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and collaboration. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays—all while networking with local peers.
National Cyber League (NCL) Spring Season (Various locations, March 19 - May 15, 2020) The National Cyber League (NCL) is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against cybersecurity challenges that they will likely face in the workforce. All participants play the games simultaneously during Preseason, Individual Game and Team Game. NCL allows players of all levels to enter. Between easy, medium and hard challenges, students have multiple opportunities to really shine in areas as they excel. Registration for the Spring Season closes March 20, 2020.
Inaugural Tampa Cyber Security Summit (Tampa, Florida, USA, March 20, 2020) C-Suite & Senior Level Executives: Register with Promo Code CYBERWIRE95 to receive $95 Admission (Standard Price is $350). Learn from renowned experts from the U.S. Dept. of Homeland Security, the U.S. Dept. of Justice, Darktrace, ExtraHop and more about the latest threats facing your company.
2020 Cipher Brief Threat Conference (Sea Island, Georgia, USA, March 22 - 24, 2020) The Cipher Brief Threat Conference brings together the expertise of one of the most trusted and relevant news sources for national security professionals around the globe. Attendees will engage with some of the top names in intelligence and global security involved in matters of cyber, defense and security. Combined with an invitation-only audience, The Cipher Brief Threat Conference provides a unique experience that no other event in the defense and national security space can match. For us, it's not just about who's on the stage, it's about who's in the room.
Sponsor & Support
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.