skip navigation

More signal. Less noise.

Check out the Cyber Job Fair, April 19 in San Antonio.

Cleared and non-cleared cybersecurity pros make your next career move at the Cyber Job Fair, April 19 in San Antonio. Meet leading cyber employers including Bank of America, Parsons, Engility, Fulcrum and more. Visit ClearedJobs.Net or CyberSecJobs.com for details. 

Daily briefing.

There's growing alarm over ongoing exploitation of insecure Internet-of-things devices. They've been deployed for years; experts are concerned that neither policies nor the devices themselves are ready for threats that appear poised to weaponize IoT vulnerabilities and cause kinetic effects. Others warn that industrial control systems present distinctive problems: they may have vulnerabilities that render them susceptible to destruction, and to malfunctions that could compromise safety as well as operations.

As Facebook CEO Mark Zuckerberg appears on Capitol Hill to testify about a range of topics (mostly related to the privacy concerns surrounding his company's platform), another quasi-research organization, Cubeyou, is said to have scooped up users' data by inducing them to take various quizzes.

The vulnerability in Cisco switches used by (apparent) hacktivists to deface Russian and Iranian sites is now being widely exploited against unpatched systems by Russian hackers (mostly criminals).

A High-Tech Bridge study suggests that the notoriety of named threat actors and well-marketed vulnerabilities is being used as misdirection by malicious insiders interested in covering their tracks.

Russian President Putin's advisor Vladislav Surkov ("Putin's Rasputin") sees 2018 as marking the end of Russia's attempts to turn westward, terminating aspirations that go back to Tsar Peter the Great. US Intelligence Community insiders differ over whether the US actually has the political will to punish Russia for misbehavior in cyberspace and elsewhere. Whether economic sanctions announced last week are hurting Moscow or not, they're being felt in London, where the City is nervous about disruption to Russian investment.

Notes

Today's edition of the CyberWire reports events affecting Australia, China, Myanmar, Russia, United Kingdom, United States.

Headed to RSA? Get a free pass expo pass on LookingGlass!

RSA can be hectic, but we’ll make putting together your schedule easy for you. If want to know the latest trends and technology in cybersecurity and threat intelligence, look no further than LookingGlass Booth #100 in the South Hall. We offer solutions – not more work – for your toughest security challenges. Come meet with us on the Expo floor or at our meeting suite in the Marriott – enjoy the discussion, demos, and refreshments. Get your free pass here.

In today's podcast we hear from our partners at Lancaster University, as Daniel Prince describes clandestine data transmission and steganography. Our guest, Verizon's Gabriel Bassett, reviewing his work on the Verizon Data Breach Investigations Report, just out today.

Wombat Security at RSA Conference 2018 (San Francisco, California, United States, April 16 - 20, 2018) Cyberthreats lurk around every corner. Visit our booths at RSA to ensure you are providing your team with the tools they need to be cybersecurity heroes in your organization: South Expo 1033 and North Expo 4701. We’ll be presenting: a sneak peek at our new superhero-themed Awareness Video Campaigns; a free copy of our security awareness comic book, and previews of our newest training modules, including GDPR, Insider Threats, and Password Policy.

XM Cyber is coming to RSA (San Francisco, California, United States, April 16 - 20, 2018) Visit XM Cyber at the Israeli Pavilion, South Hall booth 635, to experience the first automated APT simulation platform to expose, assess and amend every attack path to organizational critical assets.

Cyber Job Fair, April 19, San Antonio visit ClearedJobs.Net or CyberSecJobs.com for details. (San Antonio, Texas, United States, April 19, 2018) Cleared and non-cleared cybersecurity pros make your next career move at the Cyber Job Fair, April 19 in San Antonio. Meet leading cyber employers including Bank of America, Parsons, Engility, Fulcrum and more. Visit ClearedJobs.Net or CyberSecJobs.com for details.

HackNYC2018 (New York, New York, United States, May 8 - 10, 2018) Cyber attacks are often called non-violent or non-kinetic attacks, but the simple truth is that there is a credible capability to use cyber attacks to achieve kinetic effects. Kinetic Cyber refers to a class of cyber attacks that can cause direct or indirect physical damage, injury or death solely through the exploitation of vulnerable information systems and processes. Use code CWIRE20 for 20% off the $50.00 individual ticket price.

Cyber Attacks, Threats, and Vulnerabilities

A Long-Awaited IoT Crisis Is Here, and Many Devices Aren't Ready (WIRED) Some network communication protocol vulnerabilities have been known for more than a decade and still aren't fixed. Now they're being exploited.

New cyber weapons are here and no one is prepared, experts say (Military Times) The experts say government, military and industry are not prepared for current or future cyber threats and must do more to deter bad actors.

Hacking Level 0,1 devices can be more significant than Stuxnet (Control Global) The lack of cyber security and authentication of Level 0,1 devices precludes adequate cyber security and safety. The threat is independent of vendor, industry, region, or application and therefore can be even more significant than Stuxnet.

Barracuda Threat Spotlight: New URL File Outbreak Could be a Ransomware Attempt (Barracuda) We’re closely tracking an alarming threat that’s currently aiming to take advantage of careless or untrained users in a possible effort to distribute ransomware and other forms of malware—here’s what we’ve found. Highlighted Threat: Attackers are using a variety of techniques in an attempt to launch a Quant Loader trojan capable of distributing ransomware and password stealers. The Details: In the world of email, an unfamiliar file extension—especially one that is compressed alone in a ZIP file—is often a sure sign of a new malware outbreak. This was no exception when zipped Microsoft internet shortcut files with a “.url” file

11 ways ransomware is evolving (CSO Online) Ransomware creators are getting more sophisticated in how they infect systems, avoid detection, and foil decryption efforts.

Another company’s been harvesting Facebook user data (Naked Security) Like Cambridge Analytica, Cubeyou also gobbled users’ data with personality quizzes, under the guise of “research.”

5 Facebook facepalms (just last week) (Naked Security) Facebook has been in the news of late for all the wrong reasons, and it’s only getting worse.

Word Attachment Delivers FormBook Malware, No Macros Required (Threatpost) A new wave of document attacks targeting inboxes do not require enabling macros in order for adversaries to trigger an infection chain that ultimately delivers FormBook malware.

Russian hackers target opening in Cisco switch security (SearchNetworking) Russian hackers are suspected of trying to bypass Cisco switch security to compromise enterprise networks and the nation's critical infrastructure. Attackers from Russia are suspected of trying to exploit a flaw in the Smart Install Client on Cisco switches.

Cisco Smart Install vulnerability exploited in the wild (SANS Internet Storm Center) Cisco Smart Install vulnerability exploited in the wild,

YouTube Suffers Music Video Hack (Infosecurity Magazine) A number of high-profile music videos defaced, according to reports

Linux: Beep Command Can Be Used to Probe for the Presence of Sensitive Files (BleepingComputer) A vulnerability in the "beep" package that comes pre-installed with Debian and Ubuntu distros allows an attacker to probe for the presence of files on a computer, even those owned by root users, which are supposed to be secret and inaccesible.

Whatever you do, don’t give this programmable payment card to your waiter (Ars Technica) Fuze card is wide open to data theft over Bluetooth. A fix is on the way.

Fake attacks by insiders to fool companies (High-Tech Bridge) Famous cybercrime groups and hacktivists “brands” may be a smokescreen to cover sophisticated insider attacks.

89% of Android Users Didn't Consent to Facebook Data Collection (Dark Reading) A new survey shows most Android users did not give Facebook permission to collect their call and text data.

Fake HSBC USA SWIFT Transfer (103) 37B2308302 delivers Pony- Fareit trojan (My Online Security) An email with the subject of SWIFT Transfer (103) 37B2308302 pretending to come from HSBC Bank USA with a zip attachment which contains another version of the new pony /fareit trojan that needs user interaction before it does anything. Just running this malware on a computer does nothing initially. It sleeps until you perform some actions like opening a folder or starting a program.

Data breach at military resort in Germany leaves soldiers open to identity theft (Stars and Stripes) At least 18 guests — primarily soldiers and retirees — who stayed at the Edelweiss Lodge and Resort between November 2017 and February 2018 reported that their credit cards were misused after their stays.

IG: Interior Dept. computer infected with malware after employee surfed porn sites (Federal News Radio) Three years after hackers stole sensitive personal information on more than 22 million current and former federal employees in the Office of Personnel Management data breach, the Interior Department, whose compromised systems gave the hackers access to OPM’s databases, still has gaps in its cyber defenses, according to its inspector general.

Researchers Rickrolled Emergency Alert Sirens in Proof-of-Concept Hack (Motherboard) Security researchers found that it was relatively easy to hijack the signal of the emergency alert siren system in San Francisco.

Security Patches, Mitigations, and Software Updates

Watch out for continuing bugs: Turn off Windows Update, temporarily (Computerworld) Patch Tuesday is just around the corner, and it’s likely Microsoft will finally pull some of the buggy March patches out of the fire. With ten 'critical' patches rumored to be in the pipeline, don’t leave your machine exposed to Microsoft’s mistakes.

Facebook begins blocking apps from accessing user data after 90 days of non-use (TechCrunch) Facebook has rolled out a change that limits apps’ ability to access users’ data. The change comes hours before Facebook CEO Mark Zuckerberg’s testimony before Congress where it’s expected he will have to answer questions about how the company handles its users’ person…

Cyber Trends

Verizon DBIR: Ransomware Attacks Double for Second Year in a Row (Dark Reading) Outside attackers still the biggest problem - except in healthcare.

Mozilla Diagnoses the Health of the Global Internet (WIRED) The foundation released a broad, sweeping report Tuesday about the state of our lives online.

Major uptick in mobile phishing URL click rate (Help Net Security) Mobile phishing 2018 report analyzes data from more than 67 million mobile devices protected by Lookout since 2011. All data is anonymous, and no corporate data, networks, or systems were accessed to perform this analysis.

How the human factor puts your company at risk (Help Net Security) Positive Technologies has released a new report with statistics on the success rates of social engineering attacks, based on the 10 largest and most illustrative pentesting projects performed for clients in 2016 and 2017.

New Study Finds IT Professionals Lack Confidence in Their Ability to Detect and Contain Cyberbreaches (Morningstar) New Study Finds IT Professionals Lack Confidence in Their Ability to Detect and Contain Cyberbreaches, Read most current stock market news, Get stock, fund, etf analyst reports from an independent source you can trust – Morningstar

Poll: Nearly Half Report IoT Security and Managing Increasing Amounts of Data as Greatest Challenges in Cybersecurity (PR Newswire) Forty percent of professionals report that managing increasing amounts of...

IBM Finds Human Error Linked To Cyberattacks (PYMNTS.com) The high-profile data breach that hit Saks and Lord & Taylor was already eclipsed just days later when news of possible similar attacks at Best Buy, Delta and others hit headlines. While details of the most recent incidents continue to surface, analysts are still looking at the Saks breach, initiated when the retailer’s owner, Hudson’s […]

Marketplace

The stock market gold rush that suddenly turned toxic (Times) It all started with such promise. When the first Russian companies dipped their toe in London’s financial markets 20 years ago after the collapse of the Soviet Union, they were welcomed with open...

Why Cyber Insurance is Vital For Businesses to Succeed (Computer Business Review) Cyber attacks are increasing every day and it is important that organizations stay ahead of the game, more now than ever before. So why Cyber Insurance?

New Trump Adviser Likely to Boost PANW, FEYE, BB Stock (InvestorPlace) PANW, FEYE, and BB stock all look well-positioned to rally from President Trump's new national security adviser.

Facebook rolls out $40K user data abuse bounty ahead of Zuckerberg’s Congressional testimony (TechCrunch) Ahead of Mark Zuckerberg’s Senate testimony today, Facebook has rolled out a number of product updates — including a bounty hunting program of up to $40,000 for user data violations — meant to address (and blunt) the criticism he’s likely to face. The bounties start at $500,…

Cybersecurity Firm Carbon Black Advances IPO After Years of Rumors (Xconomy) Carbon Black is moving closer to a long-anticipated initial public stock offering. The Boston-area cybersecurity company filed an S-1 document with the SEC

Container Security Pioneer StackRox Secures $25 Million in Series B Funding (StackRox) StackRox has secured $25 million in Series B funding, led by Redpoint Ventures, with follow-on investments from Sequoia Capital and Amplify Partners.

Karamba Security Secures Additional $10 Million in Funding Round (VentureBeat) Karamba Security, a world-leading provider of end-to-end automotive cybersecurity prevention solutions, today announced that it has secured $10 million of funding from Silicon Valley…

Janet Levesque Joins Advanced Cyber Security Center Board of Directors (Morningstar) Janet Levesque Joins Advanced Cyber Security Center Board of Directors, Read most current stock market news, Get stock, fund, etf analyst reports from an independent source you can trust – Morningstar

Products, Services, and Solutions

Illusive Networks Announces Breakthrough in Attack Surface Reduction (illusive networks) Leader in deception-based cybersecurity expands its award-winning platform to proactively prepare and prevent advanced attacks.

Cryptshare Brings its Award-Winning Secure Communications and Privacy Solution to U.S. Market, Previews New QUICK Technology at RSA (BusinessWire) Cryptshare announced its new QUICK technology used to simplify the exchange of passwords used to protect encrypted files.

Kenna Security Enables Enterprises to Proactively Address Application Risk (PR Newswire) Karim Toubba, chief executive officer, Kenna Security,"Attacks on...

General Data Protection Regulation (GDPR) Compliance in a Kit (GlobeNewswire News Room) Two managed storage drive solutions that enable rapid deployment of GDPR Solution

Rohde & Schwarz R&S PACE 2 DPI engine reduces cost and risk for network security vendors (Rohde & Schwarz) Deep packet inspection (DPI) is an asset for modern network security solutions.

Ayehu Announces Integration with Cherwell Software (GlobeNewswire News Room) Artificial Intelligence backed automation combined with IT Service Management (ITSM) and IT Operation Management (ITOM) Solution Delivers Significant Process Efficiencies to the Enterprise

Smyte Abuse Management Platform Successfully Reduces 80% of Spammers on Zendesk (CNBC) Smyte, the world's first abuse management platform to combat online harassment, payment fraud, messaging spam, and account takeovers, today announced that Zendesk has successfully eliminated 80% of spammers after the company's integration with Smyte. Zendesk is designed for companies looking to create more...

ThreatQuotient Launches Industry’s First Cybersecurity Situation Room, Empowering Organizations to Take the Right Actions Faster (ThreatQuotient) Stay up-to-date with all of ThreatQuotient's the latest News, Updates, Insights, and Media Coverage at ThreatQ's Resource library.

HPS Inc. Becomes a KnowBe4 Authorized Partner (NBC-2.com) NBC2 News and Weather online for Southwest Florida, serving Lee, Collier, Charlotte, Desoto, Glades and Hendry counties

New Pulse Secure Virtual and Cloud Appliances Expand Secure Access to Applications and Services in Hybrid IT Environments (GlobeNewswire News Room) Deployment flexibility enables new user services, rapid data center scale and cost-effective operation

Cyren Enhances Its Email Scam Security Product (Mediapost) Cyren says it can help firms protect themselves against business email compromise attacks.

Technologies, Techniques, and Standards

How to check if your Facebook data was shared with Cambridge Analytica (Naked Security) Here’s how to find out whether you or your friends shared personal data with controversial data-harvesting company Cambridge Analytica

20 Ways to Increase the Efficiency of the Incident Response Workflow (Dark Reading) Despite all the good intentions of some great security teams, we are still living in a cut-and-paste incident management world.

Design and Innovation

Money Laundering is not Being Caught by Machines, says BAE (Computer Business Review) Most business customers think banks use machine learning and AI to spot money laundering. But banks still rely on human investigators to manually sift through alerts

Lucidity uses the blockchain to bring more transparency to online ads (TechCrunch) Sam Kim, co-founder and CEO of Lucidity, said blockchain technology offers a solution to cut down on fraud and bring more transparency to digital advertising. Kim was previously chief operating officer at The Mobile Majority, a mobile ad company where he said he saw the challenges of reconciling th…

Research and Development

DHS S&T to Demonstrate Cyber Technologies at RSA 2018 (Newswise) The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) will exhibit and demonstrate 13 mature cybersecurity technology solutions that are ready for pilot deployment and commercialization at the RSA 2018 cybersecurity conference, April 16-19, in San Francisco.

Legislation, Policy, and Regulation

Trump Says Putin 'May' Bear Responsibility For Syria Deaths, Promises 'Major Decisions' Soon (RadioFreeEurope/RadioLiberty) U.S. President Donald Trump says he will make "major decisions" on Syrian in the "next 24 to 48 hours" in response to a suspected chemical attack, as calls increased for an international response to the crisis and the UN Security Council gathered for an emergency meeting on April 9.

White House: 'Good relationship' with Putin still possible after Syrian attack (Washington Examiner) President Trump remains optimistic about his relationship with Russian leader Vladimir Putin, the White House said Monday, despite growing concerns about Russia's alliance with Syria in the wake of lasts weekend's chemical weapons attack in Damascus.

Russia Faces '100 Years Of Solitude' (Or More), Putin Aide Says (RadioFreeEurope/RadioLiberty) A veteran adviser to Russian President Vladimir Putin says that Russia has abandoned its centuries-long hopes of integrating with the West and is bracing for a new era of geopolitical isolation.

NSA official says US doesn't have 'political fortitude' to challenge Russia (CNN) The US doesn't "yet have the political fortitude to say how we'll strike back" against Russian misbehavior in cyberspace, an NSA official said.

Trump officials can't agree if U.S. has hit Russia 'where it hurts' (NBC News) A top NSA official says no, while Trump's chief cyber adviser says yes.

How the U.S. Can Play Cyber-Offense (Foreign Affairs) In cyberwarfare, Washington should recognize that the best defense is a good offense.

ASPI demystifies Australia's 'offensive cyber' capabilities (Security Brief) What does Australia’s offensive cyber capabilities actually involve? It seems that many people may have the wrong idea.

AI experts want government algorithms to be studied like environmental hazards (Quartz) Public accountability for public algorithms.

Blockchain is not only crappy technology but a bad vision for the future (Medium) Blockchain is not only crappy technology but a bad vision for the future. Its failure to achieve adoption to date is because systems built…

The way we regulate self-driving cars is broken—here’s how to fix it (Ars Technica) The first driverless cars will be rented, not sold—that has major implications.

Trump administration considering major changes to security clearance program (FederalNewsRadio.com) In addition to the security clearance process, the Trump administration is also considering a move of another Office of Personnel Management program, HR Solutions.

Is The Direct Commissioning Of Cyber Warriors Actually Working? (Task & Purpose) Direct commissioning of information warfare officers, smooth cyber operators, and such has been going on for awhile. Does anyone know how it is going?

Former top US intelligence officials back Trump's CIA pick ( The Jerusalem Post | JPost.com ) US President Donald Trump's nominee for CIA director, Gina Haspel, has received the strong, cross-partisan backing of dozens of former top intelligence officials, according to a letter sent to the Senate Intelligence Committee.

DHS cyber office names chief data officer (FCW) Preston Werntz, who helped establish the Automated Indicator Sharing program at DHS, has been hired as the chief data officer for the Office of Cybersecurity and Communications.

Litigation, Investigation, and Law Enforcement

Read Mark Zuckerberg’s full testimony to the US House of Representatives (Quartz) The House Committee on Energy and Commerce has released the Facebook CEO's prepared remarks ahead of his Capitol Hill appearance on Wednesday.

A brief history of Facebook’s privacy hostility ahead of Zuckerberg’s testimony (TechCrunch) The Facebook founder will be questioned by the Senate Judiciary and Senate Commerce Committees later today — in a session entitled “Facebook, Social Media Privacy, and the Use and Abuse of Data.” Mark Zuckerberg is also due to testify before Congress on Wednesday — to be asked about the…

Mark Zuckerberg Answers to Congress For Facebook's Troubles (WIRED) Tensions around Facebook's privacy and ad practices have escalated dramatically since the last time the company sat before Congress.

Seven glaring holes in Mark Zuckerberg’s House testimony (Quartz) “‘Trust Zuck’ is not a corporate governance philosophy that I have faith in."

Zuckerberg runs rings round the political class (Times) Like Pinocchio, but a whole lot richer, Mark Zuckerberg is learning how to be a normal boy. For the next two days, the founder of Facebook will be testifying to US lawmakers on Capitol Hill. In...

Facebook is again criticized for failing to prevent religious conflict in Myanmar (TechCrunch) Today marks the start of Facebook CEO Mark Zuckerberg’s much-anticipated trip to Washington as he attends a hearing with the Senate, before moving on to a Congressional hearing tomorrow. Away from the U.S. political capital, Zuckerberg is engaged in serious discussions about Myanmar with a gr…

Russian ex-spy's daughter leaves hospital (BBC News) Yulia Skripal, who was poisoned with a toxic nerve agent, has left hospital for a secure location.

Jail for white collar pirates who stole from Oracle (Naked Security) The unequal struggle between software giant Oracle and services company Terix has finally concluded with the latter’s CEO and co-founder Bernd Appleby being handed two years in jail.

Imperva Largely Dodges Worker Background Check Suit (Law360) Data security company Imperva Inc. convinced a California federal judge Monday to toss most of a proposed class action targeting its employee background check process, saying a former company employee didn’t show he suffered actual harm from being given improper authorization forms.

Black Lives Matter’s biggest Facebook page was allegedly run by a white Australian man (Quartz) Facebook initially kept the unofficial site up saying it "didn't show anything that violated our Community Standards."

Cyber-Criminals Could Earn CEO-Level Salary: Report (Infosecurity Magazine) Cyber-Criminals Could Earn CEO-Level Salary: Report. Bromium study highlights problems facing police

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

2018 Mississippi College Cybersecurity Summit (Clinton, Mississippi, USA, April 10 - 11, 2018) The 2018 Mississippi College Cybersecurity Summit is a conference designed to engage, educate, and raise awareness about cybersecurity across the nation. The 2018 Cybersecurity Summit will provide valuable...

ISC West 2018 (Las Vegas, Nevada, USA, April 11 - 13, 2018) ISC West is THE largest security industry trade show in the U.S. At ISC West, you will have the chance to network with over 30,000 security professionals through New Products & Technologies encompassing...

Decompiling the Government: Getting Technologists and Policymakers to Speak the Same Language (Arlington, Virginia, USA, April 12, 2018) With the support of the Hewlett Foundation, the National Security Institute is excited to host “Decompiling the Government: Getting Technologists and Policymakers to Speak the Same Language.” This networking...

CYBERTACOS San Francisco (San Francisco, California, USA, April 16, 2018) CYBERTACOS is back and becoming one of the biggest cybersecurity networking events! Register today and join us for networking, food and drinks. This event includes a 45-minute meet the press panel made...

RSA Conference 2018 (San Francisco, California, USA, April 16 - 20, 2018) Take this opportunity to learn about new approaches to info security, discover the latest technology and interact with top security leaders and pioneers. Hands-on sessions, keynotes and informal gatherings...

Our Security Advocates (San Francisco, California, USA, April 17, 2018) OUR Security Advocates highlights a diverse set of experts from across information security, safety, trust, and other related fields. OURSA is a single-track, one-day conference with four topic sessions.

5th Annual Cybersecurity Summit (McLean, Virginia, USA, April 24, 2018) Join the Potomac Officers Club for the Fifth Annual Cybersecurity Summit to hear from public and private sector leaders on how federal agencies can improve their respective data security measures.

Secutech (Taipei, Taiwan, April 25 - 27, 2018) To meet the rising demand for intelligent and customised solutions, Secutech converges security and safety, ICT, IoT, artificial intelligence, big data, edge computing, intelligent video analytics and...

Industrial Control Systems (ICS) Cyber Security Conference Asia (Singapore, April 25 - 27, 2018) The Central ICS/SCADA Cyber Security Event of the Year for the APAC Region. Three days of multi-track training & workshops for days for operations, control systems and IT security professionals to connect...

INFILTRATE (Miami Beach, Florida, USA, April 26 - 27, 2018) INFILTRATE is a "pure offense" security conference aimed at the experienced to advanced practitioner. With the late-90s hacker con as its inspiration, the event has limited attendance in order to foster...

Automotive Cybersecurity Summit 2018 (Chicago, Illinois, USA, May 1 - 8, 2018) Smart Vehicles. Smart Infrastructures. The 2nd annual Automotive Cybersecurity Summit brings together public and private-sector manufacturers, suppliers, assemblers, technology providers and V2X partners...

Application of the Law of War to Cyber Operations (Washington, DC, USA, May 3, 2018) Cyber law experts meeting at the George Washington University will cover Title 10 vs. Title 32 vs. Title 50 and the lawful and operational restrictions related to these authorities. The panelists will...

Global Cyber Security in Healthcare & Pharma Summit (London, England, UK, May 3 - 4, 2018) The number of cyber-attacks in healthcare is on the rise, and the industry must do more to prevent and respond to these incidents. The Global Cyber Security in Healthcare & Pharma Summit 2018 will bring...

Secure Summit DC (Washington, DC, USA, May 7 - 8, 2018) (ISC)² Secure Summit DC will assemble the best minds in cybersecurity for two days of insightful discussions, workshops and best-practices sharing. The goal of the event is to equip security leaders to...

HACKNYC (New York, New York, USA, May 8 - 10, 2018) The recent flood of data breach news may numb us to the threat of attacks with kinetic effects--direct or indirect physical damage, injury, or death. Hack NYC focus’ on our preparation for, and resilience...

Insider Threat Program Management With Legal Guidance Training Course (Herndon, Virginia, USA, May 8 - 9, 2018) This training will provide the ITP Manager, Facility Security Officer, and others (CIO, CISO, Human Resources, IT, Etc.) supporting an ITP, with the knowledge and resources to develop, manage, or enhance...

SecureWorld Kansas CIty (Kansas City, Missouri, USA, May 9, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Cyber Investing Summit (New York, New York, USA, May 15, 2018) Now in its third year, the Cyber Investing Summit is an all-day conference focusing on investing in the cyber security industry, which is predicted to exceed $1 trillion in cumulative spending on products...

Third Annual Cyber Investing Summit (New York, New York, USA, May 15, 2018) Renowned cyber security executive David DeWalt will deliver the keynote address at the Third Annual Cyber Investing Summit. The Cyber Investing Summit is a unique all-day conference focused on the financial...

The Cyber Security Summit: Dallas (Dallas, Texas, USA, May 15, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Digital Utilitites Europe (Amserdam, the Netherlands, May 16 - 17, 2018) The conference will bring together key industry stakeholders to address the current challenges of the digitisation in the utilities sector. Join us in Amsterdam to hear latest business case studies and...

SecureWorld Houston (Houston, Texas, USA, May 17, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Ignite18 (Anaheim, California, USA, May 21 - 24, 2018) Palo Alto Networks' sixth annual conference features highly technical insights based on firsthand experiences with next-generation security technologies, groundbreaking new threat research, or innovative...

PCI Security Standards Council’s Asia-Pacific Community Meeting (Tokyo, Japan, May 23 - 24, 2018) Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes and industry expert speakers. The PCI Security Standards Council’s 2018...

North American Financial Information Summit (New York, New York, USA, May 23, 2018) Data is the most vital asset of any financial services firm. With volumes increasing exponentially, and the complexity and structure continuously changing, it is more vital than ever to keep on top of...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.