skip navigation

More signal. Less noise.

Are you using threat intelligence to its full potential?

Are you using threat intelligence to its full potential? Download this free report via Recorded Future to learn 12 common threat intelligence use cases.

Daily briefing.

Hacking Humans—a new CyberWire podcast launched last week.

Each week the CyberWire’s Hacking Humans podcast looks behind the social engineering scams, phishing schemes, and criminal exploits that make headlines and take a heavy toll on organizations around the world. We talk to social engineering experts, security pros, cognitive scientists, and those practiced in the arts of deception (perhaps even a magician or two). We also hear from people targeted by social engineering attacks and learn from their experiences. Trust us: check out the first episode and subscribe today. (Thanks to KnowBe4, our sponsors for season 1.)

The VPNFilter botmasters may be attempting to reconstitute their botnet. Researchers at JASK and GreyNoise reported late Friday that the threat actors behind the first round of infestations are working to herd another set of routers. They're actively scanning Mikrotik routers with port 2000 exposed online, and they're looking only for routers in Ukrainian networks. The focus is unsurprising, given that the threat actor in question is widely believed, on compelling if circumstantial evidence, to be Fancy Bear, a.k.a APT28, a.k.a. Russia's GRU.

FireEye says a news site that popped up last month, USA Really, is in fact a Russian information operation, run out of the same building in St. Petersburg that housed the famous Internet Research Agency troll farm. Some of the features are charmingly bizarre (blood-sucking mosquitoes invade Wisconsin, Louisiana oughta secede again, etc.) but the intent is thought to be malign erosion of such civic trust that Americans may enjoy.

The seesaw of criminal practice currently seems to be tilting financial Trojans up and ransomware down. Ransomware hasn't, however faded to insignificance. AlienVault notes that the Satan ransomware family has adopted new approaches to spreading itself, some of them involving the ShadowBrokers' EternalBlue exploit.

Netscout Arbor reports that criminals continue to make extensive use of evolved forms of Mirai for denial-of-service attacks.

Weekend rumors that Microsoft was in talks to buy open-source code repository GitHub were borne out this morning. Microsoft has indeed made the acquisition for $7.5 billion, about $2.5 billion more than rumor had predicted.

Notes

Today's edition of the CyberWire reports events affecting Australia, Canada, China, European Union, India, NATO/OTAN, Russia, Ukraine, United Kingdom, United States.

$8.76 million: The average yearly cost of insider threats. Get the report.

Insider threat incidents come with a hefty price tag, according to the “2018 Cost of Insider Threats: Global Organizations” report released by independent research group, The Ponemon Institute. Make sure that you understand the full context (and cost) of these threats by downloading the full report. Get your copy today.

In today's podcast we speak with our partners at Accenture Labs, as Malek Ben Salem discusses using keyboard biometrics to detect mental disorders.

Cyber Security Summits: Boston on June 5 & June 28 in DC (Boston, Massachusetts, United States, June 5, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, CenturyLink, IBM Security and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com

TU-Automotive Cybersecurity Conference (Detroit, Michigan, United States, June 6 - 7, 2018) Uniting 150+ experts from the connected car and security industries to help automotive to apply technology and best practices to deliver robust security defenses and processes. Co-located with TU-Automotive Detroit, attendees can access the world’s largest automotive technology exhibition. CyberWire audience save $100 off standard and basic passes with code TCW100.

8th Annual (ISC)2 Security Congress (New Orleans, Louisiana, United States, October 8 - 10, 2018) The (ISC)2 Security Congress brings together the sharpest minds in cyber and information security for over 100 educational sessions covering 17 tracks. Join us to learn from the experts, share best practices, and make invaluable connections. Your all-access conference pass includes educational sessions, workshops, keynotes, networking events, career coaching, expo hall and pre-conference training. Save your seat at congress.isc2.org.

Cyber Attacks, Threats, and Vulnerabilities

Sponsored: Automate and Orchestrate Your Cybersecurity Processes (ThreatConnect) Join our demo to see how security teams can improve efficiency, manage threat data, and create a system of record for their cybersecurity approach.

The VPNFilter Botnet Is Attempting a Comeback (BleepingComputer) The VPNFilter botnet that was built by Russian cyberspies, which infected over 500,000 routers, and was taken down last week by the FBI is attempting a comeback, according to telemetry data gathered this week.

New internet accounts are Russian ops designed to sway U.S. voters, experts say (McClatchyDC) A new Russian website in English appears to mirror activity of earlier firm that FBI says was Kremlin tool to influence the 2016 U.S. election.

Rabid squirrels, mosquito invasions: Russia’s new internet offensive (South China Morning Post) Offbeat articles on mystery website may be Moscow’s latest assault on American democracy, a US internet security firm claims

Sigrun Ransomware Author Decrypting Russian Victims for Free (BleepingComputer) The author of the Sigrun Ransomware is providing decryption for Russian victims for free, while asking for a ransom payment of $2,500 in Bitcoin or Dash for everyone else.

Satan Ransomware Spawns New Methods to Spread (AlienVault) Today, we are sharing an example of how previously known malware keeps evolving and adding new techniques to infect more systems.BleepingComputer first reported on Satan ransomware in January 2017.

How Mirai spawned the current IoT malware landscape (Help Net Security) Even before the attack against Dyn, Mirai botmasters released the malware's source code in an attempt to muddy the waters. As expected, other malicious actors took it and used it as a base for many malware variants targeting IoT devices.

Success of Mirai Variants Highlights Security Dangers (Infosecurity Magazine) Netscout Arbor report details how black hats are building on Mirai code

As banking Trojans outpace ransomware, financial-services attacks regain their currency (CSO) Banking Trojans were a more common email payload in the first quarter of this year than ransomware, according to new figures that reflect a tactical shift that has security experts warning of a resurgence of financial cybercrime.

Researchers uncover new exploits in voice-powered assistants like Amazon Alexa or Google Assistant (CRN Australia) New potential attack methods identified.

Playing nice? FireEye CEO says U.S. malware is more restrained than adversaries' (Cyberscoop) Researchers can see public policy elements when analyzing nation-state malware, and FireEye's CEO says if it's more restrained it's often from the U.S.

The US creates 'nice' malware. In other news, the sun sets in the east... (iTWire) A statement by the head of security firm FireEye that US government spooks produce "nice" malware when compared to that of other states has been repor...

IE Zero-Day Adopted by RIG Exploit Kit After Publication of PoC Code (BleepingComputer) An Internet Explorer zero-day vulnerability that came to light last month has now been incorporated in the RIG exploit kit, a web-based toolkit that malware authors use to infect a site's visitors with malware.

Researchers Warn of Microsoft Zero-Day RCE Bug (Threatpost) A Microsoft Windows vulnerability enables remote attackers to execute arbitrary code – and there’s no patch yet.

Tens of Vulnerabilities Found in Quest Appliances (SecurityWeek) A total of more than 60 vulnerabilities, including many command injection flaws, have been found by researchers in disk backup and system management appliances from Quest

SpamCannibal comes back to life, starts spam-blocking everyone (Naked Security) SpamCannibal returns from the dead to fail all spam queries sent to it – essentially telling you to “block the world”.

FUD Crypters Recycling Old Malware (SecurityWeek) The FUD crypter service industry is giving a second life to a lot of old and kind-of-old malware, which can be pulled off the shelf by just about anybody with confused ethics and a Bitcoin account.

Visa denies system crashed after cyber attack, blames hardware (International Business Times UK) Visa says computer systems now operating at 'full capacity' after major disruption inflicts payment chaos on stressed out customers.

Widespread Google Groups Misconfiguration Exposes Sensitive Information (Kenna Security) Summary A widespread misconfiguration in Google Groups for organizations utilizing G Suite was recently investigated and reported to Google by the Kenna Security Research Team. This blog post provides information about the misconfiguration, details on how to find and address it, and an overview of the impact on affected organizations.

Browser Side-Channel Flaw De-Anonymizes Facebook Data (Threatpost) An attacker can pick up the profile picture, username and the "likes" of unsuspecting visitors who find themselves landing on a malicious website.

Don’t Use Software to Spy on Your Spouse (Motherboard) Reason’s “To Spy on a Cheating Spouse” explains a practice that harms thousands of women who are surveilled by their partners.

Mobile users ignore shady app permissions at their own risk, warns NY State Cyber Command (SC Media US) Mobile users who download untrustworthy apps on their phone often agree to dangerous permissions requests that give attackers essentially unfettered access to their devices' data and functions -- as demonstrated yesterday by two New York State Cyber Command employees at SC Media's RiskSec NY 2018 conference.

TSB Privacy Snafu as Letters Sent to Wrong Customers (Infosecurity Magazine) Letters acknowledged recent IT incident, but leaked PII of others

Customer Data Flies Away with Ticketfly Hacker (Infosecurity Magazine) A hacker blames poor security for defacing Ticketfly homepage--and they're not sorry.

CEO lodges complaint over mysterious cyber attack on company’s server (Deccan Herald) Police suspect business rivalry or a disgruntled employee

Security Patches, Mitigations, and Software Updates

Tesla can change so much with over-the-air updates that it’s messing with some owners’ heads (The Verge) Praise for a recent software fix to the Model 3’s braking is met with worry that different update slowed some customers’ cars

RSAT Will Automatically Be Reinstalled After New Updates in Next Windows 10 Version (BleepingComputer) In Windows Insider Preview build 17682, Microsoft has made the Remote Server Administration Tools (RSAT) an on-demand software feature. What this means is that once you install RSAT in Windows 10, it will be automatically reinstalled when you install a future operating system update.

Microsoft releases new firmware update for Surface 3 to fix potential security vulnerabilities (MSPoweruser) Microsoft surprised everyone today by releasing a new firmware update for Surface 3 device which was released more than 3 years back. There’s a new firmware for Surface UEFI on devices with Windows 10 Version 1703 (Creators Update) and above that fixes potential security issues, including Microsoft security advisory 180002. For Surface 3 units with …

WordPress Disables Plugins That Expose e-Commerce Sites to Attacks (SecurityWeek) Researchers discover vulnerabilities in ten WordPress plugins made by Multidots for WooCommerce e-commerce websites. WordPress disabled many of them after the developer failed to release patches

Apple security updates, iOS and macOS now support Messages in iCloud (Help Net Security) It’s time to update your Apple devices and software again: the company has pushed out security updates for macOS, iOS, watchOS, tvOS, Safari, and iCloud and iTunes for Windows. It has also introduced Messages in iCloud in iOS and macOS.

Cyber Trends

Sponsored: Busting Threat Intelligence Myths: A Guide for Security Professionals (Recorded Future) See how you can begin to augment your cybersecurity skills with powerful and contextualized threat intelligence.

Aussie cyber security spend surged last year (ARN) A majority of organisations in Australia and New Zealand increased their security spend by up to a third last year, new industry research suggests.

Marketplace

Exclusive: U.S. may soon claim up to $1.7 billion penalty from ZTE (Reuters) The Trump administration may soon claim as much as $1.7 billion penalty from ZTE Corp , as it looks to punish and tighten control over the Chinese telecommunications company before allowing it back into business, according to people familiar with the matter.

US and China work on ZTE rescue; Mnuchin denies quid pro quo (AP via WPXI) The United States and China are working toward an agreement that would ease U.S. sanctions that were imposed on ZTE Corp. and let the Chinese telecommunications giant stay in business.

TIA Backs FCC Banning ZTE, Huawei From USF Funds (Multichannel) Says targeted sanctions are appropriate for security risks

Current outcry over Huawei Canada’s R&D investments creates impression Chinese company's doing something sinister, but it's not - The Hill Times (The Hill Times) Attracting such R&D branch plants is Canadian policy and Prime Minister Justin Trudeau, pictured last week on the Hill, has gone out of his way to court tech companies such as Amazon, Apple, Microsoft, Alphabet/Google and Alibaba. The Hill Times photograph by Andrew Meade

Fujitsu teams up with Vault Systems to go after government cloud (ZDNet) The Protected Cloud product will offer software-, infrastructure-, backup-, and desktop-as-a-service to government users.

Google bins military contract after staff unrest: source (CRN Australia) Employees sign petition in protest of drone analytics project.

Military Contracts Are the Destiny of Every Major Technology Company (Motherboard) Google said it won’t renew its Project Maven contract, but that doesn’t mean its leaving the war business.

Five defense firms in top 25 for cyber security (Military & Aerospace Electronics) Five U.S. defense contractors are among the world's top 25 cyber security and trusted computing companies, say analysts at market researcher Cybersecurity Ventures in Northport, N.Y. Among the world's top 25 cyber security companies are the Raytheon Co., Lockheed Martin Corp., BAE Systems, Booz Allen Hamilton, and Northrop Grumman Corp., Cybersecurity Ventures experts say in their Cybersecurity 500 List, 2018 Edition, released in May.

'Techsploitation' Demonstrators Blocked Google and Apple Buses With Scooters (Motherboard) Activists in San Francisco used scooters and tech buses to protest the industry’s presence in the city.

Microsoft has acquired GitHub for $7.5B in stock (TechCrunch) After a week of rumors, Microsoft today confirmed that it has acquired GitHub, the popular Git-based code sharing and collaboration service. The price of the acquisition was $7.5 billion in Microsoft stock. GitHub raised $350 million and we know that the company was valued at about $2 billion in 20…

GitHub users are already fuming about the company's sale to Microsoft (Quartz) While Microsoft has embraced open-source software since Satya Nadella took over as CEO, many GitHub users distrust the tech giant.

Cyberbit Raises $30 Million Investment From Claridge Israel (PRNewswire) Cyberbit Ltd., a subsidiary of Elbit Systems Ltd., and a world leading provider of cyber range training and simulation platforms, and provider of IT/OT threat detection and security orchestration, today announced a US $30 million investment from Claridge Israel, to accelerate growth, and accommodate the rising demand for its Cyberbit Range product and its entire security portfolio.

Former SoftBank Executive Nikesh Arora to Run Palo Alto Networks (Wall Street Journal) Palo Alto Networks is naming former SoftBank president and operating chief Nikesh Arora as its next chairman and chief executive, a surprising decision that follows years of rapid growth for the cybersecurity company.

Meet The Women Launching Europe's First All-Female Cyber Security Conference (Forbes) After the RSA conference launched featuring an astounding lack of female speakers, BAE Systems’ Kirsten Ward and Saher Naumaan are hoping to buck the norm with a new event, RESET - which they claim is the first of its kind.

Former Reuters Risk Exec Joins Crypto Compliance Startup (CoinDesk) Thomson Reuters's former head of World-Check, Greg Pinn, is the new head of product strategy for iComply.

Products, Services, and Solutions

GDPR Solutions: Cybersecurity Vendors Offer New Compliance Products (eSecurity Planet) GDPR is here, and cybersecurity vendors are responding with privacy and security compliance solutions.

Coalition Announces Cyber Insurance for Smart Buildings: Comprehensive Coverage for Real Estate Developers and Property Managers (PR Newswire) Coalition, the leading technology-enabled cyber insurance solution, today...

Zingbox and Nuvolo Create Healthcare Partnership to Mitigate IoT Cyber Security Threat (GlobeNewswire News Room) Innovative capabilities to discover, secure and optimize IoT devices integrated with a modern data, workflow and orchestration platform for enhanced cyber security threat mitigation

CloudPost Networks and Nuvolo Create Healthcare Partnership to Reduce Medical Device Cyber Security Risk (GlobeNewswire News Room) Inventory identification, intelligence and protection integrated with a modern data, workflow and orchestration platform for cyber security risk reduction

Nuvolo and Asimily Launch Integrated Healthcare Platform to Address Operating Technology Cyber Security Risk (GlobeNewswire News Room) Inventory identification, cyber-risk prioritization, intelligence and protection integrated with a modern data, workflow, and orchestration platform for medical device cyber security risk mitigation

Technologies, Techniques, and Standards

After a Major Cyber Attack, Does the Public Deserve an Explanation? (Route Fifty) The ransomware that crippled Atlanta raises unanswered questions about how to communicate with citizens after a cyber-attack.

Organisations can't just flirt with their disaster plan (SC Media UK) A cyber-disaster plan must not only be designed to keep an organisation or business functioning in the wake of a cyber-attack, but also must be practiced.

Duck, cover, and reboot your router? Why the FBI’s new warning is no joke (Digital Trends) The FBI has discovered up to 500,000 home or office routers could be vulnerable to a dangerous cyberattack. According to experts, there are a couple of important factors that make this malware an unprecedented situation. But can resetting your router really prevent a major cyberattack?

5 Tips for Protecting SOHO Routers Against the VPNFilter Malware (Dark Reading) Most home office users need to simply power cycle their routers and disable remote access; enterprises with work-at-home employees should move NAS behind the firewall.

The Role of Automated Asset Management in Industrial Cybersecurity (Infosecurity Magazine) How automated asset management can aid industrial cybersecurity.

How free software tools fit into the modern cyber theater (Fifth Domain) Free tools make it possible to bring a basic level of cybersecurity to every computer network and, in the process, help feds.

Here’s how a Pentagon cybersecurity expert imagines the U.S. could respond to a North Korean cyber attack (Recode) Eric Rosenbach asks us to role-play.

An Inside Look at OpenStack Security Efforts (eSecurity Planet) OpenStack is a widely used open-source cloud platform, but isn't secure by default. OpenStack experts reveal what is needed to make your cloud secure.

Design and Innovation

Sponsored: Closing the Last Gap in Data Security: Protecting Data in Use (Enveil) Industry analyst firm 451 Research highlights how startup Enveil tackles the encryption-in-use problem with a new take on homomorphic encryption.

Facebook Is Killing Trending Topics (WIRED) The social network announced it was getting rid of the feature, which was the source of numerous scandals.

Crime Fighting Gets High-Tech Advances (WIRED) Beyond big data, officers are increasingly turning to software and ­predictive analytics from companies like Palantir to anticipate when and where misdeeds are likely to occur.

Research and Development

Quantum computers and the unbreakable lattice (ZDNet) Our public/private key encryption security will one day be easily broken by quantum computers -- the lattice will protect our secrets.

On the Origins of Memes by Means of Fringe Web Communities (Arxiv.org) Internet memes are increasingly used to sway and possibly manipulate public opinion, thus prompting the need to study their propagation, evolution, and influence across the Web.

Legislation, Policy, and Regulation

NATO, EU to tackle cyber threats (New Europe) NATO has to take the necessary steps to protect the alliance from external cyber threats from other countries but also weaknesses within NATO, General John Allen told a closed on the record briefing at the GLOBSEC Forum in Bratislava. Asked by New Europe if NATO is identifying specific countries as potential threats

A war in cyberspace is already raging and could lead to 'armageddon' if banks get hit (Business Insider) A war is being fought in cyberspace with “ones and zeros” instead of bullets and too-big-to-fail banks are major targets, experts with cyber security and intelligence backgrounds have told Business Insider.

5 ways to combat international cyber threats (Fifth Domain) The Department of State in a May 2018 report pledged to pursue five goals for promoting internet freedom and establishing norms in cyberspace.

US, China should work together on a rules-based order: Ng Eng Hen (The Straits Times) Both the United States and China are deviating from global norms and acting on their own to protect their core interests, but this challenges the status quo Asia has benefited from, said Defence Minister Ng Eng Hen on Sunday (June 3) at the Shangri-La Dialogue.. Read more at straitstimes.com.

Australia considers Huawei 5G ban over security concerns (Financial Times) Chairman John Lord hits back after MP claims telecoms group was controlled by Beijing

GOP lawmaker: Trump’s ZTE deal ‘put a price tag on national security' (Washington Examiner) President Trump’s decision to ease sanctions on a Chinese tech company was tantamount to putting a "price tag on national security,” according to a Republican lawmaker.

This is why the Pentagon is taking over security clearance checks (Military Times) The Defense Department is poised to take over background investigations for the federal government, using increased automation and high-tech analysis to tighten controls and tackle an enormous backlog of workers waiting for security clearances, according to U.S. officials.

Donald Trump to Name Douglas Fears as White House Homeland Security Adviser (Wall Street Journal) President Donald Trump will name Rear Adm. Douglas Fears as his new homeland security adviser, the latest reshuffling to occur within the White House National Security Council.

No one better to lead on cybersecurity than a White House coordinator (TheHill) On the same day that the White House announced that the cybersecurity coordinator position on the National Security Council (NSC) was eliminated, the Department of Homeland Security unveiled its new cybersecurity strategy.

Litigation, Investigation, and Law Enforcement

US expects fallout from Snowden leaks for years to come (The Seattle Times) Whistleblower or traitor, leaker or public hero? National Security Agency contractor Edward Snowden blew the lid off U.S. government surveillance methods five years ago, but intelligence chiefs complain that revelations from the trove of classified documents he...

When the FBI Can Help Companies Deal With a Cyber Event (New York Law Journal) Many companies neglect to reach out to the FBI following a cyber incident turning instead to law firms and cybersecurity firms alone. This might be a mistake considering the practical assistance the FBI can provide to targets of a cyber attack.

Homeland Security detected signs of cell phone spying in Washington DC (The Verge) IMSI catchers could have been used in proximity to ‘potentially sensitive facilities like the White House.’

MONEYVAL’s annual report: money laundering risks are increasing (Council of Europe) The Council of Europe anti money laundering and counter terrorist financing body MONEYVAL has just published its General Activity Report for 2017.

Leak suspect Winner reaches year in custody (The Augusta Chronicle) A year ago as President Donald Trump labeled the allegations of Russian interference in the 2016 election as fake news, a young woman working for a

Samsung doesn't have to offer updates for phones older than two years (Help Net Security) Dutch consumer protection organization Consumentenbond took Samsung Netherlands to court, arguing that the company should provide timely updates and upgrades for their telephones, "for a period of four years after the introduction to the market and/or two years after the time of the sale."

‘Putin's private foundation,’ spies, and a killer-monk (Meduza) The man who allegedly ordered Arkady Babchenko's murder says was working for Ukrainian counterintelligence all along

'Dead' Russian Journalist Arkady Babchenko Is Alive and Well. Does Faking His Murder Help or Hinder Ukraine’s Credibility? (Atlantic Council) On May 29, the media reported that Russian journalist and Putin critic Arkady Babchenko had been assassinated in Kyiv. He reportedly died in an ambulance on the way to the hospital. On May 30, Babchenko appeared at a press conference, alongside the...

Faulty Chinese spy technology may help convict former CIA officer of espionage (Washington Post) The phone the Chinese intelligence operatives gave Kevin Mallory was a specialized spy gadget. If it had worked like it was supposed to, he might be a free man today.

The Curious Case of Bryan Colangelo and the Secret Twitter Account (The Ringer) A collection of Twitter accounts that has criticized Joel Embiid and Markelle Fultz, disclosed sensitive information, and outlined team strategy shares eye-opening similarities. What does that have to do with the Philadelphia 76ers’ decision-maker?

Azerbaijan Court Rejects RFE/RL's Appeal Against Website Blockage (Radio Free Europe | Radio Liberty) A court in Baku has rejected an appeal by RFE/RL's Azerbaijani Service against the blockage of its website, azadliq.org, backing a move that has been condemned by rights groups and Western governments.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

CYCON: Cyber for the Community (Reston, Virginia, USA, June 9, 2018) Join us for a day of Cyber Security talks on privacy, lock picking, the Dark Web, cyber education, building attack machines, phishing attacks, malware analysis, Internet of Things security, threat monitoring...

Upcoming Events

Cyber:Secured Forum (Denver, Colorado, USA, June 4 - 6, 2018) Cyber:Secured Forum will feature in-depth content on cybersecurity trends and best practices as related to the delivery of physical security systems and other integrated systems. Content is being collaboratively...

Campaign Cyber Defense Workshop (Boston, Massachussetts, USA, June 4, 2018) The Campaign Cyber Defense Workshop brings together experts from the region’s industry, university, and government organizations to address campaign security and effective practices for maintaining campaign...

Gartner Security and Risk Management Summit 2018 (National Harbor, Maryland, USA, June 4 - 7, 2018) Prepare to meet the pace and scale of today’s digital business at Gartner Security & Risk Management Summit 2018. Transform your cybersecurity, risk management and compliance strategies and build resilience...

Securing Federal Identity (Washington, DC, USA, June 5 - 6, 2018) Securing Federal Identity 2018, a highly focused and high-energy event, will feature an in-depth view of the future of federal government policies and technology developments for securing federal identity...

New York State Cybersecurity Conference (Albany, New York, USA, June 5 - 7, 2018) June 2018 marks the 21st annual New York State Cyber Security Conference and 13th Annual Symposium on Information Assurance (ASIA). Hosted by the New York State Office of Information Technology Services,...

The Cyber Security Summit: Boston (Boston, Massachusetts, USA, June 5, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

SecureWorld Chicago (Chicago, Illinois, USA, June 5, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

NSA 2018 Enterprise Discovery Conference (Ft. Meade, Maryland, USA, June 5 - 6, 2018) Hosted by the National Security Agency and the Federal Business Council (FBC). The EDC is the largest event held at NSA with over 1500 attendees from around the world. EDC provides a collaborative learning...

National Cyber Summit (Huntsville, Alabama, USA, June 5 - 7, 2018) The National Cyber Summit is the preeminent event for cyber training, education and workforce development aimed at protecting our nation’s infrastructure from the ever-evolving cyber threat. Held in Huntsville,...

Cyber//2018 (Columbia, Maryland, USA, June 6, 2018) Cyber touches all aspects of our life from the myriad of devices we have brought into our homes to those we employ on the job to increase and improve our productivity. Please join us for our 9th annual...

TU-Automotive Cybersecurity (Novi, MIchigan, USA, June 6 - 7, 2018) Co-located with the world's largest automotive technology conference & exhibition. The conference unites players from research labs, automakers, tier 1’s, security researchers, and the complete supply...

SINET Innovation Summit 2018 (New York, New York, USA, June 7, 2018) Connecting Wall Street, Silicon Valley and the Beltway. SINET New York connects the United States’ three most powerful institutions and evangelizes the importance of industry, government and academic collaboration...

Transport Security and Safety Expo (Washington, DC, USA, June 11 - 12, 2018) Security incidents are expected to cost the world $6 trillion annually by 2021, making now the time to find out more at the 2018 Transport Security and Safety Expo. The transportation industry is rapidly...

Transport Security & Safety Expo (Washington, DC, USA, June 11 - 12, 2018) The conference is devoted to the challenges and opportunities surrounding ensuring the safety and security of passengers and cargo in the digital age.

Dynamic Connections 2018 (Palm Springs, California, USA, June 12 - 14, 2018) Together with you, our customers and partners, we’ll come together for 2 ½ days to learn, explore and create the possible at Dynamic Connections 2018 (DC18). To get ahead of the most critical, most pervasive...

Social Engineering—Rhode Island (Newport, Rhode Island, USA, June 16, 2018) Welcome to the first ever social engineering conference in Rhode Island!

Norwich University Cyber Security Summit (Northfield, Vermont, USA, June 18 - 20, 2018) Norwich University’s College of Graduate and Continuing Studies (CGCS) is pleased to announce the second annual Cyber Security Summit in June 2018. The summit, presented in a continuing education format,...

NITSIG Meeting: Protecting Controlled Unclassified Information On U.S. Government Contractor Information Systems (Herndon, Virginia, USA, June 18, 2018) This meeting will discuss the security control requirements for the protection of Controlled Unclassified Information (CUI), for contractor information systems upon which CUI is processed, stored on, or...

Insider Threat Program Management With Legal Guidance Training Course (Tyson's Corner, Virginia, USA, June 19 - 20, 2018) This training will provide the ITP Manager, Facility Security Officer, and others (CIO, CISO, Human Resources, IT, Etc.) supporting an ITP, with the knowledge and resources to develop, manage, or enhance...

GovSummit (Washington, DC, USA, June 27 - 28, 2018) GovSummit -- the government security conference hosted annually by the Security Industry Association -- brings together government security leaders with private industry technologists for top-quality information...

The Cyber Security Summit: DC Metro (Tysons Corner, Virginia, USA, June 28, 2018) Learn from cyber security experts from The U.S. Department of Justice, The NSA, Pulse Secure, CenturyLink and more as they brief you on the latest security threats facing your business. This event is...

Impact Optimize2018 (Rosemont, Illinois, USA, June 28, 2018) Impact Optimize2018, the first-ever IT and Business Security Summit hosted by Impact, will provide attendees with actionable steps that enable the betterment of information, network and cybersecurity.

Nuclear Asset Information Monitoring and Maintenance (Warrington, England, UK, July 3 - 4, 2018) On July 3rd and 4th in Warrington United Kingdom, nuclear industry leaders will meet for the IoE Events Nuclear Asset Information, Monitoring and Maintenance conference to further develop the sector’s...

The Cyber Security Summit: Seattle (Seattle, Washington, USA, July 19, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Cyber Security Summit 2018 (Newport, Rhode Island, USA, July 18 - 20, 2018) Join us for Opal Group’s Cyber Security Summit – set in Newport, RI, this premier event will gather C-Level & Senior Executives responsible for defending their companies’ critical infrastructures together...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.