skip navigation

More signal. Less noise.

Are you using threat intelligence to its full potential?

Are you using threat intelligence to its full potential? Download this free report via Recorded Future to learn 12 common threat intelligence use cases.

Daily briefing.

UpGuard has located another misconfigured AWS S3 bucket. This one belongs to Los Angeles County 211, an L.A.-based not-for-profit whose business is providing information and referrals for health and human services in the county. Among the 3.2 million personally identifiable files exposed are logs and notes on suicide distress and domestic abuse calls.

The speculative execution vulnerabilities at the heart of Spectre, Meltdown, and the recently disclosed "Variant 4" represent, observers say, issues at the foundation of most current chipsets. Many expect other flaws to emerge soon.

Trend Micro offers an update on the Confucius threat group. It's still spying on South Asian (mostly Pakistani) targets, but it's moved its infection vector from romance sites to adult content Android apps.

According to ESET, operators of the Turla Trojan package have moved away from the custom backdoors they've hitherto used in their Mosquito campaign. They now initially use Metasploit open-source pen-testing frameworks, then drop their Mosquito backdoor. Turla is widely regarded as run by Russian intelligence services.

Proofpoint outlines the "Brain Food" botnet, which is for the most part engaged in serving up dodgy nutritional products and regimes, often falsely branded as big successes on the popular plutographic TV show Shark Tank. The bots are hawking supplements to help you diet and make you smarter.

The US Administration is squeezing ZTE for leadership changes and China for trade concessions. Congress is skeptical—many members argue ZTE is a security risk.

Zuckerberg's EU testimony lays an egg. (EU questioners lay several, too.)

Notes

Today's edition of the CyberWire reports events affecting Brazil, China, European Union, India, Pakistan, Russia, United Arab Emirates, United Kingdom, United States.

Learn four incident response lessons from high-profile breaches.

Most enterprises know that they are constantly under attack but haven’t fully embraced some lessons to be learned from real-world, high-profile security incidents. Watch this free webinar, presented by experts from Coalfire and Arete Advisors, to learn four practical lessons that will help you avoid damaging losses and minimize negative impacts of cybersecurity incidents.

In today's podcast we speak with our partners at  Lancaster University, as Daniel Prince discusses risk management and uncertainty. Our guest is Sung Cho from SEWORKS, who takes us through research SEWORKS did on the security of fitness apps.

Startup CEO: Managing a Legal Team for Fun & Profit (Fulton, Maryland, United States, May 31, 2018) DataTribe's Al Clark will share his expertise in providing legal counsel to local tech startups. He'll answer questions on how to gain the most out of and what to look for in legal counsel that will lead to a relationship of lowering risk and saving money. Food and beverages are provided.

Cyber Security Summits: Boston on June 5 & June 28 in DC (Boston, Massachusetts, United States, June 5, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, CenturyLink, IBM Security and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com

TU-Automotive Cybersecurity Conference (Detroit, Michigan, United States, June 6 - 7, 2018) Uniting 150+ experts from the connected car and security industries to help automotive to apply technology and best practices to deliver robust security defenses and processes. Co-located with TU-Automotive Detroit, attendees can access the world’s largest automotive technology exhibition. CyberWire audience save $100 off standard and basic passes with code TCW100.

Cyber Attacks, Threats, and Vulnerabilities

Sponsored: Closing the Last Gap in Data Security: Protecting Data in Use (Enveil) Industry analyst firm 451 Research highlights how startup Enveil tackles the encryption-in-use problem with a new take on homomorphic encryption.

Researchers Say More Spectre-Related CPU Flaws On Horizon (Threatpost) Yet another speculative execution side channel flaw has been disclosed in processors - and security experts warn that more may be out there.

LA County Nonprofit Exposes 3.2M PII Files via Unsecured S3 Bucket (Dark Reading) A misconfiguration accidentally compromised credentials, email addresses, and 200,000 rows of notes describing abuse and suicidal distress.

With fears of full-scale cyberwar, questions of attribution arise (CIO Dive) Script kiddies and credential stuffers aside, the increase in nation-state activity and cyberespionage threats have begun to plague organizations across sectors. 

Confucius Update: New Tools and Techniques, Further Connections with Patchwork (TrendLabs Security Intelligence Blog) We look into the latest tools and techniques used by Confucius, as the threat actor seems to have a new modus operandi, setting up two new websites and new payloads with which to compromise its targets.

Mosquito campaign by Turla undergoes significant TTPs shift (WeLiveSecurity) ESET researcher have discovered that the infamous Turla Mosquito campaign, often used for espionage purposes, has undergone a significant change to its Tactics, Techniques and Procedures (TTPs).

Brain Food botnet gives website operators heartburn (Proofpoint) Proofpoint researchers detail the purpose, function, and propagation of the Brain Food botnet.

Chinese Researchers Find Vulnerabilities in BMW Cars (SecurityWeek) Chinese researchers find over a dozen locally and remotely exploitable vulnerabilities in BMW cars. The company has confirmed the flaws and started rolling out patches

Legit tools exploited in bank heists (ComputerWeekly.com) Cyber criminals attacking the finance and other industry sector are continuing to exploit legitimate administration tools to hide their activities, highlighting the need for threat hunting, a report reveals

Dashlane Uncovers Troubling Password Patterns (Dashlane Blog) Virginia Tech and Dashlane Analysis Find Risky, Lazy Passwords the Norm Dashlane analyzed over 61 million passwords and uncovered some troubling password patterns. The analysis was conducted with research provided...

Mobile Giants: Please Don’t Share the Where (KrebsOnSecurity) Your mobile phone is giving away your approximate location all day long.

Cybercriminals Battle Against Banks' Incident Response (Dark Reading) 'Filess' attacks account for more than half of successful breaches of bank networks, new data shows.

Are manufacturers ready for ransomware? (Information Age) Tony Mannion, Sales Development Manager at SolutionsPT, examines the security challenges facing manufacturers running legacy systems and looks at how they can protect themselves against potential ransomware attacks.

New Supply Chain Cybersecurity Threats Emerge (ChiefExecutive.net) Amid new cybersecurity threats from China, companies must define their mission-critical vendors and review best practices with them.

State government hacked twice in three days (Idaho Business Review) Scant months after the state of Idaho took steps to beef up its cybersecurity, state government computers fell prey to two attacks in a matter of days. First, on May 9, an employee at the Idaho Tax…

City of Winder newest city hit with cyber-attack (CBS 46) The City of Winder is the latest municipality dealing with a cyber-attack. A city spokesperson has confirmed the city was hit with a virus on Monday that is currently affecting the city’s servers.

Cyber Trends

Re-thinking Security in the Privacy Era (AlienVault) Privacy has always had a degree of overlap with security. However, in recent years the dependency each has on the other has increased in regards to protecting individual information, the use of social media, and the requirements to respond to breaches.

The 2018 Duo Trusted Access Report: Enterprise Remote Access (The Duo Security Bulletin) Newly released! The 2018 Duo Trusted Access Report analyzes user behavior and the security of over 10.7 million devices and nearly half a billion authentications per month.

New Trustwave Report Uncovers Key Drivers Steadily Increasing Cybersecurity Pressures (BusinessWire) Trustwave releases the 2018 Security Pressures Report, a report that delves deep into the causalities of pressures security professionals face.

2018 Threat Hunting Report (Alert Logic) This report confirms that threat hunting pays off with earlier detection, faster response, and denial of future exploits. Download now and uncover key findings.

Attackers Hide in Plain Sight as Threat Hunting Lags: Report (SecurityWeek) Carbon Black surveyed the CISOs of 40 major financial institutions in April 2018 to understand how the finance sector is attacked and what concerns its defenders.

Mobile Fraud Soars as Social Sites Help Scammers (Infosecurity Magazine) Mobile Fraud Soars as Social Sites Help Scammers. RSA finds legitimate social platforms are unwittingly helping fraudsters

Security Status in M-Commerce Apps (AppSolid) SEWORKS' AppSolid and AppKnox analyzed the top 50 apps in the shopping category finding that no app was without vulnerabilities. M-commerce market share is expected to be over 50% by 2021. But, despite the increasing number of transactions on m-Commerce, are those apps truly safe and secure?

Companies may think they are ready for GDPR, but their employees are not (ZDNet) While EU organizations have been scrambling to meet the GDPR deadline, more than half their employees are not ready, according to a UK survey from Egress Software Technologies....

New Survey Details the State of Online Privacy and Social Media in America Amidst GDPR (PR Newswire) A new survey conducted by Washington-based digital agency Rad Campaign and...

Netsparker GDPR Survey: 10 Percent of C-Level Security Execs Say GDPR Will Cost Them $1M+ (BusinessWire) Netsparker Ltd., a leading player in the web applications security industry, has today released the results of its GDPR Survey. The survey of more tha

The state of cybersecurity at financial institutions (Deloitte Insights) How do financial services firms measure success with cybersecurity? A Deloitte survey examined how firms developed and deployed best practices. While many approaches are unique to individual firms, institutions are best to scrutinize and learn from their peers’ experiences.

Marketplace

Syncsort Talks Rebranding, IBM i Product Strategy - IT Jungle (IT Jungle) Think you know Syncsort? Who the company is and what it does? Well, you might want to take a fresh peek, because the company that acquired Vision Solutions and a handful of other IBM i software firms is on the move. In fact, it used the COMMON POWERUp 18 conference in San Antonio this week

Private equity firm taps two local execs to scout for government tech services acquisitions (Washington Business Journal) Welsh, Carson, Anderson & Stowe is partnering with two ex-Omniplex World Services executives to build a government services platform.

Cavirin Launches Global Channel Partner Program (Cavirin) Cavirin Connect Partner Program Enables Resellers, System Integrators, and MSPs to Address Customer’s Critical Security Issues

Products, Services, and Solutions

Kudelski Security Introduces Secure Blueprint – Industry’s First Cyber Business Management Platform (Kudelski Security) Kudelski Security Introduces Secure Blueprint – Industry’s First Cyber Business Management Platform

SecBI Announces New Automated Threat Detection & Investigation App for the Palo Alto Networks Application Framework (PR Newswire) SecBI, a disruptive player in automated cyber threat detection and...

TraceFree - The Very First Virtual Private Browser (Kickstarter) TraceFree is a browser specifically built for privacy that runs in the cloud giving you COMPLETE online privacy and security.

Okta's New Context-Based Tech Will Keep Workers From Having To Enter Passwords All The Time (CRN) Okta's Joe Diamond said a context-based approach considering device, IP and geolocation information is a more responsible way to provide highly-secure users with password-less access.

This Chrome plug-in will warn you when hackers have your password (CNET) And yes, it does have a system to avoid leaking your password itself.

Defending Critical Infrastructure from Cyberattacks Demands Multi-Disciplinary Expertise and a Radically New Approach (GlobeNewswire News Room) An important new collaboration has been announced this week between leading cybersecurity provider Virsec, and global professional services company GHD.

Bomgar Privileged Identity Automatically Secures Credentials and Controls Access to Critical IT Resources (BusinessWire) Bomgar Privileged Identity provides real-time privileged credential protection while ensuring authorized individuals have the access they need.

OPAQ Networks and Duo Security Partner to Deliver Two-Factor Authentication as a Security Service (BusinessWire) Technology alliance enables managed security services providers to offer Duo’s Trusted Access as part of OPAQ security-as-a-service platform.

New Bricata Software Update Tackles Security Alert Deluge and... (Bricata) Latest Product Update Provides Flexibility and Customization to Nuanced Alert Thresholds, Improves Metadata Collection Speed, Enterprise Scalability and Supports Cloud Deployments May 23, 2018 – Columbia, Md. – Bricata, Inc., a developer of modern intrusion detection and prevention solutions...

Portnox Announces Portnox CLEAR App for the Palo Alto Networks - Coinish.com (Portnox.com) Portnox, a market leader for network visibility, access control and device risk management solutions, today unveiled its Portnox CLEAR app for the Palo Alto Networks® (NYSE: PANW) Application Framework. Read more here.

Telos Streamlines FedRAMP Processes and Compliance with New Xacta 360 Template (BusinessWire) Telos Streamlines FedRAMP compliance with New purpose-built Xacta 360 template

WhiteSource Launches Next-generation Software Composition Analysis Technology for Prioritizing Open Source Security Alerts (PR Newswire) WhiteSource, the leader in open source security and license compliance...

Vectra introduces Cognito Recall to deliver AI-assisted threat hunting and enable conclusive incident investigations (Vectra Networks) Joins Cognito Detect as a cornerstone of the AI-powered Cognito cyberattack-detection and threat-hunting platform

Seal Network and Deloitte to Build Blockchain Anti-Counterfeiting Network With the European Commission (PR Newswire) Seal Network was selected by the European Commission to compete in the...

LogicHub Accelerates Security Operations with RSA Archer® Suite Support (PR Newswire) Intelligent security automation solution provider LogicHub today...

TrapX Security Joins Cylance to Combat Advanced Persistent Threats with Artificial Intelligence (PR Newswire) TrapX Security, the global leader in deception-based advanced...

MeasuredRisk and Exodus Intelligence Align to Automate Cyber Risk Inference at Light Speed (PR Newswire) MeasuredRisk, Inc., the pioneer of AI powered Risk Inference, has...

Many U.S. Businesses Not Prepared for May 25 Enforcement Deadline of GDPR, a European Union Regulation Requiring Protection of Customers' Personal Data (PR Newswire) CIS is ready to help decode the confusion surrounding GDPR and its implications for U.S. organizations

NorthState Technology Solutions Launches Compliance-as-a-Service for Credit Unions and Banks (PR Newswire) As part of a technology assurance strategy designed to meet the...

EQUIIS Adds New Secure Audio and Video Messaging to its Enterprise Mobile Communication Platform (PR Newswire) EQUIIS Technologies AG, a leader in secure mobile communications for the...

Akamai, Japan’s Largest Bank MUFG Announce Blockchain-Based Payment Network (CoinSpeaker) The cloud delivery platform Akamai and the financial group MUFG are developing a new blockchain-based online payment network. The technology is expected to come during the first half of 2020.

Zilliqa’s First Progress Update Event: Partnerships, Project Grants, and the Unveiling of Scilla (zilliqa) Since we first officially began work on Zilliqa, our plan has been to fix actual problems with actual solutions.

Technologies, Techniques, and Standards

Top 6 Mistakes That Will Blow Your Online Cover (SecurityWeek) Just one failure to use your misattribution tools can instantly connect your alias to your real identity.

What is Bro? And Why IDS Doesn’t Effectively Describe It [Overview... (Bricata) What is Bro? Bro is an open source software framework for analyzing network traffic that is most commonly used to detect network behavioral anomalies for cybersecurity purposes. Bro provides capabilities that are similar to network intrusion detection systems (IDS)... #bro #ids #opensource

Verifying data processing for privacy and GDPR (Help Net Security) Personal data processors and controllers will be obligated to maintain up-to-date and accurate records of identity data processing activity. Regulators will be able to request proof of compliance on demand from these organizations.

GDPR is almost here, what now? (YouTube) The GDPR goes into effect on May 25th, 2018, and even if you don't have a physical presence in the EU, you may still be subject to the regulations. Brian Vecci from Varonis will give you a quick run-down of what you need to know.

APNewsbreak: Pentagon adopts new cellphone restrictions (FederalNewsRadio.com) The Defense Department has approved new restrictions for the use of mobile phones and some other electronic devices in the Pentagon where classified information is present or discussed.

Why DoD cyber needs to be less football, more hockey (Fifth Domain) The Department of Defense is revisiting how cyber forces are trained to execute operations.

Why security suites are ousting traditional antivirus programs (Security Brief) In recent years, user privacy and security have become paramount, while criminals attempt to coerce, steal and manipulate users for their data.

Phishing is still a big problem, but users can help shrink it (GCN) If employees have an easy way to spot and report suspicious emails, security teams will get a steady stream of front-line threat intelligence.

Design and Innovation

Machine Learning Advances Can Strengthen Cyber Defense (SIGNAL) Out-of-the box thinking is needed when using machine learning to help secure systems, an expert says

Research and Development

Pakistan’s first-ever Cyber Security Centre launched (GulfNews) Aims to develop tools and technologies to protect cyberspace sensitive data and local economy from the cyber-attacks

Academia

Northrop Grumman Awards $52,500 in Scholarship Funds to Winning Teams of CyberPatriot X (Northrop Grumman Newsroom) Northrop Grumman Corporation (NYSE:NOC) awarded $52,500 in scholarships to high school students on the winning teams of the CyberPatriot X National Finals Competition held last month.

Refining STEM Education to Raise the Bar for Cyber (SIGNAL) From Head Start programs to internships and mentoring, panelists agree preparing the next generation of cyber warfighters comes down to facilitating opportunities.

Legislation, Policy, and Regulation

Europe's new GDPR data protection ruling will affect companies in the UAE (The National) The General Data Protection Regulation (GDPR) will come into effect on May 25 and those who fail to comply will face heavy fines

Trump proposes face-saving deal for ZTE - but Congress might oppose it (Computing) Another big fine, a management reshuffle and trade concessions could fix it for ZTE

Congressional Opposition Mounts Over White House Approach to Chinese Tech Deals (Wall Street Journal) Lawmakers are moving to thwart Trump administration efforts to ease restrictions on Chinese telecom giant ZTE and other sensitive technology, citing fears the positions would compromise national security in the latest twist in trade negotiations.

Why Congress Sees ZTE as National-Security Threat (Wall Street Journal) President Trump said he wanted to help China’s ZTE “get back into business” just one month after his administration imposed crippling penalties on the telecom company. The comment sparked backlash in Washington, forcing the president to justify his sudden interest in saving the controversial company.

Sen. Warner: ZTE poses national security threat (CNBC) Sen. Mark Warner (D-Va.) discusses the Trump administration's position on Chinese tech company ZTE and the trade negotiations between the U.S. and China.

Senators want National Guard on call for cyberattacks (Cyberscoop) A pair of Senate Democrats have introduced the Cyber Defenders Act, which would give the National Guard a bigger role in defending against cyberattacks.

Brit water firms, power plants with crap cyber security will pay up to £17m, peers told (Register) Problem: they can't pay like banks can...

Trump feels presidential smartphone security is “too inconvenient” (Ars Technica) Report: President Trump clings to his Twitter phone, reluctant to allow security checks.

Litigation, Investigation, and Law Enforcement

Mystery in Mueller probe: Where's the hacking indictment? (TheHill) In the year since the start of special counsel Robert Mueller’s investigation, one thing has been notably absent: a public indictment of any Russians for the hacking of the Democratic National Committee (DNC).

Homeland Security Chief Backtracks After Saying Russia Didn’t Try to Help Trump (New York Times) The agency’s secretary, Kirstjen Nielsen, appeared to counter conclusions by the intelligence community that Moscow sought to give President Trump an edge in the 2016 election.

FBI reportedly overestimated inaccessible encrypted phones by thousands (TechCrunch) The FBI seems to have been caught fibbing again on the topic of encrypted phones. FBI director Christopher Wray estimated in December that it had almost 7,800 phones that investigators were unable to access from 2017 alone. The real number is likely less than a quarter of that.

Zuckerberg didn’t make any friends in Europe today (TechCrunch) Speaking in front of EU lawmakers today Facebook’s founder Mark Zuckerberg namechecked the GDPR’s core principles of “control, transparency and accountability” — claiming his company will deliver on all that, come Friday, when a new European Union data protection frame…

Mark Zuckerberg Escapes Unscathed From European Parliamentary Questioning (Motherboard) Yet again, Facebook’s CEO avoided publicly answering tough questions from lawmakers.

Mark Zuckerberg's EU Parliament grilling labelled 'missed opportunity' for failing to answer questions (Computing) European Parliament criticised for letting Zuckerberg off the hook

Ninth Circuit’s Zappos Decision Is Cautionary Tale for Corporate Victims of Cyberattacks (Ropes & Gray) As the well-known proverb provides, “no good deed goes unpunished.” On March 8, 2018, the U.S. Court of Appeals for the Ninth Circuit unfortunately lent support to that theory when it reversed dismissal of a consumer data-breach class action against online retailer Zappos.com

Brazil conducts large-scale, cyber-crime operation to fight child porn (CGTN America) Brazil is doing its part to fight child pornography. Police conducted a nation-wide operation and arrested hundreds. Their message: was simple: People who harm children will be punished. CGTN’…

Georgia Votes in Primary Amid Cybersecurity Suit (Infosecurity Magazine) Voters show for primary despite lawsuit over cybersecurity of Georgia's voting machines

Manhattan Lawyer's Racist Rant, Other Events Show Social Media's Power Over Lawyers (New York Law Journal) A racist rant. Scrutiny over prolific billable hours. Controversy over arbitration pacts. All three have made news in the legal world in the past few months and all were thrust into the spotlight through social media.

The Wayback Machine is Deleting Evidence of Malware Sold to Stalkers (Motherboard) The Internet Archive's Wayback Machine is a service that preserves web pages. But the site has been deleting evidence of companies selling malware to illegally spy on spouses, highlighting the need to diversify digital archives.

GDPR Questions Answered: Are you still Covered if you Leave Europe? (Infosecurity Magazine) If you're an EU citizen, are you still protected under GDPR if you leave the EU to live in Asia?

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

PCI Security Standards Council’s Asia-Pacific Community Meeting (Tokyo, Japan, May 23 - 24, 2018) Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes and industry expert speakers. The PCI Security Standards Council’s 2018...

North American Financial Information Summit (New York, New York, USA, May 23, 2018) Data is the most vital asset of any financial services firm. With volumes increasing exponentially, and the complexity and structure continuously changing, it is more vital than ever to keep on top of...

SecureWorld Atlanta (Atlanta, Georgia, USA, May 30 - 31, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

RISKSEC (New York, New York, USA, May 31, 2018) Welcome to the 2018 New York City RiskSec Conference. As SC Media approaches our 30th anniversary, we fully understand the avalanche of cybersecurity-related problems, responsibilities and aspirations...

Cyber:Secured Forum (Denver, Colorado, USA, June 4 - 6, 2018) Cyber:Secured Forum will feature in-depth content on cybersecurity trends and best practices as related to the delivery of physical security systems and other integrated systems. Content is being collaboratively...

Campaign Cyber Defense Workshop (Boston, Massachussetts, USA, June 4, 2018) The Campaign Cyber Defense Workshop brings together experts from the region’s industry, university, and government organizations to address campaign security and effective practices for maintaining campaign...

Gartner Security and Risk Management Summit 2018 (National Harbor, Maryland, USA, June 4 - 7, 2018) Prepare to meet the pace and scale of today’s digital business at Gartner Security & Risk Management Summit 2018. Transform your cybersecurity, risk management and compliance strategies and build resilience...

Securing Federal Identity (Washington, DC, USA, June 5 - 6, 2018) Securing Federal Identity 2018, a highly focused and high-energy event, will feature an in-depth view of the future of federal government policies and technology developments for securing federal identity...

New York State Cybersecurity Conference (Albany, New York, USA, June 5 - 7, 2018) June 2018 marks the 21st annual New York State Cyber Security Conference and 13th Annual Symposium on Information Assurance (ASIA). Hosted by the New York State Office of Information Technology Services,...

The Cyber Security Summit: Boston (Boston, Massachusetts, USA, June 5, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

SecureWorld Chicago (Chicago, Illinois, USA, June 5, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

NSA 2018 Enterprise Discovery Conference (Ft. Meade, Maryland, USA, June 5 - 6, 2018) Hosted by the National Security Agency and the Federal Business Council (FBC). The EDC is the largest event held at NSA with over 1500 attendees from around the world. EDC provides a collaborative learning...

Cyber//2018 (Columbia, Maryland, USA, June 6, 2018) Cyber touches all aspects of our life from the myriad of devices we have brought into our homes to those we employ on the job to increase and improve our productivity. Please join us for our 9th annual...

TU-Automotive Cybersecurity (Novi, MIchigan, USA, June 6 - 7, 2018) Co-located with the world's largest automotive technology conference & exhibition. The conference unites players from research labs, automakers, tier 1’s, security researchers, and the complete supply...

SINET Innovation Summit 2018 (New York, New York, USA, June 7, 2018) Connecting Wall Street, Silicon Valley and the Beltway. SINET New York connects the United States’ three most powerful institutions and evangelizes the importance of industry, government and academic collaboration...

Transport Security and Safety Expo (Washington, DC, USA, June 11 - 12, 2018) Security incidents are expected to cost the world $6 trillion annually by 2021, making now the time to find out more at the 2018 Transport Security and Safety Expo. The transportation industry is rapidly...

Transport Security & Safety Expo (Washington, DC, USA, June 11 - 12, 2018) The conference is devoted to the challenges and opportunities surrounding ensuring the safety and security of passengers and cargo in the digital age.

Dynamic Connections 2018 (Palm Springs, California, USA, June 12 - 14, 2018) Together with you, our customers and partners, we’ll come together for 2 ½ days to learn, explore and create the possible at Dynamic Connections 2018 (DC18). To get ahead of the most critical, most pervasive...

Norwich University Cyber Security Summit (Northfield, Vermont, USA, June 18 - 20, 2018) Norwich University’s College of Graduate and Continuing Studies (CGCS) is pleased to announce the second annual Cyber Security Summit in June 2018. The summit, presented in a continuing education format,...

Insider Threat Program Management With Legal Guidance Training Course (Tyson's Corner, Virginia, USA, June 19 - 20, 2018) This training will provide the ITP Manager, Facility Security Officer, and others (CIO, CISO, Human Resources, IT, Etc.) supporting an ITP, with the knowledge and resources to develop, manage, or enhance...

GovSummit (Washington, DC, USA, June 27 - 28, 2018) GovSummit -- the government security conference hosted annually by the Security Industry Association -- brings together government security leaders with private industry technologists for top-quality information...

The Cyber Security Summit: DC Metro (Tysons Corner, Virginia, USA, June 28, 2018) Learn from cyber security experts from The U.S. Department of Justice, The NSA, Pulse Secure, CenturyLink and more as they brief you on the latest security threats facing your business. This event is...

Impact Optimize2018 (Rosemont, Illinois, USA, June 28, 2018) Impact Optimize2018, the first-ever IT and Business Security Summit hosted by Impact, will provide attendees with actionable steps that enable the betterment of information, network and cybersecurity.

Nuclear Asset Information Monitoring and Maintenance (Warrington, England, UK, July 3 - 4, 2018) On July 3rd and 4th in Warrington United Kingdom, nuclear industry leaders will meet for the IoE Events Nuclear Asset Information, Monitoring and Maintenance conference to further develop the sector’s...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.