Cover image of The CyberWire Daily
(718)

Rank #22 in Technology category

Technology
News
Tech News

The CyberWire Daily

Updated 2 months ago

Rank #22 in Technology category

Technology
News
Tech News
Read more

The daily cyber security news and insights leaders depend on.

Read more

The daily cyber security news and insights leaders depend on.

iTunes Ratings

718 Ratings
Average Ratings
655
33
17
7
6

Best Cyber news podcast out there!

By KKS70rm - Apr 16 2020
Read more
Great topics, interesting interviews, I love listening to this on my way to work every morning.

Quick daily review of the top cyber security news

By CoTeddyBear - Apr 16 2020
Read more
Great daily recap of the top cyber security news.

iTunes Ratings

718 Ratings
Average Ratings
655
33
17
7
6

Best Cyber news podcast out there!

By KKS70rm - Apr 16 2020
Read more
Great topics, interesting interviews, I love listening to this on my way to work every morning.

Quick daily review of the top cyber security news

By CoTeddyBear - Apr 16 2020
Read more
Great daily recap of the top cyber security news.
Cover image of The CyberWire Daily

The CyberWire Daily

Latest release on Aug 08, 2020

Read more

The daily cyber security news and insights leaders depend on.

Rank #1: SWIFT fraud (behind a wiper). Coinrail ICO robbery. Chinese espionage. G7 agrees to a coordinated response to hostile cyber operations. Malwaretech faces new charges.

Podcast cover
Read more

In today's podcast, we hear about more SWIFT fraud, with a wiper attack as misdirection. Cryptocurrency exchange looted of ICO tokens. Chinese espionage in Rhode Island, and a conviction in Virginia. Dropping Elephant spearphishes in think tanks. G7 agreement suggests a coordinated response to hostile cyber operations. Net neutrality expired this morning in the US. And Marcus Hutchins faces additional charges. Jonathan Katz from UMD discussing hashing. 

Jun 11 2018

17mins

Play

Rank #2: Winnti Umbrella Chinese threat group — Research Saturday

Podcast cover
Read more

Researchers from ProtectWise's 401TRG team recently published research linking a variety of new and previously reported Chinese cyber threat groups.

Tom Hegel is a Senior Threat Researcher with the 401TRG, and he joins us to share their findings. 

The CyberWire's Research Saturday is presented by the Hewlett Foundation Cyber Initiative.

Thanks to our sponsor Enveil, closing the last gap in data security.

Jun 09 2018

20mins

Play

Rank #3: Operation Sharpshooter. Meng makes bail. Sino-American cyber tensions. Leadership crises in the UK and France. Congress doesn’t lay a glove on Google. 2018’s bad password practices.

Podcast cover
Read more

In today’s podcast, we hear some of McAfee’s description of Operation Sharpshooter, an ambitious cyber reconnaissance campaign. Huawei’s CFO Meng makes bail in Vancouver, and China reacts sharply to the arrest. The US is said to be preparing sanctions and indictments in response to various Chinese hacking activities. A no-confidence vote is called in the UK. In France, President Macron makes concessions to the Yellow Vests. Google skates through its interrogation by Congress. And bad passwords get rated. Johannes Ullrich from SANs and the ISC Stormcast Podcast with holiday tips on securing new devices. Guest is Ali Golshan from StackRox on the shift toward DevOps.

For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2018/November/CyberWire_2018_12_12.html

Support our show

Dec 12 2018

20mins

Play

Rank #4: No more Iranian cyberattacks since the minor weekend vandalism, but the US Government advises all to look to their defenses. Fancy Bear is the usual suspect in Austria. A guilty plea by an insider threat.

Podcast cover
Read more

The kittens haven’t scratched much so far, but the US Government and others are warning organizations to be alert to the likelihood of Iranian cyberattacks in retaliation for the combat death, by US missile, of Quds Force commander Soleimani. Fancy Bear is the usual suspect in the case of the Austrian Foreign Ministry hack. Patch your Pulse Secure VPN servers if you’ve got ‘em. ToTok is back in the Play Store. And there’s an executive who turned out to be an insider threat. Robert M. Lee from Dragos with a look back at 2019 ICS security issues. Guest is Tom Tovar from AppDome on mobile API security. 

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_08.html

Support our show

Jan 07 2020

21mins

Play

Rank #5: Microsoft patches a vulnerability NSA disclosed. Fronting for APT40 in Hainan. Fancy Bear pawed at Burisma. The NSA Pensacola shooting and the debate over encryption.

Podcast cover
Read more

NSA discloses a vulnerability to Microsoft so it can be patched quickly. Intrusion Truth describes thirteen front companies for China’s APT40--they’re interested in offensive cyber capabilities. Area 1 reports that Russia’s GRU conducted a focused phishing campaign against Urkraine’s Burisma Group, the energy company that figured prominently in the House’s resolution to impeach US President Trump. And the US Justice Department moves for access to encrypted communications. Joe Carrigan from JHU ISI on the security issues of Android bloatware. Guest is Haiyan Song from Splunk with 2020 predictions.

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_14.html

Support our show

Jan 14 2020

21mins

Play

Rank #6: For OceanLotus, a picture is worth a thousand words (or at least a few lines of loader code). Georgia Tech breached. Mounties raid offices associated with Orcus RAT.

Podcast cover
Read more

In today’s podcast, we hear that OceanLotus, a.k.a. Cobalt Kitty, a.k.a. APT32, is out and about and using a steganographic vector to deliver its loader. Georgia Tech suffers a major data breach, with access to student, staff, and faculty records by parties unknown. Research universities remain attractive targets. Reflections on dual-use technologies. The Royal Canadian Mounted Police have raided offices connected with the production of the Orcus RAT, which is either a legitimate tool or a commodity Trojan, depending on whom you believe. David Dufour from Webroot with results from their most recent threat report. Guest is Roy Zur from Cybint Solutions on the essentials of hunting and fishing for information online.

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2019/April/CyberWire_2019_04_03.html

Support our show

Apr 03 2019

20mins

Play

Rank #7: Ransomware deletes dupes. Exodus scandal grows in Italy. Election reports from Ukraine and Israel.

Podcast cover
Read more

In today’s podcast, we hear that a ransomware strain deletes duplicates. But you know that just keeping a duplicate on the same drive wasn’t a secure backup, right? Right? Exodus spyware, now ejected from Google Play, is becoming a significant scandal in Italy. Influence operations meet campaigning in India and Israel--fair or unfair seems to be in the eye of the campaigner. In Ukraine, they’re just so much disinformation. OpIsrael hacktivists are expected back this weekend. More on below-the-belt selfies. Prof. Awais Rashid from University of Bristol on training people to work with cyber security complexity at scale. Guest is Hank Thomas from Strategic Cyber Ventures on the current environment for VC funding in cyber security.

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2019/April/CyberWire_2019_04_02.html

Support our show

Apr 02 2019

20mins

Play

Rank #8: Huawei will play in UK infrastructure, at least a little. Citizen Lab on KINGDOM, a Pegasus operator. Avast and sale of user data. Happy Data Privacy Day.

Podcast cover
Read more

Britain decides to let Huawei into its 5G infrastructure, just a little bit, anyway. Citizen Lab reports on its investigation of Saudi use of Pegasus spyware against journalists. Avast is again collecting user data and sharing anonymized data with a subsidiary for sale to business customers. Some Data Privacy Day thoughts on agreeing to terms and conditions, with reflections on the first systematic look at End User License Agreements, found in the final chapter of Plato’s Republic. Joe Carrigan from JHU ISI on evolving ransomware business models. Guest is Dr. Christopher Pierson from BLACKCLOAK with insights on the alleged Bezos phone hack and the vulnerabilities of high-profile individuals.

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_28.html

Support our show

Jan 28 2020

20mins

Play

Rank #9: Bonus Episode: The grugq illuminates influence operations

Podcast cover
Read more

We're sharing a special bonus episode, celebrating the 100th episode of the Recorded Future podcast and featuring well-known hacker, presenter and social media personality the grugq. The topic is influence operations. 

Mar 31 2019

34mins

Play

Rank #10: SEC, DoJ, issue civil and criminal complaints against EDGAR hackers. Lazarus Group in Chile? Iran’s Ashiyane Forum. Cryptomix ransomware. Money laundering through Fortnite. Fake WaPo edition.

Podcast cover
Read more

In today’s podcast, we hear that the SEC and the Department of Justice are going after EDGAR hackers for securities fraud. Flashpoint sees the Lazarus Group in an attack on Chile’s Redbanc. Recorded Future shares notes on Iran’s Ashiyane Forum. Crytpomix ransomware is being distributed by fraudulent charitable appeals. Organized gangs are using Fortnite in-game currency for money laundering. A slickly done bogus edition of the Washington Post was being handed out in DC this morning. Ben Yelin from UMD CHHS on a recent ruling regarding 5th amendment protections for biometrics. Guest is Kevin O’Brien from GreatHorn on techniques to improve email security.

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2019/January/CyberWire_2019_01_16.html

Support our show

Jan 16 2019

20mins

Play

Rank #11: Berserk Bear is back, and still loves that critical infrastructure honey. COVID-19 apps: good, bad, and bogus. Android issues discovered. A FIN7 arrest. Mr. Faraday’s underwear.

Podcast cover
Read more

Berserk Bear is back, and snuffling around Germany’s infrastructure. Two new Android issues surface. India opens up the source code for its COVID-19 contact-tracing app as such technological adjuncts to public health continue to arouse privacy concerns. [F]Unicorn poses as Italy’s Immuni app. An alleged FIN7 gangster is arrested. Australia’s Data61 urges companies not to scrimp on R&D. Joe Carrigan on Android mobile malware getting new features. Our guest is Frederick “Flee” Lee from Gusto on CCPA. And does your underwear come with a Faraday cage? We thought it might.

For links to all of today's stories check out our CyberWire daily news brief:

https://www.thecyberwire.com/newsletters/daily-briefing/9/102

May 27 2020

20mins

Play

Rank #12: Naming and shaming is the worst thing we can do.

Podcast cover
Read more

In December 2019, the GOLD VILLAGE threat group that operates the Maze ransomware created a public website to name and shame victims. The threat actors used the website to dump data they exfiltrated from victims' networks before they deployed the ransomware. Secureworks Counter Threat Unit (CTU) researchers have observed several ransomware operators following suit.

Joining us in this week's Research Saturday is Alex Tilley of SecureWorks' Counter Threat Unit. 

The CyberWire's Research Saturday is presented by Juniper Networks.

Thanks to our sponsor Enveil, closing the last gap in data security.

May 23 2020

23mins

Play

Rank #13: Updates on US-Iranian tensions, and especially on hacktivism and possible power grid battlespace preparation. Researchers complain of preinstalled malware said to be in discount Android phones.

Podcast cover
Read more

Amid indications that both Iran and the US would prefer to back away from open war, concerns about Iranian power grid battlespace preparation remain high. Recent website defacements, however, increasingly look more like the work of young hacktivists than a campaign run by Tehran. Phones delivered under the FCC’s Lifeliine Assistance program may come with malware preinstalled. And we’ll take Cybersecurity for six hundred, Alex. Tom Etheridge from Crowdstrike on having a board of directors’ playbook. Guest is Curtis Simpson from Armis on CISO burnout.

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_10.html

Support our show

Jan 10 2020

25mins

Play

Rank #14: Eric Haseltine on his book, "The Spy in Moscow Station."

Podcast cover
Read more

On this Special Edition, our extended conversation with Eric Haseltine on his book "The Spy in Moscow Station." The book... "tells of a time when—much like today—Russian spycraft had proven itself far beyond the best technology the U.S. had to offer. The perils of American arrogance mixed with bureaucratic infighting left the country unspeakably vulnerable to ultra-sophisticated Russian electronic surveillance and espionage." 

Thanks to our sponsor, KnowBe4.

Feb 02 2020

25mins

Play

Rank #15: Clever breaches demonstrate IoT security gaps - Research Saturday

Podcast cover
Read more

Some of our favorite and most trusted IoT devices help make us feel secure in our homes. From garage door openers to the locks on our front doors, we trust these devices to recognize and alert us when people are entering our home. It should come as no surprise that these too are subject to attack. 

Steve Povolny is head of advanced research at McAfee; we discuss a pair of research projects they recently published involving popular IoT devices. 

The research can be found here:

McAfee Advanced Threat Research demo McLear NFC Ring

McAfee Advanced Threat Research Demo Chamberlain MyQ

The CyberWire's Research Saturday is presented by Juniper Networks.

Thanks to our sponsor Enveil, closing the last gap in data security.

Jan 18 2020

20mins

Play

Rank #16: Regulation in the U.S. — CyberWire X

Podcast cover
Read more

In this premier episode of our new, four-part series, called “Ground Truth or Consequences: the challenges and opportunities of regulation in cyberspace,” we take a closer look at cyber security regulation in the U.S. 

Joining us are Dr. Christopher Pierson from BlackCloak and Randy Sabett from Cooley LLC. 

Later in the program we'll hear from Jason Hart, CTO for enterprise and cybersecurity at Gemalto. They're the sponsors of this show.

Nov 13 2018

28mins

Play

Rank #17: A Jira vulnerability that’s leaking data in the public cloud - Research Saturday

Podcast cover
Read more

Unit 42 (the Palo Alto Networks threat intelligence team) released new research on a Jira vulnerability that’s leaking data of technology, industrial and media organizations in the public cloud. The vulnerability (a Server Side Request Forgery -- SSRF) is the same type that led to the Capital One data breach in July 2019.

Jen Miller-Osborn is the Deputy Director of Threat Intelligence for Unit 42 at Palo Alto Networks, and she joins us to share their findings.

The research can be found here: https://unit42.paloaltonetworks.com/server-side-request-forgery-exposes-data-of-technology-industrial-and-media-organizations/

The CyberWire's Research Saturday is presented by Juniper Networks.

Thanks to our sponsor Enveil, closing the last gap in data security.

Jan 02 2020

13mins

Play

Rank #18: The evolution of malware, both criminal and state-run.

Podcast cover
Read more

Turla tunes its tools. The commodity Trojan AnarchyGrabber is now stealing passwords. A new iOS jailbreak has been released. The UK reconsiders its decision to allow Huawei into its 5G networks. A tech group lobbies the US House against warrantless inspection of searches. Remote work’s regulatory risk. COVID-19 conspiracy theories. Hackers say they’re vigilantes. Our own Rick Howard on intrusion kill chains, his latest episode of CSO Perspectives. Our guest is Nico Fischbach from Forcepoint on deepfakes expanding outside of disinformation campaigns to the enterprise. And too many remote workers appear to have too much time on their hands.

For links to all of today's stories check out our CyberWire daily news brief:

https://www.thecyberwire.com/newsletters/daily-briefing/9/101

May 26 2020

20mins

Play

Rank #19: Tracking one of China's hidden hacking groups - Research Saturday

Podcast cover
Read more

Operation Wocao (我操, “Wǒ cāo”, is a Chinese curse word) is the name that Fox-IT uses to describe the hacking activities of a Chinese based hacking group.

We are joined by Fox-IT's Maarten van Dantzig who shares his insights into their new report entitled "Operation Wocao: Shining a light on one of China’s hidden hacking groups".

The Research can be found here:

Operation Wocao: Shining a light on one of China’s hidden hacking groups

The CyberWire's Research Saturday is presented by Juniper Networks.

Thanks to our sponsor Enveil, closing the last gap in data security.

Feb 01 2020

17mins

Play

Rank #20: Luring IoT botnets to the honeypot — Research Saturday

Podcast cover
Read more

Researchers from Netscout's ASERT team have been making use of honeypots to gather information on rapidly evolving IoT botnets that take advantage of default usernames and passwords to gain access and take control of unprotected devices.

Matt Bing is a security research analyst with Netscout, and he guides us through their findings.

The original research can be found here: https://asert.arbornetworks.com/dipping-into-the-honeypot/

The CyberWire's Research Saturday is presented by Juniper Networks.

Thanks to our sponsor Enveil, closing the last gap in data security.

Jan 19 2019

18mins

Play

Like anything these days, you have to disinfect it first.

Podcast cover
Read more

“Cyberbunker” refers to a criminal group that operated a “bulletproof” hosting facility out of an actual military bunker. “Bullet Proof” hosting usually refers to hosting locations in countries with little or corrupt law enforcement, making shutting down criminal activity difficult. Cyberbunker, which is also known as “ZYZtm” and “Calibour”, was a bit different in that it actually operated out of a bulletproof bunker. In September of last year, German police raided this actual Cyberbunker and arrested several suspects.

While most of the group's assets were seized during the initial raid, the IP address space remained and was later sold to Legaco Networks. Before being shut down, Legaco Networks temporarily redirected the traffic to the SANS Internet Storm Center honeypots for examination.

Joining us on this week's Research Saturday from SANS Technology Institute is graduate student Karim Lalji and Dean of Research Johannes Ullrich to discuss their experiences. 

The research and blog post can be found here:  Real-Time Honeypot Forensic Investigation on a German Organized Crime Network Cyberbunker 2.0: Analysis of the Remnants of a Bullet Proof Hosting Provider

The CyberWire's Research Saturday is presented by Juniper Networks.

Thanks to our sponsor Enveil, closing the last gap in data security.

Aug 08 2020

23mins

Play

US Executive Orders against TikTok, WeChat. Chimera takes chip IP. Intel data leaked. Texting Rewards for Justice. Coordinated inauthenticity. Magecart’s homoglyph attacks.

Podcast cover
Read more

President Trump issues Executive Orders restricting TikTok and WeChat in the US. A Chinese APT has been active in industrial espionage against Taiwan’s semiconductor industry. Intel sustains a leak of sensitive company intellectual property. Rewards for Justice communicated to Russian and Iranian individuals by text message. Coordinated inauthenticity from Romanian actors, probably criminals. Magecart moves to homoglyph attacks. Craig Williams from Cisco Talos on ransomware campaigns making use of Maze and Snake malware. Our guest is Monica Ruiz from the Hewlett Foundation Cyber Initiative on the potential for a volunteer cyber workforce. And, sorry Fort Meade--there are limits to telework.

For links to all of today's stories check out our CyberWire daily news brief:

https://www.thecyberwire.com/newsletters/daily-briefing/9/153

Aug 07 2020

24mins

Play

US Clean Network program outlines measures against Chinese operations. $10 million reward offered for info on election interference. Australia’s cyber strategy is out. Grand larceny and petty lulz.

Podcast cover
Read more

The US announces five new lines of effort for the Clean Network program, and none of them are exactly mash notes for Beijing. The US is also offering rewards of up to ten million dollars for information about foreign computer crimes aimed at interfering with US elections. Australia’s new cybersecurity strategy is out. Maze may have hit Canon. Rob Lee from Dragos addresses speculation of an ICS supply chain back door. Our guest is Theresa Lanowitz from AT&T Cybersecurity on 5G security threats to businesses. And a bail hearing is disrupted by Zoom-bombing.

For links to all of today's stories check out our CyberWire daily news brief:

https://www.thecyberwire.com/newsletters/daily-briefing/9/152

Aug 06 2020

22mins

Play

Privacy, Fort Meade style. Interpol looks at cybercrime. Oilrig gets DNSExfiltrator. Please move on from Windows 7. Updates on the Twitter hack.

Podcast cover
Read more

NSA, yes, NSA, has some privacy advice. Interpol offers its take on where cybercrime is going during the time of the pandemic. Iran’s Oilrig is getting clever with its data exfiltration. The FBI would like to know when you’re finally going to move on from Windows 7--like, c’mon people. Joe Carrigan looks at pesky ads from the Google Play store. Our guest is Bobby McLernon from Axonius on how federal cybersecurity is particularly vulnerable during the shutdown. And a not-guilty plea from one of the three alleged Twitter hackers, along with some notes on how whoever dunnit dunnit.

For links to all of today's stories check out our CyberWire daily news brief:

https://www.thecyberwire.com/newsletters/daily-briefing/9/151

Aug 05 2020

20mins

Play

US attributes Taidoor RAT to China’s government. Pegasus spyware in Togo. The TikTok affair. More fallout from the Blackbaud ransomware incident.

Podcast cover
Read more

The US attributes the Taidoor remote access Trojan to the Chinese government. Sources tell Reuters that documents used in an attempt to influence the last British general election were taken from the compromised email account of the trade minister. Pegasus spyware is found deployed against churchmen and political opposition figures in Togo. China denounces the American smash-and-grab of TikTok. Ben Yelin looks at international law and attribution. Our guest is Ameesh Divatia from Baffle on misconfigured databases being attacked within just hours after coming online. And the Blackbaud ransomware attack continues to affect new victims.

For links to all of today's stories check out our CyberWire daily news brief:

https://www.thecyberwire.com/newsletters/daily-briefing/9/150

Aug 04 2020

20mins

Play

Microsoft considers acquiring TikTok. The US considers other Chinese companies as potential security threats. Charges in the Twiter hack. DDoS turns out to be a glitch. Garmin hack update.

Podcast cover
Read more

Microsoft is in talks to acquire TikTok as the US hints that it may be considering action against other Chinese software companies. Three young men have been charged in the Twitter hack. An apparent distributed denial-of-service attack turns out to have been a glitch. We welcome Verizon’s Chris Novak to the show. Rick Howard talks incident response. And updates on the Garmin hack suggest shifts in the ransomware threat.

For links to all of today's stories check out our CyberWire daily news brief:

https://www.thecyberwire.com/newsletters/daily-briefing/9/149

Aug 03 2020

22mins

Play

Rely on your strengths in the areas of the unknown.

Podcast cover
Read more

Director of Security Engineering at Marketa and Host of Hacker Valley Studio podcast Chris Cochran describes his transitions throughout the cybersecurity industry, from an intelligence job with the Marine Corps, to starting the intelligence apparatus for the House of Representatives, then on to leading Netflix's threat intelligence capability. Chris points out that when pivoting to different roles and responsibilities, you must rely on your own strengths to move forward and bring value to your work. Our thanks to Chris for sharing his story with us.

Aug 02 2020

7mins

Play

Detecting Twitter bots in real time.

Podcast cover
Read more

NortonLifeLock Research Group (NRG) released a prototype browser extension called BotSight that leverages machine learning to detect Twitter bots in real-time. The tool is intended to help users understand the prevalence of bots and disinformation campaigns within their Twitter feeds, particularly with the increase in disinformation of COVID-19.

Joining us on this week's Research Saturday to discuss this tool is Daniel Kats from NortonLifeLock Research Group.

You can find the research here:

Introducing BotSight

Our thanks to Reservoir Labs for sponsoring this week's show.

Aug 01 2020

21mins

Play

Social engineering at Twitter. Phishing kits and hackers for hire. Cyberespionage. The EU sanctions actors for Cloudhopper, WannaCry, and NotPetya. And security advice from NSA and NIST.

Podcast cover
Read more

An update on social engineering at Twitter. A quick look at the phishing kit criminal market. The European Union sanctions individuals and organizations in Russia, China, and North Korea for involvement in notorious hacking campaigns. North Korea’s North Star campaign is back and dangling bogus job offers in front of its marks. Deceptikons snoop into European law firms. Zully Ramzan from RSA on Digital Contact Tracing. Our guest is Tom Kellermann from Vmware Carbon Black on top financial CISOs analyzing the 2020 attack landscape. And both NSA and NIST have some advice on shoring up your security.

For links to all of today's stories check out our CyberWire daily news brief:

https://www.thecyberwire.com/newsletters/daily-briefing/9/148

Jul 31 2020

25mins

Play

A quick look at Big Tech’s antitrust testimony. BootHole may be tough to patch. Fake COVID contact tracers. Netwalker warning. And Chinese espionage against the Vatican and the United Kingdom.

Podcast cover
Read more

Yesterday’s antitrust hearings in the US House of Representatives focus on Big Tech’s big data as something open to use in restraint of trade. And there are questions about community standards as well. The BootHole vulnerability may not represent an emergency, but it will be tough to fix. Android malware masquerades as COVID-19 contact-tracers. The FBI warns against Netwalker ransomware. China says it didn’t hack the Vatican. Justin Harvey from Accenture demystifies red teaming. Our guest is Christopher Ahlberg from Recorded Future on trends in threat intelligence. And somebody’s spoofing a British MP: he’s looking at you, Peoples Liberation Army.

For links to all of today's stories check out our CyberWire daily news brief:

https://www.thecyberwire.com/newsletters/daily-briefing/9/147

Jul 30 2020

19mins

Play

Alleged Russian disinformation campaigns. Beijing’s cyberespionage hits the Vatican. Costly PII losses. VPNs and OT security. Big Tech’s day with Congress. Online bar exams. Snooping for the Saudis.

Podcast cover
Read more

Alleged Russian influence operations described by US intelligence services. “Ghostwriter” targets the Baltic region with anti-NATO false narratives. Chinese intelligence is said to have compromised Vatican networks. Loss of customer PII seems the costliest kind of data breach. VPN bugs represent a risk to OT networks. Big Tech comes to Capitol Hill, virtually. Michigan’s online bar exam knocked offline, briefly, by a cyber attack. Joe Carrigan on password stealers targeting gaming. Our guests are Troy Smith and Mike Koontz from Raytheon on defending communications operations across cloud platforms. And a superseding indictment for two ex-Twitterati charged with snooping for Saudi Arabia.

For links to all of today's stories check out our CyberWire daily news brief:

https://www.thecyberwire.com/newsletters/daily-briefing/9/146

Jul 29 2020

20mins

Play

Data breaches and responsibility. Where do you get a decryptor for WastedLocker? Third-party risk. Misconfigured databases. Follow-up on the Twitter hack.

Podcast cover
Read more

Cloudflare says that reported Ukrainian breaches aren’t its issue. Trend Micro describes a new and unusually capable strain of malware. Garmin is reported to have obtained a decryptor for WastedLocker ransomware. Third-party risk continues in the news, as do misconfigured databases that expose personal information. Huawei’s CFO alleges misconduct by Canadian police and intelligence agencies. Ben Yelin examines the EFF's online Atlas of Surveillance. Dave DeWalt with SafeGuard Cyber on the evolving threat landscape as folks return to the workplace. And the Twitter incident seems to have been a problem waiting to appear.

For links to all of today's stories check out our CyberWire daily news brief:

https://www.thecyberwire.com/newsletters/daily-briefing/9/145

Jul 28 2020

21mins

Play

Vigilante action against Emotet. Third-party risks and data breaches. Cerberus is for sale. And WastedLocker ransomware and the fortunes of crime.

Podcast cover
Read more

A vigilante appears to be interfering with Emotet’s payloads. A fintech breach is blamed on a third-party service provider. A list of Cloudflare users is dumped online. There’s a going-out-of-business sale over at the Cerberus cybergang. Malek ben Salem from Accenture Labs on DeepFake detection. Our own Rick Howard gathers the Hash Table to sort some SOCs. And Garmin, restoring its services after last week’s attack, may have been the victim of Evil Corp’s WastedLocker ransomware.

For links to all of today's stories check out our CyberWire daily news brief:

https://www.thecyberwire.com/newsletters/daily-briefing/9/144

Jul 27 2020

20mins

Play

No matter the statistic, even if against the odds, focus on what you want.

Podcast cover
Read more

Privacy and data security lawyer, Dominique Shelton Leipzig shares that she has always wanted to be a lawyer, ever since she was a little girl. She talks about what her role is with clients in protecting and managing their data, sometimes adhering to up to 134 different data protection laws for global companies. Learn that not a lot has changed for an African-American woman partner at an Amlaw 100 firm as far as diversity during Dominique's career, and how Dominique suggests young lawyers should address those odds. Our thanks to Dominque for sharing her story with us. 

Jul 26 2020

6mins

Play

It was only a matter of time.

Podcast cover
Read more

On April 29, 2020, the Salt management framework, authored by the IT automation company SaltStack, received a patch concerning two CVEs; CVE-2020-11651, an authentication bypass vulnerability, and CVE-2020-11652, a directory-traversal vulnerability.

On April 30, 2020, researchers at F-Secure disclosed their vulnerability findings to the public, with an urgent warning for Salt users - patch now. Before the weekend was out, criminals were deploying malware and targeting vulnerable Salt installations, successfully affecting operations at Ghost, DigiCert, and LineageOS. The malware is a cryptominer, but there is an additional component, a Remote Access Tool written in Go called nspps. Researchers at Akamai have also observed in-the-wild attacks on Salt vulnerabilities. 

Joining us on this week's Research Saturday is Larry Cashdollar, Senior Security Response Engineer at Akamai, to discuss this issue. 

The research can be found here:  SaltStack Vulnerabilities Actively Exploited in the Wild

The CyberWire's Research Saturday is presented by Juniper Networks.

Thanks to our sponsor Enveil, closing the last gap in data security.

Jul 25 2020

12mins

Play

A warning for US critical infrastructure operators. Blackbaud extortion and data breach update. Who’s got the keys to Twitter? Sino-American cyber tensions.

Podcast cover
Read more

CISA and NSA warn of a foreign threat to US critical infrastructure. A look at what the Bears have been up to lately. The Blackbaud extortion incident shows its ripple effects. An awful lot of Twitter employees had access to powerful admin tools. China orders a US consulate closed in a tit-for-tat response to the closure of China’s consulate in Houston. Andrea Little Limbago on cyber in a re-globalized world system. Our guest is Dominique Shelton Leipzig from Perkins Coie LLP on the CA Consumer Privacy Act. And DJI drones may be a bit nosey.

For links to all of today's stories check out our CyberWire daily news brief:

https://www.thecyberwire.com/newsletters/daily-briefing/9/143

Jul 24 2020

24mins

Play

Twitter: hackers got a few accounts’ DMs. French policy toward Huawei hardens. Crooks against British sport. You and your boss should talk more.

Podcast cover
Read more

Twitter updates the news of last week’s incident: the attackers seem to have accessed some direct messages. France’s partial permission for Huawei to operate in that country now looks like a ban with a 2028 deadline. A quiet cryptominer. The cyber threat to British sport. Awais Rashid from the University of Bristol on cyber security and remote working. John Ford from IronNet Cybersecurity with updated 2020 predictions and cyber priorities. And bosses and employees see things differently, cyberwise.

For links to all of today's stories check out our CyberWire daily news brief:

https://www.thecyberwire.com/newsletters/daily-briefing/9/142

Jul 23 2020

21mins

Play

Meowing exposed databases. US indicts two Chinese nationals for hacking, and orders China to close its Houston consulate.

Podcast cover
Read more

“Meowing” is now a thing: the automated discovery and wiping of exposed and unprotected databases. The US indicts two Chinese nationals on eleven counts of hacking and reports evidence that Chinese intelligence services are now using cybercriminals as contractors. Mike Schaub from CloudCheckr on why COVID-19 has ignited modernization projects for government agencies. Joe Carrigan on counterfeit Cisco routers. The US State Department tells China to close its consulate in Houston.

For links to all of today's stories check out our CyberWire daily news brief:

https://www.thecyberwire.com/newsletters/daily-briefing/9/141

Jul 22 2020

20mins

Play

Parliament gets its report on Russian hacking. A look at the cyber criminal economy. Russia says it has no hackers.

Podcast cover
Read more

The Intelligence and Security Committee of Parliament has rendered its report on the Russian cyber threat. Trend Micro reports on the workings of the cyber criminal underground economy. Ben Yelin on U.S. Customs and Border Protection collecting license plate data. Our guest is Kevin O'Brien from GreatHorn on the role of business policies in security to keep users safe during high-risk events. And it turns out that Russia has no hackers whatsoever: Moscow’s Finance Minister says so, so you can take that to the bank.

For links to all of today's stories check out our CyberWire daily news brief:

https://www.thecyberwire.com/newsletters/daily-briefing/9/140

Jul 21 2020

21mins

Play

Following the spoor of the Twitter hackers, a couple of whom seem to be talking to the press. Marketing databases and intelligence collection. TikTok ban? Hacking biomedical research.

Podcast cover
Read more

Notes on last week’s Twitter hack, and on the allure of original gangster and other celebrity usernames. Using marketing databases for intelligence collection. The US Government mulls a ban on TikTok. Johannes Ullrich from SANS on Google Cloud storage becoming a more popular phishing platform. Our own Rick Howard on security operations centers, and a preview of the latest episode of his CSO Perspectives podcast. And more reaction to alleged Russian and Chinese attempts to hack COVID-19 biomedical research.

For links to all of today's stories check out our CyberWire daily news brief:

https://www.thecyberwire.com/newsletters/daily-briefing/9/139

Jul 20 2020

19mins

Play

iTunes Ratings

718 Ratings
Average Ratings
655
33
17
7
6

Best Cyber news podcast out there!

By KKS70rm - Apr 16 2020
Read more
Great topics, interesting interviews, I love listening to this on my way to work every morning.

Quick daily review of the top cyber security news

By CoTeddyBear - Apr 16 2020
Read more
Great daily recap of the top cyber security news.