Cover image of The CyberWire
(645)

Rank #4 in Tech News category

Technology
News
Tech News

The CyberWire

Updated 5 days ago

Rank #4 in Tech News category

Technology
News
Tech News
Read more

More signal, less noise—we distill the day’s critical cyber security news into a concise daily briefing.

Read more

More signal, less noise—we distill the day’s critical cyber security news into a concise daily briefing.

iTunes Ratings

645 Ratings
Average Ratings
597
26
11
5
6

Best daily info-sec podcast

By angry koala1 - Sep 24 2019
Read more
Great topics, guests and humor. One of top three must listen to

Great pod !

By bubba13! - Aug 18 2019
Read more
I’m not in the business but I love tech. Also, you segment on Gumpy old Geeks is great!

iTunes Ratings

645 Ratings
Average Ratings
597
26
11
5
6

Best daily info-sec podcast

By angry koala1 - Sep 24 2019
Read more
Great topics, guests and humor. One of top three must listen to

Great pod !

By bubba13! - Aug 18 2019
Read more
I’m not in the business but I love tech. Also, you segment on Gumpy old Geeks is great!

Listen to:

Cover image of The CyberWire

The CyberWire

Updated 5 days ago

Read more

More signal, less noise—we distill the day’s critical cyber security news into a concise daily briefing.

SWIFT fraud (behind a wiper). Coinrail ICO robbery. Chinese espionage. G7 agrees to a coordinated response to hostile cyber operations. Malwaretech faces new charges.

Podcast cover
Read more

In today's podcast, we hear about more SWIFT fraud, with a wiper attack as misdirection. Cryptocurrency exchange looted of ICO tokens. Chinese espionage in Rhode Island, and a conviction in Virginia. Dropping Elephant spearphishes in think tanks. G7 agreement suggests a coordinated response to hostile cyber operations. Net neutrality expired this morning in the US. And Marcus Hutchins faces additional charges. Jonathan Katz from UMD discussing hashing. 

Jun 11 2018

17mins

Play

Winnti Umbrella Chinese threat group — Research Saturday

Podcast cover
Read more

Researchers from ProtectWise's 401TRG team recently published research linking a variety of new and previously reported Chinese cyber threat groups.

Tom Hegel is a Senior Threat Researcher with the 401TRG, and he joins us to share their findings. 

The CyberWire's Research Saturday is presented by the Hewlett Foundation Cyber Initiative.

Thanks to our sponsor Enveil, closing the last gap in data security.

Jun 09 2018

20mins

Play

Operation Sharpshooter. Meng makes bail. Sino-American cyber tensions. Leadership crises in the UK and France. Congress doesn’t lay a glove on Google. 2018’s bad password practices.

Podcast cover
Read more

In today’s podcast, we hear some of McAfee’s description of Operation Sharpshooter, an ambitious cyber reconnaissance campaign. Huawei’s CFO Meng makes bail in Vancouver, and China reacts sharply to the arrest. The US is said to be preparing sanctions and indictments in response to various Chinese hacking activities. A no-confidence vote is called in the UK. In France, President Macron makes concessions to the Yellow Vests. Google skates through its interrogation by Congress. And bad passwords get rated. Johannes Ullrich from SANs and the ISC Stormcast Podcast with holiday tips on securing new devices. Guest is Ali Golshan from StackRox on the shift toward DevOps.

For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2018/November/CyberWire_2018_12_12.html

Support our show

Dec 12 2018

20mins

Play

Regulation in the U.S. — CyberWire X

Podcast cover
Read more

In this premier episode of our new, four-part series, called “Ground Truth or Consequences: the challenges and opportunities of regulation in cyberspace,” we take a closer look at cyber security regulation in the U.S. 

Joining us are Dr. Christopher Pierson from BlackCloak and Randy Sabett from Cooley LLC. 

Later in the program we'll hear from Jason Hart, CTO for enterprise and cybersecurity at Gemalto. They're the sponsors of this show.

Nov 13 2018

28mins

Play

Chinese supply-chain hack story gets vanishingly thin. Twitter downs pro-Saudi bots. SEO poisoning. OceanLotus evolves. Ransomware notes.

Podcast cover
Read more

In today's podcast, we hear that no one but Bloomberg seems to retain much faith in Bloomberg's story about Chinese supply-chain seeding attacks. Twitter blocks bots retailing coordinated Saudi talking points about the disappearance of journalist Jamal Khashoggi. Latvia says it blocked attempts to interfere with its October elections. SEO poisoning exploits interest in key words associated with US midterms. OceanLotus shows some new trick. A Connecticut town pays ransom. Ransomware hoods take pity on a grieving father. We speak with our Johannes Ullrich from the SANS Institute who discusses DNSSEC root key rollover and Mike Horning from Virginia Tech, shares the results of a study on the implications of regulating social media. For links to all of today's stories, visit https://thecyberwire.com/issues/issues2018/October/CyberWire_2018_10_19.html

Oct 19 2018

23mins

Play

Chinese espionage in Central Asia. Dixons Carphone data exposure. Lazy State speculative execution bug. Pyongyang is expected to come roaring back into cyberspace. Unlucky 13. Chinese espionage in Central Asia. Dixons Carphone data exposure. Lazy State sp

Podcast cover
Read more

In today's podcast, we hear that LuckyMouse has crept into an unnamed Central Asian house. Dixons Carphone data exposure presents complex legal and regulatory issues—it's the first big incident since GDPR came into effect. "Lazy State" is another CPU speculative execution bug. The US Congress doesn't care for ZTE, Australia's government is wary of Huawei, and the EU doesn't like Kaspersky at all. If you didn't like the end of net neutrality, wait until you get a load of the proposed EU Copyright Regulation's Article 13. More hacking expected from Pyongyang. Dr. Charles Clancy from VA Tech, discussing research on antifragile communications. Guest is Stacey Smith from CAMI on MD's legislation supporting cyber security businesses. 

Jun 14 2018

18mins

Play

The German Cybersecurity Market with Gerald Hahn

Podcast cover
Read more

Gerald Hahn is CEO of Softshell ag, a German cybersecurity company. He shares his insights into the market for cybersecurity products in the German market, and how US companies can best prepare themselves to do business, there. 

Dec 29 2017

12mins

Play

Potentially malicious SDKs draw cease-and-desist letters. Nursing homes get ransom demands. A look back at the Sony Pictures hack. CISA offers advice on safe online shopping.

Podcast cover
Read more

Twitter and Facebook warn of potentially malicious software development kits being used by app developers to, potentially, harvest and monetize users’ data. Nursing homes affected by a third-party ransomware incident receive extortion demands that amount to some $14 million. THe Hollywood Reporter retails skeptical musings about the Sony Pictures hack on the fifth anniversary of the North Korean attack. And CISA offers advice for safe holiday shopping. Justin Harvey from Accenture with thoughts on smart cities. Guest is Sam Bakken from OneSpan on mobile app developers protecting against jailbreaking.

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2019/November/CyberWire_2019_11_26.html

Support our show

Nov 26 2019

19mins

Play

Driving GPS manipulation — Research Saturday

Podcast cover
Read more

Researchers at Virginia Tech investigate possible ways to manipulate GPS signals and send drivers to specific locations without their knowledge.  Gang Wang is Assistant Professor of Computer Science at Virginia Tech, and he joins us to share his team's findings.

The original research can be found here: https://people.cs.vt.edu/gangwang/sec18-gps.pdf

The CyberWire's Research Saturday is presented by the Hewlett Foundation Cyber Initiative.

Thanks to our sponsor Enveil, closing the last gap in data security.

Oct 13 2018

27mins

Play

Huawei legal and security updates. A shift to personalized spam in attacks on retailers. “Hollywood hacks” in Eastern European banks.

Podcast cover
Read more

In today’s podcast we hear that Huawei’s CFO remains in Canadian custody, perhaps facing extradition to the US. All Five Eyes have now expressed strong reservations about Huawei on security grounds. They’ve been joined in this by Japan and the European Union. Proofpoint sees a shift in cybercrime toward more carefully targeted and thoughtful social engineering. Kaspersky describes “DarkVishnaya,” a criminal campaign using surreptitiously planted hardware to loot Eastern European banks. Justin Harvey from Accenture discussing what should be in your incident response “go bag.” Guest is New York Times national security correspondent David E. Sanger, discussing his latest book The Perfect Weapon.

For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2018/November/CyberWire_2018_12_07.html

Support our show

Dec 07 2018

25mins

Play

Arrest by algorithm. Dangers of data enrichment. Golden Falcon in Kazakhstan. FCC vs. Huawei and ZTE. Internet sovereignty. Chuckling Squad popped for Twitter caper. Other crime and punishment.

Podcast cover
Read more

A defection and a leak expose Chinese espionage and social control operations. Data aggregation and enrichment seem to underlie a big inadvertent data exposure. Something seems to be up in Kazakhstan’s networks. The US FCC takes a swing at Huawei and ZTE. Russia moves closer to its desired Internet sovereignty. A Chuckling Squad member is in custody. A spy goes to prison, cyber hoods do time, and the rats are up to no good in Estonia. That’s the rodents, not the Trojans. Caleb Barlow from Cynergistek with insights gained from a scammer’s call.

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2019/November/CyberWire_2019_11_25.html

Support our show

Nov 25 2019

20mins

Play

RASPITE noses around the US power grid. Cisco will buy Duo Security. Sandworm afflicts lab investigating Novichok attack. Influence ops can be no-lose proposition.Crytpojacking and malspam.

Podcast cover
Read more

In today's podcast, we hear that Cisco plans to buy Duo Security. Dragos warns of the RASPITE adversary actor. Russia's Sandworm group is phishing people connected with a Swiss chemical forensics lab. How influence operations can be a no-lose proposition. A cryptojacking campaign is discovered and stopped. Malspam is using gifs to carry a keylogger payload. And Facebook CSO Alex Stamos has fixed a date for his departure for Stanford. Robert M. Lee from Dragos with thoughts on categorizing threat actors. Guest is Wendi Whitmore from IBM with their 2018 Cost of a Data Breach study. 

For links to all of today's stories check out our CyberWire daily news brief: https://thecyberwire.com/issues/issues2018/August/CyberWire_2018_08_02.html

Aug 02 2018

18mins

Play

Preparing for grid attacks. Notes on breaches, crime, and punishment. And Facebook's no-good, bad, awful week.

Podcast cover
Read more

In today's podcast we hear that the US Department of Energy says the power grid is preparing for Russian attacks. Teenager finds flaw in hardware wallet. Travel service Orbit suffers a data breach. Laurie Love won't be extradited to the US. Notes from today's Billington International CyberSecurity Summit. And Facebook's truly awful week continues: the Silicon Age is looking right now a lot like the end stages of the Gilded Age. Jonathan Katz from UMD on the security of e-passports. Guest is J.R. Cunningham from Optiv, with advice to not get carried away with GDPR. 

Mar 21 2018

18mins

Play

Code comments cause SAML conundrum — Research Saturday

Podcast cover
Read more

Researchers at Duo Security recently unearthed a new vulnerability class that affects SAML-based single sign-on (SSO) systems. This vulnerability can allow an attacker with authenticated access to trick SAML systems into authenticating as a different user without knowledge of the victim user’s password.

Kelby Ludwig is a Senior Application Security Engineer at Duo security, and he takes us through his discoveries

The CyberWire's Research Saturday is presented by the Hewlett Foundation Cyber Initiative. Learn more at https://www.hewlett.org/cyber/

Mar 24 2018

15mins

Play

Patch Magento soon. Toyota hacked again. Exodus spyware hits app stores. Moscow seeks to corral VPN providers. Facebook wants regulation. Swatting sentence. Phishing tackle in Nigeria.

Podcast cover
Read more

In today’s podcast, we hear that Magento users are being  urged to patch as risk of exploitation rises. Toyota experiences another cyber attack, and some observers blame, on grounds of motive, opportunity, and track record, OceanLotus. Exodus spyware in the Google Play store looks like a case of lawful intercept tools getting loose. Moscow seeks to control and limit VPN providers. Mr. Zuckerberg wants regulation. Mr. Barriss gets twenty years for swatting. And, hey, there’s phishing tackle on the Nigerian National Assembly’s site. Joe Carrigan from JHU ISI on a spying a leaving unsecured data online.

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2019/April/CyberWire_2019_04_01.html

Support our show

Apr 01 2019

18mins

Play

Active defense and “hacking back" with Johnathan Braverman from Cymmetria

Podcast cover
Read more

Jonathan is Cymmetria's General Counsel. A former trial attorney, Mr. Braverman is an expert in cyber-security law, policy and regulation. He has written policy papers on export controls over cyber technology, active defense and "hacking back."

Dec 26 2017

14mins

Play

Malicious misdirection. Found on the subway. A summary of file exposure. Turla’s back, and as clever as ever. ICRC proposes rules of cyberwar. Baltimore ransomware update.

Podcast cover
Read more

Malicious misdirection served up from unpatched WordPress sites. A big, big set of dating site records has been found exposed online--it’s in China, but the records seem to belong to anglophones. Many other files are exposed elsewhere, too, so it’s not a single problem. Turla’s back, and still after diplomats. The International Red Cross proposes rules for cyber conflict. And Baltimore City calculates the cost of not patching. It’s a lot higher than the cost of patching. Craig Williams from Cisco Talos with his take on a critical Microsoft vulnerability, CVE-2019-0708. Guest is Matt Aldridge from Webroot on the San Francisco facial recognition ban. Justin Harvey from Accenture on the dramatic increase in targeted ransomware. Guest is NSA’s Diane M. Janosek, celebrating the 20th year of their Centers of Academic Excellence in Cybersecurity program.

May 31 2019

25mins

Play

Warnings of Outlook exploitation, with a possible Iranian connection. GPS jamming in the Eastern Med. Satellite vulnerabilities. 505 errors. TA505’s new tactics. Content moderation updates.

Podcast cover
Read more

US Cyber Command warns that an Outlook vulnerability is being actively exploited in the wild. Other sources see a connection with Iran. GPS signals are being jammed near Tel Aviv, and Russian electronic activity in Syria is suspected as the cause. A look at the consequences of satellite cyber vulnerabilities. The TA505 gang changes some of its tactics. Yesterday’s brief Internet outages are traced to a Cloudflare glitch. Facebook and YouTube continue to grapple with content moderation. Mike Benjamin from CenturyLink on Emotet’s C2 behavior. Guest is Avital Grushcovski  from Source Defense on the risk posed by third party web site tools.

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2019/July/CyberWire_2019_07_03.html

Support our show

Jul 03 2019

20mins

Play

Leafminer espionage digs the Middle East. — Research Saturday

Podcast cover
Read more

Researchers at Symantec recently published their findings on an active attack group named Leafminer that's targeting government organizations and businesses in the Middle East region. 

Vikram Thakur is a technical director at Symantec, and he joins us to share what they've found.

The research can be found here: https://www.symantec.com/blogs/threat-intelligence/leafminer-espionage-middle-east

The CyberWire's Research Saturday is presented by the Hewlett Foundation Cyber Initiative.

Thanks to our sponsor Enveil, closing the last gap in data security.

Sep 08 2018

22mins

Play

Ransomware in Ukraine's Energy Ministry. Energetic Bear infrastructure. Anonymous Twitter accounts equal bots? Orangeworm in x-ray, MRI machines. Sanction notes. Election security.

Podcast cover
Read more

In today's podcast, we hear that Ukraine's Energy Ministry is under ransomware attack. Kaspersky finds infrastructure belonging to Energetic Bear. Lots of anonymous Twitter accounts pop up in East Asia. Orangeworm is after something in healthcare networks, but whether it's IP or PII is unclear. Disclosure and patch notes. Kaspersky may be the subject of US sanctions. A hacker in the Yahoo! breach case could get almost eight years. As US midterms approach, thoughts turn to election security. Joe Carrigan from JHU ISI on devices that unlock iPhones. Guest is Jerry Caponera from Nehemiah Security on quantifying cyber risk. 

Apr 24 2018

18mins

Play

Targeting routers to hit gaming servers. — Research Saturday

Podcast cover
Read more

Researchers at Palo Alto Networks' Unit 42 recently published research outlining attacks on home and small-business routers, taking advantage of known vulnerabilities to make the routers parts of botnets, ultimately used to attack gaming servers.

Jen Miller-Osborn is the Deputy Director of Threat Intelligence for Unit 42 at Palo Alto Networks. She joins us to share their findings.

The research can be found here:

https://unit42.paloaltonetworks.com/home-small-office-wireless-routers-exploited-to-attack-gaming-servers/

The CyberWire's Research Saturday is presented by Juniper Networks.

Thanks to our sponsor Enveil, closing the last gap in data security.

Dec 07 2019

16mins

Play

Facebook sues over ad fraud. Tampering with VPN connections. Russian disinformation in Lithuania.

Podcast cover
Read more

Facebook sues a company for ad fraud. Unix-based VPN traffic is vulnerable to tampering. Russian disinformation in Lithuania. Apple explains why new iPhones say they’re using Location Services, even when Location Services are switched off. Researchers set a new record for cracking an encryption key. And ransomware hits a New Jersey theater.  David Dufour from Webroot with a look back at 2019's nastiest cyber threats. Guest is Robert Waitman from Cisco with results from their recent Consumer Privacy Survey.

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2019/December/CyberWire_2019_12_06.html

Support our show

Dec 06 2019

22mins

Play

Data center ransomware. Third-party breach hits telco customers. Buran and Buer on the black market. The Great Canon opens fire. Russia trolls Lithuania. Big bad BEC.

Podcast cover
Read more

Data center operator CyrusOne sustains a ransomware attack. Another third-party breach involves a database inadvertently left exposed on an unprotected server. Buran ransomware finds its place in the black market, as does the new loader Buer. China’s Great Cannon is back and firing DDoS all over Hong Kong. Russian trolls are newly active in Lithuania. And a business email compromise scam fleeces a Chinese venture capital firm of $1 million--enough for a nice seed round. Robert M. Lee from Dragos on the evolution of safety and security in ICS. Guest is Sean O’Brien from @RISK Technologies on how states and cities need to prepare against election-targeted cyber attacks.

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2019/December/CyberWire_2019_12_05.html

Support our show

Dec 05 2019

21mins

Play

Lazarus Group interested in thorium reactors? Disinformation by phishing. ZeroCleare wiper in the wild. NATO addresses cyber conflict. NotPetya litigation. Black market takedown.

Podcast cover
Read more

North Korea’s Lazarus Group may have been looking for Indian reactor design information. A possible case of Russian influence operations, served up by phishing, is under investigation in the UK. The ZeroCleare wiper malware is out and active in the wild. NATO’s summit addresses cyber conflict, and a big NotPetya victim challenges insurers’ contentions that the malware was an act of war. And an international police action takes down a black market spyware souk. Michael Sechrist from Booz Allen Hamilton on security concerns with messaging apps like Slack. Guest is Roger Hale from YL Ventures on the changing role of the CISO when it comes to managing risk.

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2019/December/CyberWire_2019_12_04.html

Support our show

Dec 04 2019

20mins

Play

Secondary Infektion may be back, and interested in UK elections. Quantum Dragon. FaceApp risks. PyXie RAT in the wild. An Ethereum developer is charged with helping North Korea evade sanctions.

Podcast cover
Read more

Someone believes, or would like others to believe, that Britain’s National Health Service is for sale to the US. There’s no word on whether the US has offered the Brooklyn Bridge in exchange. The “Quantum Dragon” study summarizes Chinese efforts to obtain quantum research results from Western institutions. The FBI says FaceApp is a security threat. PyXie, a Python RAT, has been quietly active in the wild since 2018. An Ethereum developer is accused with aiding Pyongyang. Ben Yelin from UMD CHHS on a bipartisan bill requiring a warrant for facial recognition use. Guest is Earl Matthews from Verodin on the importance of collaboration between state governments and technology vendors to ensure election security.

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2019/December/CyberWire_2019_12_03.html

Support our show

Dec 03 2019

20mins

Play

ANSSI considering retaliation for ransomware attack. MixCloud breached. Imminent Monitor shut down.

Podcast cover
Read more

France might go on the offensive against ransomware attackers. The UK’s NCSC has been helping an unnamed nuclear power company recover from a cyberattack. A failed cyberattack targeted the Ohio Secretary of State’s website on Election Day. MixCloud confirms data breach. The Imminent Monitor RAT is shut down by law enforcement. And a cryptocurrency exchange loses nearly fifty-million dollars. Joe Carrigan from JHU ISI on victim blaming.

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2019/December/CyberWire_2019_12_02.html

Support our show

Dec 02 2019

15mins

Play

Caveat 04 — Slowly awakening to the problems we face

Podcast cover
Read more

Ben looks at the cozy relationship between Ring and local law enforcement, Dave shares a story about a DNA tests and search warrants. Our listener on the line wonders about deleted emails. Our guest is Michael Chertoff, former US Secretary of Homeland Security, now head of the Chertoff Group.

Links to stories:

https://gizmodo.com/ring-gave-police-stats-about-users-who-said-no-to-law-e-1837713840

https://www.nytimes.com/2019/11/05/business/dna-database-search-warrant.html

Got a question you'd like us to answer on our show? Send your audio file to caveat@thecyberwire.com or leave a message at (410) 618-3720.

Thanks to our sponsors KnowBe4, who's KCM GRC platform helps you get audits done in half the time, is easy to use, and is surprisingly affordable.

Dec 01 2019

41mins

Play

Special Edition — Peter W. Singer author of LikeWar

Podcast cover
Read more

In this CyberWire special edition, an extended version of our conversation from earlier this year with Peter W. Singer. We spoke not long after the publication of his book, Like War - the Weaponization of Social Media.

Thanks to our special edition sponsors, McAfee.

Nov 30 2019

31mins

Play

Special Edition — John Maeda author of How to Speak Machine

Podcast cover
Read more

In this CyberWire special edition, a conversation with John Maeda. He’s a Graphic designer, visual artist, and computer scientist, and former President of the Rhode Island School of Design and founder of the SIMPLICITY Consortium at the MIT Media Lab. His newly released book is How to Speak Machine - Computational Thinking for the Rest of Us.

Thanks to our special edition sponsors, McAfee.

Nov 29 2019

20mins

Play

Phishing, cryptojacking, and commodity malware. New supply chain security measures. And have you heard about this Black Friday thing?

Podcast cover
Read more

A Fullz House for Thanksgiving. Google finds that nation-state phishing continues at its customary high levels. DeathRansom, the low-end ransomware that didn’t actually encrypt files, has now begun to do so. The Stantinko botnet adds cryptomining functionality. Microsoft reflects on Dexphot, and the sophistication it brings to ordinary malware. Supply chain security rules are coming to the US. A lawsuit in Tel Aviv. And some final notes on Black Friday. Daniel Prince from Lancaster University on business innovation and cyber security. Guest is Francesca Spidalieri from Salve Regina University on the importance of collaboration from all sectors.

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2019/November/CyberWire_2019_11_27.html

Support our show

Nov 27 2019

20mins

Play

Potentially malicious SDKs draw cease-and-desist letters. Nursing homes get ransom demands. A look back at the Sony Pictures hack. CISA offers advice on safe online shopping.

Podcast cover
Read more

Twitter and Facebook warn of potentially malicious software development kits being used by app developers to, potentially, harvest and monetize users’ data. Nursing homes affected by a third-party ransomware incident receive extortion demands that amount to some $14 million. THe Hollywood Reporter retails skeptical musings about the Sony Pictures hack on the fifth anniversary of the North Korean attack. And CISA offers advice for safe holiday shopping. Justin Harvey from Accenture with thoughts on smart cities. Guest is Sam Bakken from OneSpan on mobile app developers protecting against jailbreaking.

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2019/November/CyberWire_2019_11_26.html

Support our show

Nov 26 2019

19mins

Play

Arrest by algorithm. Dangers of data enrichment. Golden Falcon in Kazakhstan. FCC vs. Huawei and ZTE. Internet sovereignty. Chuckling Squad popped for Twitter caper. Other crime and punishment.

Podcast cover
Read more

A defection and a leak expose Chinese espionage and social control operations. Data aggregation and enrichment seem to underlie a big inadvertent data exposure. Something seems to be up in Kazakhstan’s networks. The US FCC takes a swing at Huawei and ZTE. Russia moves closer to its desired Internet sovereignty. A Chuckling Squad member is in custody. A spy goes to prison, cyber hoods do time, and the rats are up to no good in Estonia. That’s the rodents, not the Trojans. Caleb Barlow from Cynergistek with insights gained from a scammer’s call.

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2019/November/CyberWire_2019_11_25.html

Support our show

Nov 25 2019

20mins

Play

Mustang Panda leverages Windows shortcut files. — Research Saturday

Podcast cover
Read more

Researchers at Anomali have been tracking China-based threat group, Mustang Panda, believing them to be responsible for attacks making clever use of Windows shortcut files. 

Parthiban is a researcher at Anomali, and he joins us to share their findings.

The research is here: https://www.anomali.com/blog/china-based-apt-mustang-panda-targets-minority-groups-public-and-private-sector-organizations

The CyberWire's Research Saturday is presented by Juniper Networks.

Thanks to our sponsor Enveil, closing the last gap in data security.

Nov 23 2019

12mins

Play

Sandworm in Google Play. Internet sovereignty. Bogus accounts on LInkedIn. Pupil becomes teacher. Six-year sentence for DDoS. Big bug bounty at Google. Ransomware updates. Pegasus inquest.

Podcast cover
Read more

Google researchers provide a Sandworm update. Internet sovereignty considered: an aid to law enforcement or a means of social control. LinkedIn reports on the 21-million bogus accounts it closed over the past year. Teacher becomes pupil as marketing learns from informaiton operators. Ohio man gets six years in Akron DDoS case. Ransomware case updates. A Parliamentary inquiry in India will look into the deployment of Pegasus against WhatsApp users. Craig Williams from Cisco Talos on the Panda cryptominer. Guest is Keenan Skelly from Circadence on getting the younger generation excited about cyber.

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2019/November/CyberWire_2019_11_22.html

Support our show

Nov 22 2019

25mins

Play

Refined Kitten paws at ICS. Debunking BlueKeep rumors. FBI warns Detroit of cyber threats. The UN’s long deliberation over cybercrime. Cryptowars. 5G security and a 5G czar. Ransomware updates.

Podcast cover
Read more

Refined Kitten seems to be up to something, perhaps in the control system world. Microsoft debunks claims about Teams, BlueKeep, and Doppelpaymer ransomware. The FBI warns the auto industry that it’s attracting attackers’ attention. A new attack technique, RIPlace, is described. Phineas Fisher’s bouty, considered. The UN, the AG, and the course of the cryptowars. Does America need a 5G czar? And ransomware from Baton Rouge to Rouen. Michael Sechrist from BAH on third party malware risks. Guest is Bill Connor from SonicWall with results from their Q3 Threat Data Report.

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2019/November/CyberWire_2019_11_21.html

Support our show

Nov 21 2019

20mins

Play

Louisiana works to recover from Monday’s ransomware attack. Gekko Group sustains a massive data exposure. US student charged with coding for ISIS.

Podcast cover
Read more

Louisiana works to recover from Monday’s ransomware attack. The HydSeven criminal group is delivering Trojans via spearphishing. A hotel reservation company sustained a massive data exposure. India’s government says it’s legally permitted to surveil citizens’ devices when it’s deemed necessary. Google, Facebook, Apple, and Amazon answer questions for Congress’s antitrust inquiry. A Chicago student is charged with coding for ISIS. And the National Security Agency offers advice for implementing TLSI. David Dufour from Webroot with findings from their midyear threat report . Guest is Bill Harrod from MobileIron on biometric data in the federal space.

Nov 20 2019

18mins

Play

Ransomware recovery in Louisiana. DPRK phishing for aerospace jobseekers? Cybercrime campaigns. Notes on current legal matters.

Podcast cover
Read more

Louisiana recovers from a ransomware attack against state servers. North Korea appears to still be interested in Indian industry--this time it’s people looking for jobs at Hindustan Aeronautics. Compromised CMS distributing info-stealing Trojans. HydSeven mounts a cross-platform spearphishing campaign. Macy’s and Magecart. Thoughts on supply chain security and cyber deterrence. And some legal updates, including some alleged academic money laundering.  Ben Yelin from UMD CHHS on your rights to images you post of yourself online. Guest is Tom Miller from ClearForce on continuous discovery of insider threats.

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2019/November/CyberWire_2019_11_19.html

Support our show

Nov 19 2019

20mins

Play

Disney+ credentials hacked. Kudankulam reassurance. Chinese, Iranian documents leak. Iran and Venezuela restrict Internet access. Russia proposes Internet control treaty. Hacktivist notes.

Podcast cover
Read more

Disney+ credentials already on sale in the black market souks. India reassures nuclear power partners that the Kudankulam incident didn’t compromise safety. Documents pertaining to Chinese and Iranian security operations leak. Internet restrictions go into force in Iran and Venezuela. Russia offers an Internet control treaty at the UN. The Lizard Squad might be back, and Phineas Fisher has also resurfaced. And happy birthday, CISA. Joe Carrigan from JHU ISI on the NICE conference.

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2019/November/CyberWire_2019_11_18.html

Support our show

Nov 18 2019

15mins

Play

Sodinokibi aka REvil connections to GandCrab — Research Saturday

Podcast cover
Read more

Researchers at McAfee's Advanced Threat Research Team have been analyzing Sodinokibi ransomware as a service, also known as REvil. John Fokker is head of cyber investigations for McAfee Advanced Threat Research, and he joins us to share their findings.

The research is here:

https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/mcafee-atr-analyzes-sodinokibi-aka-revil-ransomware-as-a-service-what-the-code-tells-us/

The CyberWire's Research Saturday is presented by Juniper Networks.

Thanks to our sponsor Enveil, closing the last gap in data security.

Nov 16 2019

17mins

Play

Pemex ransomware update. Spearphishing with spoofed government phishbait. Trojan two-fer. AntiFrigus ransomware avoids C-drive files. BLE bug. DataTribe’s annual Challenge.

Podcast cover
Read more

Pemex has recovered from the ransomware attack it sustained...or has it? TA2101 is spoofing German, Italian, and US government agencies in its phishing emails. A dropper in the wild is delivering a Trojan two-fer. AntiFrigus ransomware is avoiding C-drives for some reason. Ohio State researchers find a Bluetooth vulnerability. And the results of the annual DataTribe Challenge are in--we heard the three finalists pitch yesterday, and the judges have a winner. Robert M. Lee from Dragos on purple-teaming ICS networks. Guest is David Spark from the CISO/Security Vendor Relationship Podcast on marketing to CISOs.

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2019/November/CyberWire_2019_11_15.html

Support our show

Nov 15 2019

26mins

Play