The CyberWire | Listen Free on Castbox.

1088 Episodes

Reverse

Notes from the CISA Summit. New DDoS vector reported. Medical images exposed online. Huawei and US sanctions. Engaging ISIS in cyberspace.

2019-09-1900:18:31

A quick look at CISA’s National Cybersecurity Summit. A big new distributed denial-of-service vector is reported. Medical servers leave patient information exposed to the public Internet. Huawei is suspended from the FIRST group as it argues its case in a US Federal court. And one of the challenges of engaging ISIS online is that it relies so heavily on commercial infrastructure--it’s got to be targeted carefully. Ben Yelin from UMD CHHS on a case of compelled encryption which may be heading to the supreme court. Guest is David Talaga from Talend on how privacy fines have informed customers’ approach to planning around data security compliance. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/September/CyberWire_2019_09_19.html Support our show

Tortoiseshell threat-actor active in the Middle East. Simjacker less dangerous than thought? Decentralizing cyber attack. The Ortis affair. Mr. Snowden’s book deal.

2019-09-1800:19:47

A newly discovered threat actor, “Tortoiseshell,” has been active against targets in the Middle East. The Simjacker vulnerability may not be as widely exploitable as early reports led many to believe. The US Army seems committed to decentralizing cyber operations along long-familiar artillery lines. Joint Task Force Ares continues to keep an eye on ISIS. Canada seeks to reassure allies over the Orts affair. And the Justice Department wants any royalties Mr. Snowden’s book might earn. Daniel Prince from Lancaster University on cyber security as a force multiplier. Guest is Brian Roddy from Cisco on securing the multi-cloud. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/September/CyberWire_2019_09_18.html Support our show

More updates on the Royal Canadian Mounted Police counterintelligence case. Australian elections and China’s interests. ISIS howls to the lone wolves. Ed Snowden would prefer Paris to Moscow.

2019-09-1700:20:15

More notes on the RCMP espionage scandal. The CSE’s preliminary assessment sounds serious indeed, and Canadian intelligence services are trying to identify and contain the damage Cameron Ortis is alleged to have done. And the other Four Eyes are doing so as well. Australia considered that a hacking incident early this spring may have been a Chinese effort to compromise election systems. ISIS is back online. And Mr. Snowden wouldn’t mind asylum in France. David Dufour from Webroot with thoughts on backups. Carole Theriault interviews ethical hacker Zoe Rose, who shares insights on entering the industry. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/September/CyberWire_2019_09_17.html Support our show

Espionage and counter-espionage in at least three of the FIve Eyes. New sanctions against North Korea. Password managers and flashlights.

2019-09-1600:17:19

Spy versus spy, in America, Canada, and Australia, with special guest stars from the Russian and Chinese services. The US Treasury Department issues more sanctions against North Korea’s Reconnaissance General Bureau, better known as the Lazarus Group or Hidden Cobra. Russian election influence goes local (and domestic). Password manager security problems. And why does your flashlight want to know so much about you? Justin Harvey from Accenture with insights on HTTPS and phishing.

Bluetooth blues: KNOB attack explained. — Research Saturday

2019-09-1400:17:00

A team of researchers have published a report titled, "KNOB Attack. Key Negotiation of Bluetooth Attack: Breaking Bluetooth Security." The report outlines vulnerabilities in the Bluetooth standard, along with mitigations to prevent them. Daniele Antonioli is from Singapore University of Technology and Design, and is one of the researchers studying KNOB. He joins us to share their findings. The research can be found here: https://knobattack.com The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

CRASHOVERRIDE tried to be worse than it was. InnfiRAT scouts for wallets. Simjacker exploited in the Middle East. SINET 16 are out. Pentesting scope. Back up your files, Mayor.

2019-09-1300:25:25

The Ukrainian electrical grid hack seems, on further review, to have been designed to do far more damage than it actually accomplished. InnfiRAT is scouting for access to cryptocurrency wallets. A sophisticated threat actor is using Simjacker for surveillance on phones in the Middle East. The SINET 16 have been announced. A penetration test goes bad due to a misunderstanding of scope, and Baltimore decides, hey, it might be a good idea to back up files. Johannes Ullrich from the SANS Technology Institute on web spam systems. Guest is Rosa Smothers from KnowBe4 discussing her career journey and the importance of diversity in tech. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/September/CyberWire_2019_09_13.html Support our show

The StingRays that were n DC. Old-school file formats and attack code. Ransomware becomes spyware. Joker apps ejected from the Play store. Multifaceted deterrence. Advice on BEC.

2019-09-1200:19:171

DC StingRays alleged to be Israeli devices. North Korea is slipping malware past defenses by putting it into old, obscure file formats. Ryuk ransomware gets some spyware functionality. Google has purged Joker-infested apps from the Play store. The US Defense Department explains its “multifaceted” approach to cyber deterrence. The FBI warns that business email compromise is on the upswing, and offers some advice on staying safe. Awais Rashid from Bristol University with warnings on accepting default settings on mobile devices. Guest is Bill Conner from SonicWall on side channel attacks. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/September/CyberWire_2019_09_12.html Support our show

Cobalt Dickens, coming to a university library near you. UNICEF data exposure. Election security notes. Operation reWired arrests 281 alleged BEC scammers.

2019-09-1100:20:551

Cobalt Dickens is back, and phishing in universities’ ponds. UNICEF scores a security own-goal. Patch Tuesday notes. A look at US election security offers bad news, but with some hope for improvement. The US extends its state of national emergency with respect to foreign meddling in elections. And an international police sweep draws in 281 alleged BEC scammers. Ben Yelin from UMD CHHS on the privacy implications of geofencing. Guest is Drew Kilbourne from Synopsys with result of their report, The State of Software Security in the Financial Services Industry. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/September/CyberWire_2019_09_11.html Support our show

US National Security Advisor to be replaced. Stealth Falcon’s new backdoor. DDoS, social engineering investigations proceed. Exfiltrating an agent. Patch Tuesday notes.

2019-09-1000:20:46

John Bolton is out as US National Security Advisor. A new backdoor is attributed to Stealth Falcon. Wikipedia’s DDoS attack remains under investigation. So does a business email compromise at Toyota Boshoku and a raid on the Oklahoma Law Enforcement Retirement Services. Vulnerable web radios get patches. The US is said to have exfiltrated a HUMINT asset from Russia in 2017. Microsoft patches 79 vulnerabilities, 17 of them rated critical. Michael Sechrist from Booz Allen Hamilton on the spillover of geopolitical issues into cyber security. Guest is Ashish Gupta from Bugcrowd on the economics of hacking and the adoption of ethical hacking. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/September/CyberWire_2019_09_010.html Support our show

BEC attack pulls millions from car parts company. Wikipedia DDoS. NERC and FERC on grid hacking. Trolling Pyongyang. Mike Hammer goes to the DMV.

2019-09-0900:15:56

A big BEC extracts more than $37 million from a major automotive parts supplier. Wikipedia suffers a DDoS attack in Europe and the Middle East. NERC and FERC get to work. Thrip may really be Billbug, and that’s attribution, not etymology. Was US Cyber Command trolling North Korea on the DPRK’s national day? And what does the Department of Motor Vehicles do with all the data they collect on drivers? In some US states, it seems, they sell it to private eyes. Joe Carrigan from JHU ISI on a GMail update for iOS which enables the blocking of tracking pixels. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/September/CyberWire_2019_09_09.html Support our show