DiscoverThe CyberWire
The CyberWire

The CyberWire

Author: The CyberWire

Subscribed: 19,029Played: 383,865
Share

Description

More signal, less noise—we distill the day’s critical cyber security news into a concise daily briefing.
1200 Episodes
Reverse
Someone has been running a DNS hijacking campaign against governments in southeast Europe and southwest Asia, and Reuters thinks that someone looks like Turkey. Experts would like to see a more thorough forensic analysis of Mr. Bezos’ iPhone: that hack may look like a Saudi job, but the evidence remains circumstantial. Interpol’s Operation Night Fury dismantles a gang that had been preying on e-commerce. And ave atque vale, Clayton Christensen, theorist of disruptive innovation. Robert M. Lee from Dragos with 2020 predictions (reluctantly). For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_27.html Support our show  
In this special edition, our extended conversation with Hank Thomas and Mike Doniger from their new company SCVX. Both experienced investors, their plan is to bring a new funding mechanism known as a SPAC to cyber security which, they say, is new to the space.  Thanks to our sponsor, The Johns Hopkins University Information Security Institute. 
The electric utility industry is a valuable target for adversaries seeking to exploit industrial control systems (ICS) and operations technology (OT) for a variety of purposes. As adversaries and their sponsors invest more effort and money into obtaining effects-focused capabilities, the risk of a disruptive or destructive attack on the electric sector significantly increases. Selena Larson from Dragos joins us to discuss their new report North American Electric Cyber Threat Perspective. The report can be found here: North American Electric Cyber Threat Perspective The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.
PupyRAT was found in a European energy organization: it may be associated with Iranian threat actors. Another threat actor, the Konni Group, was active against a US government agency last year. Saudi Arabia maintains it had nothing to do with hacking Jeff Bezos’s phone. The EU and Ukraine separately consider anti-disinformation regulations. Canada may be ready to “impose costs” in cyberspace. And Huawei’s a threat, but what’re you gonna do? Justin Harvey from Accenture with an outlook on 2020. Guests are Hank Thomas and Mike Doniger from SCVX, describing their plan to bring a funding mechanism know as a SPAC to cyber security. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_24.html Support our show
There’s more phishing around the Arabian Gulf, but it doesn’t look local. Reactions to Brazil’s indictment of Glenn Greenwald. The forensic report on Jeff Bezos’s smartphone has emerged, and the UN wants some investigating. Microsoft discloses an exposed database, now secured. Ransomware gets even leakier--if it hits you, assume a data breach. And Windows 7 is going to enjoy an afterlife in software Valhalla--you know, around Berlin. Tom Etheridge from CrowdStrike with thoughts on incident response plans. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_23.html Support our show
UN rapporteurs say that the Saudi Crown Prince was probably involved in the installation of spyware on Amazon founder Jeff Bezos’s personal phone. Brazilian prosecutors have indicted Glenn Greenwald, co-founder of the Intercept, on hacking charges. IBM describes a renewed NetWire campaign, and Microsoft says StarsLord is back, too. And in cyberspace, there’s nothing new on the US-Iranian front. Ben Yelin from UMD CHHS on surveillance cameras hidden in gravestones. Guest is Sean Frazier from Cisco Duo on their most recent State of the Auth report.  For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_22.html Support our show
A new RAT goes after Arabic-speaking targets. Updates on US-Iranian tension in cyberspace. An Internet Explorer bug is being exploited in the wild; a patch will arrive in February. A pseudo-vigilante seems to be preparing Citrix devices for future exploitation. Mitsubishi Electric discloses a breach. A booter service dumps half a million Telnet credentials online. And tomorrow is the last day to file a claim under the Equifax breach settlement. Joe Carrigan from JHU ISI with the story of a random encounter that set him on his professional path. Carole Theriault speaks with Jon Fielding from Apricorn on whether or not anything has really changed with GDPR, 18 months into it. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_21.html Support our show
Some of our favorite and most trusted IoT devices help make us feel secure in our homes. From garage door openers to the locks on our front doors, we trust these devices to recognize and alert us when people are entering our home. It should come as no surprise that these too are subject to attack.  Steve Povolny is head of advanced research at McAfee; we discuss a pair of research projects they recently published involving popular IoT devices.  The research can be found here: McAfee Advanced Threat Research demo McLear NFC Ring McAfee Advanced Threat Research Demo Chamberlain MyQ The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.
Hacks and rumors of hacks surrounding US-Iranian tension. Ukrainian authorities are looking into the Burisma hack, and they’d like FBI assistance. The FBI quietly warns that two US cities were hacked by a foreign service. The New York Fed has thoughts on how a cyberattack could cascade into a run on banks. Arrests and a site takedown in the WeLeakInfo case. And a quick look at the chum being dangled in front of prospective phishing victims these days. Emily Wilson from Terbium Labs on synthetic identity detection. Guest is Eric Haseltine, author of The Spy in Moscow Station. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_17.html Support our show
Proof-of-concept exploits for the CryptoAPI vulnerability Microsoft patched this week have been released. CISA warns the chemical industry to look to its security during this period of what the agency calls “heightened geopolitical tension.” Families of deployed US soldiers receive threats via social media. Someone’s been phishing in Turtle Bay. More fleeceware turns up in the Play Store. And Moscow heaps scorn on anyone who thinks they hacked Burisma. Craig Williams from Cisco Talos on how adversaries take advantage of politics. Guest is Ron Hayman from AVANT on how companies might leverage Trusted Advisors to proactively prepare their security response. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_16.html Support our show
NSA gives Microsoft a heads-up about a Windows vulnerability, and CISA is right behind them with instructions for Federal civilian agencies and advice for everyone else. Norway’s Consumer Council finds that dating apps are “out of control” with the way they share data. Ransomware goes all-in for doxing. The US pushes the UK on Huawei as Washington prepares further restrictions on the Chinese companies. And think twice before you book that alt-coin conference in Pyongyang. Johannes Ullrich from SANS Technology on malicious AutoCAD files. Guest is Chris Duvall from Chertoff Group with an overview of the current state of ransomware.  For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_15.html Support our show
NSA discloses a vulnerability to Microsoft so it can be patched quickly. Intrusion Truth describes thirteen front companies for China’s APT40--they’re interested in offensive cyber capabilities. Area 1 reports that Russia’s GRU conducted a focused phishing campaign against Urkraine’s Burisma Group, the energy company that figured prominently in the House’s resolution to impeach US President Trump. And the US Justice Department moves for access to encrypted communications. Joe Carrigan from JHU ISI on the security issues of Android bloatware. Guest is Haiyan Song from Splunk with 2020 predictions. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_14.html Support our show
The FBI reiterates prudent, consensus warnings about a heightened probability of cyberattacks from Iran, but so far nothing beyond credential-spraying battlespace preparation has come to notice. The US Congress mulls the definition of “act of war” in cyberspace. Taiwan’s president is re-elected amid signs that Chinese influence operations backfired on Beijing. The Maze gang doxes a victim. SIM swapping enters a new phase. And the FBI promises the FISA Court it will do better. Ben Yelin from UMD CHHS on a Washington Post story about college campuses gathering location data on their students. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_13.html Support our show
Multiple e-commerce and financial organizations around the world are targeted by cybercriminals attempting to bypass or disable their security mechanisms, in some cases by using tools that imitate the activities of legitimate users. Linken Sphere, an anti-detection browser, is one of the most popular tools of this kind at the moment. Staffan Truvé is the CTO and Co-Founder of Recorded Future, he joins us to discuss their new report on the browser.  The research can be found here: Profiling the Linken Sphere Anti-Detection Browser The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.
Amid indications that both Iran and the US would prefer to back away from open war, concerns about Iranian power grid battlespace preparation remain high. Recent website defacements, however, increasingly look more like the work of young hacktivists than a campaign run by Tehran. Phones delivered under the FCC’s Lifeliine Assistance program may come with malware preinstalled. And we’ll take Cybersecurity for six hundred, Alex. Tom Etheridge from Crowdstrike on having a board of directors’ playbook. Guest is Curtis Simpson from Armis on CISO burnout. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_10.html Support our show
As kinetic combat abates in Iraq, warnings of cyber threats increase. US intelligence agencies warn of heightened likelihood of Iranian cyber operations. These may be more serious than the low-grade website defacements and Twitter impersonations so far observed. One operation, “Dustman” has hit Bahrain, and it looks like an Iranian wiper. And some notes on the Lazarus Group, and a quick look at information ops across the Taiwan Strait. Emily Wilson from Terbium Labs with details from their recent report, “How Fraud Stole Christmas.” Guest is Karl Sigler from Trustwave in the risks of using Windows 7. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_09.html Support our show
Iran took some missile shots at two US air bases in Iraq last night, and President Trump barked back in a late morning press conference, but actually both sides seem inclined to move toward de-escalation. No major Iranian cyberattacks have developed, despite some low-grade skid vandalism of indifferently defended sites, but CISA’s warnings seem generally to be taken seriously. And the Cyber Solarium gave a preview of its recommendations for a US national cyber strategy. Caleb Barlow from CynergisTek with insights on potential cyber attacks from Iran. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_08.html Support our show
The kittens haven’t scratched much so far, but the US Government and others are warning organizations to be alert to the likelihood of Iranian cyberattacks in retaliation for the combat death, by US missile, of Quds Force commander Soleimani. Fancy Bear is the usual suspect in the case of the Austrian Foreign Ministry hack. Patch your Pulse Secure VPN servers if you’ve got ‘em. ToTok is back in the Play Store. And there’s an executive who turned out to be an insider threat. Robert M. Lee from Dragos with a look back at 2019 ICS security issues. Guest is Tom Tovar from AppDome on mobile API security.  For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_08.html Support our show
Iran vows retribution for the US drone strike that killed the commander of the Quds Force. The US prepares for Iranian action, and the Department of Homeland Security warns that cyberattacks are particularly likely. Some low-grade Iranian cyber operations may have already taken place. Austria’s Foreign Ministry sustains an apparent state-directed cyber espionage attack, and in the UK authorities are taking a second look at the August outages at the London Stock Exchange. Joe Carrigan from JHU ISI, describing a clever defense against laptop theft.  For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_06.html Support our show
The US and Iran trade fire in Iraq, and a leading Iranian general is killed in a US airstrike. A corresponding escalation of cyber operations can be expected. Currency exchange Travelex continues to operate manually as it works to recover from what it calls “a software virus.” There’s speculation that the RavnAir incident may have been a ransomware attack. And Taiwan adopts an active policy against Chinese attempts to influence its elections. Johannes Ullrich from the SANS Technology Center on vulnerabilities in Citrix NetScaler installations. Guest is Derek Manky from Fortinet on what to expect in AI for 2020.  For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_03.html Support our show
loading
Comments (13)

elrey741

12:07: make sure you are updated to chrome 77

Nov 14th
Reply

Jef Cesar

Ahahaa! Verry well tought off!

Nov 4th
Reply

Міла Тарнопольська

it made my morning! 😊

Nov 4th
Reply (1)

Michael Ford

I have been bingeing this podcast and recommending this to everyone. especially the non tech folks since they are more target prone.

Oct 25th
Reply

s smith

I couldn't help notice how pro-israel the host is over the last few shows

May 16th
Reply

Raju Ghorai

good

Dec 17th
Reply

Tim Debisz

;D <3

Oct 31st
Reply

Argha Bhattacharya

Awesome episode. Ryan Olson spoke so well. Made things simple to understand even for someone who is new to "cryptojacking"

Oct 6th
Reply

Glen Nile

Awesome book list! I'm set for the summer.

Jun 15th
Reply (1)

Jim Maahs

Svc Now survey and discussion about patching, super interesting and informative. Thanks.

May 3rd
Reply

Nathan Katzenstein

excellent podcast. thorough in it's presentation, wide in covered topics and humorous to top it off. A must for Cyber security junkies.

Mar 27th
Reply
loading
Download from Google Play
Download from App Store