The CyberWire Daily-logo

The CyberWire Daily

Technology Podcasts

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

Location:

MD

Description:

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

Language:

English

Contact:

443-884-6868


Episodes

SUPERNOVA activity and its possible connection to SPIRAL threat group. [Research Saturday]

5/8/2021
Guest Mike McLellan from Secureworks joins us to share his team's insights about SUPERNOVA and threat group attribution. Similarities between the SUPERNOVA activity and a previous compromise of the network suggest that SPIRAL was responsible for both intrusions and reveal information about the threat group. In late 2020, Secureworks® Counter Threat Unit™ (CTU) researchers observed a threat actor exploiting an internet-facing SolarWinds server to deploy the SUPERNOVA web shell. Additional...

Duration:00:18:01

CISA on FiveHands. Connections among cybergangs, Russian intelligence services? Software supply chain security. Scripps Health incident update. Home routers. Ryuk hits research institute.

5/7/2021
CISA outlines the FiveHands ransomware campaign. Circumstantial evidence suggests that some cybergangs are either controlled by or are doing contract work for Russian intelligence services. US Federal agencies turn their attention to software supply chain security. Scripps Health continues its recovery from cyberattack. Insecure home routers in the UK. Daniel Prince from Lancaster University has thoughts on cybersecurity education. Our guest Rupesh Chokshi from AT&T has suggestions for...

Duration:00:26:37

Some possible insight into what a Chinese cyberespionage unit is up to. Hackathons, from Beijing to Washington. Panda Stealer is after crypto wallets. And Peloton deals with a leaky API.

5/6/2021
Some possible insight into what a Chinese cyberespionage unit is up to. Hackathons, from Beijing to Washington (the one sponsored by Beijing developed an iPhone zero-day used against China’s Uyghurs). Panda Stealer is after crypto wallets. Microsoft's Kevin Magee reflects on lessons learned in the last year. Our own Rick Howard speaks with Todd Neilson from World Wide Technology on Zero Trust. And Peloton deals with a leaky API. For links to all of today's stories check out our CyberWire...

Duration:00:22:50

DDoS interrupts Belgium’s parliament. New malware in the wild. Spies and crooks work around MFA, OAuth. COVID-19 scam site takedown. Online election fraud (in a homecoming queen election).

5/5/2021
Belgium sustains a DDoS attack that knocks parliamentary sessions offline. New malware strains identified in phishing campaign. Threat actors look for ways of working around multi-factor authentication and open authentication. COVID-19 scams continue online, and attract law enforcement attention. Joe Carrigan describes a compromised password manager. Our guests are Linda Gray Martin & Britta Glade from RSA with a preview of this year’s RSAC conference. And how secure was your high school’s...

Duration:00:27:14

VPN vulnerability exploited for cyberespionage closed. “IT security incident” at medical system. Android banking Trojans and cryptocurrency. Cyber threats to the Tokyo Olympics.

5/4/2021
Pulse Secure patches its VPN, and CISA for one thinks you ought to apply those fixes. Apple has also patched two zero-days in its Webkit engine. Scripps Health recovers from what’s said to be a ransomware attack. Researchers describe Genesis, a criminal market for digital fingerprints. Ben Yelin described a grand jury subpoena for Signal user data. Our guest is Ryan Weeks from Datto on the need for cyber resilience in the MSP community. And Japan works on cybersecurity for this summer’s...

Duration:00:23:58

Data exposure reported in the Philippines. FISA targets down during the pandemic. Babuk changes its focus. New variant of the Buer loader in the wild. US Justice Department reviews its cyber strategy.

5/3/2021
Possible data exposure at the Philippines’ Office of the Solicitor General. In the US, FISA surveillance targets dropped during 2020’s pandemic. The Babuk gang says it’s giving up encryption to concentrate on doxing. A new version of the Buer loader is out in the wild. Rick Howard looks at security in the energy sector. Betsy Carmelite from Booz Allen Hamilton on telemedicine security concerns. The US Justice Department undertakes a review of its cybersecurity policies and strategy. For...

Duration:00:25:19

Jim Zufoletti: Building your experience portfolio. [Entrepreneur] [Career Notes]

5/2/2021
CEO and co-founder of SafeGuard Cyber Jim Zufoletti shares his journey starting out as an intrepreneur and transformation into a serial entrepreneur in cybersecurity. Jim shares how he got his feet wet working for others as an intrepreneur and catching the entrepreneurial bug in the mid-90s. He has co-founded a number of companies starting with FreeMarkets, a B2B ecommerce company. After that went public and Jim moved on, he went to business school at the University of Virginia and crossed...

Duration:00:07:04

A snapshot of the ransomware threat landscape. [Research Saturday}

5/1/2021
Guest Jen Miller-Osborn from Palo Alto Networks' Unit 42 joins Dave to discuss their 2021 Unit 42 Ransomware Threat Report, which highlights a surge in ransomware demands based on a global analysis of the threat landscape in 2020. To evaluate the current state of the ransomware threat landscape, the Unit 42 threat intelligence team and the Crypsis incident response team collaborated to analyze the ransomware threat landscape in 2020, with global data from Unit 42 as well as US, Canada, and...

Duration:00:21:31

Investigating VPN exploits, and the crooks and spies who use them. BadAlloc afflicts OT. Notes on cyberespionage. The criminal market for deepfakes.

4/30/2021
The US Government expands its investigation into Pulse Secure VPN compromises. Microsoft discloses its discovery of BadAlloc IoT and OT vulnerabilities. Someone’s distributing Purple Lambert spyware. Chinese intelligence services seem to be backdooring the Russian defense sector. Financially motivated criminals are exploiting SonicWall VPN vulnerabilities. A look at the emerging criminal market for deepfakes. Josh Ray from Accenture Security on Why Cybersecurity Community Service Matters....

Duration:00:23:55

Buggy APIs may expose credit scores. Dealing with ransomware. Iran-Israeli tensions are up. Russia says it will always see the Americans coming. Surge cyber capacity. NSA’s advice on OT security.

4/29/2021
An API bug may have exposed credit ratings. A study offers advice for the new anti-ransomware task forces emerging in the US and elsewhere. Israelis warned to keep their cyber-guard up on Quds Day next week. Russia says it would spot any US cyberattack before it hit. The US Congress considers establishing surge cyber response capacity. Dinah Davis from Arctic Wolf has tips on preventing RDP attacks. Rick Howard speaks with Rehan Jalil from Securiti on GDPR. NSA offers advice for security OT...

Duration:00:23:49

More intelligence on Ghostwriter, and a convergence of hacking and influence operations. Naikon APT has a new backdoor. FluBot returns. MAPP reconsidered. Defense counsel on Cellebrite.

4/28/2021
Ghostwriter is back, and has moved its “chaos troops” against fresh targets in Poland and Germany. The Naikon APT has a new secondary backdoor. FluBot, temporarily inhibited by police raids, is back, and expanding its infection of Android devices across Europe. Microsoft is rethinking how much, and with whom, it wants to share vulnerability information. Joe Carrigan examines a phone scam targeting Amazon Prime customers. Our guest is Tzury Bar Yochay of Reblaze on open-source software and...

Duration:00:23:07

The FBI and CISA take a look at the SVR, and offer advice for potential targets. Openness and information warfare. OPSEC and privacy. Babuk hits DC police. Social engineering notes.

4/27/2021
FBI, CISA, detail SVR cyber activities. Nine US Combatant Commands see declassification as an important tool in information warfare. A convergence of OPSEC and privacy? Apple fixes a significant Gatekeeper bypass flaw. Babuk ransomware hits DC police. A new twist in credential harvesting. Ben Yelin considers the FTCs stance on racially biased algorithms. Our guest Tony Howlett from SecureLink tracks the evolution of threat hunting. And that was no hack; it was just a careless tweet. For...

Duration:00:22:45

Prankers on Zoom, with convincing video. Emotet takedown. US response to SolarWinds reviewed. Cancer therapy disrupted by attack on cloud provider. Oscar phishing.

4/26/2021
Zoom prankers deceive European members of parliament with a deepfake video call. A password manager is compromised. Europol took a good whack at Emotet yesterday, removing the botnet’s malware from infected machines. US response to the Holiday Bear campaign receives cautious good reviews. A cyberattack interferes with cancer treatments. Caleb Barlow from CynergisTek on emergency notification systems. Rick Howard previews the latest CSO Perspectives podcast focused on the healthcare vertical....

Duration:00:23:14

Channeling the data avalanche. [CyberWire-X]

4/25/2021
Proliferation of data continues to outstrip our ability to manage and secure data. The gap is growing and alarming,especially given the explosion of non-traditional smart devices generating, storing, and sharing information. As edge computing grows, more devices are generating and transmitting data than there are human beings walking the planet. High-speed generation of data is here to stay. Are we equipped as people, as organizations, and as a global community to handle all this...

Duration:00:34:08

Marcelle Lee: Cyber sleuth detecting emerging threats. [Research] [Career Notes]

4/25/2021
Senior security researcher from Secureworks Marcelle Lee shares her career journey into cybersecurity and how she helps solve hard problems in her daily work. Marcelle came into cybersecurity not through any traditional path. She describes her route from a different field and starting in cyber at her local community college through a grant program. Marcelle took full advantage of the opportunities she had and grew her career from there. She recommends finding your specialty, but continue to...

Duration:00:07:08

Bulletproof hosting (BPH) and how it powers cybercrime. [Research Saturday]

4/24/2021
Guest Jason Passwaters of Intel 471 joins us to discuss his team's research into bulletproof hosting (BPH). The research team at Intel 471 defined what a typical BPH service offers and how these services can be stopped in order to limit the damage they have on enterprises, businesses and digital society itself. They examined some popular malware families that actors host or leverage via BPH services. While much more goes into a cybercriminal’s full operation, it would be vastly more...

Duration:00:15:25

Three ransomware gangs up their game. The US Postal Inspection Service’s “Internet Covert Operations Program.” GCHQ warns of dependence on Chinese tech. Undersea cable security.

4/23/2021
Ransomware operators begin timing their releases for more reputational damage. Another gang is equipping its ransomware with scripts to disable defenses, and yet another is now into stock shorting. The US Postal Inspection Service is apparently monitoring social media. GCHQ’s head warns of the dangers of becoming dependent on China’s technology. Johannes Ullrich from SANS on Commodity Malware Targeting Enterprises. Our guest is Etay Maor from Cato with some of the clever ways criminals avoid...

Duration:00:24:49

VPN users remediate systems. New Supernova infection. Cryptojacking botnet afflicts vulnerable Exchange Servers. Facebook takes down spyware groups. Ransomware. Cellebrite bug found.

4/22/2021
Agencies continue to respond to the Pulse Secure VPN vulnerabilities. Updates on the SolarWinds compromise show that it remains a threat, and that it was designed to escape detection and, especially, attribution. A cryptojacking botnet is exploiting vulnerable Microsoft Exchange Server instances. Facebook takes down two Palestinian groups distributing spyware. Ransomware draws more attention. Craig Williams from Cisco Talos looks at cheating the cheater. Our guest is Bruno Kurtic from Sumo...

Duration:00:25:26

SonicWall, Pulse Secure products under exploitation (mitigations are available). Power grid security. Cyber conflict in the Near Abroad. ISIS worries about Bitcoin. Bad passwords.

4/21/2021
SonicWall zero-days are under active exploitation; mitigations are available. Pulse Secure VPN is also undergoing exploitation, probably by China, and mitigations are available here, too. The US begins work on shoring up power grid cybersecurity. Cyber ops rise with Russo-Ukrainian tension. The help desk at ISIS tells jihadists to stay away from Bitcoin. Joe Carrigan looks at cryptocurrency anonymity. Our guest is Bert Kashyap from SecureW2 on what needs to be done before devices used for...

Duration:00:22:40

Codecov supply chain attack update. Babuk’s victim service. Catphishing in LinkedIn. Sanctioned company responds. SolarWinds, Exchange compromise TFs stand down. 5 Eyes notes. IoT risk.

4/20/2021
Update on the Codecov supply chain attack. The Babuk gang says they’ve debugged their decryptor. MI5 warns of “industrial scale” catphishing in LinkedIn. Positive Technologies responds to US sanctions. The US stands down the two Unified Coordination Groups it established to deal with the SolarWinds and Exchange Server compromises. Are all Five Eyes seeing eye-to-eye on China? Ben Yelin explains the legal side of the FBI removing webshells following the Microsoft Exchange Server hack. Our...

Duration:00:24:48