The CyberWire Daily-logo

The CyberWire Daily

Technology Podcasts

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

Location:

MD

Description:

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

Language:

English

Contact:

443-884-6868


Episodes

Ingrid Toppelberg: Knowing how to take risks will pay off. [Cybersecurity education] [Career Notes]

7/25/2021
Chief Product Officer at Cybint Solutions, Ingrid Toppelberg, shares her journey from consulting to bootcamp coach and cybersecurity education. As a young girl, Ingrid wanted to do everything from being a teacher to the head of the World Bank. After consulting for several years, Ingrid found cybersecurity. What she found fascinating about the cyber world is how important it is for absolutely everyone at all levels to know about cybersecurity. Ingrid also develops and conducts bootcamps to...

Duration:00:07:06

Is enhanced hardware security the answer to ransomware? [CyberWire-X]

7/25/2021
With the recent onslaught of ransomware attacks across healthcare institutions, critical infrastructure, and the public sector, it's clear that ransomware isn’t going anywhere. But given how common ransomware attacks have become, how is it that we've been unable to put a stop to them? Companies often overlook the role that hardware security plays in meeting this challenge, and that oversight has become a bad actor's dream. Michael Nordquist speaks about the recent surge in ransomware...

Duration:00:31:44

Free malware with cracked software. [Research Saturday]

7/24/2021
Guest Christopher Budd, Senior Global Threat Communications Manager at Avast, joins Dave to talk about some research his team did when they looked into a Reddit report saying their Avast folder was empty and other reports like it. The team found a new malware they’re calling “Crackonosh” in part because of some possible indications that the malware author may be Czech. Crackonosh is distributed along with illegal, cracked copies of popular software and searches for and disables many popular...

Duration:00:14:04

Cyber threats to, and around, the Olympic Games. Kaseya got a decryptor, from somewhere…. NSO says it’s not responsible for Pegasus misuse. US cyber policy toward China. Fraud Family busted.

7/23/2021
The Olympics are underway, and the authorities are on the alert for cyberattacks. Kaseya has a decryptor for the REvil ransomware, but it hasn’t said how it got the key. NSO Group says it’s not responsible for customer misuse of its Pegasus intercept tool. US policy toward Chinese cyber activities shows continuity, with some diplomatic intensification, but hawks would like to see more action. Our guest Jack Williams from Hexagon joins Dave to discuss the promises and challenges of smart...

Duration:00:24:44

Extortion is the motive in the Saudi Aramco incident. Updates on the Pegasus Project. Chinese cyberespionage and Beijing’s tu quoque. FIN7 resurfaces, and a post-mortem on Egregor.

7/22/2021
It’s extortion after all at Saudi Aramco. Controversy and investigation over alleged misuse of NSO Group’s Pegasus intercept tool continues. Warning of Chinese espionage from ANSSI, and China’s denunciation of all this kind of “baseless slander.” Phishing in Milanote. FIN7 resurfaces after the conviction of some key members. Dinah Davis from Arctic Wolf on the importance of identity management. Our guest Jenn Donahue shares key strategies for mentoring and supporting female engineers,...

Duration:00:26:05

Historical threats to industrial control systems inform current security practices. Ransomware privateering and side-hustling. Updates on the Pegasus Project.

7/21/2021
CISA warns of threats to industrial control systems, profusely illustrated with examples from recent history. Ransomware can be operated either in the course of privateering or as an APT side hustle. Security firms outline new and evolving threats and vulnerabilities. Reaction continues to the Pegasus Project’s reports on intercept tools. Joe Carrigan unpacks recent Facebook revelations and allegations. Our guest is Dave Humphrey from Bain Capital on his tech investment bets and predictions....

Duration:00:25:37

APT side hustles and evidence of espionage. NSO replies to the Pegasus Project, and AWS removes NSO from its CloudFront CDM. Other data breaches and ransomware incidents.

7/20/2021
The US says China contracted with criminals to carry out cyberespionage campaigns. Norway says China was behind an attack on its parliamentary email system. China denounces accusations of cyberespionage as slander, and says it’s the real victim, because the CIA is the one stealing IP from China. AWS expels NSO Group from its CloudFront CDM. NSO denies it permits its intercept tools to be abused. Saudi Aramco sustains a data breach. Ben Yelin describes calls for bans on government use of...

Duration:00:25:37

Microsoft Exchange Server hacks officially attributed to China. Indictment in industrial espionage case. Entities List expands. Abuse of NSO Group’s Pegasus tool reported.

7/19/2021
Allied governments formally attribute exploitation of Microsoft Exchange Server to China’s Ministry of State Security. A US Federal indictment names four MSS officers in conjunction with another, long-running cyberespionage campaign. The US Department of Commerce adds six Russian organizations to the Entities List. The Pegasus Project outlines alleged abuse of NSO Group’s intercept tool. Thomas Etheridge from CrowdStrike on the importance of real-time response, continuous monitoring and...

Duration:00:23:34

Peter Baumann: Adding value to data. [CEO] [Career Notes]

7/18/2021
CEO of ActiveNav, Peter Baumann, takes us on his career journey from minor home electrical experiments to the business of data discovery. He began his career as an electrical engineer, but felt an entrepreneurial spirit was part of his makeup. Following his return to college to study business and finance, Peter talks about being set on the path to shine the light on the data to provide discovery capability. To those interested in the field, he suggests having a broad familiarity of different...

Duration:00:07:48

Enabling connectivity enables exposures. [Research Saturday]

7/17/2021
Guest Nathan Howe, Vice President of Emerging Technology at Zscaler, joins Dave to discuss his team's work, "2021 “Exposed” Report Reveals Corporate and Cloud Infrastructures More at Risk Than Ever From Expanded Attack Surfaces." The modern workforce has resulted in an increase of users, devices, and applications existing outside of controlled networks, including corporate networks, the business emphasis on the “network” has decreased and the reliance on the internet as the connective tissue...

Duration:00:18:23

DDoS at Russia’s MoD. Facebook disrupts Iranian catphishing operation. An intercept tool vendor’s activities are exposed. No signs of the US softening on Huawei bans.

7/16/2021
Russia’s Ministry of Defense says its website sustained a distributed denial-of-service attack this morning. Facebook disrupts a complex Iranian catphishing operation aimed at military personnel and employees of defense and aerospace companies. Microsoft and Citizen Lab describe the recent operations of an Israeli intercept tool vendor. The US shows no signs of relenting on Huawei. Johannes Ullrich from the SANS technology institute has been Hunting Phishing Sites with Shodan. Our guest is...

Duration:00:23:01

Luminous Moth or Mustang Panda, it’s the same bad actor (probably). Updates on other cyberespionage and ransomware campaigns. Rewards for tips on cyberattacks.

7/15/2021
A Chinese APT is active against targets in Myanmar and, especially, the Philippines. Cyberespionage campaigns suggest that there’s a thriving market for zero-days. MI5 warns against spying, disinformation, and radicalization. REvil continues to lie low (and the Kremlin hasn’t seen anything). CISA offers ransomware mitigation advice. Bogus Coinbase sites steal credentials. Ransomware attacks on old SonicWall products expected. Daniel Prince from Lancaster University looks at Getting into the...

Duration:00:26:49

Patch notes. What’s happening with REvil remains unclear, but it would be rash to count the gang out.

7/14/2021
SolarWinds patches a zero-day exploited by a Chinese threat group. Patch Tuesday notes. What’s up with REvil: takedown, retirement, rebranding, or glitch? (Don’t bet against rebranding.) Joe Carrigan from JHU ISI on cell phone carriers sneaking us ads via SMS. Our guest is Nicko van Someren of Absolute Software with a look at endpoint risk. And bots like futbol. For links to all of today's stories check out our CyberWire daily news briefing:...

Duration:00:24:35

SolarWinds patches a zero-day. Trickbot is back. Bogus Twitter accounts, now suspended, were verified by the social medium. DarkSide hits Guess. Updates on REvil and Kaseya.

7/13/2021
SolarWinds addresses a zero-day that was exploited in the wild. A watering hole campaign lures users of online gaming sites. Inauthentic accounts (now suspended) get a blue check mark. Trickbot is back, with new capabilities. The DarkSide hits fashion retailer Guess. Malek Ben Salem from Accenture on Remediation of Vulnerabilities using AI. Our guest is Jeff Williams from Contrast Security with a look at Application Security in Financial Services. And some updates on Kaseya, its customers,...

Duration:00:24:33

Kaseya and REvil--the state of recovery. President Biden calls President Putin to ask for action on ransomware. Cyber incident in Iran. Ukraine says its naval website was hacked. Tracking ransom.

7/12/2021
Kaseya has patched the VSA on-premises and SaaS versions affected by REvil ransomware. The US tries some straight talk about privateering with Russia, but with what effect remains to be seen. Russia’s autarkic Internet poses some challenges for international security. Iranian rail and government sites were hit with a cyber incident over the weekend. Ukraine says Russian threat actors defaced its Naval website. Carole Theriault looks at ethics in phishing simulations. Josh Ray from Accenture...

Duration:00:24:20

APTs transitioning to the cloud. [CyberWire-X]

7/11/2021
Cloud attacks have become so widespread that the Department of Homeland Security (DHS) has warned against an increase of nation states, criminal groups and hacktivists targeting cloud-based enterprise resources. APTs such as Pacha Group, Rocke Group and TeamTNT have been rapidly modifying their existing tools to target Linux servers in the cloud. Modifying their existing code to create new malware variants which are easily bypassing traditional security solutions. The solution? In order to...

Duration:00:30:19

Taree Reardon: A voice for women in cyber. [Threat Analyst] [Career Notes]

7/11/2021
Senior Threat Analyst and Shift Lead for VMware Taree Reardon shares her journey to becoming leader for women in the cybersecurity field. A big gamer who has always been interested in hacking and forensics, Taree found her passion while learning about cybersecurity. She's dedicated to diversity and inclusion and found her footing on a team made up of 50% women. Taree spends her days tracking and blocking attacks and as a champion for women. Trusting yourself is top on her list of advice. We...

Duration:00:07:30

Dealing illicit goods on encrypted chat apps. [Research Saturday]

7/10/2021
Guest Daniel Kats, Senior Principal Research Engineer at NortonLifeLock, joins Dave to discuss his team's work, "Encrypted Chat Apps Doubling as Illegal Marketplaces." Encrypted chat apps are gaining popularity worldwide due to their central premise of not sending user data to tech giants. Some popular examples include WhatsApp, Telegram and Signal. These apps have also been adopted by businesses to securely communicate directly to their users. Additionally, these apps have been instrumental...

Duration:00:18:56

Kaseya continues to work through its REvil days, as does the US Administration. In other news, there’s cyberespionage in Asia, the PrintNightmare fix, and Black Widow as phishbait.

7/9/2021
Kaseya continues to work through remediation of the VSA vulnerability exploited by REvil, with completion expected Sunday afternoon. And while REvil has made a nuisance of itself, this time they may not have seen a big payday, or at least not yet. The US is still considering its retaliatory and other options in the big ransomware case. China’s MSS is active against targets in Asia. Andrea Little Limbago from Interos looks at Government access to data analysis. Our guest is Leon Gilbert from...

Duration:00:27:38

Cyber conflict sputters in Ukraine? Kaseya delays VSA patch, offers assistance to REvil’s victims. US mulls retaliation for privateering. PrintNightmare patch. Another extradition run at Julian Assange.

7/8/2021
Ukrainian government websites may have come under an unspecified cyberattack early this week. Kaseya delays its VSA patch until Sunday, and offers assistance to victims of VSA exploitation by REvil. The US continues to mull its response to Russia over REvil and Cozy Bear. A small electric utility’s business systems go offline after a ransomware attack. Microsoft continues to grapple with PrintNightmare. Caleb Barlow from CynergisTek on the changing Cyber Insurance landscape. Our guest is...

Duration:00:23:29