the CyberWire Podcast-logo

the CyberWire Podcast

Technology Podcasts >

The CyberWire Daily Podcast is our look at what's happening in cyberspace. We provide a clear and concise summary of the news and offer commentary from industry experts as well as our Academic and Research Partners. Each Friday, we provide the usual daily summary along with a look back at the news for the entire week. We publish each weekday afternoon (in time for US East Coast drive-time).

The CyberWire Daily Podcast is our look at what's happening in cyberspace. We provide a clear and concise summary of the news and offer commentary from industry experts as well as our Academic and Research Partners. Each Friday, we provide the usual daily summary along with a look back at the news for the entire week. We publish each weekday afternoon (in time for US East Coast drive-time).
More Information

Location:

MD

Description:

The CyberWire Daily Podcast is our look at what's happening in cyberspace. We provide a clear and concise summary of the news and offer commentary from industry experts as well as our Academic and Research Partners. Each Friday, we provide the usual daily summary along with a look back at the news for the entire week. We publish each weekday afternoon (in time for US East Coast drive-time).

Language:

English

Contact:

443-884-6868


Episodes

LG smartphone keyboard vulnerabilities — Research Saturday

6/23/2018
More
Researchers at Check Point Research recently discovered vulnerabilities in some LG smartphone keyboards, vulnerabilities that could have been used to remotely execute code with elevated privileges, act as a keylogger and thereby compromise the users’ privacy and authentication details. The CyberWire's Research Saturday is presented by the Hewlett Foundation Cyber Initiative. Thanks to our sponsor Enveil, closing the last gap in data security.

Duration:00:16:21

Phishing plays small ball with depressing success. Chinese cyberespionage up. US IC, JCS, worries about innovation. Guilty plea in US espionage case. Ex-Knesset member suspected of spying. Supreme Court decides location privacy case.

6/22/2018
More
In today's podcast, we hear that phishing scams continue to nibble away at bank accounts and reputations: the State of Oregon is among those suffering. Avoid emails promising you leaked pictures of YouTube stars. Chinese espionage against US targets rises. US Intelligence officials worry that failure to play a long game puts the country at a disadvantage with respect to innovation. The Joint Chiefs mull electronic warfare issues. Reality Winner makes a plea agreement in her espionage case....

Duration:00:24:05

Malicious apps, a clever botnet, and cryptojacking. Patch notes. EU copyright regulations. Congress still doesn't like the cut of ZTE's or Huawei's jib. Tesla sues a former employee.

6/21/2018
More
In today's podcast we hear about a malicious app that will save your battery, but it will also install a backdoor, steal information, and click on a bunch of ads. A sophisticated and patient botnet, Mylobot, is observed in the wild, but it's not yet clear what it's up to. Cryptojackers exploit a known (and patched) Drupal vulnerability. Vectra finds tunnels. Google adds security metadata to Android apps. Cisco patches. The EU's proposed copyright regulations attract little love. Congress...

Duration:00:19:52

Playing on Kindness — Hacking Humans

6/21/2018
More
Joe explains the Ben Franklin effect. Dave describes job applicants tricked unto money laundering. A listener tells a tale of being fooled by an appeal to greed. Joe interviews Stacey Cameron from DirectDefense about her physical penetration testing work. Thanks to our show sponsor KnowBe4.

Duration:00:22:16

Satellite communications suffer from Thrip(s). Zacinlo rootkit poses as a VPN. Insecure Firebase apps. EU copyright legislation. Kardon Loader. Bithumb robbed. #Opicarus2018. Bitcoin Baron jailed.

6/20/2018
More
In today's podcast, we hear that the Chinese espionage group Thrip is targeting satellite communications operators and others in the US and Southeast Asia. Zacinlo rootkit hides inside a bogus VPN. Developers are leaving Firebase apps insecure. The EU's controversial copyright regulation advances from committee. Kardon Loader malware is in beta. South Korean cryptocurrency exchange Bithumb is looted of more than $30 million. Anonymous is back with Opicarus2018. And the Bitcoin Baron goes to...

Duration:00:19:56

Charges in Vault 7 case. Olympic Destroyer appears to be back. Liberty Life hack. Does Tesla have a rogue insider? US Senate hits at ZTE. Guilty plea in OPM hack-related fraud. Motive: blackmail.

6/19/2018
More
In today's podcast we hear that the US has charged a former CIA engineer in the WikiLeaks Vault 7 case. Olympic Destroyer may be back, and preparing to hit chemical weapons investigators and arms control specialists. Updates on the Liberty Life data extortion investigation. Elon Musk says Tesla Motors has an internal saboteur. The US Senate snatches the lifeline out of ZTE's hands. A guilty plea in OPM-breach-related fraud. A possible motive in the Jeopardy champ's email hacking. David...

Duration:00:19:54

Date extortion attempt against Liberty Life. Rex Mundi, Black Hand arrests. Hidden Cobra's back. Clipboard hijacking hits cryptocurrency wallets. ZTE, Huawei security fears. Pulp fiction.

6/18/2018
More
In today's podcast we hear that Liberty Life has sustained an attempt at data extortion. In separate operations, international police agencies cooperate against Rex Mundi, Black Hand, and the remnants of Silk Road. Cyber espionage notes. North Korean hacking resumes. More clipboard hijacking afflicts cryptocurrency wallets. Security concerns tighten around ZTE and Huawei. And pulp fiction: from Russia with love, and from the Clinton Library. Malek Ben Salem from Accenture Labs on concerns...

Duration:00:18:43

Cyber bank heists — Research Saturday

6/16/2018
More
Carbon Black's Chief Cybersecurity Officer Tom Kellerman shares the results of their recent report, Modern Bank Heists: Cyberattacks & Lateral Movement in the Financial Sector. For the report, they interviewed CISOs at 40 major financial institutions, revealing attack and mitigation trends. The CyberWire's Research Saturday is presented by the Hewlett Foundation Cyber Initiative. Thanks to our sponsor Enveil, closing the last gap in data security.

Duration:00:15:56

MysteryBot developed from LokiBot. Satan rebranded as DBGer. Snooping on iOS got harder, but maybe not impossible. IG report on the FBI is out, not damning but not good, either.

6/15/2018
More
In today's podcast we hear that MysteryBot is under development and presumably being prepared for sale on the black market. Satan ransomware gets a makeover and a new name. Apple has taken measures to make iOS traffic less accessible to snooping, but lawful snoops may already have a way around that security. Kasperky will no longer work with Europol. The US Justice Department IG reports on the FBI. And a former Jeopardy champion cops a hacking plea. Robert M. Lee from Dragos, on his...

Duration:00:22:39

Chinese espionage in Central Asia. Dixons Carphone data exposure. Lazy State speculative execution bug. Pyongyang is expected to come roaring back into cyberspace. Unlucky 13. Chinese espionage in Central Asia. Dixons Carphone data exposure. Lazy State sp

6/14/2018
More
In today's podcast, we hear that LuckyMouse has crept into an unnamed Central Asian house. Dixons Carphone data exposure presents complex legal and regulatory issues—it's the first big incident since GDPR came into effect. "Lazy State" is another CPU speculative execution bug. The US Congress doesn't care for ZTE, Australia's government is wary of Huawei, and the EU doesn't like Kaspersky at all. If you didn't like the end of net neutrality, wait until you get a load of the proposed EU...

Duration:00:18:42

Hacking Humans — Gaming pro athletes online.

6/14/2018
More
Joe warns of scammers taking advantage of natural disasters, Dave explores romance scams, and gets a strange voice mail. Stephen Frank from the National Hockey League Players Association joins us to share how professional athletes protect themselves from online scams. Thanks to our show sponsor KnowBe4.

Duration:00:28:08

Cable-tapping for a new century. Lazarus Group update. BabaYaga's cannibalistic malware. Patch Tuesday notes. Cryptojacking. World Cup surveillance. Beware of strangers bearing gifts with USB connections.

6/13/2018
More
In today's podcast we hear that old news is new news when it comes to undersea cables. The Lazarus Group is still at it, against South Korean targets. BabaYaga eats other malware so it can stage WordPress spam. Patch Tuesday notes, including some products that Redmond will no longer support. Crytpojackers are still busy. One new strain of coin-mining malware uses the Eternal Romance exploit to spread. World Cup surveillance threatens visiting fans. And don't plug gifts from strangers into...

Duration:00:16:39

Don't get cozy with Cozy Bear. Code-signing issues stem from muddled documentation. Devices ship with inadvertent backdoor. Matryosha attack. Operation WireWire versus BEC scammers.

6/12/2018
More
In today's podcast we hear that the US Treasury Department has announced sanctions against Russian entities it says were too cyber-cozy with the FSB. Code-signing issue looks like what we have here is a failure to communicate. Android devices are being shipped with ADB enabled, and cryptojackers enter by the backdoor. A layered criminal attack posing as emails from Samsung spearphishes Russian victims. Operation WireWire reels in seventy-four business email compromise suspects. Ben Yelin...

Duration:00:19:45

SWIFT fraud (behind a wiper). Coinrail ICO robbery. Chinese espionage. G7 agrees to a coordinated response to hostile cyber operations. Malwaretech faces new charges.

6/11/2018
More
In today's podcast, we hear about more SWIFT fraud, with a wiper attack as misdirection. Cryptocurrency exchange looted of ICO tokens. Chinese espionage in Rhode Island, and a conviction in Virginia. Dropping Elephant spearphishes in think tanks. G7 agreement suggests a coordinated response to hostile cyber operations. Net neutrality expired this morning in the US. And Marcus Hutchins faces additional charges. Jonathan Katz from UMD discussing hashing.

Duration:00:17:31

Winnti Umbrella Chinese threat group — Research Saturday

6/9/2018
More
Researchers from ProtectWise's 401TRG team recently published research linking a variety of new and previously reported Chinese cyber threat groups. Tom Hegel is a Senior Threat Researcher with the 401TRG, and he joins us to share their findings. The CyberWire's Research Saturday is presented by the Hewlett Foundation Cyber Initiative. Thanks to our sponsor Enveil, closing the last gap in data security.

Duration:00:20:58

Adobe patches a zero-day being exploited in the wild. Chinese cyber espionage, and the risks of data-sharing. Facebook default settings glitch. Industry notes.

6/8/2018
More
In today's podcast, we hear that Adobe has patched a Flash vulnerability. InvisiMole is a discrete, selective cyber espionage tool. A Facebook glitch inadvertently changed users' default privacy settings. Leidos exits the commercial cyber market. China is back at IP theft, and some conventional cyber espionage, too. Congress wants explanations of data-sharing with Huawei and ZTE, and it wants those companies investigated as security risks. Feds Facebook friend felons. Rick Howard from Palo...

Duration:00:24:49

New criminal campaigns out and about. Fancy Bear changes style, but not management. VPNFilter hits more devices. CloudPets overshare, but maybe more benignly than Google and Facebook.

6/7/2018
More
Iron Group said to use Hacking Team source code to build a backdoor. Operation Prowli both cryptojacks and sells traffic. Fancy Bear may be getting noisier. VPNFilter has a more extensive set of victim devices than previously believed. ZTE pays a billion dollar fine. CloudPets are oversharing via an unsecured server. The US Senate wants answers from both Facebook and Google about their user data sharing with Chinese companies. Daniel Prince from Lancaster University on the security of...

Duration:00:19:17

Hacking Humans — A flood of misinformation and fake news

6/7/2018
More
In this episode, Joe examines the anatomy of a phishing attack, Dave explores pretexting, and a scammer targets real estate agents. Professor Stephen Lewandowsky from the University of Bristol joins us to share his research on misinformation, fake news, and inoculating people against them. Thanks to our show sponsor KnowBe4.

Duration:00:30:06

Espionage, influence, summits, and elections. What counts as a luxury? An iCloud warrant raises cryptowars speculation. Microsoft's GitHub acquisition. Facebook's coziness with Shanghai?

6/6/2018
More
In today's podcast, we hear that TempTick and Turla are interested in the US-North Korean summit. That summit might not take up many cybersecurity issues. Where did North Korea get all that digital rope they want to hang the West with? It seems we competed to sell it to them, more-or-less unwittingly. Russian influence ops continue to give lies their bodyguard of truth. The FBI gets a warrant for a high-profile iCloud account. Microsoft outbid Google for GitHub—what will Redmond do with...

Duration:00:19:48

DPRK hackers quieter in the run-up to the Kim-Trump summit. Russian EW. Cryptocurrencies and crime. Law firm social engineering. Dodgy World Cup Wi-Fi. Bad AI, a time-traveler's poly.

6/5/2018
More
In today's podcast, North Korea still seems to be leaving American IoT networks more-or-less alone, for now, however actively they're hacking elsewhere. Everything old is new again, at least with Russian EW. Cryptocurrency crime is a worry everywhere. A look at law firm hacks shows the counselors could use the help of some street-savvy hotel detectives more than a tech-savvy perimeter security solution, although that wouldn't be bad, either. Beware of letting World Cup Wi-FI be an...

Duration:00:18:29