We have updated our Terms of Service and Privacy Policy. Learn More

the CyberWire Podcast-logo

the CyberWire Podcast

Technology Podcasts >

The CyberWire Daily Podcast is our look at what's happening in cyberspace. We provide a clear and concise summary of the news and offer commentary from industry experts as well as our Academic and Research Partners. Each Friday, we provide the usual daily summary along with a look back at the news for the entire week. We publish each weekday afternoon (in time for US East Coast drive-time).

The CyberWire Daily Podcast is our look at what's happening in cyberspace. We provide a clear and concise summary of the news and offer commentary from industry experts as well as our Academic and Research Partners. Each Friday, we provide the usual daily summary along with a look back at the news for the entire week. We publish each weekday afternoon (in time for US East Coast drive-time).
More Information

Location:

MD

Description:

The CyberWire Daily Podcast is our look at what's happening in cyberspace. We provide a clear and concise summary of the news and offer commentary from industry experts as well as our Academic and Research Partners. Each Friday, we provide the usual daily summary along with a look back at the news for the entire week. We publish each weekday afternoon (in time for US East Coast drive-time).

Language:

English

Contact:

443-884-6868


Episodes

UPnProxy infiltrates home routers — Research Saturday

5/26/2018
More
Researchers at Akamai recently published a white paper titled UPnProxy: Blackhat proxies via NAT Injections. In it, they describe vulnerabilities with Universal Plug and Play capabilities in home routers, and how malicious actors could take advantage of them. Chad Seaman is a senior CERT engineer at Akamai, and he's our guide. The CyberWire's Research Saturday is presented by the Hewlett Foundation Cyber Initiative. Thanks to our sponsor Enveil, closing the last gap in data security.

Duration:00:20:25

VPNFilter takedown. Low-cost Android phones with preloaded adware. Alexa's selective attention. BMW patches connected cars. Cryptocurrency crimes. New swatting charges. GDPR is here.

5/25/2018
More
In today's podcast, we hear that the FBI's takedown of VPNFilter may have averted a major state-directed campaign. Some discount Android phones come with preloaded adware. Amazon's Echo echoed a little too much. BMW patches some potentially serious vulnerabilities in its connected cars. Cryptocurrency exchanges hit by a double-spending crook. The US Justice Department investigates crypto exchange price manipulation. New charges have been filed in the December Kansas swatting death. And GDPR...

Duration:00:24:51

VPNFilter and battlespace preparation. XENOTIME may be back, and after industrial systems. GDPR updates. Following Presidential Tweets.

5/24/2018
More
In today's podcast, we hear that VPNFilter, described by Cisco's Talos research unit, looks like battlespace preparation for Fancy Bear. The FBI may have succeeded in impeding its operation. Dragos describes XENOTIME, the threat actor behind the TRISIS industrial safety system attacks, and they say we can expect them back. GDPR is coming tomorrow, and a company has found a way of letting worried CISOs sleep at night. And your right to follow theRealDonaldTrump on Twitter has now been secured...

Duration:00:19:56

Variant 4 and other chipset vulnerabilities. Confucius and Patchwork. Turla goes two-stage. Misconfigured not-for-profit bucket. ZTE's fraying lifeline. Facebook and the EU. Brain Food.

5/23/2018
More
In today's podcast we hear a bit more on Variant 4—we may see more like it. Mitigations are under preparation. The Confucius threat group modifies its approach to targets. Turla adopts a two-stage infection technique. A misconfigured AWS S3 bucket exposes a California not-for-profit's clients. ZTE's lifeline may not be so strong after all: the US Administration wants significant concessions and the US Congress seems to want none of it at all. Facebook's EU testimony gets tepid reviews. And a...

Duration:00:19:45

Speculative Store Bypass. GPON-based botnet. Customer data exposures. Roaming Mantis gets more capable. Nation-state threats.

5/22/2018
More
In today' podcast we hear about the Speculative Store Bypass vulnerability that's been found in most current chipsets. GPON-based routers assembled into botnets. Comcast and TeenSafe close vulnerabilities in transmission and storage of customer data. Roaming Mantis banking Trojan acquires new functionality. Is Moscow waiting for the World Cup to conclude before going on cyberattack? How about Iran and China? Will DPRK hacking be on the summit agenda? And GDPR is coming Friday, to some...

Duration:00:18:56

DPRK's Sun Team works from three apps in Google Play. PII for sale in Zheijiang. SPEI theft. Jihadist content in social media. SEA charges. DDoS-for-hire sentencing. ZipperDown bug.

5/21/2018
More
In today's podcast, we hear that North Korea's Sun Team is rising in Red Dawn. Much PII, mostly out of Japan, appears in the black-market stall of a poorly reviewed vendor. The Mexican bank raid seems, the Central Bank says, to have started with a small brokerage and spread from there. Facebook and Google+ continue to be infested with jihadist inspiration. More charges for alleged Syrian Electronic Army hoods. A man gets fifteen years for, among other things, DDoSing former employers. And...

Duration:00:16:46

Threat actors hijack Lojack — Research Saturday

5/19/2018
More
Researchers from Arbor Networks' ASERT Threat Intelligence Team recently published a report titled, "Lojack Becomes a Double Agent." It outlines how threat actors are altering legitimate recovery utility software and simulating its command and control servers to gain access to target machines. Richard Hummel is manager of the ASERT Threat Research Team, and he joins us to describe their work. The CyberWire's Research Saturday is presented by the Hewlett Foundation Cyber Initiative. Thanks...

Duration:00:17:07

Something Wicked this way comes. Automating wallet pilferage. Office 365 phsihing scams. DPRK hackers remain active. Recognizing alt-coin investment frauds.

5/18/2018
More
In today's podcast, we hear that a new Mirai variant is out and about: they call it "Wicked." MEWkit automates coin theft. LocationSmart was buggy and leaky. The US Senate has confirmed Gina Haspel as Director of Cetnral Intelligence. Relaxed tensions along the 38th Parallel aside, North Korea remains active against South Korea in cyberspace. There's a lot of fraud in cryptocurrency investing, and the SEC would like to help you recognize it. David Dufour from Webroot on threat trends. Guest...

Duration:00:23:47

Competing for terrorist mindshare. ICS threat group update. AnonPlus vandalizes US state sites. GDPR's disclosure timeline. Congressional hearings. DarkOverlord collared.

5/17/2018
More
In today's podcast, we hear that Al Qaeda is back, howling online toward whatever lone wolves might be within earshot. The CHRYSENE ICS threat group may be looking beyond the Arabian Gulf. AnonPlus is after US state governments—New Mexico, Idaho, and Connecticut have received the hacktivists' puzzling vandalism. What the EU will expect of you within seventy-two hours of discovering a breach. The US Congress wants answers about, among other things, ZTE and Cambridge Analytica. And an alleged...

Duration:00:19:23

Spyware campaigns: phishing and watering holes. Signal patches (fast). DHS cyber strategy. Russian election hacking. Cyber Investing Summit. Do smart people pick better passwords?

5/16/2018
More
In today's podcast we hear that a spyware campaign centered on Pakistan and thought to be the work of Pakistan's military, comes in two variants: one for Android, the other for iOS. Vietnam is said to be phishing in a compromised Phom Penh Post website. Signal patches a cross-site-scripting issue very rapidly. The US Department of Homeland Security releases its cybersecurity strategy. The Cambridge Analytica whistleblower talks to the Senate Judiciary Committee. The Senate Intelligence...

Duration:00:19:25

Email client vulnerabilities. Sanctions and trade policy. FinFisher in Turkey. myPersonality data scandal. Patch news. High school phishing.

5/15/2018
More
In today's podcast, we hear about reports of email client vulnerabilities. Worries about Russian and Chinese software and hardware vendors. Security and trade policy notes. FinFisher found used in Turkey. The data scandal that brought down Cambridge Analytica moves to the University of Cambridge, but there the issues seem to be security, anonymization, and possible oversharing. Adobe and Samsung issue patches. A California high school student is accused of phishing for grade books. Ben Yelin...

Duration:00:19:43

Unauthorized banking transfers in Mexico? A lifeline for ZTE. Iranian cyber op-tempo rises. Russian troll farm's ad buys. Reining in apps. Cell tracking. Anonymous is back.

5/14/2018
More
In today's podcast we hear that Mexican banks may have sustained unauthorized funds transfers. Presidents Trump and Xi seem willing to toss a lifeline to drowning ZTE. Some researchers report an uptick in Iranian cyber operations. Russia's premier troll farm bought Facebook and Instagram ads targeting American teenaged girls. Apple, Facebook, and Twitter tighten their grip on apps connecting to their stores or services. Police cell-tracking receives scrutiny. And Anonymous is back. Justin...

Duration:00:15:16

Three pillars of Artificial Intelligence — Research Saturday

5/12/2018
More
Bobby Filar is a Principal Data Scientist at Endgame, and coauthor of the research paper, The Malicious Use of Artificial Intelligence: Forecasting, Prevention, and Mitigation. The report surveys the landscape of potential security threats from malicious uses of AI, and proposes ways to better forecast, prevent, and mitigate these threats. Bobby Filar joins us to discuss the paper, and his views on the evolving role of AI in cybersecurity. The Malicious Use of Artificial Intelligence:...

Duration:00:32:13

Vigilantes and hacktivists. Point-of-sale malware source code leaks. Malicious extensions and apps. US Federal indictments: spying and hacking. Robo-caller gets record fine.

5/11/2018
More
In today's podcast, we hear that vigilantes have visited ZooPark, and the lights go out—voluntarily—on some Georgia hacktivists. Treasure Hunter source code posted to a criminal forum. Malicious Chrome extensions and malicious Android photo-editing apps. GrandCrab ransomware served by compromised legitimate sites. Russian influence ops. Concerns about a resumption of Iranian hacking. Ex-CIA officer charged with espionage. Hobby hacker indicted on Federal charges. FCC hits a robo-caller...

Duration:00:23:23

Cyber conflict between Iran and the US widely expected. ALLENITE threat group is after US, UK power grids. Jack-in-the-Box vulnerability. Signal's memory. Is ZTE going down?

5/10/2018
More
In today's podcast we hear that US withdrawal from the Iranian nuclear deal is widely taken as heralding a new round of cyber conflict. Cyberattacks on critical infrastructure are seen as an asymmetric way of war. The ALLANITE threat group is observed successfully reconnoitering US and UK electrical power grids. Jack-in-the-Box does nasty things with images. Signal's self-deleting messages don't, or at least they don't always. And US sanctions may be putting ZTE out of business. Robert M....

Duration:00:19:57

Subborn IoT botnets. Razzle-dazzle HTML phishing lure. Fancy Bear's false flag. Busy Yahoo boys. Crooks turn from Tor to Telegram. Kaspersky and contractors. Patch notes. SB 315 vetoed.

5/9/2018
More
In today's podcast we hear about Hide-and-Seek, a hard to flush botnet. A phishing technique takes advantage of an email client's rendering of HTML. Facebook death threats in 2015 are said to have been the work of Fancy Bear, dressed up as the Cyber Caliphate. Nigeria's Yahoo boys are busier than ever. DHS wonders what it will take to get US Federal contractors to get rid of Kaspersky. Crooks turn from Tor to Telegram. Patch Tuesday notes. And Georgia's governor vetoes a controversial...

Duration:00:18:27

Greek and Turkish hacktivists swap defacements. Process Doppelgänging in the wild. GDRP is coming (like winter, for you Game of Thrones fans.) Profiling infosec enthusiasts.

5/8/2018
More
In today's podcast we hear that hacktivist lightning is flashing across the Aegean, hitting Greek and Turkish TV stations. Process Doppelgänging is observed in ransomware circulating in the wild. Unstructured data could expose enterprises to GDPR regulatory risk. So might transitive data sharing. Big US companies are ready to follow GDPR standards in North America as well as Europe. Older Lantech industrial servers appear vulnerable to remote code execution. Vandals hit security cameras in...

Duration:00:18:47

2018 RSAC Outlook - Special Edition

5/8/2018
More
Just before the RSA conference this year, we spoke with a pair of industry experts for their take on the year so far, and what they expect to see in the coming months. In this CyberWire Special Edition, we hear from Craig Williams, Director of Talos Outreach at Cisco, and later in the show from Jon Rooney, Vice President of Product marketing at Splunk.

Duration:00:17:50

Winnti Umbrella covers multiple threat actors. DPRK off-shores cyber ops. ZooPark is in its fourth generation. GPON router bugs exploited in the wild. Russian Twitterbots. Block the EU?

5/7/2018
More
In today's podcast we hear that Chinese intelligence services have been seen beneath the Winnti Umbrella. North Korea's off-shoring of cyber operations. ZooPark Android spyware is now in its fourth generation, and still active in the Middle East and North Africa. Vulnerabilities in Dasan GPON routers are exploited in the wild. Russian Twitterbots are suspected of tweeting death threats in the UK. David Dufour from Webroot on anti-malware testing procedures. And how do you solve a problem...

Duration:00:16:33

BlackTDS and ThreadKit offered in criminal markets — Research Saturday

5/5/2018
More
Kevin Epstein is Vice President of Proofpoint's Threat Operations Center. We’re discussing two bits of research with him today. The first is about BlackTDS, a traffic distribution tool for sale in dark web markets. A little later in the show, he’ll tell us about ThreadKit, a document exploit builder. The CyberWire's Research Saturday is presented by the Hewlett Foundation Cyber Initiative. Thanks to our sponsor Enveil, closing the last gap in data security.

Duration:00:21:15

Try Premium for 30 days

Live games for all NFL, MLB, NBA, & NHL teams
Commercial-Free Music
No Display Ads