the CyberWire Podcast-logo

the CyberWire Podcast

Technology Podcasts >

The CyberWire Daily Podcast is our look at what's happening in cyberspace. We provide a clear and concise summary of the news and offer commentary from industry experts as well as our Academic and Research Partners. Each Friday, we provide the usual daily summary along with a look back at the news for the entire week. We publish each weekday afternoon (in time for US East Coast drive-time).

The CyberWire Daily Podcast is our look at what's happening in cyberspace. We provide a clear and concise summary of the news and offer commentary from industry experts as well as our Academic and Research Partners. Each Friday, we provide the usual daily summary along with a look back at the news for the entire week. We publish each weekday afternoon (in time for US East Coast drive-time).
More Information




The CyberWire Daily Podcast is our look at what's happening in cyberspace. We provide a clear and concise summary of the news and offer commentary from industry experts as well as our Academic and Research Partners. Each Friday, we provide the usual daily summary along with a look back at the news for the entire week. We publish each weekday afternoon (in time for US East Coast drive-time).






Operation Sharpshooter. Meng makes bail. Sino-American cyber tensions. Leadership crises in the UK and France. Congress doesn’t lay a glove on Google. 2018’s bad password practices.

In today’s podcast, we hear some of McAfee’s description of Operation Sharpshooter, an ambitious cyber reconnaissance campaign. Huawei’s CFO Meng makes bail in Vancouver, and China reacts sharply to the arrest. The US is said to be preparing sanctions and indictments in response to various Chinese hacking activities. A no-confidence vote is called in the UK. In France, President Macron makes concessions to the Yellow Vests. Google skates through its interrogation by Congress. And bad...


Audit finds no Chinese spy chips on motherboards. Huawei CFO hearings continue in Vancouver. Oilfield services firm’s servers attacked. Spyware and adware. Congressional hearings, reports.

Audit finds no “Chinese spy chips” on Supermicro motherboards. Huawei CFO Meng’s hearing continues. Oil services firm’s servers attacked. Seedworm shows some new tricks. Secure instant messaging apps may be less secure than hoped. A new adware strain reported. Mr. Pichai goes to Washington, and Uncle Pennybags puts in an appearance. The US House Oversight and Government Reform Committee reports on the Equifax breach. Prof. Awais Rashid from Bristol University on risk management in a...


A bail hearing in Vancouver. The prospect of indictments in IP theft cases. Kubernetes vulnerabilities. Russia and Ukraine swap hacks? An advance fee scam asks for help getting out of jail.

In today’s podcast, we hear that Huawei’s CFO awaits her immediate fate in a Vancouver detention facility, where she faces possible extradition to the US on a sanctions-violation beef. Huawei itself receives hostile scrutiny from the Five Eyes, the EU, and Japan. US indictments are expected soon in other IP theft cases involving China. Upgrade Kubernetes. Russia and Ukraine swap cyberattacks in their ongoing hybrid war. An advance fee scam promises not only money, but maybe love, too. Emily...


Operation Red Signature targets South Korean supply chain — Research Saturday

Researchers at Trend Micro uncovered a supply chain attack targeting organizations in South Korea. With the goal of information theft, attackers compromised the update server of a third party support provider, resulting in the installation of a RAT, or remote access trojan. Rik Ferguson is Vice President of Security Research at Trend Micro, and he guides us through their discoveries. The research can be found...


Huawei legal and security updates. A shift to personalized spam in attacks on retailers. “Hollywood hacks” in Eastern European banks.

In today’s podcast we hear that Huawei’s CFO remains in Canadian custody, perhaps facing extradition to the US. All Five Eyes have now expressed strong reservations about Huawei on security grounds. They’ve been joined in this by Japan and the European Union. Proofpoint sees a shift in cybercrime toward more carefully targeted and thoughtful social engineering. Kaspersky describes “DarkVishnaya,” a criminal campaign using surreptitiously planted hardware to loot Eastern European banks....


Huawei CFO arrested in Canada, faces extradition to US. Anonymous claims that Chinese intelligence hacked Marriott. Russian hospital phished. SamSam indictments, warnings. Facebook agonistes.

In today’s podcast, we hear that Huawei’s CFO was arrested in Vancouver on a US sanctions beef. Anonymous sources tell Reuters Chinese intelligence was behind the Marriott hack. A Flash zero-day is used in an attack against a Russian hospital. SamSam warnings and new US indictments. In the UK, Parliament releases internal Facebook emails that suggest discreditable data-use practices. Facebook says the emails are being taken out of context. And DDoS downs Illinois homework. Dr. Charles Clancy...


DDoS and BEC risks rising. Ukraine says it stopped Russian cyber campaign. EU looks to stopping disinformation. NRCC email compromise. Facebook emails released by Parliament.

In today’s podcast, we hear that CoAp-based DDoS attacks are on the rise. A Nigerian gang has done some industrial-scale work on business email compromise. Ukraine says it stopped a major Russian cyber attack. The EU looks toward its May elections and determines to do something about disinformation. The US National Republican Congressional Committee sustains an email compromise. Attribtution of a phishing expedition to Cozy Bear grows dubious. And Westminster doxes Facebook. Joe Carrigan...


Fancy Bear in Czech government systems. Watering hole attacks. Quora breached. Marriott breach follow-up. Kubernetes privilege escalation flaw. Scams kicked out of Apple’s App Store.

In today’s podcast we hear how Fancy Bears and free-range catphish have been disporting themselves in the Czech Republic. China reported to have used watering hole attacks to gain entry into Australian institutions. Quora suffers a data breach. Marriott’s breach response earns mediocre marks. A Kubernetes privilege escalation flaw is found and patched. Two scammy apps are ejected from Apple’s App Store. An object lesson in the difficulty of controlling fake news—or at least fake op-eds. ...


US Defense Department and UK’s MI6 aren’t buying Russian honey over cyber operations. Iranian influence operations. Marriott breach fallout. Court upholds Kaspersky ban. Ransom and sanctions.

In today’s podcast, we hear that senior US and UK officials have harsh words for Russian actions in cyberspace even as President Putin undertakes a charm offensive at the G20 meetings. (In fairness to the US and UK officials, it’s a pretty dour charm offensive.) Iran ups its influence operations game. Legal investigations and legislative responses to the Marriott breach begin. A US Court upholds the Government’s ban on Kaspersky products. And paying ransom to cyber extortionists could...


Settling in with GDPR — CyberWire-X

In the second episode of our new, four-part series, called “Ground Truth or Consequences: the challenges and opportunities of regulation in cyberspace,” we take a look at the impact GDPR has had since it's implementation in May 2018. Joining us are Emily Mossburg from Deloitte, Caleb Barlow from IBM and Steve Durbin from ISF. Later in the program we'll hear from Jason Hart, CTO for enterprise and cybersecurity at Gemalto. They're the sponsors of this show.


Getting an education on Cobalt Dickens — Research Saturday

Researchers from Secureworks' Counter Threat Unit have been tracking a threat group spoofing login pages for universities. Evidence suggests the Iranian group Cobalt Dickens is likely responsible. Allison Wikoff is a senior researcher at Secureworks, and she joins us to share what they've found. The original research is here: The CyberWire's Research Saturday is presented by the Hewlett Foundation Cyber...


Marriott suffers data breach. Dunkin Donuts credential stuffing attack. Urban Massage database exposed, unsecured. Fancy Bear paws at German government targets. SamSam cost.

In today’s podcast we hear about Marriott’s big breach. And Dunkin’ Donuts big breach. And, and, Urban Massage’s embarrassing exposure. Lessons are drawn about third-party risk, password reuse, and the importance of being less creepy to the people you do business with. Fancy Bear shows up to paw at the phish swimming in Germany’s government. And how much did SamSam really cost people? FBI? DoJ? Is it millions or billions? In either case you’re talking about real money. Robert M. Lee from...


Reconnaissance and degradation. Hybrid war in Eastern Europe and Southwest Asia. Eternal Silence infects unpatched systems. Dell customers reset passwords. SamSam indictments.

In today’s podcast, we hear warnings of Russian recon “degradation” of the North American power grid. Information operations in Russia’s hybrid war against Ukraine. Factions in Yemen’s civil war contest cyberspace (and fiber optic cables). Eternal Silence exploits systems not patched against EternalBlue and EternalRed. Dell tells its customers to reset their passwords. And the US indicts two Iranians for deploying the SamSam ransomware. Emily Wilson from Terbium labs with unintended...


DNSpionage. Cobalt Dickens’ unwelcome return. iOS spyware may be more widespread than believed. Governments move toward content moderation. Small towns, big problems.

In today’s podcast, we hear that DNSpionage espionage tools are hitting Middle Eastern targets. Iran’s Cobalt Dickens returns to pester universities. Lawful intercept vendors receive more scrutiny, and that scrutiny suggests iOS might not have escaped their attention as much as many had assumed. Facebook gets grilled in London. Nine Western countries issue a joint communique resolving to control “false and misleading” content on the Internet. And lessons from small towns. Ben Yelin from UMD...


Rotexy Trojan gets worse. Bad apps in Google Play. Backdoor for crypto-wallets. Facebook goes before Parliament. Pegasus spyware versus journalists. Russian hybrid war. Too-smart devices.

In today’s podcast we hear that the Rotexy Trojan has evolved into phishing and ransomware. Bad apps found in Google Play. An open source library used in cryptocurrency wallets had a wide-open backdoor. Facebook goes before Parliament, which seems in a pretty feisty mood. Pegasus spyware found to have been deployed against journalists in Mexico and elsewhere. Russia escalates its hybrid war against Ukraine. Do people care if their smart speakers eavesdrop? How about their smart lightbulbs?...


A quick look at the state of spam. Phishing for power grids. Industrial espionage. Free and command economy versions of social control. Lessons from JTF Ares.

In today’s podcast we hear that Emotet ramped up for Black Friday—beware of the spam. Social engineering and the power grid. Industrial espionage resurfaces as an issue in Sino-American relations. Huawei remains unforgiven in Washington. China’s emerging social credit system. Bottom-up social control in the US: first they came for the dogwalkers. Making a Dutch book on social media. Russia tightens Internet laws. The US Army learns some lessons, in a good way, from Joint Task Force Ares. Joe...


Perils of paycards, as Cyber Weekend approacheth. Tessa88 is identified. Many more people than before have now heard of High Tail Hall.

In today’s podcast, we hear that Amazon has offered customers a modified, limited hangout on some kind of data exposure. The online retailer says everything’s OK, but it hasn’t said much else. Facebook is back online—yesterday’s outage attributed to a server misconfiguration. Shoppers and retailers prepare for Cyber Weekend. Tessa88, the dark web data hawker, may have been identified. Cyber espionage continues. And there’s been another breach in what we’ve curiously agreed to call an “adult”...


Nation-state cyber campaigns: North Korean, Iranian, Russian, and unknown. Social media outages.

In today’s podcast, we hear about nations behaving badly (but from the point-of-view of cyberespionage they’re doing, unfortunately, well). The Lazarus Group is back robbing banks in Asia and Latin America. Russia’s Hades Group, known for Olympic Destroyer, is back, too. Gamaredon and Cozy Bear have returned, respectively pestering Ukraine and the US. Iran’s OilRig is upping its game with just-in-time malicious phishbait. And it’s not you: Facebook has been down. Malek Ben Salem from...


CISA is now officially an agency. Cozy Bear is back. Gmail spoofing issue opens social engineering possibilities. Speculation about “cyber 9/11s.”

In today’s podcast, we hear that CISA is now an agency within DHS. Cozy Bear is back, and spearphishing in American civilian waters. Ukrainian authorities say they’ve detected and blocked a malware campaign that appears targeted against former Soviet Republics. A reported Gmail issue may make for more plausible social engineering. The Outlaw criminal group expands into cryptojacking. Infrastructure, financial, and data corruption attacks discussed as possible “cyber 9/11s”. Rick Howard from...


Doubling down on Cobalt Group activity — Research Saturday

The NETSCOUT Arbor ASERT team has been tracking Cobalt Group campaigns targeting financial institutions. Richard Hummel is manager of threat intelligence with ASERT, and he joins us to share his team's findings. The research can be found here: The CyberWire's Research Saturday is presented by the Hewlett Foundation Cyber Initiative. Thanks to our sponsor Enveil, closing the last gap in data security.