the CyberWire Podcast-logo

the CyberWire Podcast

234 Favorites

The CyberWire Daily Podcast is our look at what's happening in cyberspace. We provide a clear and concise summary of the news and offer commentary from industry experts as well as our Academic and Research Partners. Each Friday, we provide the usual daily summary along with a look back at the news for the entire week. We publish each weekday afternoon (in time for US East Coast drive-time).

The CyberWire Daily Podcast is our look at what's happening in cyberspace. We provide a clear and concise summary of the news and offer commentary from industry experts as well as our Academic and Research Partners. Each Friday, we provide the usual daily summary along with a look back at the news for the entire week. We publish each weekday afternoon (in time for US East Coast drive-time).
More Information

Location:

MD

Description:

The CyberWire Daily Podcast is our look at what's happening in cyberspace. We provide a clear and concise summary of the news and offer commentary from industry experts as well as our Academic and Research Partners. Each Friday, we provide the usual daily summary along with a look back at the news for the entire week. We publish each weekday afternoon (in time for US East Coast drive-time).

Language:

English

Contact:

443-884-6868


Episodes

The Right to Be Forgotten with Yale Law School's Tiffany Li

11/22/2017
More
Our guest today is Tiffany Li. She’s an attorney and Resident Fellow at Yale Law School’s Information Society Project. She's an expert on privacy, intellectual property, and law and policy, and her research includes legal issues involving online speech, access to information, and Internet freedom. She’s coauthor of the paper, Humans Forget, Machines Remember: Artificial Intelligence and the Right to Be Forgotten, which will be published soon in Computer Security & Law Review.

Duration: 00:18:30


Cyberspace in Peace and War author Martin C. Libicki

11/21/2017
More
Today's show features an extended interview with Martin C. Libicki. He holds the Maryellen and Richard Keyser chair of cybersecurity studies at the U.S. Naval Academy. His most recent book is Cyberspace in Peace and War. Topics include the differences between cyber war and cyber espionage, the possibilities of a cyber Pearl Harbor or Cyber 9/11, and the risk of nations overreacting to cyber attacks.

Duration: 00:26:48


PwC Principal Jocelyn Aqua on Earning Consumer Trust and Business

11/20/2017
More
Our guest today is Jocelyn Aqua. She’s a principal at PwC, where her specialty is regulatory privacy and cybersecurity. Our conversation centers on a recently published report from PWC called Protect Me, what they describe as an in-depth look at what consumers want, what worries them, and what companies can do to earn their trust and their business.

Duration: 00:20:19


Dark Net Pricing with Flashpoint's Liv Rowley — Research Saturday

11/18/2017
More
Cybercriminals offer all sorts of illicit goods for sale on Deep and Dark Web markets. In this episode, Liv Rowley, cybercrime intelligence analyst at Flashpoint, takes us through her team's research into the pricing of certain illegal goods online, including "Fullz", exploit kits, DDoS for hire, RDP servers, card data, bank logs and passports. Supply meets demand in this shady underground ecosystem.

Duration: 00:19:04


AWS S3 misconfigurations. Kaspersky's report on the Equation Group affair. Cybercrime notes. DPRK cyber campaigns. The VEP reviews continue positive. Amazon Key has issues.

11/17/2017
More
In today's podcast, we hear about more misconfigured S3 buckets (these in Australia). Kaspersky Lab protests its innocence as it releases a study of Equation Group leaks. Notes from the world of crime: dual-purpose Trojans, fake-news-as-a-service, and how the cops are keeping the robbers hopping. Some thoughts on Hidden Cobra, and what it means for ICS operators in particular. More positive notices for the VEP. Chris Poulin from BAH on AI ethical conundrums with self-driving cars. Jeremy...

Duration: 00:20:45


Revisions to the US VEP (and comparisons to China's). DPRK hacking. Laurel mole hunt. BlueBorne is back. Snakes in the Play Store. Can you sound like a child?

11/16/2017
More
In today's podcast, we get an update on the US Vulnerabilities Equities Process, which now promises more transparency, accountability, and stakeholder representation in handling zero-days. A look at China's equivalent…doesn't. Worries about North Korean hacking. Mole hunting at Fort Meade. BlueBorne bugs in home assistants. More malware in Google Play. David DuFour from Webroot on the importance of communication with the board of directors. Roy Katmor from Ensilo on attacks using social...

Duration: 00:18:21


Hidden Cobra's RATs. IoT bugs. Patch Tuesday notes. Backdoored smartphones. Russian trolling, propaganda. DPRK short wave hacked?

11/15/2017
More
In today's podcast, we hear that the DHS and FBI have warned that two North Korean malware campaigns are active in the wild. IoT vulnerabilities are disclosed. :Smartphones ship with apparently inadvertent backdoors. Patch Tuesday was a big one, this month. Russian trolls took both sides in the Brexit vote. A pro-tip from the squints: a screenshot from a video game isn't, you know, actually gun-camera footage. Ben Yelin from UMD CHHS on the possible expiration of section 702 of the FISA...

Duration: 00:18:51


Influence operations in Catalonia? IcedID banking Trojan. The Shadow Brokers: an intelligence service or a bunch of moles? Patch notes.

11/14/2017
More
In today's podcast, we hear that Spain sees foreign influence operations in Catalonia. IBM's X-Force warns of a new banking Trojan. There may be a mole hunt going on in NSA—and somewhere the Shadow Brokers are smiling. Anti-virus companies fix the AVGater vulnerability. Firefox and Google both commit to security upgrades. Johannes Ullrich from SANS Technology Institute and the ISC Stormcast podcast on the challenges of random number generation. Steve McGregory from Ixia on the challenges...

Duration: 00:18:54


Vault 8 and false-flag allegations. Mole hunting. Equifax breach costs. ISIS returns to WordPress defacements. RoK domestic political influence scandal.

11/13/2017
More
In today's podcast, we hear how Vault 8 has succeeded Vault 7 among WikiLeaks dumps (but it's still all CIA all the time from Mr. Assange and company). GCHQ expresses concerns about Kaspersky anti-virus products. Media reports suggest that NSA is in the middle of a big mole hunt. Equifax begins to tally up the costs of its breach. The US Intelligence Community reiterates its conclusion that dog bites man, or rather, that Russia wants to work mischief with the United States. ISIS defaces...

Duration: 00:15:34


Taiwan Bank Heist and Lazurus Group with BAE's Adrian Nish — Research Saturday

11/11/2017
More
Dr. Adrian Nish is head of cyber threat intelligence at BAE Systems. His team has been tracking a new cyber-enabled bank heist in Asia. Some of the tools used are reminiscent of the Bangladesh Bank attack from February 2016. The full report can be found here.

Duration: 00:13:21


Macro-less malware. Metacriminals and botnet herders. Hacking ships and airliners. Cryptocurrency glitch. Congratulations to the SINET 16.

11/9/2017
More
In today's podcast, we hear that there's no honor among thieves, or botnet herders, either. Reaper still seems quiet. Macro-less malware is a problem, Microsoft warns. Researchers show you can hack an airliner's avionics. The maritime shipping sector worries that Maerk's experience with NotPetya isn't just a one-off. Ether—the cryptocurrency—is disappearing into the aether (at least this once). Justin Harvey from Accenture on the importance of not failing the basics. Guest is David...

Duration: 00:20:27


Fancy Bear's new moves. OceanLotus and Sowbug cyber espionage groups active. Notes from CyCon, and a look at industry news.

11/8/2017
More
In today's podcast we hear some industry news today, briefly, before we get to the cloak-and-keyboard stuff. Fancy Bear has some new dance steps. OceanLotus and Sowbug, threat actors, not plants or insects, as you might be forgiven for thinking, snoop on ASEAN and Latin America, respectively. Notes on international law and the future of cyberwar from CyCon. Joe Carrigan from JHU on the difficulties in reporting vulnerabilities. Robert Rodriguez from SINET on the trends he sees from the...

Duration: 00:18:26


Stolen Paradise Papers aren't making people or companies look good. Off-year election security. Trollhunting. Notes on the future of cyber conflict from CyCon 2017.

11/7/2017
More
In today's podcast we hear more on the Paradise Papers, where the optics are looking more Inferno than Paradiso. Off-year elections in the US are on today amid general concerns about, well, somebody doing something to them. Trollhunting sometimes brings down the wrong targets. Notes on the future of cyber conflict from CyCon 2017. The Internet's co-inventor says it's time to hold coders accountable for buggy software. Emily Wilson from Terbium Labs with thoughts from a conference in the...

Duration: 00:19:13


The Paradise Papers, tax avoidance, and quiet investments. Kaspersky affair updates. Retaliation against influence operations?

11/6/2017
More
In today's podcast, we hear about the Paradise Papers, a trove of documents obtained from a Bermuda law firm thatcontain details not only about wealthy tax avoiders, but about investments as well. Kaspersky says that its antivirus software did, after all, copy files that weren't viruses. (But they were still bad files.) US Senate Majority Leader McConnell says tech companies should help the US retaliate against nation-states' cyberattacks. Dale Drew from CenturyLink with a call for...

Duration: 00:13:07


Exploring Phishing Kits with Duo Security's Jordan Wright — Research Saturday

11/4/2017
More
In this episode of the CyberWire’s Research Saturday we are joined by Jordan Wright, Senior Research and Development Engineer at Duo Security. He’s the author of the research report, “Phish in a Barrel,” which describes his work gathering and examining thousands of phishing kits from around the web.

Duration: 00:29:44


BadRabbit misdirection? Fancy Bear's wish list. AWS misconfigurations. Data breach notes.

11/3/2017
More
In today's podcast, we hear that BadRabbit looks like misdirection. Fancy Bear's wish list is out, and it's very long, and very global. US prosecutors may be preparing to indict half-a-dozen Russian officials in the DNC hack. Malaysia continues to recover from a major series of data breaches. GhostWriter poses a man-in-the-middle threat to AWS users who misconfigure their accounts. And it was Halloween, but the ShadowBrokers weren't much in evidence. Perhaps they were unrecognizable in...

Duration: 00:20:45


The Manhattan terror suspect claims allegiance to ISIS, but ISIS hasn't claimed him. Crimeware notes. Patching news. Crypto wars update. What the Senate learned about info ops.

11/2/2017
More
In today's podcast, we hear that, while the Manhattan truck-ramming terrorist claims ISIS, ISIS hasn't claimed him. Notes on conventional cybercrime, with some resurgent banking Trojans and mobile malware. Apple patches iOS against KRACK vulnerabilities. WordPress issues another fix for SQL injection bugs. US Deputy Attorney General Rosenstein takes up the pro-access banner in the crypto wars, but few from the tech sector are rallying to him. Senate hearings on Russian influence operations...

Duration: 00:17:29


Ransomware old and ransomware new, but can you distinguish it from a wiper? Influence operations hearings on Capitol Hill.

11/1/2017
More
In today's podcast, we hear about ONI ansomware in Japan that may prove to be a wiper. Ukraine blames NotPetya operators Black Energy for BadRabbit. Pyongyang feels London is picking on it. Fishing Facebook in Nordic nations. Security firms sell certificate authority business. Twitter won't sell any more ads to RT or Sputnik. Johannes Ullrich from SANS Technology Institute and the ISC Stormcast podcast on honeypots. Russell Jones from Deloitte with the results from a recent medical...

Duration: 00:17:35


A BadRabbit and Reaper update. EU and cyberwar. DPRK denies WannaCry responsibility. China's cyber espionage shifts. Oracle emergency patch. Buganizer wide open. Influence ops. Heathrow security.

10/31/2017
More
In today's podcast, we hear about the state of BadRabbit and Reaper. The EU drafts a diplomatic framework for self-defense in cyberspace. Pyongyang denies UK attribution of WannaCry to North Korea. Threat intelligence types suspect the Sino-US cyber modus vivendi might not be the unqualified success it's been taken to be. Oracle issues an emergency patch. A researcher gets an unauthorized peek at Google's Buganizer. Congress will hear testimony about influence operations in Twitter,...

Duration: 00:16:14


Reaper looks like a criminal booter on the Chinese black market. BadRabbit shows some moves. Catch-All malicious Chrome extension. Android currency miners in Google Play. Indictments in Russia probe.

10/30/2017
More
In today's podcast, we hear that the Reaper botnet is still quiet, and looking like a booter-for-hire. BadRabbit shows some odd stealth, and some interesting strategic selectivity. A malicious Chrome extension steals everything you put on a website. Currency miners on phones seem to be the kind of crime that doesn't pay, but that's not stopping crooks from stuffing them into Google Play. First indictments in the US probe of Russian election influence operations are out. Emily Wilson from...

Duration: 00:13:37

See More