The CyberWire - Your cyber security news connection. Podcast Episodes Online

Loading podcasts

Fetching podcast shows and categories...

Loading page

Opening Radio and Podcast...

Ready2SERAustralia · College Radio, World Music

Live--:--

The CyberWire - Your cyber security news connection. Podcast Episodes Online | Radio and Podcast

Episodes

50 of 100 episodes

Waiting for their victims.

Bitdefender researchers have recently found the APT group StrongPity has been targeting victims in Turkey and Syria. Using watering hole tac...

21:14Aug 15, 2020

Bad Woodcutter is still bad, but not invincible. CactusPete is in Eastern European networks. Exploiting COVID-19. Celebrity endorsements (not).

An update on Fancy Bear and its Drovorub rootkit. Karma Panda, a.k.a. CactusPete, is scouting Eastern European financial and military target...

24:51Aug 14, 2020

This Woodcutter's no Railsplitter. Operation Dream Job. COVID-19 phishing.

NSA and FBI release a detailed report on a GRU toolset. North Korea's Operation Dream Job phishes in Israeli waters. CISA warns of COVID-19...

21:12Aug 13, 2020

Domestic cyber squabbling in Belarus and Iran. Pakistan accuses India of a cyber offensive. More on Papua's data center. More privacy questions for TikTok. Parental control or stalker's tool?

Regional rivals tussle in cyberspace, and governments have it out with dissidents and the opposition. Market penetration as an instrument of...

20:45Aug 12, 2020

Internet blackout in Belarus. Papua New Guinea's insecure National Data Centre. Chrome and CSP rule bypass. Zoom gets sued in DC. Patch Tuesday. Go Spartans.

Belarus shuts down its Internet after its incumbent president's surprising, perhaps implausible, no...really implausible landslide reelectio...

22:39Aug 11, 2020

Introducing Word Notes - NMAP (noun)

The CyberWire's newest show is here - it's called Word Notes, and it just launched today with 10 binge-able episodes. Think of it as your au...

03:48Aug 11, 2020

What are the adversaries' goals in election interference? A case study in the ransomware-as-a-service market. Untangling TikTok, as the clock ticks toward September 15th.

The US Office of the Director of National Intelligence has released an appreciation of the goals of election interference among three princi...

24:51Aug 10, 2020

The Green Goldfish and cyber threat intelligence.

Cyber threat intelligence analyst Selena Larson takes us on her career journey from being a journalist to making the switch to industrial se...

06:57Aug 9, 2020

Like anything these days, you have to disinfect it first.

"Cyberbunker" refers to a criminal group that operated a "bulletproof" hosting facility out of an actual military bunker. "Bullet Proof" hos...

23:38Aug 8, 2020

US Executive Orders against TikTok, WeChat. Chimera takes chip IP. Intel data leaked. Texting Rewards for Justice. Coordinated inauthenticity. Magecart's homoglyph attacks.

President Trump issues Executive Orders restricting TikTok and WeChat in the US. A Chinese APT has been active in industrial espionage again...

24:31Aug 7, 2020

US Clean Network program outlines measures against Chinese operations. $10 million reward offered for info on election interference. Australia's cyber strategy is out. Grand larceny and petty lulz.

The US announces five new lines of effort for the Clean Network program, and none of them are exactly mash notes for Beijing. The US is also...

22:42Aug 6, 2020

Privacy, Fort Meade style. Interpol looks at cybercrime. Oilrig gets DNSExfiltrator. Please move on from Windows 7. Updates on the Twitter hack.

NSA, yes, NSA, has some privacy advice. Interpol offers its take on where cybercrime is going during the time of the pandemic. Iran's Oilrig...

20:19Aug 5, 2020

US attributes Taidoor RAT to China's government. Pegasus spyware in Togo. The TikTok affair. More fallout from the Blackbaud ransomware incident.

The US attributes the Taidoor remote access Trojan to the Chinese government. Sources tell Reuters that documents used in an attempt to infl...

20:06Aug 4, 2020

Microsoft considers acquiring TikTok. The US considers other Chinese companies as potential security threats. Charges in the Twiter hack. DDoS turns out to be a glitch. Garmin hack update.

Microsoft is in talks to acquire TikTok as the US hints that it may be considering action against other Chinese software companies. Three yo...

22:16Aug 3, 2020

Rely on your strengths in the areas of the unknown.

Director of Security Engineering at Marketa and Host of Hacker Valley Studio podcast Chris Cochran describes his transitions throughout the...

07:01Aug 2, 2020

Detecting Twitter bots in real time.

NortonLifeLock Research Group (NRG) released a prototype browser extension called BotSight that leverages machine learning to detect Twitter...

21:35Aug 1, 2020

Social engineering at Twitter. Phishing kits and hackers for hire. Cyberespionage. The EU sanctions actors for Cloudhopper, WannaCry, and NotPetya. And security advice from NSA and NIST.

An update on social engineering at Twitter. A quick look at the phishing kit criminal market. The European Union sanctions individuals and o...

25:06Jul 31, 2020

A quick look at Big Tech's antitrust testimony. BootHole may be tough to patch. Fake COVID contact tracers. Netwalker warning. And Chinese espionage against the Vatican and the United Kingdom.

Yesterday's antitrust hearings in the US House of Representatives focus on Big Tech's big data as something open to use in restraint of trad...

19:55Jul 30, 2020

Alleged Russian disinformation campaigns. Beijing's cyberespionage hits the Vatican. Costly PII losses. VPNs and OT security. Big Tech's day with Congress. Online bar exams. Snooping for the Saudis.

Alleged Russian influence operations described by US intelligence services. "Ghostwriter" targets the Baltic region with anti-NATO false nar...

20:56Jul 29, 2020

Data breaches and responsibility. Where do you get a decryptor for WastedLocker? Third-party risk. Misconfigured databases. Follow-up on the Twitter hack.

Cloudflare says that reported Ukrainian breaches aren't its issue. Trend Micro describes a new and unusually capable strain of malware. Garm...

21:10Jul 28, 2020

Vigilante action against Emotet. Third-party risks and data breaches. Cerberus is for sale. And WastedLocker ransomware and the fortunes of crime.

A vigilante appears to be interfering with Emotet's payloads. A fintech breach is blamed on a third-party service provider. A list of Cloudf...

20:36Jul 27, 2020

No matter the statistic, even if against the odds, focus on what you want.

Privacy and data security lawyer, Dominique Shelton Leipzig shares that she has always wanted to be a lawyer, ever since she was a little gi...

06:16Jul 26, 2020

It was only a matter of time.

On April 29, 2020, the Salt management framework, authored by the IT automation company SaltStack, received a patch concerning two CVEs; CVE...

12:27Jul 25, 2020

A warning for US critical infrastructure operators. Blackbaud extortion and data breach update. Who's got the keys to Twitter? Sino-American cyber tensions.

CISA and NSA warn of a foreign threat to US critical infrastructure. A look at what the Bears have been up to lately. The Blackbaud extortio...

24:57Jul 24, 2020

Twitter: hackers got a few accounts' DMs. French policy toward Huawei hardens. Crooks against British sport. You and your boss should talk more.

Twitter updates the news of last week's incident: the attackers seem to have accessed some direct messages. France's partial permission for...

21:40Jul 23, 2020

Meowing exposed databases. US indicts two Chinese nationals for hacking, and orders China to close its Houston consulate.

"Meowing" is now a thing: the automated discovery and wiping of exposed and unprotected databases. The US indicts two Chinese nationals on e...

20:34Jul 22, 2020

Parliament gets its report on Russian hacking. A look at the cyber criminal economy. Russia says it has no hackers.

The Intelligence and Security Committee of Parliament has rendered its report on the Russian cyber threat. Trend Micro reports on the workin...

21:16Jul 21, 2020

Following the spoor of the Twitter hackers, a couple of whom seem to be talking to the press. Marketing databases and intelligence collection. TikTok ban? Hacking biomedical research.

Notes on last week's Twitter hack, and on the allure of original gangster and other celebrity usernames. Using marketing databases for intel...

19:29Jul 20, 2020

Have to be able to communicate to everybody.

Computer security writer, podcaster and public speaker Graham Cluley describes learning to program on his own from magazines, creating text...

06:58Jul 19, 2020

Every time we get smarter, the bad guy changes something.

Researchers at Symantec spotted a Sodinokibi targeted ransomware campaign in which the attackers are also scanning the networks of some vict...

30:03Jul 18, 2020

High-grade grifter. Twitter's disinformation potential. Hacking vaccine research and doxing trade talks. What Iran's hackers are up to. And CISA says, for heaven's sake, patch already.

The Twitter hack is looking more like high-grade, low-end crime. It also worries people over the disinformation potential it suggests. Peopl...

25:19Jul 17, 2020

Twitter takes down verified accounts after major hack (most service now restored). Russian influence operations. Cozy Bear's biomedical intelligence collection. Spearphishing in Hong Kong.

Twitter sustained a major incident in which celebrity accounts were hijacked yesterday. It seems to have been a social engineering caper, bu...

22:14Jul 16, 2020

A 2018 Presidential finding authorized the CIA to conduct a broad range of offensive cyber ops. Data breaches and ransomware incidents. Sloppy VPNs. SEC warns, and China woofs.

A 2018 Presidential finding authorized extensive CIA cyber operations against Russia, China, Iran, and North Korea. Wattpad may have been br...

20:19Jul 15, 2020

Huawei to be closed out of UK's 5G infrastructure. Spyware, ransomware, and botnets. The odd case of Data Viper. SAP has a major patch out.

The British Government decides to ban Huawei. More on the malware associated with Golden Tax software package. The Molerats appear to be beh...

21:00Jul 14, 2020

Presidential authorization for US Cyber Command action. DPRK hacking and internal regime dynamics. TrickBot's developers. Cybercriminals in the dock.

President Trump says he authorized US Cyber Command's retaliation against Russia's Internet Research Agency for midterm election meddling. N...

21:13Jul 13, 2020

Turn challenges into opportunities.

Cybersecurity and disinformation researcher Bilyana Lilly shares her career path from studying where she was always a foreigner to an expert...

06:52Jul 12, 2020

Are you running what you think you're running?

Built into virtually every hardware device, firmware is lower-level software that is programmed to ensure that hardware functions properly....

13:39Jul 11, 2020

The importance of staying up-to-date. Conti ransomware gains as Ryuk fades. Germany warns of Chinese companies' data collection. Huawei's fortunes in Canada and UK. Hushpuppi update.

Unpatched and beyond-end-of-life systems are (again) at risk. Conti ransomware appears to be steadily displacing its ancestor Ryuk in crimin...

24:40Jul 10, 2020

Coordinated inauthenticity with a domestic bent. Preinstalled malware in discount phones. Evilnum and the Joker continue to evolve. Incidents at FreddieMac and RMC.

Facebook takes down more coordinated inauthenticity. Preinstalled malware is found in discount phones available under the FCC's Lifeline pro...

20:12Jul 9, 2020

Traditional sabotage at Natanz. CISA's ICS strategy. DDoSecrets' server seized by German police at the request of the US. COVID-19-themed phishing infrastructure taken down. Cyberespionage.

The Natanz blast looks like traditional sabotage. CISA releases its strategy for securing industrial control systems. Authorities in Germany...

20:43Jul 8, 2020

Sabotage, not cyber? Cosmic Lynx pounces on some big companies with BEC. Purple Fox upgrade. Coordinated inauthenticity in the journalistic supply chain.

Explosions at Iranian nuclear sites remain unexplained, but look increasingly like conventional sabotage as opposed to cyberattacks. The Cos...

20:53Jul 7, 2020

Damage at Natanz, maybe cyber-induced but maybe not. Official Huawei skepticism spreads. Big European dragnet. Hushpuppi in custody.

An Iranian nuclear installation may have been hacked. Or maybe not, but in any case it was damaged. Huawei gets more skeptical looks. Europe...

20:37Jul 6, 2020

Solving hard problems and pursuing your passions.

CEO Matt Devost, describes many firsts in his career, including hacking into systems on an aircraft carrier at sea. He shares how he enjoys...

07:21Jul 5, 2020

Evil Corp versus newspapers. Trolling for unprotected MongoDB. Taurus in the criminal souks. Law and security. Loot boxes as gambling items.

Evil Corp seems to have been shuffling through some newspaper sites. Don't take the gangs' communiqués at face value, but some appear to be...

21:52Jul 2, 2020

EvilQuest ransomware identified. Out-of-band patches. The scope of Chinese surveillance of Uighurs. Hong Kong and the National Security Law. FCC finds against Huawei, ZTE.

EvilQuest ransomware found in pirated versions of Little Snitch app. Out-of-band patches from Microsoft and Oracle. Extensive Chinese survei...

21:00Jul 1, 2020

Critical bug disclosed in Palo Alto products (a fix is available). StronPity (a.k.a. Promethium) is back. A big Bitcoin scam. Lots of PII newly offered in the dark web. Australia and India look to their defenses.

NSA and CISA agree: take Palo Alto's advisory about its PAN-OS operating system seriously. StrongPity is back and active against targets in...

21:14Jun 30, 2020

Ransomware pays, in California. Kashmir utility recovers from cyberattack. Update on hacktivism vs. Ethiopia. Another misconfigured AWS account. Guilt and sentencing in high-profile cybercrime.

The University of California San Francisco pays Netwalker extortionists nearly a million and a half to recover its data. A Kashmir utility r...

20:48Jun 29, 2020

Get your foot in the door and prove your worth.

Vice President of Marketing, Kathleen Booth, shares her career path from political science and international development to marketing for a...

06:32Jun 28, 2020

Enter the RAT

A new report examines how five related APT groups operating in the interest of the Chinese government have systematically targeted Linux ser...

21:32Jun 27, 2020

Camille Stewart from Google and Lauren Zabierek from Harvard's Belfer Center on the Sharethemicincyber event.

This is an extended interview of our conversation with Camille Stewart and Lauren Zabierek originally aired in our daily podcast 06/26/2020....

24:24Jun 26, 2020