The CyberWire Daily

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

https://thecyberwire.com/podcasts/daily-podcast

Eine durchschnittliche Folge dieses Podcasts dauert 19m. Bisher sind 1668 Folge(n) erschienen. Jeden Tag erscheint eine Folge dieses Podcasts.

Gesamtlänge aller Episoden: 22 days 2 hours 2 minutes

subscribe
share





episode 1311: The IAEA investigates the Natanz incident (amid conflicting reports on the nature of the sabotage). Mopping up the SolarWinds Exchange Server hacks.


Updates on Natanz, where the nature of the sabotage remains unclear--it happened, but there are conflicting explanations of how. Electrical utilities on alert for cyberattack, especially after the SolarWinds incident. The US Government takes extraordinary steps to fix the Microsoft Exchange Server compromise. Joe Carrigan analyses effective phishing campaigns. Our guest is the FBI’s Herb Stapleton on their recent IC3 report...


share







   27m
 
 

episode 1310: Natanz pre-emptive sabotage updates. NAME:WRECK DNS vulnerabilities. Tax phishing. ATM cards and advance-fee scams. Ransomware-induced cheese shortage.


Updates on the sabotage at Natanz--whether it was cyber or kinetic, Iran has vowed to take its revenge against Israel. NAME:WRECK vulnerabilities affect DNS implementations. Tax season scammers are phishing for credentials. If you liked the investment opportunities those Nigerian princes used to offer, you’re going to love their loaded ATM cards. Ben Yelin looks at data protection and interoperability. Our guest is Jules Martin from Mimecast on the importance of security integration...


share







   25m
 
 

episode 1309: Apparent cyber sabotage at Natanz. Arrest made in alleged plot to blow up AWS facility. Scraped data for sale in criminal fora. US senior cyber appointments expected soon.


Iran says Israel was responsible for sabotaging the Natanz nuclear facility yesterday, and Tehran promises revenge. Online plotting results in the arrest of a Texas man alleged to have planned an attack on an Amazon Web Services center. Scraped, not hacked, data from LinkedIn and Clubhouse are being hawked online. Andrea Little Limbago from Interos addresses asymmetric power within cyberspace and how that plays out in warfare...


share







   23m
 
 

episode 44: Debra Danielson: Be fearless. [CTO] [Career Notes]


Chief Technology Officer and Senior Vice President, Engineering for Digital Guardian Debra Danielson on her career journey.


share







   7m
 
 

episode 178: Strategic titles point to something more than a commodity campaign. [Research Saturday]


Guests Gage Mele, Winston Marydasan, and Yury Polozov from Anomali join Dave to discuss their research into Static Kitten targeting government agencies in the UAE and Kuwait. Anomali Threat Research uncovered malicious activity very likely attributed to the Iran-nexus cyberespionage group, Static Kitten (Seedworm, MERCURY, Temp...


share







   23m
 
 

episode 1308: A new Lazarus backdoor. Malvertising for a bogus Clubhouse app. Cryptojacking the academy. When is a cartel not a cartel? Strategic competition between the US and China. Choking Twitter.


Lazarus Group has a new backdoor. Bogus Clubhouse app advertised on Facebook. Cryptojacking goes to school. A ransomware cartel is forming, but so far apparently without much profit-sharing. The US Senate is preparing to make strategic competition with China the law of the land. Dinah Davis from Arctic Wolf looks at phony COVID sites. Our guest is Jaclyn Miller from NTT on the importance of mentoring the next generation. And Russia remains displeased with a lot of Twitter’s content...


share







   24m
 
 

episode 1307: Cring ransomware hits manufacturing plants. Distance learning difficulties. Hafnium’s patient approach to vulnerable Exchange Servers. The Entity List grows. 5G security standards.


Cring ransomware afflicts vulnerable Fortigate VPN servers. Distance learning in France stumbles due to sudden high demand, and possibly also because of cyberattacks. Hafnium’s attack on Microsoft Exchange Servers may have been long in preparation, and may have used data obtained in earlier breaches. Commerce Department adds seven Chinese organizations to its Entity List. 5G security standards in the US are said likely to emphasize zero trust. Atlantic Media discloses a breach of employee data...


share







   23m
 
 

episode 1306: A Chinese cyberespionage campaign is active against Vietnamese targets. The European Commission acknowledges cyberattacks are under investigation. Data scraping. Bogus apps. Molerats are dudes.


Goblin Panda’s upped its game in recent attacks on Vietnamese government targets. The EU is investigating cyberattacks against a number of its organizations. Scraped LinkedIn data is being sold in a hackers’ forum. Facebook talks about the causes of its recent data incident. New Android malware poses as a Netflix app. Joie Carrigan shares comments from the new head of the NCSC. Our guest is Fang Yu from Datavisor with highlights from their Digital Fraud Trends Report...


share







   24m
 
 

episode 1305: Watering holes, from Kiev to Canada. File transfer blues. What’s up in the criminal-to-criminal market. And an update on the old Facebook breach.


A watering hole campaign compromised several Ukrainian sites (and one Canadian one). File transfer blues. A couple of looks into the criminal-to-criminal marketplace: establishing a brand and selling malicious document building tools. Ben Yelin has details on a privacy suit against Intel. Our guest is Steve Ginty from RiskIQ on the threat actors behind LogoKit. And notes on the big and apparently old Facebook breach, including why people care about it...


share







   21m
 
 

episode 1304: An old Facebook database handed over to skids (and it’s a big database). APTs look for vulnerable FortiOS instances. Cryptojacking in GitHub infrastructure. Risk and water utilities.


An old leaked database has been delivered into the hands of skids. (The news isn’t that the data are out there; it’s that the skids now have it. For free.) CISA and the FBI warn that APTs are scanning for vulnerable Fortinet instances. Cryptojackers pan for alt-coin in GitHub’s infrastructure. Holiday Bear may have looked for network defenders. Threats to water utilities. Johannes Ullrich explains why dynamic data exchange is back...


share







   21m