The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
https://thecyberwire.com/podcasts/daily-podcast
Gesamtlänge aller Episoden: 44 days 3 hours 54 minutes
episode 1389: Espionage phishing in unfamiliar places. OT vulnerabilities. LemonDuck’s rising fortunes. Data exposure. Kubernetes advice from NSA and CISA. Meng Wanzhou’s extradition.
APT31 casts its net into some waters that aren’t yet phished out. Vulnerabilities in the NicheStack TCP/IP stack are reported. LemonDuck may be outgrowing its beginnings as a cryptojacking botnet. A large marketing database is found exposed. NSA and CISA offer advice on securing Kubernetes clusters. Adam Darrah from ZeroFox checks in from the floor at BlackHat. Our guests are Nic Fillingham and Natalia Godyla from Microsoft’s Security Unlocked podcast...
episode 1388: Apparent ransomware disrupts Italian vaccine scheduling system. Cyberespionage compromised Southeast Asian telcos. RAT and phishing in the wild. Cybercriminals explain themselves.
An apparent ransomware attack hits Italy’s online vaccine-scheduling service. A Chinese cyberespionage campaign hits Southeast Asian telcos enroute to high-value targets. Some strategic context for Beijing’s espionage. FatalRAT is spreading by Telegram. Crafty phishing spoofs SharePoint. Joe Carrigan has thoughts on HP's latest Threat Insights Report. Our guest is Marc Gaffan of Hysolate who reveals the “Enterprise Security Paradox”...
episode 1387: SVR was reading the US Attorneys’ emails. Deliveries still lag as South African ports reopen. EA hackers dump game source code. Another look at criminal markets. And Mr. Hushpuppi cops a plea.
SVR may have compromised twenty-seven US Attorneys’ offices. Ransomware disruptions of a physical supply chain continue as South African ports reopen. EA hackers give up, and dump the source code they stole. Double extortion may not be paying off. A look at initial access brokers. Operation Top Dog yields indictments in an international fraud case. Rick Howard tackles enterprise backup strategies. Kevin Magee from Microsoft with lessons learned hiring multiple team members during COVID...
episode 17: Behavioral transparency – the patterns within. [CyberWire-X]
President Biden's Cyber Executive Order includes provision for a software bill of materials in government contracts. It's a critical and necessary first measure for protecting the software supply chain. To defend against cyber attacks like the ones that affected SolarWinds and Colonial Pipeline, organizations also need transparency about the way the software in their supply chain behaves–how, and with whom, that software engages in and outside of their networks...
episode 60: Andrew Hammond: Understanding the plot. [Historian and Curator] [Career Notes]
Historian and Curator at the International Spy Museum., Dr.. Andrew Hammond, shares how he came to share the history of espionage and intelligence as a career.
episode 194: China's influence grows through Digital Silk Road Initiative. [Research Saturday]
Guest Charity Wright, Cyber Threat Intelligence Expert in Recorded Future's Insikt Group, joins Dave to discuss her research "China’s Digital Colonialism: Espionage and Repression Along the Digital Silk Road"...
episode 1386: Multiple Cozy Bear sightings (at least the bear tracks). Spyware in a Chinese employee benefits app. Phishing campaigns. DoppelPaymer rebrands. And ignore that bot--it hasn’t been watching you surf.
Cozy Bear’s active command-and-control servers are found, and people conclude that Moscow’s not too worried about American retaliation after all. Spyware found in an app for companies doing business in China. What to make (and not make) of the Iranian documents Sky News received. Phishing with Crimean bait. HTML smuggling may be enjoying a moderate surge. DoppelPaymer rebrands. Andrea Little Limbago from Interos on growing the next-gen of cyber...
episode 1385: Public Wi-Fi advice from NSA. South African ports recover from ransomware. Iranian rail incident was a wiper attack. Developments in the criminal-to-criminal market. Intercept vendors under scrutiny.
Advice on WiFi security from NSA. South African ports are recovering from their ransomware attack. The attack on Iranian railroads was a wiper, of unknown origin and uncertain purpose. Developments in the criminal-to-criminal market. Israel undertakes an investigation of NSO Group. Josh Ray from Accenture Security on the road back to the office. Our guest is Duncan Godfrey from Auth0 with insights on managing digital identities...
episode 1384: US ICS Cybersecurity Initiative formalized. Developments in the ransomware world. Addressing known vulnerabilities. Caucasus coinmining crackdown. A long-running IRGC catphishing campaign.
US formally establishes its Industrial Control System Cybersecurity Initiative. Shooting wars in cyberspace. Developments in the ransomware criminal souks. This week’s iOS update may have closed the vulnerability exploited by NSO Group’s Pegasus intercept tool. The US, UK, and Australia issue a joint advisory on the most exploited vulnerabilities. Abkhazia’s crackdown on coinminers. Joe Carrigan looks at the Mespinoza ransomware gang. And meet Marcy Flores, the Robin Sage of Liverpool aerobics...
episode 1383: South African ports invoke force majeure over cyberattack. Documents indicate Iranian interest in control systems attacks. Dark web wanted ads. Cyber diplomacy. Lousy cafeteria food?
Transnet declares force majeure over cyberattack on South African port management. The IRGC apparently is Googling a bunch of stuff about gas stations and merchant ships. Kaseya’s denial of paying ransom has legs. Criminal coders like obscure languages. The AvosLocker gang is looking for pentesters, access brokers, and affiliates. The US and China hold “frank and open” conversations about, among other things, cyber tensions...