The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
https://thecyberwire.com/podcasts/daily-podcast
Gesamtlänge aller Episoden: 44 days 9 hours 51 minutes
episode 173: Diving deep into North Korea's APT37 tool kit. [Research Saturday]
Guest Hossein Jazi of Malwarebytes joins us to take a deep dive into North Korea's APT37 (aka ScarCruft, Reaper and Group123) toolkit. On December 7 2020 the Malwarebytes Labs threat team identified a malicious document uploaded to Virus Total which was purporting to be a meeting request likely used to target the government of South Korea...
episode 1283: SUNSHUTTLE backdoor described. What the Exchange Server campaign was after. Misconfigured clouds. Airline IT service provided attacked. Criminal-on-criminal crime.
A new second-stage backdoor has been found in a SolarWinds compromise victim. Those exploiting the now-patched Exchange Server zero days seem to have done so to establish a foothold in the targeted systems. India continues to investigate a Chinese cyber threat to its infrastructure. Misconfigured clouds leak mobile app data. A major airline IT provider sustains a cyber attack. Dinah David helps us prevent account takeover attacks. Our guest is Troy Hunt from NordVPN...
episode 1282: Happy Slam the Scam Day. Indian authorities continue to investigate grid incidents. CISA tells US Federal agencies to clean up Exchange bugs by noon tomorrow. Supply chain compromise.
Indian authorities say October’s Mumbai blackout was “human error,” not cybersabotage. CISA directs US civilian agencies to clean up Microsoft Exchange on-premise vulnerabilities. More effects of the Accellion FTA supply chain compromise. Some trends in social engineering. Andrea Little Limbago brings us up to date on the RSA supply chain sandbox. Our guest is Brittany Allen from Sift on a new Telegram fraud ring. And happy National Slam the Scam Day...
episode 1281: RedEcho under investigation (amid reassurances). Stopping Operation Exchange Marauder. Containing Ursnif. Cyber proliferation. And another round in the Crypto Wars.
India continues to investigate the possibility of RedEcho cybersabotage of its power distribution system, but says any hack was stopped and contained. Microsoft issues an out-of-band patch against a Chinese-run “Operation Exchange Marauder.” The financial sector works to contain an Ursnif outbreak. CISA issues ICS security advisories. Myanmar and the difficulty of stopping cyber proliferation. Joe Carrigan looks at CNAME cloaking...
episode 1280: India investigates the possibility of cybersabotage. Walls are opaque to defenders, too. Recommendations for cyber nonproliferation. SolarWinds updates (with an SEC appearance).
Indian authorities continue to investigate the possibility that Mumbai’s power grid was hacked last October. Apple’s walled garden’s security can inhibit detection of threats that manage to get inside. An Atlantic Council report recommends international action against access-as-a-service brokers to stall proliferation of cyber offensive tools. Ben Yelin has the story of legislators asking the military why they’re so interested in apps serving Muslims...
episode 1279: “RedEcho’s”activity in India’s power grid is described. US report on Khashoggi murder declassified SolarWinds compromise inquiry updates. Ill-intentioned SEO. President’s Cup winner announced.
Chinese cyber engagement with Indian critical infrastructure is reported: the objective isn’t benign from India’s point of view, but exactly what the objective is, specifically, remains a matter of speculation. The US Governemnt declassifies its report on the murder of Saudi journalist Jamal Khashoggi. The SolarWinds supply chain compromise remains under investigation, with an intern making a special appearance. Maligh search engine optimizations...
episode 38: Aarti Borkar: Make your own choices. [Product} [Career Notes]
Head of Product for IBM Security Aarti Borkar shares her journey which included her lifelong love of math and following her passions.
episode 172: Shining a light on China's cyber underground. [Research Saturday]
Guest Maurits Lucas from Intel471 joins us to discuss his team's research into cybercrime in China. Data from Intel 471 show that the Chinese cybercrime underground proliferates through use of common methods or platforms, but behaves differently in large part due to the caution that actors take with regard to their identity...
episode 1278: Oxford lab studying the COVID-19 virus is hacked. Zoom impersonation campaign. Senators would’ve liked to have heard from Amazon about Solorigate. NSA likes zero trust. NIST IoT guidelines.
Oxford biology lab hacked. A Zoom impersonation phishing campaign afflicts targets in the EU. Senators disappointed in Amazon’s decision not to appear at this week’s SolarWinds hearing. NSA advocates adopting zero trust principles. CISA issues alerts on industrial control systems. The US Department of Homeland Security describes increases to its cybersecurity grant programs. Dinah Davis examines how healthcare is being targeted by ransomware...
episode 1277: PLA spyware keeps Tibetans under surveillance. Cyber conflict between Ukraine and Russia, some conventionally criminal, other state-directed. US Executive Order addresses supply chain resilience.
FriarFox is a bad browser extension, and it’s interested in Tibet. Ukraine accuses Russia of a software supply chain compromise (maybe Moscow hired Gamaredon to do the work). Egregor hoods who escaped recent Franco-Ukrainian sweeps are thought responsible for DDoS against Kiev security agencies over the weekend. A look at Babuk, a new ransomware-as-a-service entry. VMware servers are patched. Verizon’s Chris Novak looks at the 2021 threat landscape...