The CyberWire Daily

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

https://thecyberwire.com/podcasts/daily-podcast

Eine durchschnittliche Folge dieses Podcasts dauert 19m. Bisher sind 1699 Folge(n) erschienen. Jeden Tag erscheint eine Folge dieses Podcasts.

Gesamtlänge aller Episoden: 22 days 13 hours 46 minutes

subscribe
share





  • 1
  • 2
  •    
  • 3
  • >

episode 14: Security operations centers: a first principle idea.


The idea of operations centers has been around as far back as 5,000 B.C. This show covers the history of how we got from general purpose operations centers to the security operations centers today, the limitations of those centers, and what we need to do as a community make them more useful in our infosec program.


share







 2020-12-29  16m
 
 

episode 15: Security operations centers: around the Hash Table.


Four members of the CyberWire’s Hash Table of experts: Don Welch: Interim CIO of Penn State University Helen Patton: CISO for Ohio State University Bob Turner: CISO for the University of Wisconsin at Madison Kevin Ford: CISO for the State of North Dakota discuss SOC Operations in terms of intrusion kills chains, defensive adversary campaigns, insider threats, cyber threat intelligence, zero trust, SOC automation, and SOC analyst skill sets.


share







 2020-12-30  27m
 
 

episode 148: Using global events as lures.


The goal of malicious activity is to compromise the system to install some unauthorized software. Increasingly that goal is tied to one thing: the user. Over the past several years, we as an industry improved exploit mitigation and the value of working exploits has increased accordingly. Together, these changes have had an impact on the threat landscape. We still see large amounts of active exploitation, but enterprises are getting better at defending against them...


share







 2020-08-22  22m
 
 

episode 149: They fooled a lot of people.


Docker containers have been gaining popularity over the past few years as an effective way of packaging software applications. Docker Hub provides a strong community-based model for users and companies to share their software applications. This is also attracting the attention of malicious actors intending to make money by cryptojacking within Docker containers and using Docker Hub to distribute these images...


share







 2020-08-29  14m
 
 

episode 150: Going after the most valuable data. [Research Saturday]


A look at the realities of ransomware from Sophos, including an industry-first detailed look at new detection evasion techniques in WastedLocker ransomware attacks that leverage the Windows Cache Manager and memory-mapped I/O to encrypt files...


share







 2020-09-05  26m
 
 

episode 151: Leveraging legitimate tools. [Research Saturday]


Researchers at Symantec spotted a Sodinokibi targeted ransomware campaign in which the attackers are also scanning the networks of some victims for credit card or point of sale (PoS) software. It is not clear if the attackers are targeting this software for encryption or because they want to scrape this information as a way to make even more money from this attack. Joining us in this week's Research Saturday to discuss the report is Jon DiMaggio of Symantec...


share







 2020-09-12  32m
 
 

episode 152: Election 2020: What to expect when we are electing. [Research Saturday]


After the 2016 General Election, the talk was all around foreign meddling. Rumors swirled that some votes may have been changed or influenced by state-sponsored actors. Sanctions and accusations followed. Four years later, is the U.S. any more prepared to protect the results of its largest elections? More than you may realize...


share







 2020-09-19  25m
 
 

episode 153: What came first, the Golden Chickens or more_eggs? [Research Saturday]


Throughout March and April, QuoIntelligence (QuoINT) observed four attacks (i.e. sightings) utilizing various tools from the Golden Chickens (GC) Malware-as-a-Service (MaaS) portfolio – they recently declassified their findings, after first notifying their clients. Further, during their analysis of the sightings, QuoIntelligence confirmed the GC MaaS Operator, Badbullzvenom, released improved variants with code updates to three tools in the service portfolio...


share







 2020-09-26  19m
 
 

episode 154: Smaug: Ransomware-as-a-service drag(s)on. [Research Saturday]


Threat actors and cybercriminals that don’t have the ability to develop their own ransomware for malicious campaigns can turn to the Smaug Ransomware as a Service (RaaS) offering, which is available via a Dark Web Onion site. At least two threat actors are operating the site, providing ransomware that can be used to target Windows, macOS, and Linux machines. The site is built with ease of use in mind...


share







 2020-10-03  23m
 
 

episode 155: It's still possible to find ways to break out. [Research Saturday]


Containers offer speed, performance, and portability, but do they actually contain? While they try their best, the shared kernel is a disturbing attack surface: a mere kernel vulnerability may allow containerized processes to escape and compromise the host. This issue prompted a new wave of sandboxing tools that use either unikernels, lightweight VMs or userspace-kernels to separate the host OS from the container's OS...


share







 2020-10-10  20m
 
 
  • 1
  • 2
  •    
  • 3
  • >