The CyberWire Daily

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

https://thecyberwire.com/podcasts/daily-podcast

Eine durchschnittliche Folge dieses Podcasts dauert 21m. Bisher sind 1837 Folge(n) erschienen. Dies ist ein täglich erscheinender Podcast.

Gesamtlänge aller Episoden: 26 days 23 hours 8 minutes

subscribe
share





episode 1231: Facebook faces anti-trust suit. COVID-19 vaccine cyberespionage. Emissary Panda spotting. SQL databases for sale. Notes on the FireEye breach, the end of Flash, and the Mirai botnet.


Facebook faces a US antitrust suit. Cyberespionage hits the European Medicines Agency, apparently looking for COVID-19 vaccine information. Emissary Panda is out and about. A simple ransomware campaign goes for success through volume. Stolen SQL databases are offered for sale back to their owners. React to the FireEye breach, but don’t over-react. We welcome Kevin McGee from Microsoft Canada to the show...


share







 2020-12-10  24m
 
 

episode 1232: OceanLotus tracked. Threats to K-12 distance education. Adrozek is credential-harvesting adware. MountLocker gains criminal affiliates. FCC acts against Chinese companies. CISA internships.


Tracking OceanLotus. US advisory warns of cyberthreats active against schools trying to deliver distance learning. Adrozek joins credential harvesting and adware. MountLocker’s criminal affiliate program. The FCC takes action against Chinese companies deemed security risks. Predictions, and holiday advice...


share







 2020-12-11  25m
 
 

episode 1233: A few predictions, but today’s news is dominated by Cozy Bear’s supply chain attack on Solar Winds’ Orion Platform.


FireEye traces its breach to a compromised SolarWinds update to its Orion Platform. CISA issues an Emergency Directive to get control of an attack that is known to have affected at least two Federal Departments. Rick Howard shares lessons from season three of CSO Perspectives. Betsy Carmelite from Booz Allen continues her analysis of their 2021 Cyber Threat Trends Report. And while reports attribute the supply chain attack to Russia’s SVR, Moscow says Cozy Bear didn’t do nuthin’...


share







 2020-12-14  23m
 
 

episode 1234: SolarWinds compromise scope grows clearer. DPRK’s Earth Kitsune. Google’s authentication issue. A look at the near future of cybersecurity.


SolarWinds’ 8-K suggests the possible scope of the Sunburst incident. CISA leads the US Federal post-attack mopping up as more agencies are known to have been affected. How FireEye found the SolarWinds backdoor. GCHQ is looking for possible signs of Sunburst in the UK. Operation Earth Kitsune is attributed to North Korea. Google explains yesterday’s outage. Ben Yelin looks at retail privacy issues. Our guest is Jasson Casey from Beyond Identity on going passwordless...


share







 2020-12-15  25m
 
 

episode 1235: SolarWinds breach updates. Microsoft sinkholes Sunburst's C&C domain. Facebook takes down inauthentic networks.


SolarWinds breach reportedly affected parts of the Pentagon. Microsoft and partners seize and sinkhole command-and-control domain used by Sunburst malware. The threat actor behind the breach used a novel technique to bypass multi factor authentication at a think tank. Facebook takes down competing inauthentic networks focused on Africa. Joe Carrigan has insights on Amnesia 33. Our guest, Greg Edwards from CryptoStopper, shares his experience getting back online after a Derecho...


share







 2020-12-16  22m
 
 

episode 1236: The SVR’s exploitation of the SolarWinds software supply chain proves a very damaging cyberespionage campaign. HPE zero-day. Report on China’s influence ops delayed.


The SolarWinds supply chain compromise may not have been an act of war, but it was certainly a very damaging espionage effort. The FBI, CISA, and ODNI are leading a whole-of-government response to the incident. Three companies have collaborated on a killswitch for the Sunburst backdoor’s initial command and control. HPE discloses a zero day in its SIM software. ODNI will delay its report on Chinese election influence ops. Thomas Etheridge from CrowdStrike on their Services Front Lines report...


share







 2020-12-17  22m
 
 

episode 1237: Cozy Bear has been very successful at being very bad. Advice on dealing with the supply chain compromise. Joker’s Stash has its problems. And a few thoughts on the near future.


Cozy Bear’s software supply chain compromise and its massive cyberespionage effort against the US Government and the associated private sector, is still being untangled. But it’s very extensive, very bad, and very tough to remediate. Both CISA and NSA have advice about the incident, and we check in with Robert M. Lee from Dragos for his thoughts. John Pescatore from SANS advocates renewing our focus on information security. Iran may be running a ransomware campaign for influence purposes...


share







 2020-12-18  31m
 
 

episode 1238: Sunburst looks worse: bad Bears in US networks, and that’s not just right at all. “Evil mobile emulator farm.” Report: Pegasus used against journalists.


Cozy Bear’s big sweep through US networks gets bigger, longer, more carefully prepared, and worse in every way. IBM uncovers a big, conventionally criminal “evil mobile emulator farm,” and that’s no good, either. Citizen Lab finds more to complain about with respect to alleged abuse of NSO Group’s Pegasus tools. Awais Rashid from Bristol University on taking a risk-based approach to security. Rick Howard speaks with Cyral CEO Manav Mital on infrastructure as code...


share







 2020-12-21  25m
 
 

episode 1239: Bear tracks all over the US Government’s networks. Pandas and Kittens and Bears, oh my... Emotet’s back. Spyware litigation. A few predictions.


The US continues to count the cost of the SVR’s successful cyberespionage campaign. Attribution, and why it’s the TTPs and not the org chart that matters. Emotet makes an unhappy holiday return. It seems unlikely that NSA and US Cyber Command will be separated in the immediate future. Big Tech objects, in court, to NSO Group and its Pegasus spyware (or lawful intercept product, depending on whether you’re in the plaintiff’s or the respondent’s corner)...


share







 2020-12-22  27m
 
 

episode 1240: Cozy Bear: quiet and patient. Counting the costs of cyberespionage. Iranian influence campaign sought to inspire post-US-election violence.


Cozy Bear lived up to its reputation for quiet patience. Counting the cost of the SVR cyberespionage campaign. What do intelligence services do with all the data they collect? An Iranian influence campaign sought to foment US post-election violence. Joe Carrigan looks at social engineering aimed at domain registrars. Our guest is John Worrall from ZeroNorth on the importance of security champions. And a last look ahead at 2021.


share







 2020-12-23  26m