The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
https://thecyberwire.com/podcasts/daily-podcast
Gesamtlänge aller Episoden: 43 days 22 hours 36 minutes
episode 1204: Familiar threat actors are back in the news. Big Tech’s testimony on Capitol Hill had less to do with Section 230 than many had foreseen.
Some familiar threat actors--both nation-states and criminal gangs--return to the news: Venomous Bear, Charming Kitten, Wizard Spider, and Maze. Mike Benjamin from Lumen looks at the Mozi malware family. Our guest is Neal Dennis from Cyware on why it's time for organizations to step up their data sharing. And Big Tech’s day on Capitol Hill involved more discussion of censorship and bias than it did Section 230 of the Communications Decency Act...
episode 1205: Ransomware epidemic during the pandemic. Cyber insurance and state actors. Cyberstalking. Don’t exaggerate election meddling. Reflections on National Cybersecurity Awareness Month.
Ransomware becomes endemic in the healthcare sector. Cyber metaphors--we read a good one this morning. Does your cyber insurance indemnify you against state-sponsored attacks? More guilty pleas in the ex-eBayers’ cyberstalking case. US Cyber Command and others advise everyone not to see foreign election meddling where it isn’t. David Defour looks at the spookiest malware of 2020. Our guest is Travis Leblanc from Cooley on the European court Invalidating the EU-US Privacy Shield...
episode 1206: Another look at North Korean cyberespionage. Phishing with Google Docs. How Iran obtained US voter information. Election security enters its endgame.
Another look at Pyongyang’s Kimsuky campaign. Phishing with bogus Google Docs. How Tehran got its hands on voter information. Rick Howard looks at containers and serverless functions. Malek Ben Salem shares the results of Accenture’s 2020 Cyber Threatscape report. And looking ahead to the election influence endgame. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/9/212 Learn more about your ad choices...
episode 1207: Election security updates from CISA. Maze says it’s out of business (and never really existed). Edward Snowden wants dual Russian-US citizenship. A botmaster goes up river.
Notes on Election Day security, from CISA. The Maze gang finally releases its press release announcing that it’s going out of business. Mr. Snowden applies for dual Russian-American citizenship. Ben Yelin shares his thoughts on Mark Zuckerberg’s recent Senate testimony. Our guest is Karlo Zanki from Reversing Labs on Hidden Cobra. And a botmaster gets eight years after copping a US Federal guilty plea to conspiracy...
episode 1208: US elections: CISA calls security success, but reminds all that it’s not over yet. Notes from the cyber underground. Two more indictments in cyberstalking case.
Election security, hunting forward, rumor control, and the value of preparation. Maze may be gone (so its proprietors say) but its affiliate market has moved on to Egregor ransomware-as-a-service. An illicit forum has leaked large repositories of personal information online. Joe Carrigan shares thoughts on hospital systems getting hit by ransomware. Our guest is Alan Radford from One Identity who wonders whether robots should have identities...
episode 1209: CISA’s happy but still wary. Election-themed criminal malspam. New ransomware goes after VMs. Why it makes no sense to trust extortionists.
CISA declares a modest but satisfying victory for election security, but cautions that it’s not over yet. Criminal gangs are using election-themed phishbait in malspam campaigns. A new strain of ransomware attacks virtual machines. Robert M. Lee from Dragos on the impact climate change could have on ICS security. Our guest is Kelly White of RiskRecon on healthcare organizations managing risk across extensive third party relationships...
episode 1210: IRGC domains taken down. A look at 2021’s threatscape. Russia says its didn’t do anything (others see Bears.) Forfeiture of Silk Road’s hitherto unaccounted for billion-plus dollars.
The US Justice Department takes down twenty-seven domains being used by Iran’s Islamic Revolutionary Guard Corps. Booz Allen offers its take on the 2021 threatscape. Russia declares itself innocent of bad behavior in cyberspace, but many remain skeptical. Johannes Ullrich from SANS looks at Supply Chain Risks and Managed Service Providers. Our own Rick Howard speaks with Wired’s Andy Greenberg about the recent Sandworm indictments...
episode 1211: Supply chain security. New cyberespionage from OceanLotus. Data breaches expose customer information. And GCHQ has had quite enough of this vaccine nonsense, thank you very much.
Alerts and guidelines on securing the software supply chain (and the hardware supply chain, too). OceanLotus is back with its watering holes. Two significant breaches are disclosed. Malek Ben Salem from Accenture Labs explains privacy attacks on machine learning. Rick Howard brings the Hash Table in on containers. And, hey, we hear there’s weird stuff out there about vaccines, but GCHQ is on the case. For links to all of today's stories check out our CyberWire daily news brief: https://www...
episode 1212: A look at what’s up in some of the criminal markets. The continued resilience of TrickBot. What you can buy for $155,000.
Criminals get the news like everyone else, and online crime continues to follow current events. It’s up, it’s down, it’s up again--forget it: it’s TrickBot. A cyber incident affects computer maker Compal. Zoom settles an FTC complaint. Price check in the criminal markets. Ben Yelin on a Canadian shopping mall's collection of over 5 million shopper's images. Our guest is Ben Brook from Transcend with best practices in privacy and data protections.And spare a thought for a veteran tomorrow...
episode 1213: An overview of threat actors, two proofs of concept, and an IoT botnet bothers the cloud. Patch Tuesday notes. And control yourself, sir.
BlackBerry tracks a mercenary group providing cyberespionage services. A rundown from Dragos on threat actors engaging with industrial targets. An Iot botnet is active in the cloud. A research team offers a new proof-of-concept for DNS cache poisoning, and another group of researchers demonstrates a novel power side-channel attack. Patch Tuesday notes. Joe Carrigan wonders if you’re likely to get your money’s worth when paying baddies...