Gesamtlänge aller Episoden: 44 days 2 hours 11 minutes
Chinese cyber engagement with Indian critical infrastructure is reported: the objective isn’t benign from India’s point of view, but exactly what the objective is, specifically, remains a matter of speculation. The US Governemnt declassifies its report on the murder of Saudi journalist Jamal Khashoggi. The SolarWinds supply chain compromise remains under investigation, with an intern making a special appearance. Maligh search engine optimizations...
Indian authorities continue to investigate the possibility that Mumbai’s power grid was hacked last October. Apple’s walled garden’s security can inhibit detection of threats that manage to get inside. An Atlantic Council report recommends international action against access-as-a-service brokers to stall proliferation of cyber offensive tools. Ben Yelin has the story of legislators asking the military why they’re so interested in apps serving Muslims...
India continues to investigate the possibility of RedEcho cybersabotage of its power distribution system, but says any hack was stopped and contained. Microsoft issues an out-of-band patch against a Chinese-run “Operation Exchange Marauder.” The financial sector works to contain an Ursnif outbreak. CISA issues ICS security advisories. Myanmar and the difficulty of stopping cyber proliferation. Joe Carrigan looks at CNAME cloaking...
Indian authorities say October’s Mumbai blackout was “human error,” not cybersabotage. CISA directs US civilian agencies to clean up Microsoft Exchange on-premise vulnerabilities. More effects of the Accellion FTA supply chain compromise. Some trends in social engineering. Andrea Little Limbago brings us up to date on the RSA supply chain sandbox. Our guest is Brittany Allen from Sift on a new Telegram fraud ring. And happy National Slam the Scam Day...
A new second-stage backdoor has been found in a SolarWinds compromise victim. Those exploiting the now-patched Exchange Server zero days seem to have done so to establish a foothold in the targeted systems. India continues to investigate a Chinese cyber threat to its infrastructure. Misconfigured clouds leak mobile app data. A major airline IT provider sustains a cyber attack. Dinah David helps us prevent account takeover attacks. Our guest is Troy Hunt from NordVPN...
Threat actors rush to exploit Exchange Server vulnerabilities before victims get around to patching--it’s like a worldwide fire sale. Rick Howard digs into third party platforms and cloud security. Robert M. Lee from Dragos shares insights on the recent Florida water plant event. The US mulls some form of retaliation against Russia for the SolarWinds supply chain campaign, and it will also need to consider how to respond to China’s operations against Exchange Server...
CISA urges everyone to take the Microsoft Exchange Server vulnerabilities seriously. The SolarWinds compromise is also going to prove difficult to mop up. The US is said to be preparing a response to Holiday Bear’s SolarWinds compromise (some of that response will be visible, but some will not). A plea for more OSINT. Ben Yelin from UMD CHHS ponders face scanning algorithms in the job application process...
Patch Tuesday was a big one this month. Microsoft Exchange Server remains under active attack in the wild, with new threat actors hopping on the opportunity. Russia denies it had anything to do with the SolarWinds incident and says the kinds of US response that the word on the street tells them are under consideration would be nothing more than international crime. Hacktivists strike a blow against cameras and stuff. Joe Carrigan has thoughts on Google’s plans for third party cookies...
Norway’s parliament is hit with Exchange Server exploitation. CISA and the FBI issue more advice on how to clean up an Exchange Server compromise. CISA hints at more detailed attribution of the SolarWinds compromise “soon,” and US Cyber Command says military networks were successfully defended. Microsoft’s Kevin Magee of exporting cyber talent. Our guest is Hanan Hibshi from Carnegie Mellon University on their picoCTF online hacking competition...
Microsoft warns that ransomware operators are exploiting vulnerable Exchange Servers. Threat actors continue to look for unpatched instances of Exchange Server. Johannes Ullrich joins us with his thoughts on the incident. REvil ransomware hits a range of fresh targets. Concerns are raised about the effects of the SolarWinds compromise on embedded devices. Our guest is Sally Carson from Cisco making the case that good design can save cybersecurity...