The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
https://thecyberwire.com/podcasts/daily-podcast
Gesamtlänge aller Episoden: 44 days 5 hours 49 minutes
episode 1289: Looking for leaks in the Microsoft Exchange Server exploitation. International cyber conflict. Sky Global executives indicted in the US. Scammer demands £1000 pounds to go on do-not-call list.
Microsoft is looking for a possible leak behind the spread of Exchange Server exploits, and hackers piggyback on webshells placed by other threat actors. The US Government continues to mull how to respond to Holiday Bear and Hafnium. Britain’s PM calls for greater offensive cyber capabilities. India looks for ways of countering China in cyberspace. Sky Global executives indicted for alleged racketeering. Accenture’s Josh Ray takes on defending against nation states...
episode 1290: Cyberespionage prospects telecom companies: Operation Diànxùn. Working against exploitation of Exchange Server. And rerouting SMS messages (it cost only $16).
McAfee describes Operation Diànxùn, a probable Chinese collection effort directed against telecoms and 5G technology. Organizations around the world continue to work to thwart exploitation of Exchange Server vulnerabilities. What’s a webshell, and what can it do? Ben Yelin looks at cell phone data gathered from the US Capitol riot. Our guest is Ross Rustici from ZeroFOX on the evolution of ransomware...
episode 1291: US report on 2020 foreign election meddling is out, and Russian and Iran are prominently mentioned in dispatches. Recovering from the Hafnium and Holiday Bear campaigns.
The US Intelligence Community has released its report on 2020 foreign election meddling. It found no successful hacking, but a lot of clever influence operations. Ukraine says it stopped a significant Russian cyberespionage campaign. Recovery from the SolarWinds and Exchange Server compromises continues. Joe Carrigan shares thoughts on the Verkada hack. Our guest is Oscar Pedroso from Thimble on getting kids hooked on technology...
episode 1292: Radiation disinformation. CISA warns that Trickbot is surging. FBI releases Internet Crime Report, Crytpers get commodified. And notes from the underworld.
Disinformation about a radiation leak that wasn’t. Another warning about Trickbot. The FBI says cybercrime cost victims more than $4.2 billion last year. Investigation and remediation of the SolarWinds and Exchange Server compromises continue. Crypters become a commodity for malware developers. Robert M. Lee from Dragos on lessons from the recent Texas power outages. Our guest is Bob Shaker from Norton Lifelock looking at baddies targeting online gamers...
episode 1293: Cyberespionage against Finland. Moscow’s displeasure. ICS security. Two indictments and why the PLA should stick to Buicks.
Helsinki blames Beijing’s APT31 for cyberespionage against Finland’s parliament. Russia withdraws its ambassador to the US, calling him home for consultation, post the US IC’s report on election influence ops. Risk management for industrial control systems, and especially for an often overlooked part of the power grid. Johannes Ullrich from SANS on Evading Anti-Malware Sandboxes with New CPU Architectures...
episode 1294: Transportation as an espionage target. Expensive, elaborate cyber campaigns by unidentified threat actors. Infraud operators sentenced in Nevada.
Indian authorities warn the country’s transportation sector that it may be a target for cyberespionage. Google’s Project Zero describes an elaborate and expensive campaign that exploited zero-day vulnerabilities. The SilverFish threat group is elaborate, well-resourced, and well-organized. Threat actors are quietly altering mailbox permissions. REvil is back. Some say “yes” to Moscow; others say “nyet.” Dinah Davis from Arctic Wolf on Security Metrics...
episode 1295: Updates on the state of Microsoft Exchange Server vulnerability, patching, and exploitation. Third-party breaches affect Shell and AFCEA. TikTok’s privacy. A manga site goes down.
Exchange Server patching is going well, they say, but they also say that patching isn’t enough. Crooks are continuing to look for unpatched instances, and even in the patched systems, you’ve got to check to make sure the bad actors have been found and ejected. AFCEA and Shell both disclose being affected by third-party breaches. Citizen Lab sees no particular problem with TikTok. Ben Yelin ponders possible US response to the Microsoft Exchange Server attacks...
episode 1296: Trends in phishbait. Ransomware exploits vulnerable Exchange Servers. Purple Fox develops worm capabilities. Attacks on industrial production. Third-party risk. What’s on your mind, crooks?
COVID-themed phishbait has shifted to vaccines. Notes on the ransomware exploiting vulnerable Exchange Servers. Purple Fox gets wormy. Sierra Wireless halts operations to remediate a ransomware incident. Notes on ICS vulnerabilities. More victims of third-party risk. Joe Carrigan looks at SMS security issues. Our guest is Ron Brash from Verve Industrial with takeaways from their 2020 ICS Vulnerabilities report...
episode 1297: Mamba ransomware’s evolution. Facebook acts against Evil Eye. Huawei is invited into OIC-CERT. Slack Connect gets poor security and privacy reviews. An excursus on fleeceware.
The FBI warns organizations that Mamba ransomware is out and about in a newly evolved form. Facebook takes down a Chinese cyberespionage operation targeting Uyghurs. Huawei joins the Organization of Islamic Cooperation. Slack thinks it might have made a security and privacy misstep. Caleb Barlow from CynergisTek on Healthcare Interoperability. Our guest is Roei Amit from Deep Instinct on their 2020 Cyber Threat Landscape Report. And a look at fleeceware...
episode 1298: Carding Mafia hacked by other criminals. Gangland extortion. Section 230 reform. Director NSA talks about cyber defense, especially foreign attacks staged domestically. Propaganda. Hacktivism.
Criminal-on-criminal cyber crime. Ransomware hits European and North American businesses. Big Tech goes (virtually) to Capitol Hill to talk disinformation and Section 230. The head or NSA and US Cyber Command discusses election security and cyber defense with the Senate Armed Services Committee. Russia complains of a US assault on Russia’s “civilizational pillars.” Accenture’s Josh Ray shares his thoughts on securing the supply chain...