Gesamtlänge aller Episoden: 43 days 22 hours 36 minutes
Iran says Israel was responsible for sabotaging the Natanz nuclear facility yesterday, and Tehran promises revenge. Online plotting results in the arrest of a Texas man alleged to have planned an attack on an Amazon Web Services center. Scraped, not hacked, data from LinkedIn and Clubhouse are being hawked online. Andrea Little Limbago from Interos addresses asymmetric power within cyberspace and how that plays out in warfare...
Updates on the sabotage at Natanz--whether it was cyber or kinetic, Iran has vowed to take its revenge against Israel. NAME:WRECK vulnerabilities affect DNS implementations. Tax season scammers are phishing for credentials. If you liked the investment opportunities those Nigerian princes used to offer, you’re going to love their loaded ATM cards. Ben Yelin looks at data protection and interoperability. Our guest is Jules Martin from Mimecast on the importance of security integration...
Updates on Natanz, where the nature of the sabotage remains unclear--it happened, but there are conflicting explanations of how. Electrical utilities on alert for cyberattack, especially after the SolarWinds incident. The US Government takes extraordinary steps to fix the Microsoft Exchange Server compromise. Joe Carrigan analyses effective phishing campaigns. Our guest is the FBI’s Herb Stapleton on their recent IC3 report...
The US announces a broad range of retaliatory actions designed to “impose costs” on Russia for its recent actions in cyberspace, prominently including both the SolarWinds supply chain compromise and attempts to influence elections. More reports on the Natanz incident suggest that a buried bomb was remotely detonated. David Dufour from Webroot has a wakeup call on digital privacy. Our guest is Ganesh Pai from Uptycs on Mitre ATT&CK Evaluations...
The European Union expresses solidarity with the US over the SolarWinds incident. The UK joins the US in attributing the incident to Russia. Russia objects to US sanctions and hints strongly that it intends to retaliate. IBM discloses new cyber threats to the COVID-19 vaccine cold chain. Iran says Natanz is back in business. Kevin Magee from Microsoft looks at the security of startups. Our guest is Brad Ree of ioXt Alliance with results from their Mobile IoT Benchmark report...
Another supply chain incident surfaces. The Natanz sabotage seems to have landed a punch, but not a knock-out blow against Iran’s nuclear program (and it appears to have been a bomb). China’s “big data” gangs and their place in the criminal economy. Tolerating (and protecting?) ransomware gangs in Russia? Betsy Carmelite looks at the intersection of 5G and zero trust. Rick Howard is focusing on finance and fraud in the latest season of CSO Perspectives...
Update on the Codecov supply chain attack. The Babuk gang says they’ve debugged their decryptor. MI5 warns of “industrial scale” catphishing in LinkedIn. Positive Technologies responds to US sanctions. The US stands down the two Unified Coordination Groups it established to deal with the SolarWinds and Exchange Server compromises. Are all Five Eyes seeing eye-to-eye on China? Ben Yelin explains the legal side of the FBI removing webshells following the Microsoft Exchange Server hack...
SonicWall zero-days are under active exploitation; mitigations are available. Pulse Secure VPN is also undergoing exploitation, probably by China, and mitigations are available here, too. The US begins work on shoring up power grid cybersecurity. Cyber ops rise with Russo-Ukrainian tension. The help desk at ISIS tells jihadists to stay away from Bitcoin. Joe Carrigan looks at cryptocurrency anonymity...
Agencies continue to respond to the Pulse Secure VPN vulnerabilities. Updates on the SolarWinds compromise show that it remains a threat, and that it was designed to escape detection and, especially, attribution. A cryptojacking botnet is exploiting vulnerable Microsoft Exchange Server instances. Facebook takes down two Palestinian groups distributing spyware. Ransomware draws more attention. Craig Williams from Cisco Talos looks at cheating the cheater...
Ransomware operators begin timing their releases for more reputational damage. Another gang is equipping its ransomware with scripts to disable defenses, and yet another is now into stock shorting. The US Postal Inspection Service is apparently monitoring social media. GCHQ’s head warns of the dangers of becoming dependent on China’s technology. Johannes Ullrich from SANS on Commodity Malware Targeting Enterprises...