CyberWire Daily

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

https://thecyberwire.com/podcasts/daily-podcast

Eine durchschnittliche Folge dieses Podcasts dauert 21m. Bisher sind 2935 Folge(n) erschienen. Dieser Podcast erscheint täglich.

Gesamtlänge aller Episoden: 44 days 18 hours 34 minutes

subscribe
share






episode 1319: Prankers on Zoom, with convincing video. Emotet takedown. US response to SolarWinds reviewed. Cancer therapy disrupted by attack on cloud provider. Oscar phishing.


Zoom prankers deceive European members of parliament with a deepfake video call. A password manager is compromised. Europol took a good whack at Emotet yesterday, removing the botnet’s malware from infected machines. US response to the Holiday Bear campaign receives cautious good reviews. A cyberattack interferes with cancer treatments. Caleb Barlow from CynergisTek on emergency notification systems. Rick Howard previews the latest CSO Perspectives podcast focused on the healthcare vertical...


share








 April 26, 2021  25m
 
 

episode 1320: The FBI and CISA take a look at the SVR, and offer advice for potential targets. Openness and information warfare. OPSEC and privacy. Babuk hits DC police. Social engineering notes.


FBI, CISA, detail SVR cyber activities. Nine US Combatant Commands see declassification as an important tool in information warfare. A convergence of OPSEC and privacy? Apple fixes a significant Gatekeeper bypass flaw. Babuk ransomware hits DC police. A new twist in credential harvesting. Ben Yelin considers the FTCs stance on racially biased algorithms. Our guest Tony Howlett from SecureLink tracks the evolution of threat hunting. And that was no hack; it was just a careless tweet...


share








 April 27, 2021  23m
 
 

episode 1321: More intelligence on Ghostwriter, and a convergence of hacking and influence operations. Naikon APT has a new backdoor. FluBot returns. MAPP reconsidered. Defense counsel on Cellebrite.


Ghostwriter is back, and has moved its “chaos troops” against fresh targets in Poland and Germany. The Naikon APT has a new secondary backdoor. FluBot, temporarily inhibited by police raids, is back, and expanding its infection of Android devices across Europe. Microsoft is rethinking how much, and with whom, it wants to share vulnerability information. Joe Carrigan examines a phone scam targeting Amazon Prime customers...


share








 April 28, 2021  23m
 
 

episode 1322: Buggy APIs may expose credit scores. Dealing with ransomware. Iran-Israeli tensions are up. Russia says it will always see the Americans coming. Surge cyber capacity. NSA’s advice on OT security.


An API bug may have exposed credit ratings. A study offers advice for the new anti-ransomware task forces emerging in the US and elsewhere. Israelis warned to keep their cyber-guard up on Quds Day next week. Russia says it would spot any US cyberattack before it hit. The US Congress considers establishing surge cyber response capacity. Dinah Davis from Arctic Wolf has tips on preventing RDP attacks. Rick Howard speaks with Rehan Jalil from Securiti on GDPR...


share








 April 29, 2021  22m
 
 

episode 1323: Investigating VPN exploits, and the crooks and spies who use them. BadAlloc afflicts OT. Notes on cyberespionage. The criminal market for deepfakes.


The US Government expands its investigation into Pulse Secure VPN compromises. Microsoft discloses its discovery of BadAlloc IoT and OT vulnerabilities. Someone’s distributing Purple Lambert spyware. Chinese intelligence services seem to be backdooring the Russian defense sector. Financially motivated criminals are exploiting SonicWall VPN vulnerabilities. A look at the emerging criminal market for deepfakes. Josh Ray from Accenture Security on Why Cybersecurity Community Service Matters...


share








 April 30, 2021  25m
 
 

episode 1324: Data exposure reported in the Philippines. FISA targets down during the pandemic. Babuk changes its focus. New variant of the Buer loader in the wild. US Justice Department reviews its cyber strategy.


Possible data exposure at the Philippines’ Office of the Solicitor General. In the US, FISA surveillance targets dropped during 2020’s pandemic. The Babuk gang says it’s giving up encryption to concentrate on doxing. A new version of the Buer loader is out in the wild. Rick Howard looks at security in the energy sector. Betsy Carmelite from Booz Allen Hamilton on telemedicine security concerns. The US Justice Department undertakes a review of its cybersecurity policies and strategy...


share








 May 3, 2021  24m
 
 

episode 1325: VPN vulnerability exploited for cyberespionage closed. “IT security incident” at medical system. Android banking Trojans and cryptocurrency. Cyber threats to the Tokyo Olympics.


Pulse Secure patches its VPN, and CISA for one thinks you ought to apply those fixes. Apple has also patched two zero-days in its Webkit engine. Scripps Health recovers from what’s said to be a ransomware attack. Researchers describe Genesis, a criminal market for digital fingerprints. Ben Yelin described a grand jury subpoena for Signal user data. Our guest is Ryan Weeks from Datto on the need for cyber resilience in the MSP community...


share








 May 4, 2021  24m
 
 

episode 1326: DDoS interrupts Belgium’s parliament. New malware in the wild. Spies and crooks work around MFA, OAuth. COVID-19 scam site takedown. Online election fraud (in a homecoming queen election).


Belgium sustains a DDoS attack that knocks parliamentary sessions offline. New malware strains identified in phishing campaign. Threat actors look for ways of working around multi-factor authentication and open authentication. COVID-19 scams continue online, and attract law enforcement attention. Joe Carrigan describes a compromised password manager. Our guests are Linda Gray Martin & Britta Glade from RSA with a preview of this year’s RSAC conference...


share








 May 5, 2021  27m
 
 

episode 1327: Some possible insight into what a Chinese cyberespionage unit is up to. Hackathons, from Beijing to Washington. Panda Stealer is after crypto wallets. And Peloton deals with a leaky API.


Some possible insight into what a Chinese cyberespionage unit is up to. Hackathons, from Beijing to Washington (the one sponsored by Beijing developed an iPhone zero-day used against China’s Uyghurs). Panda Stealer is after crypto wallets. Microsoft's Kevin Magee reflects on lessons learned in the last year. Our own Rick Howard speaks with Todd Neilson from World Wide Technology on Zero Trust. And Peloton deals with a leaky API...


share








 May 6, 2021  23m
 
 

episode 1328: CISA on FiveHands. Connections among cybergangs, Russian intelligence services? Software supply chain security. Scripps Health incident update. Home routers. Ryuk hits research institute.


CISA outlines the FiveHands ransomware campaign. Circumstantial evidence suggests that some cybergangs are either controlled by or are doing contract work for Russian intelligence services. US Federal agencies turn their attention to software supply chain security. Scripps Health continues its recovery from cyberattack. Insecure home routers in the UK. Daniel Prince from Lancaster University has thoughts on cybersecurity education...


share








 May 7, 2021  26m