The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
https://thecyberwire.com/podcasts/daily-podcast
Gesamtlänge aller Episoden: 43 days 23 hours 12 minutes
episode 1349: FBI claws back a lot of the ransom DarkSide collected. An international dragnet uses an encrypted chat app to pull in more than 800 suspects. Navistar discloses a cyber incident.
The FBI seized a large portion of the funds DarkSide obtained from its extortion of Colonial Pipeline. An international sweep stings more than eight-hundred suspected criminals who were caught while using an encrypted chat app law enforcement was listening in on. CISA advises users to update their VMware instances. A new phishing campaign distributes Agent Tesla. Ben Yelin examines renewed controversy surrounding Clearview AI...
episode 1350: Chinese cyberespionage in Russia? US Executive Order rescinds TikTok, WeChat bans. Operation Trojan Shield. Privateering. NATO’s Article 5 in cyberspace. Patch Tuesday notes.
SentinelOne attributes the cyberespionage campaign against Russia’s FSB to Chinese services. President Biden replaces his predecessor’s bans on TikTok and WeChat with a process of engagement, security reviews, and data protection. More on the FBI-led Operation Trojan Shield. Privateering, again. NATO’s Article 5 in cyberspace. Joe Carrigan weighs in on recent high profile cyber incidents. Our guest is Shashi Kiran from Aryaka on their 2021 State of the WAN report. And notes on Patch Tuesday...
episode 1351: Deciding to pay ransom - the cases of JBS and Colonial Pipeline. Gangland branding. Constituent management system hit. Notes on the FBI’s partial recovery of DarkSide’s ransom take.
JBS discloses that it paid REvil roughly eleven-million dollars in ransom. REvil not only had a good haul, but the gang made a few points about its brand, too. Colonial Pipeline explains, and defends, its decision to pay ransom. The US Congress has a third-party problem that constituents may or may not notice. Dan Prince from Lancaster University on the science of cybersecurity. Our guest is Kris McConkey from PwC on their Cyber Threats 2020 - Report on the Global Threat Landscape...
episode 1352: Diplomatic Backdoor targets charities, embassies, and telcos in Europe, Africa, and Southwest Asia. Fancy Lazarus and DDoS extortion. Slilpp credential market takedown. A data gap? Cyber regulation.
Diplomatic Backdoor afflicts Africa, Europe, and Southwest Asia. Electronic Arts source code stolen. “Fancy Lazarus” is back: despite the name, it’s an extortion gang, not an espionage service. An international law enforcement action takes down a credential market. Making good data available for AI research. There’s a growing appetite for cyber regulation in Washington...
episode 1353: Third-party data breach at Volkswagen. An anti-monopoly agenda with Big Tech in its crosshairs. Recovery ransom. How EA was hacked. Avaddon gives up its keys. Gamekeeper turned poacher?
Volkswagen warns North American customers of a third-party data breach. An “anti-monopoly agenda” advances in the US House Judiciary Committee. Speculation about how the FBI recovered ransom from DarkSide. How EA was hacked. Is Avaddon going out of business? Craig Williams from Cisco Talos explains why they’re calling some cyber criminals “privateers”. Rick Howard shares thoughts on professional development. And a strange case of a gamekeeper turned poacher (allegedly)...
episode 1354: Disruption of a major BEC campaign. Scope of cyberespionage expands in Pulse Secure exploitation. What the Hades? Russo-US summitry. A more secure workforce. Reality Winner is out, sort of.
Microsoft disrupts a major BEC campaign. The scope of cyberespionage undertaken via exploitation of vulnerable Pulse Secure instances seems wider than previously believed. Secureworks offers an account of Hades ransomware, and differs with others on attribution. Final notes during the run-up to tomorrow’s US-Russia summit, where cyber will figure prominently. Helping employees stay secure. Carole Theriault wonders if the internet of things is becoming the internet of everything...
episode 1355: Airline resolves IT issue. Paradise ransomware source code leaked. Unauthorized access to cameras possible. TSA pipeline cyber guidance under preparation. Russo-US summit. Anonymous extradition.
Southwest flights are back in the air after an IT issue disrupted them yesterday. Paradise ransomware source code has been leaked online. Some networked camera feeds may be accessible to unauthorized viewers. TSA is preparing a second, more prescriptive pipeline cybersecurity directive. The Russo-US summit is underway. Our guest is Jay Paz from Cobalt on bad actors targeting hackers. Joe Carrigan looks at malware hosted on Steam...
episode 1356: The Russo-US summit ended in frank exchanges and the prospect of further discussions on cybersecurity. Ferocious Kitten tracked. Initial access brokers. Molerats return. Ransomware arrests.
The US-Russian summit took up cyber conflict, cyber privateering, and cyber deterrence, ending with the prospect of further discussions. Ferocious Kitten’s domestic surveillance. Ransomware gangs are using a lot of initial access brokers. The Molerats are back. Troubleshooting a wave of intermittent Internet interruptions. NSA offers advice on securing business communication tools. Ukrainian police arrest six alleged Clop gangsters...
episode 1357: Notes from the underworld: phishing with hardware, DarkSide impersonation, and cyber vigilantes. Data incidents, and a conviction for a crypter.
Phishing, with a bogus hardware wallet as bait. Empty threats from a DarkSide impersonator. Cyber vigilantes may be distributing anti-piracy malware. Data security incidents at a cruise line and a US grocery chain. Malek Ben Salem from Accenture looks at optimizing security scanning. Our guest is Edward Roberts of Imperva on their 2021 Bad Bots Report. And a conviction for a crypter, with sentencing to follow...
episode 1358: South Korea’s nuclear research institute discloses cyberespionage incident. Norway attributes 2018 incident to China. Poland blames Russia for email hacking as NATO clarifies alliance cyber policy.
The South Korean nuclear research organization sustained an apparent cyberespionage incident. Norway’s investigation of its 2018 breach of government networks concludes that China’s APT31 was behind it. Poland accuses Russia in a long-running email hacking case. Our guest is Mark Testoni from SAP NS2 on where the Justice Department should focus during its upcoming cyber review. Chris Novak of Verizon on financial vs. espionage breaches...