CyberWire Daily

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

Eine durchschnittliche Folge dieses Podcasts dauert 22m. Bisher sind 1864 Folge(n) erschienen. Jeden Tag erscheint eine Folge dieses Podcasts.

Gesamtlänge aller Episoden: 27 days 10 hours 44 minutes


episode 1410: LockBit updates. The BrakTooth bugs infesting Bluetooth. Malicious cable proof-of-concept. EU fines WhatsApp over GDPR issues. Insider threats. Action against an alleged stalkerware vendor.

The LockBit gang jumps the gun, and crows a bit higher than the facts seem to warrant. Ghostwriter seems to ride a much bigger infrastructure than previously believed. BrakTooth bugs afflict “billions” of Bluetooth devices. OMG cables include a keylogger that phones home. The EU fines WhatsApp over GDPR violations. Insider threats can be difficult to recognize. David Dufour from Webroot thinks it’s great that you haven’t been breached...yet...


 2021-09-02  25m

episode 1411: Watch out for cybercrime over holidays (like Labor Day). Ransomware warning for the food and agriculture sector. Gift card and loyalty program fraud. NIST draft IoT guidelines out for comment.

Uncle Sam recommends cyber vigilance during your kinetic relaxation this Labor Day weekend. The ransomware threat to food and agriculture. “Low and slow” fraud from compromised email in-boxes. Israel promises an investigation of cyber export controls. Josh Ray from Accenture Security on giving back to the community and the Jenkins Attack Framework for red teaming. Our guest is Andy Ellis on the transparency in cybersecurity initiative. And NIST has draft consumer IoT guidelines out for comment...


 2021-09-03  23m

episode 1412: A threat from Ragnar Locker. GhostWriter in the Bundestag. BKA bought Pegasus. Taliban sifts data for potential opponents. France-Visas hacked. Modified apps. Privacy notes. A TrickBot arrest.

No spectacular flurry of Labor Day ransomware, but Ragnar Locker threatens its victims. Berlin complains to Moscow about GhostWriter. Another Pegasus customer is disclosed. The Taliban is searching for data on potential domestic opponents. France-Visas hacked. Modified apps in circulation. Joe Carrigan unpacks a Covid based phishing scam. Carole Theriault weighs in on the ransomware pay-or-do-not-pay discussion...


 2021-09-07  26m

episode 1413: BladeHawk Android cyberespionage campaign in progress. Labor Day was quiet, but the gangs are now back at it. REvil’s remnant stirs. Bulletproof hosting. Phishing keywords.

BladeHawk cyberespionage campaign in progress. Microsoft warns of targeted attacks in progress. Hey--the hoods took a breather over Labor Day, but the straw hats are off now, and they’re back at work. Someone is rummaging in REvil’s unquiet grave. Bulletproof hosting services and the criminal marketplace. Mike Benjamin from Black Lotus Labs on ReverseRAT 2.0. Rick Howard checks in with Philip Reiner from the Ransomware Taskforce. And does a New Urgent Message Require Action? Maybe not...


 2021-09-08  24m

episode 1414: Credential theft at the UN? Intelligence services and privateers. DDoS hits a big multinational. A look at AlphaBay 2.0. Notes on the C2C marketplace.

A cyberattack is reported at the UN, with agency data apparently lost to parties and parts unknown. The Bears are quieter, but the privateers are up and at ‘em. DDoS hits Yandex. Cyberespionage using the SideWalk backdoor. TeamTNT is getting tougher to detect. A SWOT analysis of the newly reconstituted AlphaBay contraband market. The Groove Gang is a new age criminal affiliate program. Caleb Barlow describes attackers leveraging US and European infrastructure to hide in plain sight...


 2021-09-09  25m

episode 1415: Investigations--the SEC looks into Solarigate, German prosecutors inquire into GhostWriter. The Meris botnet is responsible for recent DDoS attacks. Implausible deniability. The SINET 16 are announced.

The SEC’s inquiry into the SolarWinds incident may expose other, unrelated data breaches. Researchers identify an IoT botnet, Meris, as responsible for DDoS attacks against a number of banks. German prosecutors have opened an investigation into the GhostWriter campaign. Researchers look at the cozy, implausibly deniable relationship between Russia’s security services and cyber gangs. A money-launderer gets eleven years. David Dufour from Webroot has straight talk about paying the ransom...


 2021-09-10  27m

episode 1416: The continuing problem of Meris and its bot-driven DDoS. Mustang Panda visits Indonesia. DPRK’s social media battlespace prep. Al Qaeda marks 9/11’s anniversary. And REvil seems to be back.

The Meris botnet continues to disrupt New Zealand banks, and has turned up elsewhere, too. Mustang Panda compromised Indonesian government networks. North Korean operators are using social media to soften up their prospective targets. Al Qaeda sympathizers marked the twentieth anniversary of 9/11 by calling for--what else?--more 9/11s...


 2021-09-13  22m

episode 1417: NSO Group’s Pegasus was installed in a zero-click exploit: iOS users should patch. Vermillion Strike hits Linux systems. Enforcing the law against cybercrime.

Citizen Lab finds, and Apple patches, a zero-day used for zero-click installation of Pegasus spyware. A Cobalt Strike beacon has been turned to cyberespionage use against Linux targets. The Russian government could, it seems, take action against cybercrime, but its will-to-enforcement seems to be inconsistent. Ben Yelin from UMD CHHS with more on Apple's CSAM controversy, our guest is Mel Shakir from Dreamit Ventures on selling to CISOs, and their customer sprints...


 2021-09-14  22m

episode 1418: No crackdown on ransomware from Moscow (at least so far). Cyber Partisans in Belarus. A long-running Chinese cyber campaign. Phishing and other cybercrime. Mercenaries.

That Russian crackdown on ransomware gangs people thought they were seeing? Hasn’t happened, at least according to the FBI. The Cyber Partisans take a virtual whack at President Lukashenka’s government in Belarus. Operation Harvest is complicated and long-running. Phishing with a promise of infrastructure funding. The criminal market for bogus vaccine cards. Johannes Ullrich from SANS on dealing with image uploads - vulnerabilities in conversion libraries...


 2021-09-15  25m

episode 1419: Election-season cyber incidents in Germany. South Africa works to recover from a ransomware attack on government networks. Cryptojacking botnet moves to Windows targets. Ransomware notes.

Denial-of-service at a German election agency, as Federal prosecutors investigate GhostWriter. More nation-states get into election meddling. South Africa works to recover from a ransomware attack against government networks. A cryptojacking botnet moves from Linux to Windows. A ransomware gang threatens to burn your data if you bring in third-party help. Ransomware cyberinsurance claims rise. Rick Howard checks in with Tom Ayres from Lead Up Strategies on Cyber Piracy...