CyberWire Daily

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

https://thecyberwire.com/podcasts/daily-podcast

Eine durchschnittliche Folge dieses Podcasts dauert 22m. Bisher sind 1911 Folge(n) erschienen. Dies ist ein täglich erscheinender Podcast.

Gesamtlänge aller Episoden: 28 days 3 hours 32 minutes

subscribe
share





episode 1440: A US broadcaster sustains a ransomware attack. North Korean catphis expelled from Twitter. REvil’s Tor sites are hijacked. Hacking back. Prosecution and responsible disclosure?


The Sinclair Broadcast Group discloses that it sustained a ransomware attack over the weekend. Twitter kicks out two North Korean catphish deployed in a cyberespionage campaign. REvil goes offline, again, perhaps this time for good. Hacking back, at least insofar as you let the hoods know you can see them. Rick Howard previews the newest season of CSO Perspectives. Johannes Ullrich from SANS on Expired Domain Dumpster Diving...


share







 2021-10-18  24m
 
 

episode 1441: TA505’s recent activity. Advice on defending organizations from BlackMatter. CISA RFI seeks EDR information. REvil’s halting attempts to return. Sinclair’s incident response.


A look at TA505, familiar yet adaptable. A US joint cybersecurity advisory outlines the BlackMatter threat to critical infrastructure. CISA asks industry for technical information on endpoint detection and response capabilities. Is REvil trying to run on reputation? The Sinclair Broadcasting ransomware incident seems to provide a case study in rapid disclosure. Carole Theriault considers the fight for online anonymity. Joe Carrigan shares steps to protect the C-Suite...


share







 2021-10-19  22m
 
 

episode 1442: Cyberespionage campaign looks a lot like SIGINT collection. Magnitude gets more capable. VPN exploits solicited. Ransomware trends. Seven years for UPMC hacker. Plenty of Candy Corn coming.


The LightBasin “activity cluster” has been active indeed against telecom infrastructure in what looks like an espionage campaign. The Magnitude exploit kit adds capabilities for hitting Chromium browsers. An exploit broker is interested in cloud-based VPNs. Victims continue to pay in ransomware attacks. A hacker gets seven years for conspiracy to defraud and identity theft. David Dufour from Webroot looks at the coming threat landscape...


share







 2021-10-20  24m
 
 

episode 1443: Evil Corp identified as the threat actor behind ransomware attacks on Sinclair and Olympus. Privateering. Fin7’s front company. Sentencing in a bulletproof hosting case.


Evil Corp is identified as the operator behind the ransomware that hit the Sinclair Broadcast Group and Olympus. The US Defense Department complains of Russian toleration for ransomware gangs. The Fin7 gang has set up a front company to recruit talent. Betsy Carmelite from Booz Allen Hamilton on building mission-driven 5G security with zero trust. Our guest is Robert Carolina on ethics. And sentences are handed down in a bulletproof hosting case...


share







 2021-10-21  27m
 
 

episode 1444: Counting coup against REvil (and other gangs are taking note). Export controls and dual use. A timing bug will surface this weekend.


REvil’s troubles appear to be the work of an international law enforcement operation. Other gangs have noticed, and they’re looking a little spooked, even as they evolve their tactics in a maturing criminal-to-criminal market. Questions are raised about the efficacy of surveillance tool export controls. Caleb Barlow has cyber security considerations for CEOs and boards. Our guest is Mickey Boodeai of Transmit Security on the movement to do away with passwords...


share







 2021-10-22  27m
 
 

episode 1445: SolarMarket malware carried in some WordPress sites. Russian privateers don’t much like REvil’s takedown. The SVR in the supply chain. Malicious Squid Games app. Scary social media.


SolarMarket infestations are up, and circulating through WordPress sites. More indications that REvil was taken down by a US-led but thoroughly international public-private partnership, and the other Russian privateers have their noses seriously out of joint. Russia’s SVR is getting busy in software supply chains. Criminals take advantage of the popularity of Squid Games. Dinah Davis from Arctic Wolf on how even hackers have internal politics...


share







 2021-10-25  23m
 
 

episode 1446: Ransomware and privateering, counteroffense and deterrence. The US State Department will reestablish its cyber office. And looking forward to Halloween.


Notes on ransomware and privateering: Conti’s barking at its victims, someone’s exploiting billing software, and BlackMatter repeated some coding errors its DarkSide predecessor committed. GCHQ suggests that the UK will undertake a more assertive imposition of costs on cyber gangs. The US State Department will reestablish its cyber bureau. Software supply chain cyberespionage, and what can be done about it. Ben Yelin on school laptop privacy concerns...


share







 2021-10-26  27m
 
 

episode 1447: Coups and comms blackouts. Fuel sale sabotage in Iran. Wslink described. Operation Dark HunTor takes down a contraband market. FTC looks into Facebook. LockBit speaks.


Sudan is under a blackout as a military junta consolidates control over the government. Iran says a cyberattack--unattributed so far--was responsible for disrupting fuel distribution in that country. A novel loader is discovered. Operation Dark HunTor takes down a darkweb contraband market. The US FTC is looking into Facebook’s privacy settlement. The LockBit gang talks, and it’s insufferable. Andrea Little Limbago from Interos on government internet interventions...


share







 2021-10-27  25m
 
 

episode 1448: Hacktivists or intelligence services in Iran? BOLO NIkolay K. Renouncing Conti, and all its empty promises. SEO poisoning. US cyber strategic intent.


Iran continues its recovery from a cyberattack that disrupted subsidized fuel distribution. Wanted in Stuttgart (but living it up in Russia): ransomware kingpin Nikolay K. The Conti ransomware gang gets poor customer service notices. Food distribution is on the cybercriminals’ target lists. SolarMarker’s use of SEO poisoning. The US publishes a statement of strategic intent for its cybersecurity czar’s office. David Dufour from Webroot wonders if there’s any hope at slowing down malware...


share







 2021-10-28  26m
 
 

episode 1449: Iranian-Israeli cyber tensions rise. Decaf ransomware described. Philippine government phshbait. Unemployment due to cyberattack. Europol’s latest collars. Facebook rebrands as “Meta.”


Tensions between Iran and Israel rise as sources in Tehran blame Israel for hacking gas stations, and as apparent Iranian hacktivists dox Israeli defense personnel. A new ransomware strain is discovered. A criminal group is spoofing emails from Philippine agencies. Europol and partners sweep up a cyber gang. Betsy Carmelite from BAH on convergence of 5G and healthcare. Our guest is Justin Wray from CoreBTS with a look at the security issues facing online gaming and casinos...


share







 2021-10-29  27m