The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
https://thecyberwire.com/podcasts/daily-podcast
Gesamtlänge aller Episoden: 44 days 2 hours 11 minutes
episode 1429: GriftHorse’s premium service scams. Facebook open sources a static analysis tool. Update on the Group-IB affair. What the Familiar Four are up to. Counting ransomware strains.
GriftHorse will subscribe afflicted Android users to premium services they never knew they’d signed up for (and wouldn’t want if they did). Facebook releases a static analysis tool it uses internally to check apps for security issues. Speculation about what put Group-IB’s CEO in hot water with the Kremlin. A look from NSA about where the major nation-state cyberthreats currently stand. Malek Ben Salem from Accenture has thoughts on quantum security...
episode 1430: Phishing for those who fear Pegasus. ChamelGang APT active against multiple countries. Problems with a ransomware decryptor. Controversial proofs-of-concept. And a death blamed on ransomware.
A malware campaign offers bogus protection against Pegasus surveillance. A new APT, ChamelGang, is found active against targets in at least ten countries. A ransomware gang can’t get its decryptor right. A proof-of-concept shows that charges can be made from a non-contact Visa card in an iPhone wallet. David Dufour from Webroot warns of potential perils in cyber insurance. Our guest is Shamla Naidoo from Netskope with advice for cyber innovators ...
episode 1431: Privacy and the Pandora Papers. Flubot’s scare tactics. Exploiting an account recovery system. Conti warns victims not to talk to the press. An international meeting on cybercrime? A ransomware bust.
The Pandora Papers leak erstwhile private financial transactions by the rich and well-connected (and it’s 150 mainstream news organizations who cooperated in bringing them to light). Flubot is using itself to scare victims into installing Flubot. Coinbase thieves exploited account recovery systems to obtain 2FA credentials. The US plans to convene an international conference on fighting cybercrime. Conti warns its victims not to talk to reporters...
episode 1432: Facebook’s back up, and the outage was due to an error, not an attack. A look at AvosLocker and Atom Silo ransomware. The case of the Kyiv ransomware gangsters. Thoughts on the Pandora Papers.
Facebook restores service after dealing with an accidental BGP configuration issue. There’s now a data auction site for AvosLocker ransomware. Atom Silo ransomware is quiet, patient, and stealthy. The state of investigation into those two guys collared on a ransomware beef in Kyiv last week. Ben Yelin is skeptical of data privacy poll results. Our guest is Microsoft’s Ann Johnson, host of the newest show to join the CyberWire network, Afternoon Cyber Tea...
episode 1433: Twitch is breached. MalKamak: a newly described Iranian threat actor. Chinese cyberespionage against India. SafeMoon phishbait. The ransomware threat. What counts as compromise.
Twitch is breached. A newly discovered Iranian threat group is described. A Chinese cyberespionage campaign in India proceeds by phishing. SafeMoon alt-coin is trendy phishbait in criminal circles. As the US prepares to convene an anti-ransomware conference, Russian gangs show no signs of slacking off. Betsy Carmelite from BAH on AI/ ML in cyber defensive operations. Our guest is Adam Flatley of Redacted with recommendations from the Ransomware Task Force...
episode 1434: Espionage, mostly cyber but also physical. DDoS in the Philippines. TSA regulations for rail and airline cybersecurity are coming. US DoJ promises civil action for cyber failures. Twitch update. And NFTs.
Cyberespionage seems undeterred by stern warnings. DDoS hits the Philippine Senate. The US Department of Homeland Security intends to issue cybersecurity regulations for passenger rail and airlines. The US Department of Justice intends to use the False Claims Act to bring civil actions against government contractors who fail to follow “recognized cybersecurity standards.” An update on the Twitch breach. Josh Ray from Accenture looks at what’s going on with Fancy Lazarus...
episode 1435: Fancy Bear’s snuffling at Gmail credentials. FIN12’s threat to healthcare, and BlackMatter’s threat to agriculture. REvil tries to reestablish itself in the underworld. Twitch update. Sachkov is charged.
Google warns fourteen-thousand Gmail users that Fancy Bear has probably been after their passwords. FIN12, a fast-running ransomware group, is after hospitals’ and healthcare providers’ money. BlackMatter remains active against the agriculture sector. REvil is back and talking on the RAMP forum, but so far it’s getting a chilly reception. Twitch traces its vulnerability to a server misconfiguration. David Dufour from webroot wonders about cracking down on crypto...
episode 1436: Espionage by password spraying, and espionage via peanut butter sandwich. Ransomware and DDoS warnings. Two journalists get the Nobel Peace Prize
Teheran is running password spraying attacks (especially on Thursdays and Sundays). More on the renewed popularity of DDoS attacks. NCSC warns British businesses against ransomware. Two journalists win the Nobel Peace Prize. Joe Carrigan shares his thoughts on GriftHorse. Our guest is Bindu Sundaresan from AT&T Cybersecurity football season and cyber risks. And watch out for small data cards in your peanut butter sandwiches, kids...
episode 1437: Cyber Espionage, again. Patched SolarWinds yet? Patch Tuesday. The international conference on ransomware has begun. Booter customers get a warning. A disgruntled insider alters aircraft records.
A Chinese-speaking APT is distributing the MysterySnail RAT in what appears to be a cyberespionage campaign. Some users still haven’t patched vulnerable SolarWinds instances. Notes on yesterday’s Patch Tuesday. The US-convened international ransomware conference kicked off today, and Russia wasn’t invited. Former users of a criminal booter service get a stern warning letter from the Dutch police. Caleb Barlow reacts to a recent ransomware tragedy...
episode 1438: Notes from the underground: data breach extortion and a criminal market shuts down. International cooperation against ransomware. Cyber risk and higher education.
Data breach extortion seems to be an emerging criminal trend. Notes on a darknet market’s retirement. Verizon advises Visible users to look to their credentials. Windows users’ attention is drawn to seven potentially serious vulnerabilities (all patchable). The Necro botnet is installing Monero cryptojackers. Organizing an international response to ransomware. Carole Theriault shares thoughts on social engineering. Dinah Davis from Arctic Wolf on the supply chain attack framework...