CyberWire Daily

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

Eine durchschnittliche Folge dieses Podcasts dauert 21m. Bisher sind 2815 Folge(n) erschienen. Dies ist ein täglich erscheinender Podcast.

Gesamtlänge aller Episoden: 42 days 8 hours 44 minutes


episode 1459: Official online channels hijacked in separate US, Philippine incidents. Update on MosesStaff, a ransomware group interested in politics, not profit. Costco breach. Ryuk money-laundering case.

Exploitation of a configuration error in the FBI’s Law Enforcement Enterprise Portal enables hackers to send bogus warning emails. Philippine Office of Civil Defense Twitter account briefly hijacked. Update on Iranian politically motivated threat group MosesStaff. Discount retailer Costco discloses a point-of-sale skimmer incident. Dinah Davis from Arctic Wolf track zero days. Rick the Toolman Howard drops by the studio...


 November 15, 2021  22m

episode 1460: Threats and vulnerabilities, old and new, include Emotet and Mirai. CISA advises of DDS vulnerabilities. Arrest in a revenge porn case.

Older threats, including Emotet and Mirai, are out and about, and an old vulnerability, Rowhammer, gets a fresh proof-of-concept. A new banking Trojan threatens Europe. Intel works on vulnerabilities. CISA advises awareness of recently reported DDS vulnerabilities. Joe Carrigan explains how spearphishers are using customer complaints as bait. Rick Howard epaks with Carlos Vega from Devo on Supply Chain issues. And an arrest is made in a Maryland revenge porn case...


 November 16, 2021  29m

episode 1461: CISA and its partners warn of Iranian cyber ops. Cyberespionage in the Middle East with Candiru tools. Belarus connected to Ghostwriter. Facebook boots SideCopy. RAMP recruits members.

CISA, the FBI, the ACSC, and the NCSC issue a joint advisory warning of an Iranian cyber campaign exploiting known vulnerabilities in Fortinet and Microsoft Exchange. A Belarusian connection to Ghostwriter. Candiru tools reported in watering holes. SideCopy’s interest in Afghanistan. RAMP shows an interest in attracting Chinese operators. Josh Ray from Accenture Security digs into the CONTI playbook leak. Our guest is Matt Keeley from Bishop Fox on fuzzing...


 November 17, 2021  23m

episode 1462: Developments in cyber gangland, and the increasingly complicated entanglement of crooks and spies. Selling confiscated alt-coin to compensate fraud victims.

Red Curl is a Russophone gang with an unusual target list. North Korea’s TA406 is having a busy year, hacking for intelligence and for profit. Wicked Panda’s getting good at code-signing, and software supply chain attacks are in Beijing’s long-term plans. A spearphishing campaign abuses legitimate collaboration tools. Kevin Magee from Microsoft has an insider’s look at Windows 11 security. Our guest is Kevin Bocek of Venafi to discuss Security Software Build Environments...


 November 18, 2021  24m

episode 1463: Software supply chain threats. Recent Iranian cyber operations. Banking disclosure rules. ICS updates. UK, US announce closer cooperation in cyberops. A real, literal, evil maid?

Software supply chain incidents: FatPipe, PyPi, and IT services generally. A look at recent Iranian operations. The US Federal Reserve publishes its disclosure rules for banks sustaining cyber incidents. CISA issues a set of ICS advisories. Two of the Five Eyes announce plans for continued, even closer cooperation in cyberspace. Johannes Ullrich on attackers abusing "PAM" (Plug Authentication Modules). Our guest is Hatem Naguib, CEO at Barracuda Networks...


 November 19, 2021  25m

episode 1464: Stealing from the best? An enigma in the criminal-to-criminal market. CISA’s holiday caution. Someone’s impersonating the SEC. Three weekend cyberattacks.

The Lazarus Group seems interested in learning from, by which they mean stealing from, some of the world’s leading state-sponsored cyber operators. Void Balaur remains an enigma, but it’s not the only player in the C2C market. CISA and the FBI warn all, but especially critical infrastructure operators, to remain alert during the holidays. Some scammers are impersonating the US SEC. Dinah Davis from Arctic Wolf on what security gifts to get your family this year...


 November 22, 2021  21m

episode 1465: Tardigrade malware infests the US biomanufacturing sector. GoDaddy suffers a significant data breach. Facebook Papers to be reviewed and released. NSO Group’s troubles.

Tardigrade malware infests the US biomanufacturing sector. GoDaddy suffers a significant data breach. A Gizmodo-led consortium will review and release the Facebook Papers. Ben Yelin on our privacy rights during emergency situations. Our guest is Ric Longenecker of Open Systems to discuss how ransomware attacks represent the number one threat for universities. And NSO Group may not recover from current controversy over its Pegasus intercept tool...


 November 23, 2021  29m

episode 1466: Phishing in the Iranian diaspora. Not your grandma and grandpa’s crytper. Malware-as-a-service. Proofs-of-concept (one is a zero-day). Apple sues NSO Group.  

An apparent cyberespionage campaign targets the Iranian diaspora. Babadeda is an emerging crypter seeing use against alt-coin and NFt speculators. RATDispenser is out in the wild, a malware-as-a-service operation. Proofs-of-concept published for Microsoft exploits. Apple sues NSO Group. Group-IB’s founder asks President Putin for clemency. Caleb Barlow on the difference between working for a company that is funded by VCs, PEs, angels or is public...


 November 24, 2021  28m

episode 1467: Reply-chain attacks. Intelligence services go phishing. Civilian targets hit in Israeli-Iranian cyber conflict. The Entity List expands. Russo-Ukrainian tensions rise.

A reply-chain incident is reported at a major international furniture and housewares retailer. North Korean operators are phishing for South Korean marks using bogus Samsung recruiting emails as phishbait. Fancy Bear has been seen pawing at Gmail. A regional escalation to civilian targets in the cyber conflict between Iran and Israel. More organizations are added to the US Entity List. Johannes Ullrich looks at decrypting Cobalt Strike...


 November 29, 2021  21m

episode 1468: Cybercrime and the criminal-to-criminal markets that support it during the holiday shopping season. Shaming as a pressure tactic. Living large, even when living on the lam.

Today, it’s all crime all the time. Cybercrime, the C2C underground market, and the expansive holiday shopping season. Rebranding in gangland. How crooks exclude targets on the basis of language or geolocation. Shaming as a criminal pressure tactic. Bad apps in the Play Store. Andrea Little Limbago looks at internet blackouts. Carole Theriault wonders what the Metaverse really means. And living large while living on the lam...


 November 30, 2021  25m