Gesamtlänge aller Episoden: 43 days 22 hours 36 minutes
US officials continue to rate the threat of Russian cyberattack as high. Civilians in cyber war. Broadcast interference and propaganda. A Joint CISA/FBI warning of Chinese cyberespionage. What gets a vulnerability into the Known Exploited Vulnerabilities Catalog? Andrea Little Limbago from Interos and Mike Sentonas from Crowdstrike join us with previews of their RSA conference presentations. And, finally, some Jersey-based cyber campaigns (that’s the Bailiwick, not the Garden State)...
Another hacked broadcast in a hybrid war. Hunting forward as an exercise in threat intelligence collection and sharing. Cyber threats to the US midterm elections. Phishing for cryptocurrency. FakeCrack delivers a malicious payload to the unwary. Vacations are back. So is travel-themed phishbait. Ann Johnson from Microsoft shares insights on the trends she’s tracking here at RSA. Johannes Ullrich brings highlights from his RSA conference panel discussion...
Looking at Russia's hybrid war as a cautionary example. Russia warns, again, that it will meet cyberattacks with appropriate retaliation. (China says "us too.") NSA and FBI warn of nation-state cyber threats. SentinelOne finds a Chinese APT that's been operating, quietly, for a decade. "Unpatchable" vulnerability in Apple chips reported. We’ve got more interviews from RSA Conference, including the FBI’s Cyber Section Chief David Ring, ExtraHop’s CEO, Patrick Dennis...
A Chinese APT deploys a new cyberespionage tool. Hacktivism roils India after a politician's remarks about the Prophet. Ukraine reports a "massive" spam campaign against the country's media organizations. A Russian court fines Wikimedia for "disinformation." From the NSA’s Cybersecurity Collaboration Center our guests are Morgan Adamski and Josh Zaritsky. Rick Howard sets the cyber sand table on Colonial Pipeline. And the Martians haven’t landed, and the Right Honorable Mr. Johnson is still PM...
Dealing with the GRU's exploitation of the Follina vulnerabilities. SeaFlower uses stolen seed phrases to rifle cryptocurrency wallets. Ukraine moves sensitive data abroad. Anonymous claims to have hacked Russia's drone suppliers and to have hit sensitive targets in Belarus. Rick Howard reports on an NSA briefing at the RSA Conference. Our guest is Ricardo Amper from Incode with a look at biometrics in sports stadiums. And the effects of war on the cyber underworld...
The Hertzbleed side-channel issue affects Intel and AMD processors. An Iranian spearphishing campaign prospected former Israeli officials. Patch Tuesday notes. A look at software bills of materials. Russia routes occupied Ukraine's Internet traffic through Russia. Intercepts in the hybrid war: the odd and the ugly. Deepen Desai from ZScaler joins us with the latest numbers on ransomware. Rob Boyce from Accenture Security looks at cyber invisibility...
Interpol coordinates international enforcement action against scammers. A new version of IceXLoader is observed. Exploiting versioning limits to render files inaccessible. Reflections on the first large-scale hybrid war. Kelly Shortridge from Fastly on why behavioral science and economics matters for InfoSec. Patrick Orzechowski from DeepWatch on Russian IoCs and critical infrastructure. And the possibility of cyber escalation in Russia’s hybrid war against Ukraine...
Malibot is an info stealer masquerading as a coin miner. "Hermit" spyware is being used by nation-state security services. Fabricated evidence is planted in Indian computers. The US takes down a criminal botnet. The British Home Secretary signs the Assange extradition order. We wind up our series of RSA Conference interviews with David London from the Chertoff group and Hugh Njemanze from Anomali. And putting the Service into service learning...
A Cyberattack is suspected of causing false alarms in Israel. Risk surface assessments. Renewed warning of the potential security risks of fitness apps. Cyber options may grow more attractive to Russia as kinetic operations stall. DDoS in St. Petersburg. Ben Yeling details a Senate bill restricting the sale of location data. Our guest is Jon Check from Raytheon's Intelligence and Space Division discussing the National Collegiate Cyber Defense Competition...
Fancy Bear sighted in Ukrainian in-boxes. Why Russian cyberattacks against Ukraine have fallen short of expectations. ToddyCat APT is active in European and Asian networks. ICEFALL ICS vulnerabilities described. CISA issues ICS vulnerability advisories. Europol makes nine collars. Andrea Little Limbago from Interos on The global state of data protection and sharing. Rick Howard speaks with Michelangelo Sidagni from NopSec on the Future of Vulnerability Management...