The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
https://thecyberwire.com/podcasts/daily-podcast
Gesamtlänge aller Episoden: 44 days 1 hour 19 minutes
episode 1495: Influence operations in the grey zone. FSB raids REvil. Open Source Software Security Summit looks to public-private cooperation. Privateering and state-sponsored cybercrime.
A large-scale cyberattack against Ukrainian websites looks like an influence operation, and Russian intelligence services are the prime suspects. The FSB raids REvil. The White House Open Source Software Security Summit looks toward software bills of materials. MuddyWater exploits Log4shell. The DPRK is working to steal cryptocurrency. Caleb Barlow shares the consequences of the 3G network shutdown...
episode 1496: A new member of the Winnti Cluster is described. Cobalt Strike used against unpatched VMware Horizon servers. Ukraine blames Russia for what seems to be a destructive supply chain attack.
A new Chinese cyberespionage group is described. Cobalt Strike implants are observed hitting unpatched VMware Horizon servers. Ukraine attributes last week’s cyberattacks to Russia (with some possibility of Belarusian involvement as well). Microsoft doesn’t offer attribution, but it suggests that the incidents were more destructive than ransomware or simple defacements. The US warns of possible provocations. Ben Yelin looks at a bipartisan TLDR bill...
episode 1497: Updates on what Ukraine is now calling “BleedingBear.” CISA advises organizations to prepare for Russian cyberattacks. Other cyberespionage campaigns, and a new ransomware strain.
Ukraine confirms that it was hit by wiper malware last week, as tension between Moscow and Kyiv remains high. It remains high as well between Russia and NATO, as Russia continues marshaling conventional forces around Ukraine. CISA advises organizations to prepare to withstand Russian cyberattacks. Other cyberespionage campaigns are reported, as is a new strain of ransomware. Microsoft’s Kevin Magee provides friendly counsel for CISOs and boards...
episode 1498: Looking toward tomorrow’s Russo-American talks about the Ukraine crisis. A memorandum gives NSA oversight authority for NSS. A look at the C2C markets.
As Russian forces remain in assembly areas near the Ukrainian border, the US and Russia prepare for tomorrow’s high-level talks in Geneva. NATO members look to their cyber defenses. US President Biden issues a Memorandum on Improving the Cybersecurity of National Security, Department of Defense, and Intelligence Community Systems. Notes on C2C markets. Mirai is exploiting Log4j flaws. Verizon’s Chris Novak shares insights on Log4j challenges...
episode 1499: Ukrainian crisis continues, with attendant risk of hybrid warfare. MoonBounce malware in the wild. Pirate radio hacks a number station.
US and Russian talks over Ukraine conclude with an agreement to further exchanges next week. Western governments continue to recommend vigilance against the threat of Russian cyberattacks against critical infrastructure. The US Treasury Department sanctions four Ukrainian nationals for their work on behalf of Russia’s FSB and its influence operations. A firmware bootkit is discovered in the wild. Security turnover at Twitter. Caleb Barlow looks at wifi hygiene...
episode 1500: Updates on the continuing hybrid war in Ukraine. Julian Assange will get another chance to avoid extradition. And Russian privateers find that they’re expendable.
Updates on the continuing hybrid war in Ukraine. The UK charges Russia with trying to install a puppet in Kyiv. Nominal hacktivists claim an attack against Belarusian railroads. Compromise of Greek parliamentary email accounts reported. Netherlands authorities warn against relaxing your guard against Log4j exploitation. Julian Assange will get another chance to avoid extradition. Rick Howard’s been pondering his reading list. Dinah Davis from Arctic Wolf on securing your smart speakers...
episode 1501: Hacktivism as irregular operations-short-of-war. A banking Trojan aims at fraudulent wire transfers. DTPacker’s two-step delivery. REvil re-forms? Ransomware and insider threats. DDoS in Andorra.
Tensions remain high as Russia assembles troops near Ukraine and NATO moves to higher states of readiness. The Belarusian Cyber Partisans claim responsibility for a ransomware attack against Belarusian railroads. The BRATA banking Trojan spreads, as does DTPacker malware. REvil alumni may be getting the band back together. Ransomware operators working harder to recruit insiders at their targets. Joe Carrigan has the story of a romance scammer in custody. Mr...
episode 1502: Tensions between Russia and Ukraine remain high as NATO offers Ukraine cyber, diplomatic, and other support. DDoS in the DPRK. DazzleSpy in the watering hole. TrickBot ups its game.
Tensions between Russia and Ukraine remain high as NATO offers Ukraine cyber, diplomatic, and other support. North Korea gets DDoSed. DazzleSpy hits Hong Kong dissidents drawn to a watering hole. TrickBot ups its game. A quick look at ransomware trends. Microsoft’s Kevin Magee unpacks a recent World Economic Forum report. Our own Rick Howard speaks with Chriss Knisley from MITRE ATT&CK Defender on certifications. And Dame Fortune teaches Michiganders to throw caution to the winds...
episode 1502: Updates on the hybrid war in Ukraine. Industrial espionage in Germany, conventional espionage in Western Asia. C2C markets, social engineering, and scamware.
Cyber risk continues over Ukraine as the US and NATO reject Russian demands. Emissary Panda’s industrial espionage against German industry. Fancy Bear is spotted in Western Asia. The C2C market’s initial access broker Prophet Spider is selling access to unpatched VMware Horizon instances. Social engineering adapts to its marks. Thomas Etheridge from CrowdStrike on the power of Identity/Zero Trust in stopping ransomware attacks. Our guest is Gary Guseinov of Real Defense to discuss M&A activity...
episode 1504: Diplomacy and cyber warnings in the Ukraine crisis. REvil may not actually be out of business. A warning about Iranian state-directed hacking. And Data Privacy Day is observed.
Diplomatic channels remain open even as NATO and the US reject Russian demands over Ukraine. More warnings over Russian cyber operations in the hybrid conflict (Voodoo Bear is mentioned in dispatches). Social media as a source of tactical intelligence. The FBI tells industry to be alert for Iranian hacking. Ransomware continues to circulate. Josh Ray from Accenture digs into the Bassterlord Networking Manual. Carole Theriault examines a university data backup snafu...