The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
https://thecyberwire.com/podcasts/daily-podcast
Gesamtlänge aller Episoden: 44 days 13 hours 15 minutes
episode 1779: Silicon Valley Bank as phishbait. An “attack superhighway.” Unauthorized software in the workplace. YoroTrooper, a new cyberespionage threat actor. Hacktivists game, too. How crime pays.
Expect phishing, BEC scams, and other social engineering to use Silicon Valley Bank lures. An "attack superhighway." Unauthorized software in the workplace. A new cyberespionage group emerges. Squad up (but not IRL). Ben Yelin unpacks the FBI director’s recent admission of purchasing location data. Ann Johnson from Afternoon Cyber Tea speaks with Jason Barnett from HCA Healthcare about cyber resilience...
episode 1780: Patch Tuesday notes. SVB's and the cybersecurity sector. SVR's APT29 is phishing for access to information. Trends in the Russo-Ukraine cyberwar. LockBit counts coup (says LockBit).
Patch Tuesday notes. Silicon Valley Bank's collapse and its effects on the cybersecurity sector. SVR's APT29 used a Polish state visit to the US as phishbait. Regularizing hacktivist auxiliaries. Our guest is Crane Hassold from Abnormal Security with a look at threats to email. Grayson Milbourne from OpenText Cybersecurity addresses chaos within the supply chain. And LockBit claims to have compromised an aerospace supply chain...
episode 1781: CISA warns of Telerik vulnerability exploitation. Cloud storage re-up attacks. Phishing tackle so convincing it will deceive the many. Cyber developments in Russia's hybrid war.
Telerik exploited, for carding (probably) and other purposes. Cloud storage re-up attacks. Cybercriminals use new measures to avoid detection of phishing campaigns. "Winter Vivern" seems aligned with Russian objectives. Microsoft warns of a possible surge in Russian cyber operations. Boss Sandworm. Johannes Ullrich from SANS talking about malware spread through Google Ads. Our guest is David Anteliz from Skybox Security with thoughts on federal government cybersecurity directives...
episode 1782: Some movement in the cyber underworld. Vishing impersonates the US Social Security Administration. More SVB-themed phishing. And compromise without user interaction.
BianLian gang’s pivot. HinataBot is a Go-based threat. The US Social Security Administration is impersonated in attempted vishing attacks. BlackSnake in the RaaS criminal market. More Silicon Valley Bank-themed phishing. Caleb Barlow from Cylete on security implications you need to consider now about Chat GPT. Our guest is Isaac Roth from LeakSignal with advice on securing the microservices application layer. And Russian operators exploit an Outlook vulnerability...
episode 1783: Cl0p ransomware at Hitachi Energy. Alleged TikTok surveillance of journalists. Hacktivist auxiliary hits Indian healthcare records. Cyberattack on Latitude: update. BreachForums arrest.
Cl0p ransomware hits Hitachi Energy. The US Department of Justice investigates ByteDance in alleged surveillance of journalists. A Hacktivist auxiliary hits Indian healthcare records. Pirated software is used to carry malware. The Effects of cyberattack on Latitude persist. Adam Meyers from CrowdStrike shares findings from the 2023 CrowdStrike Global Threat Report. Rick Howard has the latest preview of CSO Perspectives. And Pompompurin is arrested for an alleged role in BreachForums...
episode 1784: Threat group with novel malware operates in SE Asia. Data theft extortion rises. Key findings of Cisco's Cybersecurity Readiness Index. iPhones no longer welcome in Kremlin. Russian cyber auxiliaries & privateers devote increased attention to healthcare.
Threat group with novel malware operates in Southeast Asia. Data theft extortion on the rise. Key findings of Cisco's Cybersecurity Readiness Index. iPhones are no longer welcome in the Kremlin. Russian cyber auxiliaries and privateers devote increased attention to the healthcare sector. Chris Eng from Veracode shares findings of their Annual Report on the State of Application Security. Johannes Ullrich from SANS Institute discusses scams after the failure of Silicon Valley Bank...
episode 1785: Detecting sandbox emulations. VEC supply chain attacks. Updates from the hybrid war. CISA and NSA offer IAM guidance. Other CISA advisories. Baphomet gets cold feet after all.
Malware could detect sandbox emulations. A VEC supply chain attack. A new APT is active in Russian-occupied sections of Ukraine. An alleged Russian patriot claims responsibility for the D.C. Health Link attack. CISA and NSA offer guidance on identity and access management (IAM). Tim Starks from the Washington Post has analysis on the BreachForums takedown. Our guest is Ryan Heidorn from C3 Integrated Solutions with a look at the CMMC compliance timeline. And Baphomet backs out...
episode 1786: Pyongyang’s intelligence services have been busy in cyberspace. Hacktivists exaggerate the effects of their attacks on OT. Ghostwriter is back. A twice-told tale: ineffective cyberwar campaigns.
DPRK threat actor Kimsuky uses a Chrome extension to exfiltrate emails, while ScarCruft prospects South Korean organizations. Hacktivists' claims of attacks on OT networks may be overstated. Ghostwriter remains active in social engineering attempts to target Ukrainian refugees. Joe Carrigan has cyber crime by the numbers. Our guest is Christian Sorensen from SightGain with analysis of the cyber effects of Russia’s war...
episode 1787: Tools, alerts, and advisories from CISA. Reply phishing scams. Cl0p goes everywhere with GoAnywhere. EW in the hybrid war, and shields stay up.
A CISA tool helps secure Microsoft clouds.JCDC and pre-ransomware notification. CISA releases six ICS advisories. Reply phishing. Cl0p goes everywhere exploiting GoAnywhere. Russian electronic warfare units show the ability to locate Starlink terminals. Betsy Carmelite from Booz Allen Hamilton on the DoD's zero trust journey...
episode 1788: Evolution of criminal scams (especially BEC). Law enforcement honeypots. ChatGPT data leak. Hybrid war updates.
IcedID is evolving away from its banking malware roots. An Emotet phishing campaign spoofs IRS W9s. The FBI warns of BEC scams. A Fake booter service as a law enforcement honeypot. Phishing in China's nuclear energy sector. Reports of an OpenAI and a ChatGPT data leak. Does Iran receive Russian support in cyberattacks against Albania? My conversation with Linda Gray Martin and Britta Glade from RSAC with a preview of this year's conference...