The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
https://thecyberwire.com/podcasts/daily-podcast
Gesamtlänge aller Episoden: 44 days 9 hours 51 minutes
episode 1749: Criminal evolutions, disgruntled insiders, and gangsta wannabes. New wiper attacks hit Ukrainian targets, with less effect than the first rounds early last year. And support your local hacktivist?
Gootloader's evolution. Yandex source code leaked (and Yandex blames a rogue insider). New GRU wiper malware is active against Ukraine. Latvia reports cyberattacks by Gamaredon. Russia and the US trade accusations of malign cyber activity. A hacktivist auxiliary's social support system. Deepen Desai from Zscaler describes the Lilithbot malware. Rick Howard looks at chaotic simians. And wannabes can be a nuisance, too: LockBit impersonators are seen operating in northern Europe...
episode 1750: The cybercriminal labor market and the campaigns it’s supporting. Russia’s Killnet is running DDoS attacks against US hospitals, but Russia says, hey, it’s the real victim here.
Some perspective on the cybercriminal labor market. DocuSign is impersonated in a credential-harvesting campaign. Social engineering pursues financial advisors. Killnet is active against the US healthcare sector. Mr. Security Answer Person John Pescatore has thoughts on cryptocurrency. Ben Yelin and I debate the limits of section 230. And, hey, who’s the real victim in cyberspace? A hint: probably not you, Mr. Putin...
episode 1751: How the C2C market sustains ransomware gangs. In Russia’s war, intelligence services deploy wipers, and hacktivist auxiliaries handle the DDoS. And a look into other corners of the cyber underworld.
Microsoft tallies more than a hundred ransomware gangs. Sandworm's NikoWiper hits Ukraine's energy sector. Mobilizing cybercriminals in a hybrid war. Firebrick Ostrich and business email compromise. Telegram is used for sharing stolen data and selling malware. Crypto scams find their way into app stores. Bryan Vorndran of the FBI Cyber Division outlines the services the FBI provides during an incident response...
episode 1752: Cisco fixes vulnerabilities in ICS appliances. NIST’s anti-phishing guidelines. OneNote exploitation. HeadCrab malware. Recent actions by Russian threat actors. Trends in state-directed cyber ops.
Cisco patches a command injection vulnerability. NIST issues antiphishing guidance. HeadCrab malware's worldwide distribution campaign. The Gamaredon APT is more interested in collection than destruction. Kathleen Smith of ClearedJobs.Net looks at hiring trends in the cleared community. Bennett from Signifyd describes the fraud ring that’s launched a war on commerce against U.S. merchants. And trends in cyberattacks by state-sponsored actors...
episode 1753: Cyberespionage, and ransomware as misdirection. A new Python-based supply chain attack. Traffic on the Static Expressway. KillNet continues to plague hospitals. And Telegram may be compromised.
CISA has released six ICS Advisories. A look at a North Korean cyberespionage campaign. ChatGPT and its attack potential. A new Python-based supply chain attack. There’s traffic on the Static Expressway: ClickFunnels seen in use for redirection. KillNet continues its campaign against hospitals. Ransomware as misdirection for cyberespionage. Part two of my conversation with Kathleen Smith of ClearedJobs.Net discussing trends in the cleared space...
episode 1754: Unpatched VMware ESXi instances attacked. Okatpus is back. Update on LockBit’s ransomware attack on ION. Charlie Hebdo hack attributed to Iran.
New ransomware exploits a VMware ESXi vulnerability. Roasted 0ktapus squads up. LockBit says ION paid the ransom. Russian cyber auxiliaries continue attacks against healthcare organizations. Attribution on the Charlie Hebdo attack. Deepen Desai from Zscaler describes recent activity by Ducktail malware. Rick Howard looks at cyber threat intelligence. And the top US cyber diplomat says his Twitter account was hacked...
episode 1755: Update: VMware ESXi exploitations. Super Bowl cyber risks. Scalping bots. The curious case of the Moscow billboards.
VMware ESXi exploitations. Super Bowl cyber risks. Scalping bots. The curious case of the Moscow billboards. Joe Carrigan tracks pig butchering apps in online app stores. Our guest is David Liebenberg from Cisco Talos, to discuss incident response trends. And, in sportsball, it’s gonna be the Chiefs by a couple of hat tricks, or something. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/25 Selected reading...
episode 1756: An ICS update from CISA. Ransomware notes: LockBit, Clop, and ESXiArgs. Vulnerability in Toyota’s GSPIMS. Two new Russian cyberespionage efforts hit Ukraine. And a direction for US privacy policy.
CISA releases an ICS security advisory affecting a smart facility system. LockBit threatens to release Royal Mail data tomorrow. Cl0p ransomware expands to Linux-based systems. A vulnerability is identified in Toyota's GSPIMS. There’s an ESXiArgs update: new trackers and mitigation tools are available. Russia is running two new cyberespionage campaigns against Ukraine. Our guest is Roya Gordon from Nozomi Networks discusses the ICS Threat Landscape...
episode 1757: Cyberespionage, from war floating to phishing. An update on ESXiArgs. Fresh sanctions against ransomware operators, and more takedowns may be in the offing.
War-floating. A phishing campaign pursues Ukrainian and Polish targets. Pakistan's navy is under cyberattack. A new criminal threat-actor uses screenshots for recon. ESXiArgs is widespread, but its effects are still being assessed. The UK and US issue joint sanctions against Russian ransomware operators. Robert M. Lee from Dragos addresses attacks to electrical substations. Our guest is Denny LeCompte from Portnox discussing IoT security segmentation strategies...
episode 1758: US, RoK agencies outline DPRK ransomware. Reddit breached. ICS and IIoT issues. It’s almost Valentine’s Day. Have you noticed? (The hoods have.)
US and Republic of Korea agencies outline the DPRK ransomware threat. Reddit is breached. CISA releases six ICS advisories. Flaws are found in IIoT devices. Dinah Davis from Arctic Wolf shares cybersecurity stats every IT professional should know. Our guest is Kayla Williams from Devo autonomous SOCs. And, it’s almost Valentine’s Day. Have you noticed? (The hoods have.) For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire...