In today's podcast we hear reports that the Ticketmaster breach is the tip of a big software supply chain iceberg. Chinese intelligence services closely interested in Cambodia's elections. iOS crashes appear related to code designed to block displays of Taiwan's flag to users in China. Congress wants some answers on smartphone privacy from both Apple and Alphabet. Facebook's wrist is slapped in the UK. Langley Credit Union identity theft case proves not necessarily related to the OPM breach. Johannes Ullrich from SANS and the ISC Podcast on securing DNS. Guest is Ken Spinner from Varonis, cautioning that we not allow the high-profile insider threat cases distract us.
Ticketmaster paycard breach is part of a very large skimmer campaign. Chinese cyberespionage and censorship. Smartphone privacy issues. Data misuse litigation. Affirming the consequent.
↧
↧
Timehop refines its breach disclosure. Speculative execution side-channel attacks described. Tech manuals offered for sale on the dark web. Twitter versus bots.
In today's podcast, we hear that Timehop has released more information as its breach investigation proceeds. The case will be interesting as an indicator of what GDPR enforcement will look like. Two speculative execution side-channel attacks are described (in the lab, but not yet, it's believed, in the wild). The US Senate's flesh creeps over bug disclosure practices. Someone uses a Netgear exploit to get some US technical manuals. Twitter goes to work against bogus accounts. Mike Benjamin from CenturyLink on cryptojacking. Guest is Yaniv Avidan from MinerEye on cloud GDPR compliance.
↧
Fancy Bear indictments. VPNFilter found in Ukrainian water-treatment chlorine plant. Comment spam. Speculative execution side-channel attacks. MDM exploits in India.
In today's podcast, we hear that Special Counsel Mueller has secured an indictment of twelve Russian intelligence officers for hacking during the 2016 US presidential elections. Ukraine finds VPNFilter in a water treatment facility. Comment spam returns. Speculative execution issues. Mobile-device-management tool used against smartphone users in India. The US Army directly commissions two cyber operators—congratulations, First Lieutenants. Ben Yelin from UMD CHHS on California’s consumer privacy ballot measure. Guest is Martin Hellman, professor emeritus at Stanford University and known for his work on Diffie–Hellman key exchange. His new book is A New Map for Relationships: Creating True Love at Home and Peace on the Planet.
↧
A new approach to mission critical systems — Research Saturday
Andy Bochman is senior grid strategist for Idaho National Lab’s National and Homeland Security directorate. Today we’re discussing the research the INL has been doing, developing new approaches to protecting mission critical systems.
The CyberWire's Research Saturday is presented by the Hewlett Foundation Cyber Initiative.
Thanks to our sponsor Enveil, closing the last gap in data security.
↧
DNI warns of cyber threats. Russo-US summit. Mueller investigation and indictments. Huawei agonists. Congress reconsiders ZTE reinstatement. Kaspersky receives no emergency ban relief.
DNI says "warning lights are blinking red" over cyber threats. Election interference remains a risk despite lower than expected levels of threat activity. Presidents Trump and Putin meet in Helsinki. Notes on the Mueller investigation and the GRU indictments. Huawei, under suspicion over African cyberespionage, is said to be excluded from participation in Australian 5G buildout. Congress may reimpose ban on ZTE. Kaspersky fails to win emergency injunction against US sanctions. Ben Yelin from UMD CHHS, weighing in on the indictments of the Russians.
For links to all of the stories mentioned in this podcast, visit our daily news brief on our web page.
https://thecyberwire.com/issues/issues2018/July/CyberWire_2018_07_16.html
↧
↧
Trump-Putin summit. East Asian cyberespionage campaigns. Vulnerable DVRs. Concern about census security.
In today's podcast we review fallout from the Trump-Putin summit. Cyberespionage campaigns resurface in East Asia—at least one of them originates in North Korea. Telefonica sustains a major data breach of Spanish customers' details. Passwords to DVRs are found cached in an IoT search engine. Those DVRs' firmware is also vulnerable to exploitation. The US Census Bureau is asked to provide an overview of measures being taken to secure the 2020 census. David Dufour from Webroot on ransomware in the UK. Guest is James Tabor from MEDIA Protocol on using blockchain technology with online advertising.
For links to all of the stories mentioned in today's podcast, check out our CyberWire daily news brief -
https://thecyberwire.com/issues/issues2018/July/CyberWire_2018_07_17.html
↧
Magnibur ransomware spreads. LabCorp discloses suspicious incident on its networks. Spectre, Meltdown notes. Oracle patches. Helsinki summit backing and filling and backing.
In today's podcast, we hear about the spread of Magnibur ransomware. LabCorp discloses "suspicious activity" on its networks. The Pentagon will add cybersecurity checks to its test and evaluation process. Siemens updates customers on Spectre and Meltdown. Oracle's quarterly patch bulletin is out. Fallout, clarifications, and more fallout from the Helsinki summit. US agencies continue preparations to secure elections and infrastructure. Robert M. Lee from Dragos on the Electrum threat group. Guest is Jonathan Couch from Threat Quotient on Dark Web markets.
For links to stories in today's CyberWire podcast, check out our daily news brief.
https://thecyberwire.com/issues/issues2018/July/CyberWire_2018_07_18.html
↧
Fancy Bear's Roman Holiday. RAT phishing in Ukraine. AWS S3 bucket leaks robocaller data. Bug or abuse? NIST to withdraw outdated cybersecurity publications. Content moderation.
In today's podcast, we hear that Fancy Bear has taken a Roman Holiday, and the Italian Navy may be taking note. A criminal espionage campaign is underway, with Ukraine's government as its target. An exposed AWS S3 bucket leaks voter information. A security firm and a vendor dispute whether an issue is a vulnerability or a case of user abuse. NIST announces its intention of withdrawing some obsolete cybersecurity publications. Congress presses tech companies about content moderation. Daniel Prince from Lancaster University on rewriting digital histories. Guest is Matt Cauthorn from ExtraHop on a new worm spreading through Android devices.
For links to all of today's stories, check out the CyberWire daily news brief -
https://thecyberwire.com/issues/issues2018/July/CyberWire_2018_07_19.html
↧
Cyberespionage and influence operations. Big botnet assembled in less than a day. Monetizing stolen paycards through online games. Amazon nudges developers. Report on Huawei. Phishing notes.
In today's podcast we hear that the US Intelligence Community remains convinced the Bears are up to no good. Finland experienced elevated rates of cyberattack during the Helsinki summit, mostly Chinese espionage. The hacker "Anarchy" assembled an 18,000-member botnet in less than a day, using known vulnerabilities. Crooks monetize stolen credit cards through online games. Amazon works to induce better AWS configurations. Annual UK report on Huawei is out. Phishing campaign notes. Zulfikar Ranzan from RSA on cyber risk quantification. Guest is Mark Peters II, author of the book Cashing in on Cyber Power.
For links to all of today's stories, check out our CyberWire daily news brief.
https://thecyberwire.com/issues/issues2018/July/CyberWire_2018_07_20.html
↧
↧
Measuring the spearphishing threat — Research Saturday
Researchers Gang Wang and Hang Hu from Virginia Tech recently conducted an end-to-end measurement on 35 popular email providers and examining user reactions to spoofing through a real-world spoofing/phishing test. Gang Wang joins us to share the sobering results.
End-to-End Measurements of Email Spoofing Attacks
https://people.cs.vt.edu/gangwang/usenix-draft.pdf
The CyberWire's Research Saturday is presented by the Hewlett Foundation Cyber Initiative.
Thanks to our sponsor Enveil, closing the last gap in data security.
↧
SingHealth breach hits Singapore. Manufacturers afflicted with third-party data exposure. Aspen Security Forum takes cyber threats seriously. Ecuador may withdraw asylum from Assange.
In today's podcast we hear that Singapore's SingHealth has sustained a major data breach: authorities speculate it may have been the work of a nation-state yet to be determined (or at least named). A third-party data exposure affects major manufacturers, including car makers. The Aspen Security Forum concludes with sobering warnings from senior US Government officials and the private sector of election interference and the prospects of a "cyber 9/11." Ecuador may be tiring of Mr. Assange. Rick Howard from Palo Alto Networks revisiting the notion of a metaphorical cyber moon-shot.
For links to all of today's stories check out our CyberWire daily news brief:
https://thecyberwire.com/issues/issues2018/July/CyberWire_2018_07_23.html
↧
Warnings of Russian cyber threat to power grids. Phishing rises. Patch gets patched. SingHealth breach. Satori botnet. Bluetooth MitM. Evil maids?
In today's podcast, we hear that warnings of Russian prep for an attack on power grids become more pointed. Phishing and impersonation attacks continue to rise. Microsoft patches a patch. The SingHealth breach remains under investigation. The Satori botnet may be taking another run at Android devices. Bluetooth vulnerabilities render paired devices susceptible to man-in-the-middle attacks. And evil maid attacks may be less difficult than you thought. Emily Wilson from Terbium Labs, sharing her experience attending a conference for professionals working to fight fraud. Guest is Brian Martin from Risk Based Security with their research on vulnerabilities they discovered with the Click2Gov service.
For links to all of today's stories check out our CyberWire daily news brief:
https://thecyberwire.com/issues/issues2018/July/CyberWire_2018_07_24.html
↧
Leafminer wants to learn from the best, and that's not good. Shipper hacked. Old malware resurfaces in improved form. Russian grid and election threats. What insurance covers.
In today's podcast, we hear that Leafminer is infesting networks in the Middle East. Red Alert, Kronos, Mirai, and Gafgyt make their reappearance in new forms. Shipping firm Cosco is dealing with a cyberattack. US officials raise warnings about Russian threats to the power grid and elections. Congress considers cyber retaliation. A dispute over cyber insurance coverage lands the insured and the insurer in court. Awais Rashid from Bristol University on IoT and OT convergence. Guest is Jason Morgan from Wiretap on their Human Behavior Risk Analysis Report.
For links to all of today's stories check out our CyberWire daily news brief:
https://thecyberwire.com/issues/issues2018/July/CyberWire_2018_07_25.html
↧
↧
LifeLock closes proof-of-concept hole. US-CERT warns of active campaigns against ERP applications. Ad blockers may function as spyware. Parasite HTTP RAT. Underminer EK. NSA's IG scowls.
In today's podcast we hear that LifeLock gets locked down—probably no harm done, maybe. US-CERT warns of active campaigns against ERP applications. Ad blockers may be doubling as spyware. A new RAT gnaws away at corporate HR departments. Underminer shows that exploit kits aren't obsolete after all. NSA gets a bad report from its IG. Congress worries over Russian infrastructure reconnaissance and influence operations. Iran's OilRig and Leafminer remain active regional threats. Joe Carrigan from JHU ISI on infosec pros reusing passwords. Guest is Jessica Ortega from SiteLock, discussing how having social media icons on your website increases the odds of falling victim to attacks.
For links to stories in today's podcast check out our CyberWire daily news brief:
https://thecyberwire.com/issues/issues2018/July/CyberWire_2018_07_26.html
↧
Fancy Bear sniffs around Senatorial staffs. US NSC considers Russian election interference. Chinese and Iranian cyberespionage. Malware loaders. Smart home bugs. Stealing WiFi.
In today's podcast we learn that Fancy Bear is said to be snuffling around at least one US Senatorial office. The US National Security Council meets to consider Russian election interference. Notes on Chinese and Iranian cyberespionage. New malware loaders are offered on the black market. Smart home hubs are shown to be hackable. Tenable enjoys a good IPO. A burglar in Silicon Valley didn't say, your money or your life, but rather, dude I'm outta data—can I have your WiFi password? Dr. Charles Clancy from VA Tech on the security aspects of digital vs analog RF spectrum. Guest is Lisa Beegle from Akamai with info from their State of Internet Security report.
For link to all of today's stories check out the CyberWire daily news brief:
https://thecyberwire.com/issues/issues2018/July/CyberWire_2018_07_27.html
↧
BabaYaga strangely symbiotic Wordpress malware — Research Saturday
Researchers at Defiant recently analyzed a malware family they named "BabaYaga," which has the curious behavior of clearing out other malware and keeping infected sites up to date.
Brad Hass is a senior security analyst at Defiant, and he guides us through their findings.
The research can be found here:
https://www.wordfence.com/blog/2018/06/babayaga-wordpress-malware/
The CyberWire's Research Saturday is presented by the Hewlett Foundation Cyber Initiative.
Thanks to our sponsor Enveil, closing the last gap in data security.
↧
NetSpectre proof-of-concept. Election hacking, in the US and Australia. Cyber industrial espionage. Cyber threats to power grids. Hacking JPay.
In today's podcast, we hear about NetSpectre, a new speculative execution proof-of-concept. Australia's Electoral Commission says there were no signs of hacking recent by-elections. US states remain concerned about election hacking. Missouri Senator McCaskill confirms that Fancy Bear made an unsuccessful attempt to access her staff's network. Russian threats to power grids. Industrial espionage continues to go after corporate IP. And news you can use about JPay (we know: you're asking for a friend). Jonathan Katz from UMD on the timeline for practical quantum computers.
For links to all of these stories check out our CyberWire daily news brief:
https://thecyberwire.com/issues/issues2018/July/CyberWire_2018_07_30.html
↧
↧
Infrastructure security, especially power, finance, and elections. Preparation pays off. Proofpoint warns of new AZORult malware. Check Point tracks Master134 malvertising. Crime news.
In today's podcast we hear more warnings about Russian cyber operators in the North American power grid. The US Department of Homeland Security announces formation of a National Risk Management Center. Cosco's preparation may have rendered the shipper more resilient to the cyberattack it sustained. Congress worries over election hacking and deep fakes. Electronic warfare is back. An alt-coin platform is hacked, a carder goes to jail, an alleged sim-swapper is arrested, and coaches behave badly. Johannes Ullrich from SANS and the ISC Stormcast podcast on TLS 1.3 implementation. Guest is Mark Orlando from Raytheon on critical infrastructure security.
For links to all of today's stories check out our CyberWire daily news brief:
https://thecyberwire.com/issues/issues2018/July/CyberWire_2018_07_31.html
↧
Data-centric security. — Special Edition
In this CyberWire special edition, we take a look at data-centric security, focusing on the security of the data itself, rather than the surrounding networks, application or servers.
To help us on our journey of understanding we’ve lined up a number of industry experts. Ellison Anne Williams is CEO of Enveil, a company that’s developed cutting edge encryption techniques. Adam Nichols is principle of software security at Grimm, a cybersecurity engineering and consulting firm. Mark Forrest is CEO at BeFine Solutions, a software and marketing company. And John Prisco is CEO at QuantumXchange, a provider of what they claim is unbreakable quantum-safe encryption.
Thanks to our special edition sponsor Cylance.
↧
Reddit Hacked. Ukrainians nabbed. Facebook boots "inauthentic" accounts for malign influence. Pegasus spyware found in Amnesty phone. Yale's old breach. Google and censorship.
In today's podcast we hear that a Swiss chemical agent forensic lab has seen Sandworm phishing attempts. Facebook kicks thirty-one "inauthentic" accounts from its platform: they seem to have been engaged in influence operations, possibly Russian. Attribution remains difficult. NSO Group's Pegasus spyware found in Amnesty International phone. SamSam ransomware exacts a high cost. Yale realizes it was breached about ten years ago. Google allegedly prepares a censor-engine for Chinese web searchers. Craig Williams from Cisco’s Talos unit, describing his team and the work they do. Guest is Thomas Hofmann from Flashpoint on ransomware and online extortion.
For links to all of today's stories check out out Cyberwire daily news brief:
https://thecyberwire.com/issues/issues2018/August/CyberWire_2018_08_01.html
↧
More Pages to Explore .....
