Tories delay a leadership vote over security concerns. A summary of the cyber phases of the hybrid war. Cyberattacks affect three official sites in Taiwan. Malware designed to abuse trust. Gunter Ollmann of Devo to discuss how Cybercriminals are Winning the AI Race. Renuka Nadkarni of Aryaka explains enterprises can recession proof security architecture. Plus, putting a price on your privacy. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.co...
Aug 03, 2022•30 min•Season 6Ep. 1633
Nomad cryptocurrency bridge is looted. The BlackCat ransomware gang hits a Luxembourgeois energy company. DSIRF disputes Microsoft's characterization of the Austrian firm as cyber mercenaries. Ben Yelin looks at privacy concerns in the education software market. Our guest is PJ Kirner from Illumio to discuss Zero Trust Segmentation. And, finally, are there spies under Mr. Putin’s very very long table? For links to all of today's stories check out our CyberWire daily news briefing: https://thecyb...
Aug 02, 2022•28 min•Season 6Ep. 1632
KillNet threatens hack-and-leak op against HIMARS maker. Online investment scams hit Europe. Microsoft associates Raspberry Robin with EvilCorp. Rick Howard previews season ten of the CSO Perspectives podcast. Our guest is Nate Kharrl of SpecTrust on deploying fraud detection at the gateway. And a heartfelt farewell to a woman who’s inspiration lives on. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/146 Sel...
Aug 01, 2022•28 min•Season 6Ep. 1631
Larry Cashdollar, Principal Security Intelligence Response Engineer at Akamai Technologies, sits down with Dave Bittner to discuss his life leading up to working at Akamai. He shares his story from his beginnings to now, describing what college life was like as a young computer enthusiast. He says "If you look at my 1986 yearbook, I think it was my sixth grade class, it says computer scientist for my career path. So I had a love of computers when I was really young. I guess I knew what field I w...
Jul 31, 2022•8 min•Season 3Ep. 110
Israel Barak, CISO from Cybereason, sits down with Dave to discuss their research, "Operation CuckooBees: Cybereason Uncovers Massive Chinese Intellectual Property Theft Operation." Cybereason researchers recently found an attack lurking beneath the surface which was assessed to be the work of Chinese APT Winnti. Cybereason briefed the FBI and the DOJ on the investigation into the malicious campaign. The research states, "For years, the campaign had operated undetected, siphoning intellectual pr...
Jul 30, 2022•22 min•Season 5Ep. 243
Anonymous's hacktivism in a hybrid war. Pyongyang's [un]H0lyGh0st. Phishing in the IPFS. Update on the initial access criminal-to-criminal market and its effect on MSPs. Cyber gangs move away from malicious macros. Thomas Etheridge from CrowdStrike on managed detection and response. Rick Howard sits down with Art Poghosyan from Britive to discuss DevSecOps and Identity Management. And Rewards for Justice seeks some righteous snitches. For links to all of today's stories check out our CyberWire d...
Jul 29, 2022•27 min•Season 6Ep. 1630
SSSCIP and CISA sign a memorandum of cooperation. Are private-sector offensive actors tailored security services, or are they just hired guns? Bringing cyber mercenaries to heel. Malek Ben Salem from Accenture on why crisis management is at the heart of ransomware resilience. Our guest is Derek Manky from Fortinet on the World Economic Forum Partnership Against Cybercrime. And more credential-harvesting scams are out in the wild. For links to all of today's stories check out our CyberWire daily ...
Jul 28, 2022•24 min•Season 6Ep. 1629
IBM reports on the cost of a data breach. Personal apps as a potential business risk. Over on the dark side, there’s help wanted in the C2C labor market. An employee engagement study reaches predictably glum conclusions. Betsy Carmelite from Booz Allen Hamilton on reducing software supply chain risks with SBOMs. Our guest is Elaine Lee from Mimecast discussing the pros and cons of AI in cybersecurity. And Why so much attempted DDoS, but not so much ransomware? For links to all of today's stories...
Jul 27, 2022•25 min•Season 6Ep. 1628
LockBit gets an upgrade. CosmicStrand firmware rootkit is out in a new and improved version. Are thieves being treated like white hats? AV-Test's Twitter account is hijacked. Joe Carrigan considers the mental health effects of the online scam economy. Mr. Security Answer Person John Pescatore ponders the cybersecurity talent gap. And ongoing speculation on the cyber phase of the hybrid war. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/...
Jul 26, 2022•26 min•Season 6Ep. 1627
The minor mystery of GPS-jamming. Twitter investigates an apparent data breach. Ransomware command and control staging is discovered. Andrea Little Limbago from Interos looks at the intersection of social sciences and cyber. Our guest is Nelly Porter from Google Cloud on the emerging idea of confidential computing. A C2C offering restricted to potential privateers. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing...
Jul 25, 2022•27 min•Season 6Ep. 1626
Mary Writz, Vice President of Product Strategy at ForgeRock, shares how each career path she has taken has led her to where she is now. Mary describes how she has been a woman working in a male dominated field for most of her career and how she had to take charge, and she had to get the men to take charge with her. She says "I was often leading people, mostly men older than me, potentially smarter than me, more well paid than me. So I had to learn how to think about galvanizing this group to cha...
Jul 24, 2022•7 min•Season 3Ep. 109
Shifting left has been a buzzword in the application security space for several years now, and with good reason – making security an integral part of development is the only practical approach for modern agile workflows. But in their drive to build security testing into development as early as possible, many organizations are neglecting application security in later phases and losing sight of the big picture. In this episode of CyberWire-X, the CyberWire's CSO, Chief Analyst, and Senior Fellow, ...
Jul 24, 2022•27 min•Season 1Ep. 34
Rob Pantazopoulos from Secureworks, joins Dave to discuss their work on "REvil Development Adds Confidence About GOLD SOUTHFIELD Reemergence." Secureworks researchers published a new analysis on what can be considered the ‘first’ set of ransomware samples associated with the reemergence. These updated samples indicate that GOLD SOUTHFIELD has resumed operations. The research states "The identification of multiple samples containing different modifications and the lack of an official new version ...
Jul 23, 2022•21 min•Season 5Ep. 242
Traditional espionage and counterespionage during the hybrid war. Assessing Russian cyberattacks. Conti's fate and effects. Investigating cut Internet cables in France. My conversation with AD Bryan Vorndran of the FBI Cyber Division on reverse webshell operation and Hafnium. Our guest is Tom Kellermann of VMware to discuss the findings of their Modern Bank Heists report. And, finally the dark online world of “pig-butchering.” For links to all of today's stories check out our CyberWire daily new...
Jul 22, 2022•28 min•Season 6Ep. 1625
A criminal talent broker emerges. Developing threats to financial institutions. Phishing through PayPal. Lessons to be learned from LAPSUS$, post-flameout. More spearphishing of Ukrainian targets. US Cyber Command releases IOCs obtained from Ukrainian networks. Johannes Ullrich from SANS on the value of keeping technology simple. Our guests are Carla Plummer and Akilah Tunsill from the organization Black Girls in Cyber. And not really honor, but honor’s self-interested first cousin. For links to...
Jul 21, 2022•29 min•Season 6Ep. 1624
What’s Russia up to in cyberspace, nowadays? Belgium accuses China of cyberespionage. LockBit ransomware spreading through compromised servers. Malek Ben Salem from Accenture explains the Privacy Enhancing Technologies of Federated Learning with Differential Privacy guarantees. Rick Howard speaks with Rob Gurzeev from Cycognito on Data Exploitation. And Micodus GPS tracker vulnerabilities should motivate the user to turn the thing off. For links to all of today's stories check out our CyberWire ...
Jul 20, 2022•31 min•Season 6Ep. 1623
A Cozy Bear sighting. Shaking up Ukraine's intelligence services. Albania's national IT networks continue to work toward recovery. US Justice Department seizes $500k from DPRK threat actors. The FBI warns of apps designed to defraud cryptocurrency speculators. A White House meeting today addresses the cyber workforce. Ben Yelin looks at our right to record police. Our guest is Tim Knudsen, Director of Product Management for Zero Trust at Google Cloud, speaking with Rick Howard. And another trend...
Jul 19, 2022•29 min•Season 6Ep. 1622
Ukraine shakes up its security and prosecutorial services. Cyberattacks hit Albania. Advanced persistent threat actors prospect journalists. The GRU is said to be trolling researchers who look into Sandworm. Thomas Etheridge from CrowdStrike on identity management. Our guest is Robin Bell from Egress discussing their Human Activated Risk Report. And CISA opens a liaison office in London. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/new...
Jul 18, 2022•24 min•Season 6Ep. 1621
Mike Arrowsmith, Chief Trust Officer at NinjaOne, leads the organization’s IT, security, and support infrastructure to ensure they meet customers’ security and data privacy demands as it scales. Mike discusses how his career path has led him to the position he currently holds and how exciting the world of cybersecurity can be. He mentioned how he mentored students in college thinking of going into the field, and he used a metaphor to help describe the industry, saying "We are working against adv...
Jul 17, 2022•6 min•Season 3Ep. 108
On this episode of CyberWire-X, we examine double extortion ransomware. The large-scale cyber events of yesterday – Stuxnet, the Ukraine Power Grid Attack – were primarily focused on disruption. Cybercriminals soon shifted to ransomware with disruption still the key focus – and then took things to the next level with Double Extortion Ransomware. When ransomware first started to take off as the attack method of choice around 2015, the hacker playbook was focused on encrypting data, requesting pay...
Jul 17, 2022•29 min•Season 1Ep. 33
Chad Seaman, Team Lead at Akamai SIRT joins Dave to discuss their research about a record-breaking DDoS Attack. The research says "A new reflection/amplification distributed denial-of-service (DDoS) vector with a record-breaking potential amplification ratio of 4,294,967,296:1 has been abused by attackers in the wild to launch multiple high-impact DDoS attacks." Starting in mid-February 2022, security researchers, network operators, and security vendors noticed a spike in DDoS attacks. Researche...
Jul 16, 2022•25 min•Season 5Ep. 241
In this extended interview, CyberWire Daily Podcast host Dave Bittner sits down with Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly to discuss her time at CISA and the work of her team. This interview from July 15, 2022 originally aired as a shortened version on the CyberWire Daily Podcast. Learn more about your ad choices. Visit megaphone.fm/adchoices
Jul 15, 2022•35 min•Season 7Ep. 44
Gangland goes to war. Is there a "cyber world war" in progress? Ukraine thinks so. A new North Korean ransomware operation is described, but it’s not yet clear if it’s a state operation or some moonlighting by Pyongyang’s operators. Media organizations remain attractive targets for state actors. NSA releases guidance on characterizing threats and risks to microelectronics. Betsy Carmelite from Booz Allen talks about why now is the time to plan for post-quantum cryptography. Our guest is Cybersec...
Jul 15, 2022•35 min•Season 6Ep. 1620
An overview of the cyber phase of Russia's hybrid war. Smartphones as sources of targeting information. Lilith enters the ransomware game. ChromeLoader makes a fresh appearance. Honda acknowledges that Rolling-PWN is real (but says it's not as serious as some think). Part two of Carole Theriault’s conversation with Jen Caltrider from Mozilla's Privacy Not Included initiative. Our guest is Josh Yavor of Tessian to discuss Accidental Data Loss Over Email. A guilty verdict in the Vault 7 case. For ...
Jul 14, 2022•30 min•Season 6Ep. 1619
Adversary-in-the-middle sites support business email compromise. Silent validation carding bot discovered. Attempted social engineering at the European Central Bank. Germany puts its shields up. Carole Theriault speaks with Jen Caltrider about Mozilla's *Privacy Not Included initiative. Our guest is Lucia Milica on Proofpoint’s Voice of the CISO report. And Hacktivism in a hybrid war. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsle...
Jul 13, 2022•27 min•Season 6Ep. 1618
High-end and low-end extortion. Vehicles from Honda may soon be rolling off the lot. Social media and open-source intelligence. Russian cyberattacks spread internationally. Joe Carrigan surveys items for sale in dark web markets. Our guest is Jonathan Wilson of AU10TIX to discuss consumer sentiment around data privacy. Preparing for cyber combat. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/132 Selected re...
Jul 12, 2022•28 min•Season 6Ep. 1617
More deniable DDoS attacks strike countries friendly to Ukraine. Predatory Sparrow's assault on Iran's steel industry. A callback phishing campaign impersonates security companies. The Anubis Network is back. Thomas Etheridge from CrowdStrike on the importance of outside threat hunting. Rick Howard weighs in on sentient AI. And a ransomware gang ups the ante. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/13...
Jul 11, 2022•26 min•Season 6Ep. 1616
Simone Petrella, CEO of cybersecurity training workforce firm CyberVista, spent her career in the Department of Defense as a threat intelligence analyst before founding CyberVista. She says that running a company has a new set of challenges each day thrown at you. She explains that the way she finds the most success is by letting her team contribute to each matter, and having a say in the decisions made as they pertain to each department. Simone says "I would say is I am a firm firm believer in ...
Jul 10, 2022•7 min•Season 3Ep. 107
Alden Wahlstrom, senior analyst on Mandiant's Information Operations Team, shares a comprehensive overview and analysis of the various information operations activities they’ve seen while responding to the Russian invasion. While the full extent of the Russia-Ukraine war has yet to come to light, more than two months after the start of the invasion, Mandiant has identified activity that they believed to be information operations campaigns conducted by actors possibly in support of the political ...
Jul 09, 2022•19 min•Season 5Ep. 240
An update on cyber operations in the hybrid war. NPM compromise updates. Free decryptors for AstraLocker and Yashma ransomware. Johannes Ullrich from SANS on attacks against Perimeter Security Devices. Our guest is Sonali Shah from Invicti Security with a look at DevSecOps anxiety. And who’s the villain who hijacked the Instagram account of Disneyland? For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/130 Selec...
Jul 08, 2022•27 min•Season 6Ep. 1615
