Cloned from NIW9QIO8XB 1 http://feed.informer.com/digests/FYIYIZJYNA/feeder Cloned from NIW9QIO8XB 1 Respective post owners and feed distributors Tue, 02 Oct 2018 12:41:44 +0000 Feed Informer http://feed.informer.com/ Reactions to allegations in Georgia’s October cyber incidents. Commodification of spamming kit. Satellite vulnerabilities. Election security. FISA reauthorization? Mr. Assange’s extradition. RSAC 2020. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_02_24.mp3 The CyberWire - Your cyber security news connection. urn:uuid:7ec24b53-9db2-a5ac-27ee-6c66ed3cfe24 Mon, 24 Feb 2020 20:54:40 +0000 <p>The EU condemns Russian cyberattacks on Georgia, and Russia says Russia didn’t do it--it’s all propaganda. Skids can buy spamming tools for less than twenty bucks. Satellite constellations offer an expanding attack surface. Amid continuing worries about US election security, the question of Russian trolling or home-grown American vitriol arises in Nevada (but the smart money’s on the U S of A). FISA reauthorization is coming up. And hello from RSAC 2020. Joe Carrigan from JHU ISI on SIM swappers targeting carrier employees, guest is Erez Yalon from Checkmarx on the recently published OWASP API Security Top Ten list.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_24.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>The EU condemns Russian cyberattacks on Georgia, and Russia says Russia didn’t do it--it’s all propaganda. Skids can buy spamming tools for less than twenty bucks. Satellite constellations offer an expanding attack surface. Amid continuing worries about US election security, the question of Russian trolling or home-grown American vitriol arises in Nevada (but the smart money’s on the U S of A). FISA reauthorization is coming up. And hello from RSAC 2020. Joe Carrigan from JHU ISI on SIM swappers targeting carrier employees, guest is Erez Yalon from Checkmarx on the recently published OWASP API Security Top Ten list.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_24.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Rigging the game. http://traffic.libsyn.com/thecyberwire/Rigging_the_game._Rebroadcast-.mp3 The CyberWire - Your cyber security news connection. urn:uuid:7b211523-42d8-3237-c4a4-3816ee3e6cb4 Sun, 23 Feb 2020 06:00:00 +0000 <p>*This is a rebroadcast from our Cyber Law and Policy show, Caveat.*</p> <p>Ben describes a decades-long global espionage campaign alleged to have been carried out by the CIA and NSA, Dave shares a story about the feds using cell phone location data for immigration enforcement, and later in the show our conversation with Drew Harwell from the Washington Post on his article on how Colleges are turning students’ phones into surveillance machines.</p> <p>Remember to subscribe to Caveat in your podcasting platform of choice. </p> <p>Links to stories:</p> <p><a href= "https://www.washingtonpost.com/graphics/2020/world/national-security/cia-crypto-encryption-machines-espionage/?itid=hp_hp-banner-main_crypto-730am%3Ahomepage%2Fstory-ans"> ‘The intelligence coup of the century’</a></p> <p><a href= "https://www.baltimoresun.com/news/bs-xpm-1995-12-10-1995344001-story.html"> RIGGING THE GAME Spy sting</a></p> <p><a href= "https://www.wsj.com/articles/federal-agencies-use-cellphone-location-data-for-immigration-enforcement-11581078600?emailToken=73f514241d110392d7e574efb625b8d3n1nsgMbRzM3fjIzvBMD1LS5C9PLDgNunwwKjTZhVMdmz5WrEfzEYbIS6yLadfSZwSSBtn+KnxVlNlHarPJC4EljV0n6GMjs/QKLj3tzWj0Wi3BrJ57kWNt/GLLpC6ZRSDweHEqAZqPWy3l9z2/ALig%3D%3D&reflink=article_copyURL_share"> Federal Agencies Use Cellphone Location Data for Immigration Enforcement</a></p> <p>Thanks to our sponsor, <a href= "https://www.knowbe4.com/">KnowBe4</a>.</p> <p>*This is a rebroadcast from our Cyber Law and Policy show, Caveat.*</p> <p>Ben describes a decades-long global espionage campaign alleged to have been carried out by the CIA and NSA, Dave shares a story about the feds using cell phone location data for immigration enforcement, and later in the show our conversation with Drew Harwell from the Washington Post on his article on how Colleges are turning students’ phones into surveillance machines.</p> <p>Remember to subscribe to Caveat in your podcasting platform of choice. </p> <p>Links to stories:</p> <p><a href= "https://www.washingtonpost.com/graphics/2020/world/national-security/cia-crypto-encryption-machines-espionage/?itid=hp_hp-banner-main_crypto-730am%3Ahomepage%2Fstory-ans"> ‘The intelligence coup of the century’</a></p> <p><a href= "https://www.baltimoresun.com/news/bs-xpm-1995-12-10-1995344001-story.html"> RIGGING THE GAME Spy sting</a></p> <p><a href= "https://www.wsj.com/articles/federal-agencies-use-cellphone-location-data-for-immigration-enforcement-11581078600?emailToken=73f514241d110392d7e574efb625b8d3n1nsgMbRzM3fjIzvBMD1LS5C9PLDgNunwwKjTZhVMdmz5WrEfzEYbIS6yLadfSZwSSBtn+KnxVlNlHarPJC4EljV0n6GMjs/QKLj3tzWj0Wi3BrJ57kWNt/GLLpC6ZRSDweHEqAZqPWy3l9z2/ALig%3D%3D&reflink=article_copyURL_share"> Federal Agencies Use Cellphone Location Data for Immigration Enforcement</a></p> <p>Thanks to our sponsor, <a href= "https://www.knowbe4.com/">KnowBe4</a>.</p> New vulnerabilities in PC sound cards. http://traffic.libsyn.com/thecyberwire/New_vulnerabilities_in_PC_sound_cards.mp3 The CyberWire - Your cyber security news connection. urn:uuid:8266f1f8-efb9-0ccd-e892-59729e3fbc7b Sat, 22 Feb 2020 06:00:00 +0000 <p>SafeBreach Labs discovered a new vulnerability in the Realtek HD Audio Driver Package, which is deployed on PCs containing Realtek sound cards. </p> <p>On this week's Research Saturday, our conversation with Itzik Kotler, who is Co-Founder and CTO at SafeBreach. </p> <p>The research can be found here: </p> <p><a href= "https://safebreach.com/Post/Realtek-HD-Audio-Driver-Package-DLL-Preloading-and-Potential-Abuses-CVE-2019-19705"> Realtek HD Audio Driver Package - DLL Preloading and Potential Abuses</a></p> <p>The CyberWire's Research Saturday is presented by <a href= "https://www.juniper.net/us/en/">Juniper Networks</a>.</p> <p>Thanks to our sponsor <a href= "https://www.enveil.com/">Enveil</a>, closing the last gap in data security.</p> <p>SafeBreach Labs discovered a new vulnerability in the Realtek HD Audio Driver Package, which is deployed on PCs containing Realtek sound cards. </p> <p>On this week's Research Saturday, our conversation with Itzik Kotler, who is Co-Founder and CTO at SafeBreach. </p> <p>The research can be found here: </p> <p><a href= "https://safebreach.com/Post/Realtek-HD-Audio-Driver-Package-DLL-Preloading-and-Potential-Abuses-CVE-2019-19705"> Realtek HD Audio Driver Package - DLL Preloading and Potential Abuses</a></p> <p>The CyberWire's Research Saturday is presented by <a href= "https://www.juniper.net/us/en/">Juniper Networks</a>.</p> <p>Thanks to our sponsor <a href= "https://www.enveil.com/">Enveil</a>, closing the last gap in data security.</p> DISA data breach. More complaint against alleged GUR operations in Georgia. Trolls move from creation to curation. The UK deals with high-risk 5G vendors. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_02_21.mp3 The CyberWire - Your cyber security news connection. urn:uuid:530f89a3-9170-918b-970d-36ad8f35c6ed Fri, 21 Feb 2020 19:56:56 +0000 <p>The US Defense Information Agency discloses a data breach affecting personal information of up to two-hunred thousand individuals. More international reprobation for the alleged GRU hack of Georgian websites. Trolls move from creation to curation. Stalkerware data exposure. And a look at how the UK might actually implement its compromise position on high-risk 5G vendors. Joining us in studio, a surprise new addition to the CyberWire team, guest is Aisling MacRunnels from Synack on Women in Cyber.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_21.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>The US Defense Information Agency discloses a data breach affecting personal information of up to two-hunred thousand individuals. More international reprobation for the alleged GRU hack of Georgian websites. Trolls move from creation to curation. Stalkerware data exposure. And a look at how the UK might actually implement its compromise position on high-risk 5G vendors. Joining us in studio, a surprise new addition to the CyberWire team, guest is Aisling MacRunnels from Synack on Women in Cyber.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_21.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> DISA data breach. More complaint against alleged GUR operations in Georgia. Trolls move from creation to curation. The UK deals with high-risk 5G vendors. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_02_21.mp3 The CyberWire - Your cyber security news connection. urn:uuid:b9abd03a-0154-4825-ad1a-d3d4d4f100a0 Fri, 21 Feb 2020 19:56:56 +0000 <p>The US Defense Information Agency discloses a data breach affecting personal information of up to two-hundred thousand individuals. More international reprobation for the alleged GRU hack of Georgian websites. Trolls move from creation to curation. Stalkerware data exposure. And a look at how the UK might actually implement its compromise position on high-risk 5G vendors. Joining us in studio, a surprise new addition to the CyberWire team, guest is Aisling MacRunnels from Synack on women in cyber.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_21.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>The US Defense Information Agency discloses a data breach affecting personal information of up to two-hundred thousand individuals. More international reprobation for the alleged GRU hack of Georgian websites. Trolls move from creation to curation. Stalkerware data exposure. And a look at how the UK might actually implement its compromise position on high-risk 5G vendors. Joining us in studio, a surprise new addition to the CyberWire team, guest is Aisling MacRunnels from Synack on women in cyber.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_21.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> UK, US blame Russia for 2019 Georgia hacks. Senator Sanders thinks Russian bots could impersonate supporters. Mr. Assange’s extradition. MGM Resorts breach. Ms Winner wants a pardon. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_02_20.mp3 The CyberWire - Your cyber security news connection. urn:uuid:5db1139d-335f-1a8c-bdf1-1743bb1a1db7 Thu, 20 Feb 2020 19:45:11 +0000 <p>British and American authorities blame Russia’s GRU for last October’s defacement campaign against Georgian websites. Senator Sanders thinks maybe some of his apparent supporters are Russian bots--the ones who are tweeting bad stuff in social media. Julian Assange says he was offered a pardon to say the Russians didn’t meddle with the DNC. Stolen data from MGM Resorts turns up in a hacker forum. NSA leaker Reality Winner would like a pardon. Justin Harvey from Accenture on staying prepared against potential Iranian cyberattacks, guest is Jamie Tomasello from Cisco Duo on cognitive capacity and burnout.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_20.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>British and American authorities blame Russia’s GRU for last October’s defacement campaign against Georgian websites. Senator Sanders thinks maybe some of his apparent supporters are Russian bots--the ones who are tweeting bad stuff in social media. Julian Assange says he was offered a pardon to say the Russians didn’t meddle with the DNC. Stolen data from MGM Resorts turns up in a hacker forum. NSA leaker Reality Winner would like a pardon. Justin Harvey from Accenture on staying prepared against potential Iranian cyberattacks, guest is Jamie Tomasello from Cisco Duo on cognitive capacity and burnout.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_20.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Ransomware hits US natural gas pipeline facility. DRBControl’s espionage campaign. Firmware signing. No bill of attainder against Huawei. A mistrial in the Vault 7 case? http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_02_19.mp3 The CyberWire - Your cyber security news connection. urn:uuid:3aefcce5-bf28-f28e-2a71-838f15e6d0ef Wed, 19 Feb 2020 20:16:55 +0000 <p>CISA reports a ransomware infestation in a US natural gas compression facility--it arrived by spearphishing and there are, CISA thinks, larger lessons to be learned. A new threat actor, possibly linked to China’s government, is running an espionage campaign against gambling and betting operations in Southeast Asia. More notes on firmware signatures. Huawei loses one in US Federal Court, and the defense asks for a mistrial in the Vault 7 case. Caleb Barlow from CynergisTek on Wigle and the impact your SSID name can have on your privacy, guest is Anita D’Amico from CodeDX on which developers and teams are more likely to write vulnerable software.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_19.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>CISA reports a ransomware infestation in a US natural gas compression facility--it arrived by spearphishing and there are, CISA thinks, larger lessons to be learned. A new threat actor, possibly linked to China’s government, is running an espionage campaign against gambling and betting operations in Southeast Asia. More notes on firmware signatures. Huawei loses one in US Federal Court, and the defense asks for a mistrial in the Vault 7 case. Caleb Barlow from CynergisTek on Wigle and the impact your SSID name can have on your privacy, guest is Anita D’Amico from CodeDX on which developers and teams are more likely to write vulnerable software.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_19.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Fox Kitten campaign linked to Iran. LokiBot’s new clothes. Unsigned firmware. Iowa Democratic caucus post-mortem. SoftBank and the GRU. Hacker madness. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_02_18.mp3 The CyberWire - Your cyber security news connection. urn:uuid:dd7894e9-c17c-c6a0-deb2-107cc13ee582 Tue, 18 Feb 2020 22:02:14 +0000 <p>Fox Kitten appears to combine three APTs linked to Iran. LokiBot is masquerading as an installer for Epic Games. Unsigned firmware found in multiple devices. Extortionists threaten to flood AdSense banners with bot traffic. China says the Empire of Hackers is in Washington, not Beijing. Iowa Democratic caucus IT post-mortems continue. Japan connects SoftBank breach to GRU. And more on that hacker-madness poster from the West Midlands. Ben Yelin from UMD CHHS on wireless carriers selling location data. Guest is Kaitlin Bulavinetz from Washington Cyber Roundtable on facilitating conversations among the industry. </p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_18.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>Fox Kitten appears to combine three APTs linked to Iran. LokiBot is masquerading as an installer for Epic Games. Unsigned firmware found in multiple devices. Extortionists threaten to flood AdSense banners with bot traffic. China says the Empire of Hackers is in Washington, not Beijing. Iowa Democratic caucus IT post-mortems continue. Japan connects SoftBank breach to GRU. And more on that hacker-madness poster from the West Midlands. Ben Yelin from UMD CHHS on wireless carriers selling location data. Guest is Kaitlin Bulavinetz from Washington Cyber Roundtable on facilitating conversations among the industry. </p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_18.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Fox Kitten campaign linked to Iran. LokiBot’s new clothes. Unsigned firmware. Iowa Democratic caucus post-mortem. SoftBank and the GRU. Hacker madness. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_02_18.mp3 The CyberWire - Your cyber security news connection. urn:uuid:648f6776-0e25-9dbf-ad39-8f3a8a326177 Tue, 18 Feb 2020 20:48:41 +0000 <p>Fox Kitten appears to combine three APTs linked to Iran. LokiBot is masquerading as an installer for Epic Games. Unsigned firmware found in multiple devices. Extortionists threaten to flood AdSense banners with bot traffic. China says the Empire of Hackers is in Washington, not Beijing. Iowa Democratic caucus IT post-mortems continue. Japan connects SoftBank breach to GRU. And more on that hacker-madness poster from the West Midlands. Ben Yelin from UMD CHHS on wireless carriers selling location data. Guest is Kaitlin Bulavinetz from Washington Cyber Roundtable on facilitating conversations among the industry. </p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_18.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>Fox Kitten appears to combine three APTs linked to Iran. LokiBot is masquerading as an installer for Epic Games. Unsigned firmware found in multiple devices. Extortionists threaten to flood AdSense banners with bot traffic. China says the Empire of Hackers is in Washington, not Beijing. Iowa Democratic caucus IT post-mortems continue. Japan connects SoftBank breach to GRU. And more on that hacker-madness poster from the West Midlands. Ben Yelin from UMD CHHS on wireless carriers selling location data. Guest is Kaitlin Bulavinetz from Washington Cyber Roundtable on facilitating conversations among the industry. </p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_18.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> If you can't detect it, you can't steal it. http://traffic.libsyn.com/thecyberwire/If_you_cant_detect_it_you_cant_steal_it.mp3 The CyberWire - Your cyber security news connection. urn:uuid:251aea13-f594-ae9c-e776-d259c9195837 Sat, 15 Feb 2020 06:00:00 +0000 <p>BGN Technologies, the technology transfer company of Ben-Gurion University (BGU) of the Negev, Israel, is introducing the first all-optical “stealth” encryption technology that will be significantly more secure and private for highly-sensitive cloud computing and data center network transmission. Joining us in this special Research Saturday is BGN's Dan Sadot who helped pioneer this technology. </p> <p>The Research can be found here:</p> <div><a href= "https://in.bgu.ac.il/en/bgn/Pages/default.aspx">Ben-Gurion University Researchers Introduce the First</a></div> <div><a href= "https://in.bgu.ac.il/en/bgn/Pages/default.aspx">All-Optical, Stealth Data Encryption Technology</a></div> <p>The CyberWire's Research Saturday is presented by <a href= "https://www.juniper.net/us/en/">Juniper Networks</a>.</p> <p>Thanks to our sponsor <a href= "https://www.enveil.com/">Enveil</a>, closing the last gap in data security.</p> <p>BGN Technologies, the technology transfer company of Ben-Gurion University (BGU) of the Negev, Israel, is introducing the first all-optical “stealth” encryption technology that will be significantly more secure and private for highly-sensitive cloud computing and data center network transmission. Joining us in this special Research Saturday is BGN's Dan Sadot who helped pioneer this technology. </p> <p>The Research can be found here:</p> <a href= "https://in.bgu.ac.il/en/bgn/Pages/default.aspx">Ben-Gurion University Researchers Introduce the First</a> <a href= "https://in.bgu.ac.il/en/bgn/Pages/default.aspx">All-Optical, Stealth Data Encryption Technology</a> <p>The CyberWire's Research Saturday is presented by <a href= "https://www.juniper.net/us/en/">Juniper Networks</a>.</p> <p>Thanks to our sponsor <a href= "https://www.enveil.com/">Enveil</a>, closing the last gap in data security.</p> Huawei gets a RICO prosecution. Details on DPRK Hidden Cobra Trojans. Google takes down Chrome malvertising network. Run DNC. Hacker madness. Happy St. Valentine’s Day. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_02_14.mp3 The CyberWire - Your cyber security news connection. urn:uuid:edf1f2e3-2d88-7dd0-a01f-66188e601991 Fri, 14 Feb 2020 19:53:01 +0000 <p>The US indicts Huawei for racketeering. The FBI and CISA release details on malware used by North Korea’s Hidden Cobra. Iran attributes last week’s DDoS attack to the US. Google takes down a big malvertising and click-fraud network that exploited Chrome extensions. Reports surface of DNC involvement in IowaReporterApp. Not all official advice is necessarily good advice. And if things don’t work out with your object of affection, don’t spy on their social media accounts, OK? Craig Williams from Cisco Talos with updates on JhoneRAT. Guest is Shuvo Chatterjee from Google on their Advanced Protection Program (APP).</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_14.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>The US indicts Huawei for racketeering. The FBI and CISA release details on malware used by North Korea’s Hidden Cobra. Iran attributes last week’s DDoS attack to the US. Google takes down a big malvertising and click-fraud network that exploited Chrome extensions. Reports surface of DNC involvement in IowaReporterApp. Not all official advice is necessarily good advice. And if things don’t work out with your object of affection, don’t spy on their social media accounts, OK? Craig Williams from Cisco Talos with updates on JhoneRAT. Guest is Shuvo Chatterjee from Google on their Advanced Protection Program (APP).</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_14.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Internecine phishing in the Palestinian Territories. What could Iran do in cyberspace? US Census 2020 and cybersecurity. Mobile voting. How to make bigger money in sextortion. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_02_13.mp3 The CyberWire - Your cyber security news connection. urn:uuid:314d875b-8637-0d96-a401-79bc58046227 Thu, 13 Feb 2020 19:11:10 +0000 <p>Researchers report phishing campaigns underway in the Palestinian Territories. They appear to be a Hamas-linked effort targeting the rival Fatah organization. FireEye offers a summary of current Iranian cyber capabilities. The GAO warns that the Census Bureau still has some cyber security work to do before this year’s count. Researchers call mobile voting into question. And some observations about why some extortion brings in a bigger haul than its rivals. Johannes Ullrich from SANS Technology Center on IoT threats. Guest is Darren Van Booven from Trustwave on how to know if the CCPA applies to your organization. </p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_13.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>Researchers report phishing campaigns underway in the Palestinian Territories. They appear to be a Hamas-linked effort targeting the rival Fatah organization. FireEye offers a summary of current Iranian cyber capabilities. The GAO warns that the Census Bureau still has some cyber security work to do before this year’s count. Researchers call mobile voting into question. And some observations about why some extortion brings in a bigger haul than its rivals. Johannes Ullrich from SANS Technology Center on IoT threats. Guest is Darren Van Booven from Trustwave on how to know if the CCPA applies to your organization. </p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_13.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Facebook takes down coordinated inauthenticity. US says it’s got the goods on Huawei. EU will leave facial recognition policy up to member states. Patch Tuesday. Counting on the caucus. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_02_12.mp3 The CyberWire - Your cyber security news connection. urn:uuid:96bd6957-68b7-201b-ffda-f90711be6fc4 Wed, 12 Feb 2020 20:03:07 +0000 <p>Facebook takes down coordinated inauthenticity from Myanmar, Vietnam, Iran, and Russia. The US says it’s got the goods on Huawei’s backdoors. Notes on Patch Tuesday. The EU backs away from a five-year moratorium on facial recognition software. Switzerland takes a look at Crypto AG. And the Nevada Democratic caucus a week from Saturday will use iPads, Google Forms, and some tools to process the results. That’s “tools,” Jack, not “apps.” Ben Yelin from UMD CHHS on the Senate GOP blocking election security bills. Guest is Christopher Hadnagy from Social-Engineer, LLC on social engineering trends they are tracking. </p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_12.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>Facebook takes down coordinated inauthenticity from Myanmar, Vietnam, Iran, and Russia. The US says it’s got the goods on Huawei’s backdoors. Notes on Patch Tuesday. The EU backs away from a five-year moratorium on facial recognition software. Switzerland takes a look at Crypto AG. And the Nevada Democratic caucus a week from Saturday will use iPads, Google Forms, and some tools to process the results. That’s “tools,” Jack, not “apps.” Ben Yelin from UMD CHHS on the Senate GOP blocking election security bills. Guest is Christopher Hadnagy from Social-Engineer, LLC on social engineering trends they are tracking. </p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_12.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Pyongyang’s guide to hacking on behalf of rogue regimes. RATs in the supply chain? Data exposures and data breaches. Securing elections (and caucuses, too). http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_02_11.mp3 The CyberWire - Your cyber security news connection. urn:uuid:930ca6f9-db54-ee1f-cc18-0856cebad8c9 Tue, 11 Feb 2020 20:32:37 +0000 <p>Pyongyang establishes a template for pariah states trying to profit in cyberspace. The FBI warns that there’s a RAT in the ICS software supply chain. The US has a new counterintelligence strategy, and cyber figures in it prominently. Likud’s exposure of Israeli voter data may benefit opposition intelligence services. Notes on the Equifax breach indictments. As New Hampshire votes in its primaries, CISA warns everyone not to get impatient. And Iowa? Still counting. Robert M. Lee from Dragos on their recent report, “Industrial Cyber Attacks: A Humanitarian Crisis in the Making.” Guest is Andrew Wajs from Scenera on the NICE Alliance and Cloud Privacy. </p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_11.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>Pyongyang establishes a template for pariah states trying to profit in cyberspace. The FBI warns that there’s a RAT in the ICS software supply chain. The US has a new counterintelligence strategy, and cyber figures in it prominently. Likud’s exposure of Israeli voter data may benefit opposition intelligence services. Notes on the Equifax breach indictments. As New Hampshire votes in its primaries, CISA warns everyone not to get impatient. And Iowa? Still counting. Robert M. Lee from Dragos on their recent report, “Industrial Cyber Attacks: A Humanitarian Crisis in the Making.” Guest is Andrew Wajs from Scenera on the NICE Alliance and Cloud Privacy. </p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_11.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> US indicts PLA officers in Equifax hack. Pyongyang shows pariah states how it’s done. DDoS in Iran. Updates on Democratic Party caucus IT issues. Likud has a buggy app, too. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_02_10.mp3 The CyberWire - Your cyber security news connection. urn:uuid:411dce7e-c484-f74f-21f1-5abdcd9200b1 Mon, 10 Feb 2020 19:08:53 +0000 <p>US indicts four members of China’s People’s Liberation Army in connection with the 2017 Equifax breach. North Korea establishes an Internet template for pariah regimes’ sanctions evasion. Iran sustained a major DDoS attack Saturday. US Democratic Party seeks to avoid a repetition of the Iowa caucus in other states as the Sanders campaign asks for a partial recanvas. Israel’s Likud Party involved in a voter database exposure incident via its own app. Joe Carrigan from JHU ISI with a look back at the Clipper chip. Guest is Shannon Brewster from AT&T Cybersecurity with thoughts on election security. </p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_10.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>US indicts four members of China’s People’s Liberation Army in connection with the 2017 Equifax breach. North Korea establishes an Internet template for pariah regimes’ sanctions evasion. Iran sustained a major DDoS attack Saturday. US Democratic Party seeks to avoid a repetition of the Iowa caucus in other states as the Sanders campaign asks for a partial recanvas. Israel’s Likud Party involved in a voter database exposure incident via its own app. Joe Carrigan from JHU ISI with a look back at the Clipper chip. Guest is Shannon Brewster from AT&T Cybersecurity with thoughts on election security. </p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_10.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> The Chameleon attacks Online Social Networks http://traffic.libsyn.com/thecyberwire/The_Chameleon_attacks_Online_Social_Networks_-_Research_Saturday.mp3 The CyberWire - Your cyber security news connection. urn:uuid:0c113041-4e57-e013-a3b4-d995c0dc8e56 Sat, 08 Feb 2020 06:00:00 +0000 <p>The Chameleon attack technique is a new type of OSN-based trickery where malicious posts and profiles change the way they are displayed to OSN users to conceal themselves before the attack or avoid detection. Joining us to discuss their findings in a new report entitled "The Chameleon Attack: Manipulating Content Display in Online Social Media" is Ben-Gurion University's Rami Puzis. </p> <p>The research can be found here:</p> <p><a href="https://arxiv.org/abs/2001.05668">The Chameleon Attack: Manipulating Content Display in Online Social Media</a></p> <p><a href= "https://www.youtube.com/watch?v=CRg6Sy5Ygws">Demonstration video of a Chameleon Attack</a></p> <p>The CyberWire's Research Saturday is presented by <a href= "https://www.juniper.net/us/en/">Juniper Networks</a>.</p> <p>Thanks to our sponsor <a href= "https://www.enveil.com/">Enveil</a>, closing the last gap in data security.</p> <p>The Chameleon attack technique is a new type of OSN-based trickery where malicious posts and profiles change the way they are displayed to OSN users to conceal themselves before the attack or avoid detection. Joining us to discuss their findings in a new report entitled "The Chameleon Attack: Manipulating Content Display in Online Social Media" is Ben-Gurion University's Rami Puzis. </p> <p>The research can be found here:</p> <p><a href="https://arxiv.org/abs/2001.05668">The Chameleon Attack: Manipulating Content Display in Online Social Media</a></p> <p><a href= "https://www.youtube.com/watch?v=CRg6Sy5Ygws">Demonstration video of a Chameleon Attack</a></p> <p>The CyberWire's Research Saturday is presented by <a href= "https://www.juniper.net/us/en/">Juniper Networks</a>.</p> <p>Thanks to our sponsor <a href= "https://www.enveil.com/">Enveil</a>, closing the last gap in data security.</p> Chinese cyber espionage in Malaysia and Japan. Android Bluetooth bug. Google expels suspect apps from the Play store. More Iowa caucus finger-pointing. US preps indictments of Chinese nationals. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_02_07.mp3 The CyberWire - Your cyber security news connection. urn:uuid:8e79abfe-35ba-e7dc-45d7-dca484bff85b Fri, 07 Feb 2020 20:38:25 +0000 <p>Chinese espionage groups target Malaysian officials, and two more Japanese defense contractors say they were breached, also by China. Google patches Android problems, including an unusual Bluetooth bug. Google also expels apps that wanted unreasonable permissions from the Play store. Some in Iowa say the DNC pushed an eleventh-hour security patch to IowaReporterApp. The US may indict more Chinese nationals for hacking. More Senate reporting on 2016 Russian influence. Caleb Barlow from Synergistek with more insights on hospitals and ransomware, this time from the patient’s perspective. Guest is Matt Cauthorn from ExtraHop comparing cloud platforms’ similarities and differences.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_07.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>Chinese espionage groups target Malaysian officials, and two more Japanese defense contractors say they were breached, also by China. Google patches Android problems, including an unusual Bluetooth bug. Google also expels apps that wanted unreasonable permissions from the Play store. Some in Iowa say the DNC pushed an eleventh-hour security patch to IowaReporterApp. The US may indict more Chinese nationals for hacking. More Senate reporting on 2016 Russian influence. Caleb Barlow from Synergistek with more insights on hospitals and ransomware, this time from the patient’s perspective. Guest is Matt Cauthorn from ExtraHop comparing cloud platforms’ similarities and differences.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_07.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Iowa caucus problems induced by buggy counting and reporting app. Bitbucket repositories used to spread malware. Gamaredon active again against Ukraine. Charming Kitten’s phishing. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_02_06.mp3 The CyberWire - Your cyber security news connection. urn:uuid:a1242086-7e39-68ec-9894-cce022a67376 Thu, 06 Feb 2020 19:36:55 +0000 <p>Iowa Democrats continue to count their caucus results, and blame for the mess is falling squarely on Shadow, Inc.’s IowaReporterApp. Bitbucket repositories are found spreading malware. The attack on Toll Group turns out to be Mailto ransomware. The Gamaredon Group is active, against, against Ukrainian targets. Charming Kitten’s been phishing. And there’s a new legal theory out and about: the pain-in-the-ass defense. (We know some colleagues who’d plead to that.) Justin Harvey from Accenture on DNS over HTTPS (DoH). Guest is Peter Smith from Edgewise Networks on defending against Python attacks.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_06.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>Iowa Democrats continue to count their caucus results, and blame for the mess is falling squarely on Shadow, Inc.’s IowaReporterApp. Bitbucket repositories are found spreading malware. The attack on Toll Group turns out to be Mailto ransomware. The Gamaredon Group is active, against, against Ukrainian targets. Charming Kitten’s been phishing. And there’s a new legal theory out and about: the pain-in-the-ass defense. (We know some colleagues who’d plead to that.) Justin Harvey from Accenture on DNS over HTTPS (DoH). Guest is Peter Smith from Edgewise Networks on defending against Python attacks.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_06.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Update on the Iowa Democrats’ bad app. DDoS warning for state election sites. DDoS trends. New ransomware tracked. Tehran spoofing emails? Nintendo hacker pleads guilty. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_02_05.mp3 The CyberWire - Your cyber security news connection. urn:uuid:f1032efd-c8d2-8b01-98be-8d2cca99a6fb Wed, 05 Feb 2020 21:15:28 +0000 <p>Iowa’s Democrats are still counting their caucus results, but on the other hand they weren’t hacked. A poorly built and badly tested app is still being blamed, and that judgment seems likely to hold up. The FBI warns of a DDoS attempt against a state voter registration site. Trends in DDoS. Some new strains of ransomware are out in the wild. Spoofed emails may be an Iranian espionage effort. And the confessed Ninendo hacker cops a plea. Craig Williams from Cisco Talos with updates on Emotet. Guest is Kurtis Minder from GroupSense on the Pros and Cons of notifying breached companies.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_05.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>Iowa’s Democrats are still counting their caucus results, but on the other hand they weren’t hacked. A poorly built and badly tested app is still being blamed, and that judgment seems likely to hold up. The FBI warns of a DDoS attempt against a state voter registration site. Trends in DDoS. Some new strains of ransomware are out in the wild. Spoofed emails may be an Iranian espionage effort. And the confessed Ninendo hacker cops a plea. Craig Williams from Cisco Talos with updates on Emotet. Guest is Kurtis Minder from GroupSense on the Pros and Cons of notifying breached companies.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_05.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Buggy app delays count in Iowa Democratic caucus. US county election sites ill-prepared against influence ops. Twitter fixes API exploited by fake accounts. NIST on ransomware. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_02_04.mp3 The CyberWire - Your cyber security news connection. urn:uuid:f119b2c6-7963-c24c-4f8d-36366e683b89 Tue, 04 Feb 2020 19:58:36 +0000 <p>Iowa Democrats work to sort out app-induced confusion over Monday’s Presidential caucus. A McAfee study finds widespread susceptibility to influence operations in US county websites. Twitter fixes an API vulnerability and suspends a large network of fake accounts. NIST’s proposed ransomware defense standards are out for your review--comments are open until February 26th. Ben Yelin from UMD CHHS on rules regarding destruction of electronic evidence. Guest is Alex Burkardt from VERA on how to protect critical financial data beyond the corporate perimeter. </p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_04.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>Iowa Democrats work to sort out app-induced confusion over Monday’s Presidential caucus. A McAfee study finds widespread susceptibility to influence operations in US county websites. Twitter fixes an API vulnerability and suspends a large network of fake accounts. NIST’s proposed ransomware defense standards are out for your review--comments are open until February 26th. Ben Yelin from UMD CHHS on rules regarding destruction of electronic evidence. Guest is Alex Burkardt from VERA on how to protect critical financial data beyond the corporate perimeter. </p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_04.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> More on EKANS, the ransomware with an ICS kicker. Shipping company customer-facing IT disrupted in cyber incident. Coronavirus as phishbait. Election security, new DoD rules, and insider threats. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_02_03.mp3 The CyberWire - Your cyber security news connection. urn:uuid:63f7b504-a031-b2ad-2852-fbb8a85e81dd Mon, 03 Feb 2020 20:48:07 +0000 <p>Dragos publicly releases its full report on EKANS ransomware, the first known ransomware with a real if primitive capability against industrial control systems. An Australian logistics company struggles with an unspecified malware infestation. Coronovirus fake news used as phishbait. Election security may get an early test in Iowa. The US Department of Defense issues new cybersecurity rules for contractors. And two cases of insider threats (alleged insider threats). Joe Carrigan from JHU ISI with reactions to ransomware legislation proposed in Maryland.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_03.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>Dragos publicly releases its full report on EKANS ransomware, the first known ransomware with a real if primitive capability against industrial control systems. An Australian logistics company struggles with an unspecified malware infestation. Coronovirus fake news used as phishbait. Election security may get an early test in Iowa. The US Department of Defense issues new cybersecurity rules for contractors. And two cases of insider threats (alleged insider threats). Joe Carrigan from JHU ISI with reactions to ransomware legislation proposed in Maryland.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_03.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Eric Haseltine on his book, "The Spy in Moscow Station." http://traffic.libsyn.com/thecyberwire/Eric_Haseltine_author_of_The_Spy_in_Moscow_Station.mp3 The CyberWire - Your cyber security news connection. urn:uuid:d2b39488-4934-0ca5-af8e-13ec4b1b725d Sun, 02 Feb 2020 06:00:00 +0000 <p>On this Special Edition, our extended conversation with Eric Haseltine on his book "<a href= "https://us.macmillan.com/books/9781250301161">The Spy in Moscow Station</a>." The book... "tells of a time when—much like today—Russian spycraft had proven itself far beyond the best technology the U.S. had to offer. The perils of American arrogance mixed with bureaucratic infighting left the country unspeakably vulnerable to ultra-sophisticated Russian electronic surveillance and espionage." </p> <p>Thanks to our sponsor, <a href= "https://www.knowbe4.com/">KnowBe4</a>.</p> <p>On this Special Edition, our extended conversation with Eric Haseltine on his book "<a href= "https://us.macmillan.com/books/9781250301161">The Spy in Moscow Station</a>." The book... "tells of a time when—much like today—Russian spycraft had proven itself far beyond the best technology the U.S. had to offer. The perils of American arrogance mixed with bureaucratic infighting left the country unspeakably vulnerable to ultra-sophisticated Russian electronic surveillance and espionage." </p> <p>Thanks to our sponsor, <a href= "https://www.knowbe4.com/">KnowBe4</a>.</p> Tracking one of China's hidden hacking groups - Research Saturday http://traffic.libsyn.com/thecyberwire/Tracking_one_of_Chinas_hidden_hacking_groups_-_Research_Saturday.mp3 The CyberWire - Your cyber security news connection. urn:uuid:46b841ca-b795-9222-034f-39d7fd80b4a8 Sat, 01 Feb 2020 06:00:00 +0000 <p>Operation Wocao (我操, “Wǒ cāo”, is a Chinese curse word) is the name that Fox-IT uses to describe the hacking activities of a Chinese based hacking group.</p> <p>We are joined by Fox-IT's Maarten van Dantzig who shares his insights into their new report entitled "Operation Wocao: Shining a light on one of China’s hidden hacking groups".</p> <p>The Research can be found here:</p> <p><a href= "https://www.fox-it.com/en/news/whitepapers/operation-wocao-shining-a-light-on-one-of-chinas-hidden-hacking-groups/"> Operation Wocao: Shining a light on one of China’s hidden hacking groups</a></p> <p>The CyberWire's Research Saturday is presented by <a href= "https://www.juniper.net/us/en/">Juniper Networks</a>.</p> <p>Thanks to our sponsor <a href= "https://www.enveil.com/">Enveil</a>, closing the last gap in data security.</p> <p>Operation Wocao (我操, “Wǒ cāo”, is a Chinese curse word) is the name that Fox-IT uses to describe the hacking activities of a Chinese based hacking group.</p> <p>We are joined by Fox-IT's Maarten van Dantzig who shares his insights into their new report entitled "Operation Wocao: Shining a light on one of China’s hidden hacking groups".</p> <p>The Research can be found here:</p> <p><a href= "https://www.fox-it.com/en/news/whitepapers/operation-wocao-shining-a-light-on-one-of-chinas-hidden-hacking-groups/"> Operation Wocao: Shining a light on one of China’s hidden hacking groups</a></p> <p>The CyberWire's Research Saturday is presented by <a href= "https://www.juniper.net/us/en/">Juniper Networks</a>.</p> <p>Thanks to our sponsor <a href= "https://www.enveil.com/">Enveil</a>, closing the last gap in data security.</p> The Winnti Group is interested in Hong Kong protestors. The UK, the US, and the EU all look for a cooperative way forward into 5G. DDoS for hire hits an independent Serbian media outlet. Ransomware may have hit a US defense contractor. EvilCorp is back. T http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_01_31.mp3 The CyberWire - Your cyber security news connection. urn:uuid:5230121c-f878-7c68-ecb3-44130b33b973 Fri, 31 Jan 2020 21:12:14 +0000 <p>The Winnti Group is interested in Hong Kong protestors. The UK, the US, and the EU all look for a cooperative way forward into 5G. DDoS for hire hits an independent Serbian media outlet. Ransomware may have hit a US defense contractor. EvilCorp is back. The Sodinokibi ransomware gang is running an essay contest. And the 2015 Ashley Madison breach keeps on giving, in the form of blackmail. Emily Wilson from Terbium Labs on the sale of “points” and “status benefits” on the dark web. Guest is Michael Sutton from Stonemill Ventures with insights from the cyber VC world.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_31.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>The Winnti Group is interested in Hong Kong protestors. The UK, the US, and the EU all look for a cooperative way forward into 5G. DDoS for hire hits an independent Serbian media outlet. Ransomware may have hit a US defense contractor. EvilCorp is back. The Sodinokibi ransomware gang is running an essay contest. And the 2015 Ashley Madison breach keeps on giving, in the form of blackmail. Emily Wilson from Terbium Labs on the sale of “points” and “status benefits” on the dark web. Guest is Michael Sutton from Stonemill Ventures with insights from the cyber VC world.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_31.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Hacking the UN. Avast closes Jumpshot over privacy uproar. Facebook settles a biometric lawsuit. Data exposures, a LiveRamp compromise, and more newly aggressive ransomware. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_01_30.mp3 The CyberWire - Your cyber security news connection. urn:uuid:6ced4dee-8865-be92-02d7-ec753acbce44 Thu, 30 Jan 2020 20:53:29 +0000 <p>UN agencies in Geneva and Vienna were successfully hacked last summer in an apparent espionage campaign. Avast shuts down its Jumpshot data analysis subsidiary and resolves to stick to its security last. Facebook reaches a preliminary, $550 million settlement in a privacy class-action lawsuit. SpiceJet and Sprint suffer data exposures. LiveRamp was compromised for ad fraud. And Russia blocks ProtonMail and StartMail. Caleb Barlow from Cynergistek on the business impact of ransomware on a hospital. Guest is Matthew Doan, cyberecurity policy fellow at New America, discussing his recent recent Harvard Business Review article “Companies Need to Rethink What Cybersecurity Leadership Is.”</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_30.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>UN agencies in Geneva and Vienna were successfully hacked last summer in an apparent espionage campaign. Avast shuts down its Jumpshot data analysis subsidiary and resolves to stick to its security last. Facebook reaches a preliminary, $550 million settlement in a privacy class-action lawsuit. SpiceJet and Sprint suffer data exposures. LiveRamp was compromised for ad fraud. And Russia blocks ProtonMail and StartMail. Caleb Barlow from Cynergistek on the business impact of ransomware on a hospital. Guest is Matthew Doan, cyberecurity policy fellow at New America, discussing his recent recent Harvard Business Review article “Companies Need to Rethink What Cybersecurity Leadership Is.”</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_30.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Ransomware in industrial control systems. Phone hacks, proved and unproved. Britain’s compromise decision on Huawei. Wawa cards in the Joker’s Stash. CardPlanet boss pleads guilty. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_01_29.mp3 The CyberWire - Your cyber security news connection. urn:uuid:a661236f-9c37-2edf-4052-f0e00e06b107 Wed, 29 Jan 2020 20:18:24 +0000 <p>Snake ransomware appears to have hit industrial control systems, and may be connected to Iran. The verdict on the Saudi hack of Mr. Bezos’ phone seems to stand at not proven, but the Kingdom does seem to have used Pegasus intercept tools against journalists and critics of the regime. Neither the US nor China are happy with Britain’s decision on Huawei. Cards from the Wawa breach are on sale in the Joker’s Stash. And CardPlanet’s boss will do some Federal time. Ben Yelin from UMD CHHS on AOC’s comments during House hearings on facial recognition technology. Guest is Dan Conrad from One Identity on sophisticated “pass the hash” attacks.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_29.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>Snake ransomware appears to have hit industrial control systems, and may be connected to Iran. The verdict on the Saudi hack of Mr. Bezos’ phone seems to stand at not proven, but the Kingdom does seem to have used Pegasus intercept tools against journalists and critics of the regime. Neither the US nor China are happy with Britain’s decision on Huawei. Cards from the Wawa breach are on sale in the Joker’s Stash. And CardPlanet’s boss will do some Federal time. Ben Yelin from UMD CHHS on AOC’s comments during House hearings on facial recognition technology. Guest is Dan Conrad from One Identity on sophisticated “pass the hash” attacks.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_29.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Huawei will play in UK infrastructure, at least a little. Citizen Lab on KINGDOM, a Pegasus operator. Avast and sale of user data. Happy Data Privacy Day. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_01_28.mp3 The CyberWire - Your cyber security news connection. urn:uuid:60995971-371d-5a10-6f07-c6752f2333e6 Tue, 28 Jan 2020 20:41:36 +0000 <p>Britain decides to let Huawei into its 5G infrastructure, just a little bit, anyway. Citizen Lab reports on its investigation of Saudi use of Pegasus spyware against journalists. Avast is again collecting user data and sharing anonymized data with a subsidiary for sale to business customers. Some Data Privacy Day thoughts on agreeing to terms and conditions, with reflections on the first systematic look at End User License Agreements, found in the final chapter of Plato’s Republic. Joe Carrigan from JHU ISI on evolving ransomware business models. Guest is Dr. Christopher Pierson from BLACKCLOAK with insights on the alleged Bezos phone hack and the vulnerabilities of high-profile individuals.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_28.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>Britain decides to let Huawei into its 5G infrastructure, just a little bit, anyway. Citizen Lab reports on its investigation of Saudi use of Pegasus spyware against journalists. Avast is again collecting user data and sharing anonymized data with a subsidiary for sale to business customers. Some Data Privacy Day thoughts on agreeing to terms and conditions, with reflections on the first systematic look at End User License Agreements, found in the final chapter of Plato’s Republic. Joe Carrigan from JHU ISI on evolving ransomware business models. Guest is Dr. Christopher Pierson from BLACKCLOAK with insights on the alleged Bezos phone hack and the vulnerabilities of high-profile individuals.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_28.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> A cyber espionage campaign is to use DNS hijacking. More observations on l’affaire Bezos. Operation Night Fury versus e-commerce hackers. Farewell to Clayton Christensen. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_01_27_1.mp3 The CyberWire - Your cyber security news connection. urn:uuid:888aa3cc-06fc-6f60-b916-f1923ef2224f Mon, 27 Jan 2020 20:44:35 +0000 <p>Someone has been running a DNS hijacking campaign against governments in southeast Europe and southwest Asia, and Reuters thinks that someone looks like Turkey. Experts would like to see a more thorough forensic analysis of Mr. Bezos’ iPhone: that hack may look like a Saudi job, but the evidence remains circumstantial. Interpol’s Operation Night Fury dismantles a gang that had been preying on e-commerce. And ave atque vale, Clayton Christensen, theorist of disruptive innovation. Robert M. Lee from Dragos with 2020 predictions (reluctantly).</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_27.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p> </p> <p>Someone has been running a DNS hijacking campaign against governments in southeast Europe and southwest Asia, and Reuters thinks that someone looks like Turkey. Experts would like to see a more thorough forensic analysis of Mr. Bezos’ iPhone: that hack may look like a Saudi job, but the evidence remains circumstantial. Interpol’s Operation Night Fury dismantles a gang that had been preying on e-commerce. And ave atque vale, Clayton Christensen, theorist of disruptive innovation. Robert M. Lee from Dragos with 2020 predictions (reluctantly).</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_27.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p> </p> Hank Thomas and Mike Doniger, getting the specs on the cyber SPAC http://traffic.libsyn.com/thecyberwire/Hank_Thomas_and_Mike_Doniger_from_SCVX_describing_their_plan_to_bring_a_funding_mechanism_known_as_a_SPAC_to_cyber_security_-_Special_Edition.mp3 The CyberWire - Your cyber security news connection. urn:uuid:16dd27ac-358e-955f-1e29-5bc3e6779c6c Sun, 26 Jan 2020 06:00:00 +0000 <p>In this special edition, our extended conversation with Hank Thomas and Mike Doniger from their new company SCVX. Both experienced investors, their plan is to bring a new funding mechanism known as a SPAC to cyber security which, they say, is new to the space. </p> <p>Thanks to our sponsor, <a href="https://isi.jhu.edu/">The Johns Hopkins University Information Security Institute. </a></p> <p>In this special edition, our extended conversation with Hank Thomas and Mike Doniger from their new company SCVX. Both experienced investors, their plan is to bring a new funding mechanism known as a SPAC to cyber security which, they say, is new to the space. </p> <p>Thanks to our sponsor, <a href="https://isi.jhu.edu/">The Johns Hopkins University Information Security Institute. </a></p> Know Thine Enemy - Identifying North American Cyber Threats - Research Saturday http://traffic.libsyn.com/thecyberwire/Know_Thy_Enemy_-_Identifying_North_American_Cyber_Threats_-_Research_Saturday.mp3 The CyberWire - Your cyber security news connection. urn:uuid:517f93e0-a46a-5e0d-3599-12574a2d50b2 Sat, 25 Jan 2020 06:00:00 +0000 <p>The electric utility industry is a valuable target for adversaries seeking to exploit industrial control systems (ICS) and operations technology (OT) for a variety of purposes. As adversaries and their sponsors invest more effort and money into obtaining effects-focused capabilities, the risk of a disruptive or destructive attack on the electric sector significantly increases.</p> <p>Selena Larson from Dragos joins us to discuss their new report North American Electric Cyber Threat Perspective.</p> <p>The report can be found here:<br /> <a href= "https://dragos.com/resource/north-american-electric-cyber-threat-perspective/"> North American Electric Cyber Threat Perspective</a></p> <p>The CyberWire's Research Saturday is presented by <a href= "https://www.juniper.net/us/en/">Juniper Networks</a>.</p> <p>Thanks to our sponsor <a href= "https://www.enveil.com/">Enveil</a>, closing the last gap in data security.</p> <p>The electric utility industry is a valuable target for adversaries seeking to exploit industrial control systems (ICS) and operations technology (OT) for a variety of purposes. As adversaries and their sponsors invest more effort and money into obtaining effects-focused capabilities, the risk of a disruptive or destructive attack on the electric sector significantly increases.</p> <p>Selena Larson from Dragos joins us to discuss their new report North American Electric Cyber Threat Perspective.</p> <p>The report can be found here: <a href= "https://dragos.com/resource/north-american-electric-cyber-threat-perspective/"> North American Electric Cyber Threat Perspective</a></p> <p>The CyberWire's Research Saturday is presented by <a href= "https://www.juniper.net/us/en/">Juniper Networks</a>.</p> <p>Thanks to our sponsor <a href= "https://www.enveil.com/">Enveil</a>, closing the last gap in data security.</p> PupyRAT is back. So is the Konni Group. Twitter storm over claims that MBS hacked Jeff Bezos. Anti-disinformaiton laws considered. Canada is ready to impose costs on cyber attackers. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_01_24.mp3 The CyberWire - Your cyber security news connection. urn:uuid:8da92af5-5ef6-ad36-48fe-d782d75e4b14 Fri, 24 Jan 2020 20:49:33 +0000 <p>PupyRAT was found in a European energy organization: it may be associated with Iranian threat actors. Another threat actor, the Konni Group, was active against a US government agency last year. Saudi Arabia maintains it had nothing to do with hacking Jeff Bezos’s phone. The EU and Ukraine separately consider anti-disinformation regulations. Canada may be ready to “impose costs” in cyberspace. And Huawei’s a threat, but what’re you gonna do? Justin Harvey from Accenture with an outlook on 2020. Guests are Hank Thomas and Mike Doniger from SCVX, describing their plan to bring a funding mechanism know as a SPAC to cyber security.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_24.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>PupyRAT was found in a European energy organization: it may be associated with Iranian threat actors. Another threat actor, the Konni Group, was active against a US government agency last year. Saudi Arabia maintains it had nothing to do with hacking Jeff Bezos’s phone. The EU and Ukraine separately consider anti-disinformation regulations. Canada may be ready to “impose costs” in cyberspace. And Huawei’s a threat, but what’re you gonna do? Justin Harvey from Accenture with an outlook on 2020. Guests are Hank Thomas and Mike Doniger from SCVX, describing their plan to bring a funding mechanism know as a SPAC to cyber security.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_24.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Phishing with a RAT in the Gulf. More on how Jeff Bezos was hacked. Microsoft discloses data exposure. Ransomware continues to dump data. Windows 7, already back from the great beyond. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_01_23.mp3 The CyberWire - Your cyber security news connection. urn:uuid:83a35c37-94b0-546d-973a-9dd69a4f3a1c Thu, 23 Jan 2020 20:05:48 +0000 <p><span style="font-weight: 400;">There’s more phishing around the Arabian Gulf, but it doesn’t look local. Reactions to Brazil’s indictment of Glenn Greenwald. The forensic report on Jeff Bezos’s smartphone has emerged, and the UN wants some investigating. Microsoft discloses an exposed database, now secured. Ransomware gets even leakier--if it hits you, assume a data breach. And Windows 7 is going to enjoy an afterlife in software Valhalla--you know, around Berlin. Tom Etheridge from CrowdStrike with thoughts on incident response plans.</span></p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_23.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>There’s more phishing around the Arabian Gulf, but it doesn’t look local. Reactions to Brazil’s indictment of Glenn Greenwald. The forensic report on Jeff Bezos’s smartphone has emerged, and the UN wants some investigating. Microsoft discloses an exposed database, now secured. Ransomware gets even leakier--if it hits you, assume a data breach. And Windows 7 is going to enjoy an afterlife in software Valhalla--you know, around Berlin. Tom Etheridge from CrowdStrike with thoughts on incident response plans.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_23.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> The UN takes up a case of spyware; it’s linked to an extrajudicial killing. Glenn Greenwald indicted on hacking charges in Brazil. NetWire and StarsLord are back. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_01_22.mp3 The CyberWire - Your cyber security news connection. urn:uuid:8110d00d-f25c-bc03-cabb-9ed70ba00f6b Wed, 22 Jan 2020 20:55:44 +0000 <p>UN rapporteurs say that the Saudi Crown Prince was probably involved in the installation of spyware on Amazon founder Jeff Bezos’s personal phone. Brazilian prosecutors have indicted Glenn Greenwald, co-founder of the Intercept, on hacking charges. IBM describes a renewed NetWire campaign, and Microsoft says StarsLord is back, too. And in cyberspace, there’s nothing new on the US-Iranian front. Ben Yelin from UMD CHHS on surveillance cameras hidden in gravestones. Guest is Sean Frazier from Cisco Duo on their most recent State of the Auth report. </p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_22.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>UN rapporteurs say that the Saudi Crown Prince was probably involved in the installation of spyware on Amazon founder Jeff Bezos’s personal phone. Brazilian prosecutors have indicted Glenn Greenwald, co-founder of the Intercept, on hacking charges. IBM describes a renewed NetWire campaign, and Microsoft says StarsLord is back, too. And in cyberspace, there’s nothing new on the US-Iranian front. Ben Yelin from UMD CHHS on surveillance cameras hidden in gravestones. Guest is Sean Frazier from Cisco Duo on their most recent State of the Auth report. </p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_22.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> RATs, backdoors, and a remote code execution zero-day. Hoods breach Mitsubishi Electric. Telnet credentials dumped. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_01_21.mp3 The CyberWire - Your cyber security news connection. urn:uuid:5aee0e49-3d30-33de-168f-83bbbfe39d3a Tue, 21 Jan 2020 19:28:54 +0000 <p>A new RAT goes after Arabic-speaking targets. Updates on US-Iranian tension in cyberspace. An Internet Explorer bug is being exploited in the wild; a patch will arrive in February. A pseudo-vigilante seems to be preparing Citrix devices for future exploitation. Mitsubishi Electric discloses a breach. A booter service dumps half a million Telnet credentials online. And tomorrow is the last day to file a claim under the Equifax breach settlement. Joe Carrigan from JHU ISI with the story of a random encounter that set him on his professional path. Carole Theriault speaks with Jon Fielding from Apricorn on whether or not anything has really changed with GDPR, 18 months into it.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_21.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>A new RAT goes after Arabic-speaking targets. Updates on US-Iranian tension in cyberspace. An Internet Explorer bug is being exploited in the wild; a patch will arrive in February. A pseudo-vigilante seems to be preparing Citrix devices for future exploitation. Mitsubishi Electric discloses a breach. A booter service dumps half a million Telnet credentials online. And tomorrow is the last day to file a claim under the Equifax breach settlement. Joe Carrigan from JHU ISI with the story of a random encounter that set him on his professional path. Carole Theriault speaks with Jon Fielding from Apricorn on whether or not anything has really changed with GDPR, 18 months into it.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_21.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Clever breaches demonstrate IoT security gaps - Research Saturday http://traffic.libsyn.com/thecyberwire/Clever_breaches_demonstrate_IoT_security_gaps_-_Research_Saturday.mp3 The CyberWire - Your cyber security news connection. urn:uuid:5b05ae37-7361-71f6-5623-057c57cc6ac8 Sat, 18 Jan 2020 06:00:00 +0000 <p>Some of our favorite and most trusted IoT devices help make us feel secure in our homes. From garage door openers to the locks on our front doors, we trust these devices to recognize and alert us when people are entering our home. It should come as no surprise that these too are subject to attack. </p> <p>Steve Povolny is head of advanced research at McAfee; we discuss a pair of research projects they recently published involving popular IoT devices. </p> <p>The research can be found here:</p> <p><a href= "https://www.youtube.com/watch?v=nqi42aSQIKY&t=7s">McAfee Advanced Threat Research demo McLear NFC Ring</a></p> <p><a href="https://www.youtube.com/watch?v=6ZgK_r7g7kA">McAfee Advanced Threat Research Demo Chamberlain MyQ</a></p> <p>The CyberWire's Research Saturday is presented by Juniper Networks.</p> <p>Thanks to our sponsor <a href= "https://www.enveil.com/">Enveil</a>, closing the last gap in data security.</p> <p>Some of our favorite and most trusted IoT devices help make us feel secure in our homes. From garage door openers to the locks on our front doors, we trust these devices to recognize and alert us when people are entering our home. It should come as no surprise that these too are subject to attack. </p> <p>Steve Povolny is head of advanced research at McAfee; we discuss a pair of research projects they recently published involving popular IoT devices. </p> <p>The research can be found here:</p> <p><a href= "https://www.youtube.com/watch?v=nqi42aSQIKY&t=7s">McAfee Advanced Threat Research demo McLear NFC Ring</a></p> <p><a href="https://www.youtube.com/watch?v=6ZgK_r7g7kA">McAfee Advanced Threat Research Demo Chamberlain MyQ</a></p> <p>The CyberWire's Research Saturday is presented by Juniper Networks.</p> <p>Thanks to our sponsor <a href= "https://www.enveil.com/">Enveil</a>, closing the last gap in data security.</p> Hacks, and rumors of hacks. Burisma incident under investigation. SharePoint exploitation. How to spark a run on a bank. WeLinkInfo taken down. Phishbait update. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_01_17.mp3 The CyberWire - Your cyber security news connection. urn:uuid:6e368bb7-57ce-5aaa-cfc9-7f5da732a5f1 Fri, 17 Jan 2020 18:55:16 +0000 <p>Hacks and rumors of hacks surrounding US-Iranian tension. Ukrainian authorities are looking into the Burisma hack, and they’d like FBI assistance. The FBI quietly warns that two US cities were hacked by a foreign service. The New York Fed has thoughts on how a cyberattack could cascade into a run on banks. Arrests and a site takedown in the WeLeakInfo case. And a quick look at the chum being dangled in front of prospective phishing victims these days. Emily Wilson from Terbium Labs on synthetic identity detection. Guest is Eric Haseltine, author of The Spy in Moscow Station.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_17.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>Hacks and rumors of hacks surrounding US-Iranian tension. Ukrainian authorities are looking into the Burisma hack, and they’d like FBI assistance. The FBI quietly warns that two US cities were hacked by a foreign service. The New York Fed has thoughts on how a cyberattack could cascade into a run on banks. Arrests and a site takedown in the WeLeakInfo case. And a quick look at the chum being dangled in front of prospective phishing victims these days. Emily Wilson from Terbium Labs on synthetic identity detection. Guest is Eric Haseltine, author of The Spy in Moscow Station.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_17.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Curveball proofs-of-concept. CISA warns chemical industry. Military families harassed online. Phishing the UN. Fleeceware in the Play Store. Moscow says there was no Burisma hack. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_01_16.mp3 The CyberWire - Your cyber security news connection. urn:uuid:24186968-438a-3e77-f003-e1751be91576 Thu, 16 Jan 2020 20:43:38 +0000 <p>Proof-of-concept exploits for the CryptoAPI vulnerability Microsoft patched this week have been released. CISA warns the chemical industry to look to its security during this period of what the agency calls “heightened geopolitical tension.” Families of deployed US soldiers receive threats via social media. Someone’s been phishing in Turtle Bay. More fleeceware turns up in the Play Store. And Moscow heaps scorn on anyone who thinks they hacked Burisma. Craig Williams from Cisco Talos on how adversaries take advantage of politics. Guest is Ron Hayman from AVANT on how companies might leverage Trusted Advisors to proactively prepare their security response.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_16.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>Proof-of-concept exploits for the CryptoAPI vulnerability Microsoft patched this week have been released. CISA warns the chemical industry to look to its security during this period of what the agency calls “heightened geopolitical tension.” Families of deployed US soldiers receive threats via social media. Someone’s been phishing in Turtle Bay. More fleeceware turns up in the Play Store. And Moscow heaps scorn on anyone who thinks they hacked Burisma. Craig Williams from Cisco Talos on how adversaries take advantage of politics. Guest is Ron Hayman from AVANT on how companies might leverage Trusted Advisors to proactively prepare their security response.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_16.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Disclosure, patching, and warning. Norway takes on “out-of-control” data sharing by dating apps. Ransomware all-in on doxing. What to do about Huawei. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_01_15.mp3 The CyberWire - Your cyber security news connection. urn:uuid:2227090f-0643-c058-56a6-a59ca7c413dc Wed, 15 Jan 2020 19:38:42 +0000 <p>NSA gives Microsoft a heads-up about a Windows vulnerability, and CISA is right behind them with instructions for Federal civilian agencies and advice for everyone else. Norway’s Consumer Council finds that dating apps are “out of control” with the way they share data. Ransomware goes all-in for doxing. The US pushes the UK on Huawei as Washington prepares further restrictions on the Chinese companies. And think twice before you book that alt-coin conference in Pyongyang. Johannes Ullrich from SANS Technology on malicious AutoCAD files. Guest is Chris Duvall from Chertoff Group with an overview of the current state of ransomware. </p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_15.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>NSA gives Microsoft a heads-up about a Windows vulnerability, and CISA is right behind them with instructions for Federal civilian agencies and advice for everyone else. Norway’s Consumer Council finds that dating apps are “out of control” with the way they share data. Ransomware goes all-in for doxing. The US pushes the UK on Huawei as Washington prepares further restrictions on the Chinese companies. And think twice before you book that alt-coin conference in Pyongyang. Johannes Ullrich from SANS Technology on malicious AutoCAD files. Guest is Chris Duvall from Chertoff Group with an overview of the current state of ransomware. </p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_15.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Microsoft patches a vulnerability NSA disclosed. Fronting for APT40 in Hainan. Fancy Bear pawed at Burisma. The NSA Pensacola shooting and the debate over encryption. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_01_14.mp3 The CyberWire - Your cyber security news connection. urn:uuid:76574d27-f945-46cc-2a5f-ad1c420c9626 Tue, 14 Jan 2020 20:02:41 +0000 <p>NSA discloses a vulnerability to Microsoft so it can be patched quickly. Intrusion Truth describes thirteen front companies for China’s APT40--they’re interested in offensive cyber capabilities. Area 1 reports that Russia’s GRU conducted a focused phishing campaign against Urkraine’s Burisma Group, the energy company that figured prominently in the House’s resolution to impeach US President Trump. And the US Justice Department moves for access to encrypted communications. Joe Carrigan from JHU ISI on the security issues of Android bloatware. Guest is Haiyan Song from Splunk with 2020 predictions.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_14.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>NSA discloses a vulnerability to Microsoft so it can be patched quickly. Intrusion Truth describes thirteen front companies for China’s APT40--they’re interested in offensive cyber capabilities. Area 1 reports that Russia’s GRU conducted a focused phishing campaign against Urkraine’s Burisma Group, the energy company that figured prominently in the House’s resolution to impeach US President Trump. And the US Justice Department moves for access to encrypted communications. Joe Carrigan from JHU ISI on the security issues of Android bloatware. Guest is Haiyan Song from Splunk with 2020 predictions.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_14.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Cyber tensions and cyberwar. China’s influence ops against Taiwan apparently backfire. Maze gang goes for doxing. SIM swapping. FBI promises FISA Court it will do better. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_01_13.mp3 The CyberWire - Your cyber security news connection. urn:uuid:ccccc35e-4da7-f597-3cea-e442737a1754 Mon, 13 Jan 2020 19:03:53 +0000 <p>The FBI reiterates prudent, consensus warnings about a heightened probability of cyberattacks from Iran, but so far nothing beyond credential-spraying battlespace preparation has come to notice. The US Congress mulls the definition of “act of war” in cyberspace. Taiwan’s president is re-elected amid signs that Chinese influence operations backfired on Beijing. The Maze gang doxes a victim. SIM swapping enters a new phase. And the FBI promises the FISA Court it will do better. Ben Yelin from UMD CHHS on a Washington Post story about college campuses gathering location data on their students.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_13.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>The FBI reiterates prudent, consensus warnings about a heightened probability of cyberattacks from Iran, but so far nothing beyond credential-spraying battlespace preparation has come to notice. The US Congress mulls the definition of “act of war” in cyberspace. Taiwan’s president is re-elected amid signs that Chinese influence operations backfired on Beijing. The Maze gang doxes a victim. SIM swapping enters a new phase. And the FBI promises the FISA Court it will do better. Ben Yelin from UMD CHHS on a Washington Post story about college campuses gathering location data on their students.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_13.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Profiling the Linken Sphere anti-detection browser - Research Saturday http://traffic.libsyn.com/thecyberwire/Profiling_the_Linken_Sphere_anti-detection_browser_-_Research_Saturday.mp3 The CyberWire - Your cyber security news connection. urn:uuid:450e03b7-9b85-2e94-bcb5-9330066ac67d Sat, 11 Jan 2020 06:00:00 +0000 <p>Multiple e-commerce and financial organizations around the world are targeted by cybercriminals attempting to bypass or disable their security mechanisms, in some cases by using tools that imitate the activities of legitimate users. Linken Sphere, an anti-detection browser, is one of the most popular tools of this kind at the moment.</p> <p>Staffan Truvé is the CTO and Co-Founder of Recorded Future, he joins us to discuss their new report on the browser. </p> <p>The research can be found here:<br /> <a href= "https://www.recordedfuture.com/linken-sphere-profile/">Profiling the Linken Sphere Anti-Detection Browser</a></p> <p>The CyberWire's Research Saturday is presented by Juniper Networks.</p> <p>Thanks to our sponsor Enveil, closing the last gap in data security.</p> <p>Multiple e-commerce and financial organizations around the world are targeted by cybercriminals attempting to bypass or disable their security mechanisms, in some cases by using tools that imitate the activities of legitimate users. Linken Sphere, an anti-detection browser, is one of the most popular tools of this kind at the moment.</p> <p>Staffan Truvé is the CTO and Co-Founder of Recorded Future, he joins us to discuss their new report on the browser. </p> <p>The research can be found here: <a href= "https://www.recordedfuture.com/linken-sphere-profile/">Profiling the Linken Sphere Anti-Detection Browser</a></p> <p>The CyberWire's Research Saturday is presented by Juniper Networks.</p> <p>Thanks to our sponsor Enveil, closing the last gap in data security.</p> Updates on US-Iranian tensions, and especially on hacktivism and possible power grid battlespace preparation. Researchers complain of preinstalled malware said to be in discount Android phones. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_01_10.mp3 The CyberWire - Your cyber security news connection. urn:uuid:a333b88b-67fa-d67d-0496-3adf8fa86257 Fri, 10 Jan 2020 20:01:35 +0000 <p>Amid indications that both Iran and the US would prefer to back away from open war, concerns about Iranian power grid battlespace preparation remain high. Recent website defacements, however, increasingly look more like the work of young hacktivists than a campaign run by Tehran. Phones delivered under the FCC’s Lifeliine Assistance program may come with malware preinstalled. And we’ll take Cybersecurity for six hundred, Alex. Tom Etheridge from Crowdstrike on having a board of directors’ playbook. Guest is Curtis Simpson from Armis on CISO burnout.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_10.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>Amid indications that both Iran and the US would prefer to back away from open war, concerns about Iranian power grid battlespace preparation remain high. Recent website defacements, however, increasingly look more like the work of young hacktivists than a campaign run by Tehran. Phones delivered under the FCC’s Lifeliine Assistance program may come with malware preinstalled. And we’ll take Cybersecurity for six hundred, Alex. Tom Etheridge from Crowdstrike on having a board of directors’ playbook. Guest is Curtis Simpson from Armis on CISO burnout.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_10.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Cyber alert remains high as the US-Iranian confrontation cools. Information ops, wipers, and energy sector targeting. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_01_09.mp3 The CyberWire - Your cyber security news connection. urn:uuid:b5f79064-03c5-577c-8182-7b6df606dbdf Thu, 09 Jan 2020 19:54:40 +0000 <p>As kinetic combat abates in Iraq, warnings of cyber threats increase. US intelligence agencies warn of heightened likelihood of Iranian cyber operations. These may be more serious than the low-grade website defacements and Twitter impersonations so far observed. One operation, “Dustman” has hit Bahrain, and it looks like an Iranian wiper. And some notes on the Lazarus Group, and a quick look at information ops across the Taiwan Strait. Emily Wilson from Terbium Labs with details from their recent report, “How Fraud Stole Christmas.” Guest is Karl Sigler from Trustwave in the risks of using Windows 7.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_09.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>As kinetic combat abates in Iraq, warnings of cyber threats increase. US intelligence agencies warn of heightened likelihood of Iranian cyber operations. These may be more serious than the low-grade website defacements and Twitter impersonations so far observed. One operation, “Dustman” has hit Bahrain, and it looks like an Iranian wiper. And some notes on the Lazarus Group, and a quick look at information ops across the Taiwan Strait. Emily Wilson from Terbium Labs with details from their recent report, “How Fraud Stole Christmas.” Guest is Karl Sigler from Trustwave in the risks of using Windows 7.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_09.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> No major Iranian cyberattacks against the US so far, as both sides appear interested in cooling off. The Cyber Solarium offers a preview of its coming report on US cyber strategy. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_01_08.mp3 The CyberWire - Your cyber security news connection. urn:uuid:96dac45d-ef5a-f8a9-f532-2a51df04394f Wed, 08 Jan 2020 21:00:00 +0000 <p>Iran took some missile shots at two US air bases in Iraq last night, and President Trump barked back in a late morning press conference, but actually both sides seem inclined to move toward de-escalation. No major Iranian cyberattacks have developed, despite some low-grade skid vandalism of indifferently defended sites, but CISA’s warnings seem generally to be taken seriously. And the Cyber Solarium gave a preview of its recommendations for a US national cyber strategy. Caleb Barlow from CynergisTek with insights on potential cyber attacks from Iran.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_08.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>Iran took some missile shots at two US air bases in Iraq last night, and President Trump barked back in a late morning press conference, but actually both sides seem inclined to move toward de-escalation. No major Iranian cyberattacks have developed, despite some low-grade skid vandalism of indifferently defended sites, but CISA’s warnings seem generally to be taken seriously. And the Cyber Solarium gave a preview of its recommendations for a US national cyber strategy. Caleb Barlow from CynergisTek with insights on potential cyber attacks from Iran.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_08.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> No more Iranian cyberattacks since the minor weekend vandalism, but the US Government advises all to look to their defenses. Fancy Bear is the usual suspect in Austria. A guilty plea by an insider threat. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_01_07.mp3 The CyberWire - Your cyber security news connection. urn:uuid:72723a46-243d-a56a-ca1e-fc62d2280b07 Tue, 07 Jan 2020 18:54:47 +0000 <p>The kittens haven’t scratched much so far, but the US Government and others are warning organizations to be alert to the likelihood of Iranian cyberattacks in retaliation for the combat death, by US missile, of Quds Force commander Soleimani. Fancy Bear is the usual suspect in the case of the Austrian Foreign Ministry hack. Patch your Pulse Secure VPN servers if you’ve got ‘em. ToTok is back in the Play Store. And there’s an executive who turned out to be an insider threat. Robert M. Lee from Dragos with a look back at 2019 ICS security issues. Guest is Tom Tovar from AppDome on mobile API security. </p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_08.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>The kittens haven’t scratched much so far, but the US Government and others are warning organizations to be alert to the likelihood of Iranian cyberattacks in retaliation for the combat death, by US missile, of Quds Force commander Soleimani. Fancy Bear is the usual suspect in the case of the Austrian Foreign Ministry hack. Patch your Pulse Secure VPN servers if you’ve got ‘em. ToTok is back in the Play Store. And there’s an executive who turned out to be an insider threat. Robert M. Lee from Dragos with a look back at 2019 ICS security issues. Guest is Tom Tovar from AppDome on mobile API security. </p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_08.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Sequelae of the US Reaper strike against the Quds Force commander. Warnings of Iranian retaliation, with an emphasis on cyberspace. Espionage in Austria, and a second look at an LSE outage. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_01_06.mp3 The CyberWire - Your cyber security news connection. urn:uuid:65832f6f-7531-3aa6-014d-f7d8bb81e5a0 Mon, 06 Jan 2020 20:25:04 +0000 <p>Iran vows retribution for the US drone strike that killed the commander of the Quds Force. The US prepares for Iranian action, and the Department of Homeland Security warns that cyberattacks are particularly likely. Some low-grade Iranian cyber operations may have already taken place. Austria’s Foreign Ministry sustains an apparent state-directed cyber espionage attack, and in the UK authorities are taking a second look at the August outages at the London Stock Exchange. Joe Carrigan from JHU ISI, describing a clever defense against laptop theft. </p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_06.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>Iran vows retribution for the US drone strike that killed the commander of the Quds Force. The US prepares for Iranian action, and the Department of Homeland Security warns that cyberattacks are particularly likely. Some low-grade Iranian cyber operations may have already taken place. Austria’s Foreign Ministry sustains an apparent state-directed cyber espionage attack, and in the UK authorities are taking a second look at the August outages at the London Stock Exchange. Joe Carrigan from JHU ISI, describing a clever defense against laptop theft. </p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_06.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Escalation in the Gulf as a US air strike kills Iran’s Quds commander. Travelex and RavnAir continue their recovery from cyberattacks. Taiwan’s memes against misinformation. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_01_03.mp3 The CyberWire - Your cyber security news connection. urn:uuid:9538ef7d-6a30-93ff-9b81-45e99d67be05 Fri, 03 Jan 2020 19:19:17 +0000 <p>The US and Iran trade fire in Iraq, and a leading Iranian general is killed in a US airstrike. A corresponding escalation of cyber operations can be expected. Currency exchange Travelex continues to operate manually as it works to recover from what it calls “a software virus.” There’s speculation that the RavnAir incident may have been a ransomware attack. And Taiwan adopts an active policy against Chinese attempts to influence its elections. Johannes Ullrich from the SANS Technology Center on vulnerabilities in Citrix NetScaler installations. Guest is Derek Manky from Fortinet on what to expect in AI for 2020. </p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_03.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>The US and Iran trade fire in Iraq, and a leading Iranian general is killed in a US airstrike. A corresponding escalation of cyber operations can be expected. Currency exchange Travelex continues to operate manually as it works to recover from what it calls “a software virus.” There’s speculation that the RavnAir incident may have been a ransomware attack. And Taiwan adopts an active policy against Chinese attempts to influence its elections. Johannes Ullrich from the SANS Technology Center on vulnerabilities in Citrix NetScaler installations. Guest is Derek Manky from Fortinet on what to expect in AI for 2020. </p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_03.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> A Jira vulnerability that’s leaking data in the public cloud - Research Saturday http://traffic.libsyn.com/thecyberwire/Jen-Miller-Osborn_-_Research_Saturday.mp3 The CyberWire - Your cyber security news connection. urn:uuid:911b1d40-63d4-ac3d-a03b-f6306c0c32fd Thu, 02 Jan 2020 23:35:17 +0000 <p>Unit 42 (the Palo Alto Networks threat intelligence team) released new research on a Jira vulnerability that’s leaking data of technology, industrial and media organizations in the public cloud. The vulnerability (a Server Side Request Forgery -- SSRF) is the same type that led to the Capital One data breach in July 2019.</p> <p>Jen Miller-Osborn is the Deputy Director of Threat Intelligence for Unit 42 at Palo Alto Networks, and she joins us to share their findings.</p> <p>The research can be found here:<br /> <a href= "https://www.google.com/url?q=https://unit42.paloaltonetworks.com/server-side-request-forgery-exposes-data-of-technology-industrial-and-media-organizations/&sa=D&ust=1575757565425000&usg=AOvVaw21WsE6SV66zfD7XE67vGv1" target="_blank" rel= "nofollow noreferrer noopener">https://unit42.paloaltonetworks.com/server-side-request-forgery-exposes-data-of-technology-industrial-and-media-organizations/</a></p> <p>The CyberWire's Research Saturday is presented by Juniper Networks.</p> <p>Thanks to our sponsor Enveil, closing the last gap in data security.</p> <p>Unit 42 (the Palo Alto Networks threat intelligence team) released new research on a Jira vulnerability that’s leaking data of technology, industrial and media organizations in the public cloud. The vulnerability (a Server Side Request Forgery -- SSRF) is the same type that led to the Capital One data breach in July 2019.</p> <p>Jen Miller-Osborn is the Deputy Director of Threat Intelligence for Unit 42 at Palo Alto Networks, and she joins us to share their findings.</p> <p>The research can be found here: <a href= "https://www.google.com/url?q=https://unit42.paloaltonetworks.com/server-side-request-forgery-exposes-data-of-technology-industrial-and-media-organizations/&sa=D&ust=1575757565425000&usg=AOvVaw21WsE6SV66zfD7XE67vGv1" target="_blank" rel= "nofollow noreferrer noopener">https://unit42.paloaltonetworks.com/server-side-request-forgery-exposes-data-of-technology-industrial-and-media-organizations/</a></p> <p>The CyberWire's Research Saturday is presented by Juniper Networks.</p> <p>Thanks to our sponsor Enveil, closing the last gap in data security.</p> Taking down Thallium. Cloud Hopper: bigger (and worse) than thought. US tightens screws on the supply chain. The bite of winter and the scent of plums. http://traffic.libsyn.com/thecyberwire/CyberWire_Podcast_2020_01_02.mp3 The CyberWire - Your cyber security news connection. urn:uuid:cf942724-bf4c-a563-f63a-4deefe31514a Thu, 02 Jan 2020 19:45:18 +0000 <p>Microsoft takes down bogus domains operated by North Korea’s Thallium Advanced Persistent Threat. The Cloud Hoppercyber espionage campaign turns out to have been far more extensive than hitherto believed. The US wants Huawei (and ZTE) out of contractor supply chains this year. India will test equipment before allowing it into its 5G networks. And the California Consumer Privacy Act is now in effect. Joe Carrigan from JHU ISI with the story of a financial advisor who payed the price for falling for a phishing scheme. Guest is Dave Burg from EY on the global perspective of cyber security risk.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_02.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> <p>Microsoft takes down bogus domains operated by North Korea’s Thallium Advanced Persistent Threat. The Cloud Hoppercyber espionage campaign turns out to have been far more extensive than hitherto believed. The US wants Huawei (and ZTE) out of contractor supply chains this year. India will test equipment before allowing it into its 5G networks. And the California Consumer Privacy Act is now in effect. Joe Carrigan from JHU ISI with the story of a financial advisor who payed the price for falling for a phishing scheme. Guest is Dave Burg from EY on the global perspective of cyber security risk.</p> <p>For links to all of today's stories check our our CyberWire daily news brief:</p> <p> https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_02.html</p> <p><a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a></p> Special Edition - Daniel Garrie from Law & Forensics on eDiscovery http://traffic.libsyn.com/thecyberwire/Special_Edition_2019-12-31_-_Daniel_Garrie_from_Law_and_Forensics_on_eDiscovery_MASTER.mp3 The CyberWire - Your cyber security news connection. urn:uuid:f4d596ed-ba27-4c90-c27e-f737e32b22de Tue, 31 Dec 2019 06:00:00 +0000 <p>In this CyberWire special edition, an extended conversation with Daniel Garrie from Law & Forensics, a global legal engineering firm, and Editor-in-Chief of the Journal of Law & Cyber Warfare. Much of the discovery that happens in litigation these days is eDiscovery - dealing with all things electronic and online. That's an area of expertise for Daniel Garrie and he shares his insights. </p> <p>Thanks to our sponsors McAfee, the device-to-cloud cybersecurity company.</p> <p>In this CyberWire special edition, an extended conversation with Daniel Garrie from Law & Forensics, a global legal engineering firm, and Editor-in-Chief of the Journal of Law & Cyber Warfare. Much of the discovery that happens in litigation these days is eDiscovery - dealing with all things electronic and online. That's an area of expertise for Daniel Garrie and he shares his insights. </p> <p>Thanks to our sponsors McAfee, the device-to-cloud cybersecurity company.</p>