CyberWire Daily

Submit Podcast

News

CyberWire Daily

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

3207 episodes transcribed

0 comments

News

Privileged insiders and the abuse of “Oops.” Nemesis Kitten exploits Log4Shell. TrojanOrders in the holiday season. Emotet’s back. RapperBot notes. And an arrest in the Zeus cybercrime case.

Episode Date: November 17, 2022

Meta employees, contractors compromised customer accounts. Nemesis Kitten found in US Government network. Unpatched Magento instances hit with "Trojan...

0 comments

News

Getting tangled up in the blockchain. RDS vulnerabilities. The language of fraud. An offer of help to the G19.Draft Episode for Nov 16, 2022

Episode Date: November 16, 2022

Blockchains and cryptocurrency exchanges, and the risks they present. Vulnerabilities in Amazon RDS may expose PII. A study of the language of fraud....

0 comments

News

CISA Alert AA22-320A – Iranian government-sponsored APT actors compromise federal network, deploy crypto miner, credential harvester. [CISA Cybersecurity Alerts]

Episode Date: November 16, 2022

From mid-June through mid-July 2022, CISA conducted an incident response engagement at a Federal Civilian Executive Branch organization where CISA obs...

0 comments

News

An update on three threat actors: Fangxiao, Killnet, and Billbug, one of them in it for money, another for the glory, and a third for the intell. Twitter and SMS 2FA. Zendesk patches. CISA adds a KEV.

Episode Date: November 15, 2022

Fangxiao works ad scams enroute to other compromises. Killnet claims to have defaced a US FBI site. CISA registers another Known Exploited Vulnerabili...

0 comments

News

Software supply chains, C2C markets, criminals, and cyber auxiliaries in a hybrid war. CISA releases its Stakeholder Specific Vulnerability Categorization (SSVC).

Episode Date: November 14, 2022

Software supply chain risk. Cyber risk across sectors. CISA releases Stakeholder Specific Vulnerability Categorization (SSVC). Sandworm is back in Rus...

0 comments

News

Lauren Campanara: Learn to forgive yourself. [SOC Analyst] [Career Notes]

Episode Date: November 13, 2022

Lauren Campanara, a SOC Analyst from ThreatX shares her story as she made the decision to break into cybersecurity after spending twelve years in the...

0 comments

News

An in-depth look on the Crytox ransomware family. [Research Saturday]

Episode Date: November 12, 2022

Deepen Desai from Zscaler sits down with Dave to talk about the Crytox ransomware family. First observed in 2020, Crytox is a ransomware family consis...

0 comments

News

US midterms conclude without cyber interference. NATO on cyber defense. New APT41 activity identified. Russia’s FSB and SVR continue cyberespionage. Trends in phishing and API risks.

Episode Date: November 10, 2022

There’s no sign that cyberattacks affected US vote counts. NATO meets to discuss the Atlantic Alliance’s Cyber Defense Pledge. A new APT41 subgroup ha...

0 comments

News

A look back at midterm cybersecurity. Communications security lessons learned in Ukraine. Known Exploited Vulnerabilities and Patch Tuesday. Off-boarding deserves some attention.

Episode Date: November 9, 2022

US midterm elections proceed without cyber disruption. Communications security lessons learned. CISA publishes new entries to its Known Exploited Vuln...

0 comments

News

Cybersecurity on US Election Day. OPERA1ER threat activity. Insider threats. Hacktivist auxiliaries: influence operators in the hybrid war. And Mr. Hushpuppi is back in the news.

Episode Date: November 8, 2022

Cybersecurity on US Election Day. Details on the OPERA1ER threat activity. Seasonal and secular trends in Insider threats. Hacktivist auxiliaries: inf...

0 comments

News

Election security on the eve of the US midterms. US FBI rates the hacktivist threat. Microsoft says China uses disclosure laws to develop zero-days. Remember SIlk Road? The Feds do.

Episode Date: November 7, 2022

Election security on the eve of the US midterms. US FBI rates hacktivist contributions to Russia's war as unimportant. Microsoft accuses China of usin...

0 comments

News

Gary Brickhouse: Riding the wave of growth. [CISO] [Career Notes]

Episode Date: November 6, 2022

Gary Brickhouse, CISO from GuidePoint Security, sits down to share his story, looking back over the last 25 years of his career working for Fortune 10...

0 comments

News

Over-the-air 0-day vulnerabilities. [Research Saturday]

Episode Date: November 5, 2022

Roya Gordon from Nozomi Networks sits down with Dave to discuss their work "UWB Real Time Locating Systems: How Secure Radio Communications May Fail i...

0 comments

News

Flight-planning and rail services disrupted in separate incidents. BEC gang impersonates law firms. Effects of the hybrid war on action in cyberspace. And a farewell to Vitali Kremez, gone far too soon.

Episode Date: November 4, 2022

Flight-planning services are affected by cyberattack, as are Danish rail service. A BEC gang impersonates international law firms. Effects of the hybr...

0 comments

News

“Static expressway” tactics in credential harvesting. Emotet is back. Black Basta linked to Fin7. RomCom hits Ukrainian targets and warms up against the Anglo-Saxons. Cyber cooperation?

Episode Date: November 3, 2022

Leveraging Microsoft Dynamics 365 Customer Voice for credential harvesting. Emotet is back. Black Basta ransomware linked to Fin7. A Russophone gang i...

0 comments

News

OpenSSL indeed patched. CISA is confident of election security. Killnet attempted DDoS against the US Treasury. XDR data reveals threat trends. BEC and gift cards. And that’s one sweet ride.

Episode Date: November 2, 2022

OpenSSL patches two vulnerabilities. CISA and election security. Killnet attempted DDoS against the US Treasury. XDR data reveals threat trends. Busin...

0 comments

News

OpenSSL patched today. The risk of misconfiguration. Cyberespionage (and the risk of mixing the personal with the official). Assistance for Ukraine's cyber defense., And a quick look at DNS threats.

Episode Date: November 1, 2022

OpenSSL is patched today. The misconfiguration risk to US government networks' security and compliance. Hacking Ms Truss's phone. Assistance for Ukrai...

0 comments

News

Copper smelter hit with malware. Notes from the hybrid war. Disinformation, not direct manipulation of results, the principal threat to US elections. Ransomware in Australia’s ForceNet. Threat trends.

Episode Date: October 31, 2022

Leading European metals producer is hit with malware. Cooperative defense in cyberspace. A Ukrainian ally describes its exposure to Russian cyberattac...

0 comments

News

Jenny Brinkley: A cybersecurity rollercoaster. [Security] [Career Notes]

Episode Date: October 30, 2022

Jenny Brinkley, Director of AWS Security at Amazon Web Services (AWS), sits down to share her empowering story working through the ranks, and even co-...

0 comments

News

Bugs and working from home. [Research Saturday]

Episode Date: October 29, 2022

Fede Kirschbaum from Faraday Security sits down with Dave to discuss their research on "A vulnerability in Realtek's SDK for eCos OS: pwning thousands...

1 ... 49 50 51 52 53 ... 161