Wednesday, February 20, 2019
The CyberWire Podcast

Fancy Bear phishes in think tanks. Lazarus Group takes a swipe at Russian organizations. New decryptor for GandCrab. Citizen Lab and Novalpina discuss NSO Group. Ryuk’s lousy help desk.

In today’s podcast, we hear that Microsoft has disclosed a Fancy Bear sighting, snuffling around Atlanticist think tanks in Europe. Ukraine says, in effect, see, we told you so. Speaking of bears, it seems that North Korea’s Hidden Cobra may be...
Security Weekly

Level of Trust – Application Security Weekly #51

This week, Matt and Paul interview Gurpreet S. Sachdeva, the Assistant Vice President of Technology for Altran! Gurpreet will be discussing "Integrating Security into DevOps"! In the Application Security News, A PNG Android Vulnerability, 620 million stolen accounts for...
SANS ISC

ISC StormCast for Wednesday, February 20th 2019

Russian Malspam Pushing Shade/Troldesh Ransomware https://isc.sans.edu/forums/diary/More+Russian+language+malspam+pushing+Shade+Troldesh+ransomware/24668/Bitdefender Releases GandCrab Decrypter https://labs.bitdefender.com/2019/02/new-gandcrab-v5-1-decryptor-available-now/Bank
Security Now

SN 702: Authenticity on the Internet

Last week's doozy of a patch Tuesday for both Microsoft and AdobeAn interesting twist coming to Windows 7 and Server 2008 security updates Eight mining apps pulled from the Windows StoreAnother positive security initiative from GoogleElectric scooters being hackedChipping...
risky.biz

Risky Business #531 — Australia’s political parties targeted, the Witt indictment and more

Adam Boileau is along this week to discuss the week’s security news, which also features comment from Dmitri Alperovitch, Klon Kitchen and The Grugq. We cover: Former USAF counterintelligence official indicted over spearphishing, leaking secrets Australia’s major political parties...

Ep. 020 – Leaky containers, careless coders and risky USB cables

The Naked Security podcast explains the recent security hole in Linux products such as Docker and Kubernetes, ponders whether Apple's insistence on 2FA for developers will bring rogue apps under control, and tells you whether to worry about booby-trapped...
Security Weekly

Hack Naked News #208 – February 19, 2019

This week, Google paid out $3.4 million for vulnerabilities reported in 2018, hackers target WordPress sites via WP cost estimation plugin, Facebook paid $25,000 for CSRF exploit that leads to Account Takeover, and PoC Exploit Code for recent container...
The CyberWire Podcast

International cyber conflict: India and Pakistan; Australia and China. Rietspoof malware. Microsoft ejects cyptojackers from its store. NCSC may go easy on Huawei. Parliament criticizes Facebook.

In today’s podcast, we hear of a small flare in cyber conflict between India and Pakistan. Australian political parties as well as Parliament subjected to attempted cyberattacks. A new strain of malware is being distributed through messaging apps. Microsoft...
DtSR Podcast

DtSR Episode 335 – Ranking the Adversaries

This week, in a special episode, Dmitri Alperovitch of Crowdstrike joins Rafal to talk about a brand new report that Crowdstrike is releasing. The Crowdstrike 2019 Global Threat Report is a must-read with some very interesting topics covered. Dmitri joins Rafal...
Security Weekly

Perception Becomes Reality – Business Security Weekly #118

This week, we welcome Brendan Goodwin, the Regional Cyber Director for the Northeast & Mid-Atlantic at Alfred J. Gallagher Co. Brendan comes on the show to talk about "How Cyber Insurance can Augment Your Cyber Security Strategy." In the...
Darknet Diaries

Ep 32: The Carder

A carding kingpin was tracked by the Secret Service. How did he steal the cards? Where was he stealing them from? How much was he making doing this? And where did he go wrong? Find out all this and...
SANS ISC

ISC StormCast for Tuesday, February 19th 2019

Know What You Are Logging https://isc.sans.edu/forums/diary/Know+What+You+Are+Logging/24656/Spectre Software Mitigation Insufficient https://arxiv.org/pdf/1902.05178.pdfVMWare
The Shared Security Podcast

Preventing Illegal Robocalls, Webcam Spying, Dating App Account Hacking – WB56

This is your Shared Security Weekly Blaze for February 18th 2019 with your host, Tom Eston. In this week’s episode: Preventing illegal robocalls, should you be scared of your laptop’s webcam, and recent hacks of popular dating apps. Silent Pocket...
SANS ISC

ISC StormCast for Monday, February 18th 2019

Snap Patches Available https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SnapSocketParsingFinding Property Values in Office Documents https://isc.sans.edu/forums/diary/Finding+Property+Values+in+Office+Documents/24652/Bro-Sysmon

2019-006: CSRF, XSS, infosec hypocrites, and the endless cycle

https://www.zdnet.com/article/google-working-on-new-chrome-security-feature-to-obliterate-dom-xss/     https://www.owasp.org/index.php/DOM_Based_XSS CSRF - confused deputy https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)   Google Cloud Platform - tip tricks, stuff ms. berlin learned   Layer 8 conference - Rhode Island’’ I was wrong…..cycles don’t sync --Ms. Berlin ...
Open Source Security Podcast

Episode 134 – What’s up with the container runc security flaw?

Josh and Kurt talk about the new runc container security flaw. How does the flaw work, what can you do about it, what should you do about it, and what the future of container security may look like.
Purple Squad Security

Episode 50 – Tabletop D&D with Tim De Block, Ed Rojas, Daniel Ebbutt, and Kyle Andrus

It’s that time again!  Yes, another Tabletop D&D episode is upon us!  This time I asked Timothy de Block from the Exploring Information Security podcast to join me, along with a few interesting characters.  Let’s just say this particular...
Security Weekly

Flat Earth – Paul’s Security Weekly #594

This week, we welcome Harry Sverdlove, Chief Technology Officer of Edgewise for an interview, to talk about The Future of Firewalls! In the Technical Segment, we discuss some Enterprise-ish Network Security hardware and software that we've incorporated here in...

Weekly Update 126

Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackAnother week, another conference. This time it was Microsoft Ignite in Sydney and as tends to happen at these events, many casual...
The CyberWire Podcast

Seedworm digs Middle East intelligence — Research Saturday

Researchers at Symantec have been tracking Seedworm, a cyber espionage group targeting the Middle East as well as Europe and North America. The threat group targets government agencies, oil & gas facilities, NGOs, telecoms and IT firms. Al Cooley...

Can you really sniff out gas station card skimmers with your phone?

A viral post suggests (wrongly) that card skimmers always use Bluetooth. Anyway, just looking at nearby Bluetooth names doesn't help much...
SecurityWeek

Canada Helping Australia Determine ‘Full Extent’ of Hack

Canada's electronic eavesdropping agency said Wednesday it is working with Canberra to try to determine the scale of computer hacking on Australia's parliament and political parties just months from an election. read more

Researcher: Not Hard for a Hacker to Capsize a Ship at Sea

Maritime transport still contributes in an important way to the world’s economy, with on-time shipments influencing everything from commodities availability and spot pricing to the stability of small countries. Unfortunately, capsizing a ship with a cyberattack is a relatively...
SC Magazine

30 years in: My, how SC and security have changed

1989. Acid wash jeans, Bon Jovi and the compassionate conservatism of the Reagan Era were actually, unironically popular. The Berlin Wall fell, free elections were held in the then Soviet Congress of Deputies, Vaclev Havel became president of Czechoslavakia,...
SecurityWeek

WinPot ATM Malware Resembles a Slot Machine

A piece of malware targeting automated teller machines (ATMs) has an interface that looks like a slot machine, Kaspersky Lab reports.  Dubbed WinPot, the malware was initially detected in March last year, targeting the ATMs of a popular vendor to...