Wednesday, December 11, 2019
The CyberWire Podcast

Hacking in Iran? The Lazarus Group hires Trickbot. Election influence ops. Cryptowars updata. Ransomware in municipal and tribal governments. Patch Tuesday notes. Do it for State.

Iran says it’s stopped a cyber attack, and that an insider was responsible for a major paycard exposure. Trickbot is now working for the Lazarus Group. Influence operations both foreign and domestic concern British voters on the eve of...

S2 Ep20 Why don’t they send ransomware on floppies anymore?

As always, we pick the top three cybersecurity stories of the week to discuss. This week we talk open-source supply chain madness, Snatch ransomware and iPhone 11 tracking concerns. Host Anna Brading is joined by Sophos experts Mark Stockley,...
Security Weekly

Keys to the Kingdom – BSW #155

This week, we welcome John Ramsey, Chief Information Security Officer at National Student Clearinghouse, to discuss Security in Education! In the Leadership and Communication Segment, In-depth protection is a matter of basic hygiene, 4 strategies to find time for...
Security Now

SN 744: VPN-geddon Denied

This Week's StoriesMicrosoft has started forcing feature updates on people who don't want them.Bypass to continue obtaining Win7 updates created.Microsoft's Project Verona continues moving forward.Microsoft's RDP client for iOS is back.Avast / AVG in the doghouse.Making a mountain out...
SANS ISC

ISC StormCast for Wednesday, December 11th 2019

Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+December+2019+Patch+Tuesday/25592/ https://securelist.com/windows-0-day-exploit-cve-2019-1458-used-in-operation-wizardopium/95432/Adobe Patch Tuesday https://helpx.adobe.com/security.htmlApple Security Updates
DtSR Podcast

DtSR Episode 374 – Mike Daugherty Looks In the Rearview Mirror

This week, on a very special show recorded from his home studio in Atlanta, Rafal welcomes Mike Daugherty back onto the show to tell the story of his crazy journey and battle with the FTC. Highlights from this week's...
risky.biz

Risky Business #566 — Balkanisation, ransomware, comedy bugs close out the decade

On this week’s show Patrick and Adam discuss the week’s security news, including: China to ditch foreign hardware, software, from government use Huawei sues FCC More background on Project Raven Senate hearings into encryption Reddit fingers...
Security Weekly

HNN #245 – December 10, 2019

This week, How Panasonic is using internet honeypots to improve IoT device security, A new Windows 10 ransomware threat?, 'Hackable' karaoke and walkie talkie toys found by Which?, Linux Bug Opens Most VPNs to Hijacking, New Office 365 Feature...
The CyberWire Podcast

Pensacola under cyberattack. Notes on ransomware. The US Justice Department IG report on Crossfire Hurricane. Who let the bots out?

The city of Pensacola is hit hard by an unspecified cyberattack. Ryuk ransomware decryptors may cause data loss. A new variant of Snatch ransomware evades anti-virus protection. The US Justice Department’s Inspector General has reported on the FBI’s Crossfire...
Security Weekly

Dad Jokes – ASW #88

This week, we welcome Allan Friedman, Director of Cybersecurity Initiatives at the NTIA US Department of Commerce, to talk about the Software Bill of Materials! In the Application Security News, GitHub Seeks Security Dominance With Developers, IoT and Agile...

2019-044-Noid and Dave Dittrich discusses recent keybase woes – Part 1

Patreon donor goodness: Scott S. and Ion S. @_noid_ @davedittrich Their response:  “it’s not a bug, it’s a feature”     “Don’t write a blog post that will point out the issue”     “You pointing out our issues makes things...
SANS ISC

ISC StormCast for Tuesday, December 10th 2019

Another Word Maldoc https://isc.sans.edu/forums/diary/Lazy+Sunday+Maldoc+Analysis/25586/Snatch Ransomware Reboots System Into Safe Mode
The CyberWire Podcast

Ocean Lotus versus car manufacturers. Ransomware versus dental practices. $5 million reward offered in Dridex case. Information operations and the UK’s general election.

Ocean Lotus puts down more roots in automobile manufacturing. Ransomware hits dentists’ IT providers as well as a Rhode Island town. The US is offering a reward of $5 million for information leading to the arrest or--and we stress...
Unsuperivsed Learning Podcast

Unsupervised Learning: No. 206

Vietnamese BMW APT, Defense Contractor Prep, China replacing a culture, HackerOne Cookie Snafu, Chinese Also Worried About Privacy, China Mobile Face, CDC Flu Warning, AWS Sagemaker, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly...

Weekly Update 168

YOW! Sydney / Brisbane / Melbourne; Have I Been Pwned’s 6th Birthday; Sectigo’s Phishing Cert; Crazy System-Generated Password Tweet; Sponsored by Whois XML API https://www.troyhunt.com/weekly-update-168/
The Shared Security Podcast

How You’re Tracked Online, New Mass Surveillance Concerns, Malicious Android App Hijack

In episode 98: A new report from the EFF details how we are tracked online by third-party corporations, more mass surveillance concerns in China and Australia, and a malicious app hijack attack on Android to be aware of. ** Show...
SANS ISC

ISC StormCast for Monday, December 9th 2019

E-Mail Includes Entire HTML/Javascript Phishing Kit https://isc.sans.edu/forums/diary/Phishing+with+a+selfcontained+credentialsstealing+webpage/25580/Great Canon / Red
Open Source Security Podcast

Episode 173 – Ho Ho Homeland Security

Josh Santa and Kurt talk the border nightmare Santa Clause has to deal with as he traverses the globe. Questions we explore include: Are the reindeer farm animals? Is the North Pole a farm? Is Santa an intellectual property thief? Does Krampus...
The CyberWire Podcast

Targeting routers to hit gaming servers. — Research Saturday

Researchers at Palo Alto Networks' Unit 42 recently published research outlining attacks on home and small-business routers, taking advantage of known vulnerabilities to make the routers parts of botnets, ultimately used to attack gaming servers. Jen Miller-Osborn is the...
Security Weekly

The Casting Couch – PSW #629

This week, we welcome Eric Brown, Senior Security Analyst at LogRhythm, to talk about the Outlook on Phishing in 2020! In our second segment, we welcome back Micah Hoffman, Principal Investigator at Spotlight Infosec, to discuss OSINT in Cyber!...
SC Magazine

Pensacola confirms ransomware attack

Pensacola officials confirmed that an ongoing cyberattack that began early Saturday morning is a ransomware attack. While the city did not release any additional details, the Pensacola News Journal said city spokeswoman Kaycee Lagarde confirmed the attack included a ransom, something that...

Trickbot Operators Now Selling Attack Tools to APT Actors

North Korea's Lazarus Group - of Sony breach and WannaCry fame - is among the first customers.
Brian Krebs

The Great $50M African IP Address Heist

A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions...

Intel Issues Fix for ‘Plundervolt’ SGX Flaw

Researchers were able to extract AES encryption key using SGX's voltage-tuning function.
TechRepublic

How to stop spam calls right now

Spam calls drive us all crazy. Here are four ways to stop robocalls and other unsolicited phone calls.