Notes on patching. Foreshadow speculative execution vulnerability. Influence operations. The FBI’s new cyber chief. Are stickers a temptation to thieves, hackers, and customs officers?
In today's podcast we hear some Patch Tuesday notes—both Microsoft and Adobe were busy yesterday. Foreshadow, a new speculative execution vulnerability, is reported. Malaysia gets attention from Chinese espionage services. Competition for jihadist mindshare. Influence operations as marketing. The...
Cryptowars notes. DDoS in Finland. Bears aren’t under the beds; they’re in the routers. Smart city attack surfaces. Sanction notes. Training through puzzle-solving .
In today's podcast, we hear about the cryptowars down under. Major DDoS incident in Finland. Bears in the home routers, and concerns about IoT and power grid security prompt a US Senator to demand answers. Smart cities present big attack surfaces....
Spyware for states and spouses. Election hacking demos. New ransomware strains, and a clipper for Android. Airline Wi-Fi is not only irritating, but insecure...
In today's podcast, we hear about spyware in the guise of a missile attack warning app. New Dharma variant out. Android.Clipper redirects transactions to crooks' cryptowallets. DLink exploits rob Brazilian banking customers. Utilities prepare for grid hacks, but researchers say an appliance botnet could...
Thrip espionage group lives off the land. — Research Saturday
Researchers at Symantec have been tracking a wide-ranging espionage operation that's targeting satellite, telecom and defense companies. Jon DiMaggio is a senior cyber intelligence analyst at Symantec, and he takes us through what they've discovered. The research can be...
DPRK RAT in the wild. Vulnerable WPA2 4-way handshake implementations. Black Hat notes. Sanctions and retaliation. RoK to reorganize Cyber Command. PGA and ransomware.
In today's podcast we hear that US-CERT is warning of a North Korean RAT. Researchers find vulnerable WPA2 handshake implementations. A sales call results in inadvertent data exposure. Notes on Black Hat: circumspection, hype, barkers, and artificial intelligence. Russia...
State-sponsored ransomware campaigns coming? DarkHydrus and Phishery. Hitting ATMs for alt-coin. US sanctions Russia. IBM looks at artificially intelligent malware. Black Hat notes.
In today's podcast we hear that Tehran seems ready to follow Pyongyang into state-sponsored theft to redress financial shortfalls: cryptocurrency ransomware looks like Iran's preferred approach. DarkHydrus uses commodity tool Phishery in Middle Eastern campaign. Jackpotting cryptocurrency ATMs. The US imposes sanctions on...
Payment processors probed with BGP exploits for redirection attacks. WhatsApp vulnerable to manipulation? Deterrence and retaliation. Anonymous vs. QAnon. Notes from Black Hat.
In today's podcast we hare that Oracle has warned of BGP exploits against payment processors. Check Point says it's found vulnerabilities in WhatsApp that could enable chat sessions to be intercepted and manipulated. Germany, Ukraine, and the US independently...
TSMC recovers from WannaCry infection. OpenEMR fixes 30 bugs. UK will ask Russia to extradite two GRU operators for Novichok attacks. Twitterbots flourish.
In today's podcast we hear that chipmaker TSMC says the virus that shut it down in Taiwan was WannaCry. It appears to have been an incidental infection enabled by inattentive installation of software. OpenEMR fixes bugs that could have exposed millions...
More data exposures, from banks and a major CRM provider. Ransomware strikes back. The irresistibility of data. An unhackable wallet gets hacked…maybe. Spreading goodwill...
Leaky API may have exposed Salesforce customers' data, TSMC reports a virus in its semiconductor plants. TCM Bank discloses a paycard application leak. Ransomware in Hong Kong. The US Census Bureau prepares to secure its 2020 "fully digital" census. The unbearable,...
Cortana voice assistant lets you in. — Research Saturday
Researchers at McAfee recently discovered code execution vulnerabilities in the default settings of the Cortana voice-activated digital assistant in Windows 10 systems. Steve Povolny is head of advanced threat research at McAfee and he shares their findings. The research...
Russian threats and threats to Russia. Cryptojacking wave spreads out from Brazil. Recovering from malware in Alaska and Atlanta. Notes on automotive cybersecurity.
In today's podcast we hear that the US Intelligence Community warns of Russian threats, again. A criminal spearphishing campaign hits Russian industrial companies. A cryptojacking wave is installing CoinHive in MicroTik routers. Speakers at the Billington Automotive CyberSecuirty Summit stress collaboration,...
RASPITE noses around the US power grid. Cisco will buy Duo Security. Sandworm afflicts lab investigating Novichok attack. Influence ops can be no-lose proposition.Crytpojacking...
In today's podcast, we hear that Cisco plans to buy Duo Security. Dragos warns of the RASPITE adversary actor. Russia's Sandworm group is phishing people connected with a Swiss chemical forensics lab. How influence operations can be a no-lose...
Reddit Hacked. Ukrainians nabbed. Facebook boots “inauthentic” accounts for malign influence. Pegasus spyware found in Amnesty phone. Yale’s old breach. Google and censorship.
In today's podcast we hear that a Swiss chemical agent forensic lab has seen Sandworm phishing attempts. Facebook kicks thirty-one "inauthentic" accounts from its platform: they seem to have been engaged in influence operations, possibly Russian. Attribution remains difficult. NSO Group's Pegasus spyware...
Data-centric security. — Special Edition
In this CyberWire special edition, we take a look at data-centric security, focusing on the security of the data itself, rather than the surrounding networks, application or servers. To help us on our journey of understanding we’ve lined...
Infrastructure security, especially power, finance, and elections. Preparation pays off. Proofpoint warns of new AZORult malware. Check Point tracks Master134 malvertising. Crime news.
In today's podcast we hear more warnings about Russian cyber operators in the North American power grid. The US Department of Homeland Security announces formation of a National Risk Management Center. Cosco's preparation may have rendered the shipper more resilient to the...
Mozilla-endorsed security plug-in accused of tracking users
Web Security says there's nothing nefarious to its URL collection A security plug-in for the Firefox browser is under fire after users discovered it was collecting and uploading their online activity.…
Making money mining Coinhive? Yeah, you and nine other people
10 users controlling the bulk of cryptocoin generator funds Mining internet currency on websites with Coinhive scripts is a lucrative endeavor, but only for a handful of people.…
Google Launches Searchable Database on US Political Ads
The new site offers an eye-opening view of how online political ad spending through Google can work. It offers a breakdown on individual ad campaigns, including a catalog of what ads were served and to which demographic groups.
Intel Reveals New Spectre-Like Vulnerability
A new side-channel speculative execution vulnerability takes aim at a different part of the CPU architecture than similar vulnerabilities that came before it.
Miller & Valasek: Security Stakes Higher for Autonomous Vehicles
Car hacking specialists shift gears and work on car defense in their latest gigs - at GM subsidiary Cruise Automation.
