Thursday, August 22, 2019
The CyberWire Podcast

China criticizes Twitter and Facebook. Silence expands internationally. A popular Ruby library was backdoored.

China says Twitter and Facebook are restricting its freedom of speech. The Silence criminal gang has expanded internationally. Google, Mozilla, and Apple are blocking the Kazakh government’s root certificate. A popular Ruby library was backdoored after a developer’s account...
The CyberWire Podcast

Chinese information operations on Twitter and Facebook. iOS jailbreak released. Adult websites leak information.

Twitter and Facebook shut down Chinese information operations. A jailbreak for the latest version of iOS is out. Facebook may have known about the “view as” bug. Vulnerabilities in Google’s Nest cams are patched. Instagram gets a data abuse...
The CyberWire Podcast

ISIS claims Kabul massacre. Huawei gets a temporary break. Texas governments hit by ransomware. Hy-Vee warns of point-of-sale attack.

ISIS claims responsibility for Kabul massacre. Huawei gets another temporary reprieve. Local governments in Texas sustain ransomware attacks. Georgia hopes to combat cyberattacks with training. Google cuts a data sharing service. Bulletproof VPN services purchase residential IPs. Smartphones could...
The CyberWire Podcast

Detecting dating profile fraud — Research Saturday

Researchers from King’s College London, University of Bristol, Boston University, and University of Melbourne recently collaborated to publish a report titled, "Automatically Dismantling Online Dating Fraud." The research outlines techniques to analyze and identify fraudulent online dating profiles with...
The CyberWire Podcast

ECB sustains an intrusion into a third-party-hosted service. Norman quietly mines Monero. MetaMorph appears in a stealthy phishing campaign. Information operations.

The European Central Bank shutters a service due to a hostile intrusion. Norman quietly mines Monero. MetaMorph passes through email security filters. Some Capital One insiders thought they saw trouble brewing. Instagram crowd-sources epistemology. Deep fakes are well and...
The CyberWire Podcast

Huawei accused of abetting domestic surveillance in Africa. Cyber gangs adapt and evolve. Prosecutors indicate they’ll add charges to “erratic.” Bluetana detects card skimmers.

Huawei accused of aiding government surveillance programs in Zambia and Uganda. Cyber gangs are adapting to law enforcement, and they’ve turned to “big game hunting.” They’re also adapting legitimate tools to criminal purposes. US Federal prosecutors indicate they intend...
The CyberWire Podcast

Hacking the Czech Foreign Ministry. Microsoft patches new wormable bugs. More controversial human review of AI. Insecure links, exposed databases, and a California vanity plate.

The Czech Senate wants action on what it describes as a foreign state’s cyberattack on the country’s Foreign Ministry. Microsoft warns against the wormable DéjaBlue set of vulnerabilities. More humans found training AI. Insecure airline check-in links. Exposed databases...
The CyberWire Podcast

UN Security Council looks at North Korean cybercrime. Notes on PsiXBot and BITTER APT. The state of spearphishing. Election security. A final look back at Black Hat and Def Con.

More on the UN Security Council’s report on North Korean state-sponsored cyber crime. PsiXBot evolves. BITTER APT probes Chinese government networks in an apparent espionage campaign. A study looks at the state of spearphishing. It’s not just the three-letter...
The CyberWire Podcast

A look back at Black Hat and Def Con. Sometimes failures that look like accidents are accidents. Russia wants better content suppression from Google. Notes on intelligence services.

A look back at Black Hat and Def Con, with notes on technology and public policy. Participants urge people to contribute their expertise to policymakers. Power failures in the UK at the end of last week are largely resolved,...
The CyberWire Podcast

Unpacking the Malvertising Ecosystem — Research Saturday

Researchers at Cisco's Talos Unit recently published research exploring the tactics, technics and procedures of the global malvertising ecosystem. Craig Williams is head of Talos Outreach at Cisco, and he guides us through the life cycle of malicious online...
The CyberWire Podcast

Voting machine security. Airliner firmware. Attribution and deterrence in cyberwar. Monitoring social media. Broadcom buys Symantec’s enterprise security business. Policing, privacy, and an IoT OS.

Are voting machines too connected for comfort? Airliner firmware security is in dispute. Attribution, deterrence, and the problem of an adversary who doesn’t have much to lose. Monitoring social media for signs of violent extremism. Broadcom will buy Symantec’s...
The CyberWire Podcast

Hacking in the Gulf region. Vulnerability research into airliner avionics. Phishing and ransomware move to the cloud. EU data responsibilities. US bans five Chinese companies.

Tensions in the Gulf are accompanied by an increase in cyber optempo. A warning about vulnerable airliner avionics. Phishing is moving to the cloud, and so is ransomware. Android’s August patches address important Wi-Fi issues. An EU court decision...
The CyberWire Podcast

Another speculative execution flaw. LokiBot evolves. APT41 moonlights. Scammers exploit tragedies. Black Hat notes.

A new speculative execution processor flaw is addressed with software mitigations. LokiBot gets more persistent, and it adopts steganography for better obfuscation. The cyber-spies of APT41 seem to be doing some moonlighting. An accused criminal who bribed telco workers...
The CyberWire Podcast

Fancy Bear is snuffling around corporate IoT devices. Machete takes its cuts at Venezuelan military targets. What Mr. Kim is buying. MegaCortex goes for automation. Vigilantes, misconfigurations, etc.

Fancy Bear is back, and maybe in your office printer. El Machete, a cyber espionage group active at least since 2014, is currently working against the Venezuelan military. A UN report allegedly offers a look at what Mr. Kim...
The CyberWire Podcast

Ransomware attacks in Mexico and Germany. Wipers in criminal service. Supervising Siri and Alexa. Mass shooters find inspiration and online expression.

A Mexican publisher is hit with an extortion demand. Ransomware increasingly carries a destructive, wiper component: Germany is dealing with a virulent strain right now. Apple and Amazon, after the bad optics of reports that they’re farming out Siri...

Ready or Not, Here Comes FIDO: How to Prepare for Success

Planning and Preparation Are Key to Successfully Adopting FIDO Standards for “Simpler, Stronger Authentication” read more

Amazon, Microsoft, May be Putting World at Risk of Killer AI, Says Report

Amazon, Microsoft and Intel are among leading tech companies that could spearhead a global AI arms race, according to a report that surveyed major players from the sector about their stance on lethal autonomous weapons. read more
The Register

The Joy of Six… critical security patches: Cisco small biz switches open to hijacking via web UI

Turn it on, download these fixes, crank it up – and rip the KNOB off Cisco has emitted a fresh round of software updates to address security holes in its network switches and controllers.…

New FISMA Report Shows Progress, Gaps in Federal Cybersecurity

No major incidents mixed with continuing gaps in implementation paint an improving, but still muddy, picture of cybersecurity in the federal government.

A botnet has been cannibalizing other hackers’ web shells for more than a year

Neutrino botnet is hijacking servers by taking over other hackers' PHP and Java web shells.