Sunday, June 20, 2021
The CyberWire Podcast

Primitive Bear spearphishes for Ukrainian entities. [Research Saturday]

Guests Gage Mele and Yury Polozov join Dave to talk about Anomali's research "Primitive Bear (Gamaredon) Targets Ukraine with Timely Themes." Anomali Threat Research identified malicious samples that align with the...
The CyberWire Podcast

Notes from the underworld: phishing with hardware, DarkSide impersonation, and cyber vigilantes. Data incidents, and a conviction for a crypter.

Phishing, with a bogus hardware wallet as bait. Empty threats from a DarkSide impersonator. Cyber vigilantes may be distributing anti-piracy malware. Data security incidents at a cruise line and a US...
The CyberWire Podcast

The Russo-US summit ended in frank exchanges and the prospect of further discussions on cybersecurity. Ferocious Kitten tracked. Initial access brokers. Molerats return. Ransomware arrests.

The US-Russian summit took up cyber conflict, cyber privateering, and cyber deterrence, ending with the prospect of further discussions. Ferocious Kitten’s domestic surveillance. Ransomware gangs are using a lot of initial...
The CyberWire Podcast

Airline resolves IT issue. Paradise ransomware source code leaked. Unauthorized access to cameras possible. TSA pipeline cyber guidance under preparation. Russo-US summit. Anonymous extradition.

Southwest flights are back in the air after an IT issue disrupted them yesterday. Paradise ransomware source code has been leaked online. Some networked camera feeds may be accessible to unauthorized...
The CyberWire Podcast

Disruption of a major BEC campaign. Scope of cyberespionage expands in Pulse Secure exploitation. What the Hades? Russo-US summitry. A more secure workforce. Reality Winner is out, sort of.

Microsoft disrupts a major BEC campaign. The scope of cyberespionage undertaken via exploitation of vulnerable Pulse Secure instances seems wider than previously believed. Secureworks offers an account of Hades ransomware, and...
The CyberWire Podcast

Third-party data breach at Volkswagen. An anti-monopoly agenda with Big Tech in its crosshairs. Recovery ransom. How EA was hacked. Avaddon gives up its keys. Gamekeeper turned poacher?

Volkswagen warns North American customers of a third-party data breach. An “anti-monopoly agenda” advances in the US House Judiciary Committee. Speculation about how the FBI recovered ransom from DarkSide. How EA...
The CyberWire Podcast

Margaret Cunningham: A people scientist with a technology focus. [Behavioral science} [Career Notes]

Principal Research Scientist for Human Behavior at Forcepoint, Margaret Cunningham shares her story of how she landed in cybersecurity. With a background in psychology and counseling and not feeling that one-on-one...
The CyberWire Podcast

Taking a look behind the Science of Security. [Research Saturday]

Guest Adam Tagert is a Science of Security (SoS) Researcher in the National Security Agency Research Directorate. The National Security Agency (NSA) sponsors the Science of Security (SoS) Initiative for the promotion of...
The CyberWire Podcast

Diplomatic Backdoor targets charities, embassies, and telcos in Europe, Africa, and Southwest Asia. Fancy Lazarus and DDoS extortion. Slilpp credential market takedown. A data gap? Cyber regulation.

Diplomatic Backdoor afflicts Africa, Europe, and Southwest Asia. Electronic Arts source code stolen. “Fancy Lazarus” is back: despite the name, it’s an extortion gang, not an espionage service. An international law...
The CyberWire Podcast

Deciding to pay ransom – the cases of JBS and Colonial Pipeline. Gangland branding. Constituent management system hit. Notes on the FBI’s partial recovery of DarkSide’s ransom take.

JBS discloses that it paid REvil roughly eleven-million dollars in ransom. REvil not only had a good haul, but the gang made a few points about its brand, too. Colonial Pipeline...
The CyberWire Podcast

Chinese cyberespionage in Russia? US Executive Order rescinds TikTok, WeChat bans. Operation Trojan Shield. Privateering. NATO’s Article 5 in cyberspace. Patch Tuesday notes.

SentinelOne attributes the cyberespionage campaign against Russia’s FSB to Chinese services. President Biden replaces his predecessor’s bans on TikTok and WeChat with a process of engagement, security reviews, and data protection....
The CyberWire Podcast

FBI claws back a lot of the ransom DarkSide collected. An international dragnet uses an encrypted chat app to pull in more than 800 suspects. Navistar discloses a cyber incident.

The FBI seized a large portion of the funds DarkSide obtained from its extortion of Colonial Pipeline. An international sweep stings more than eight-hundred suspected criminals who were caught while using...
The CyberWire Podcast

Dark Side’s way into Colonial Pipeline networks may have been an old VPN. Summit agenda. DDoS hits German banks. Anonymous angry with Elon Musk? Alleged Trickbot coder arraigned.

Dark Side seems to have attacked Colonial Pipeline through an old VPN account. Washington and Moscow prepare for this month’s summit, with cyber on the agenda. DDoS affects German banks. Anonymous...
The CyberWire Podcast

Dave Farrow: The guy that enabled the business. [Security leadership]

VP of Information Security at Barracuda Dave Farrow shares how a teenage surfer fell in love with software development and made his way in the cybersecurity field. Dave chose to study...
The CyberWire Podcast

Bad building blocks: a new and unusual phishing campaign.

Guest Karl Sigler of Trustwave's SpiderLabs joins Dave Bittner to talk about their research: "Hidden Phishing at Free JavaScript Site". The research describes an interesting phishing campaign SpiderLabs encountered recently. In...
SecurityWeek

Hit by a Ransomware Attack? Your Payment May be Deductible

As ransomware attacks surge, the FBI is doubling down on its guidance to affected businesses: Don’t pay the cybercriminals. But the U.S. government also offers a little-noticed incentive for those who do pay: The ransoms may be tax deductible. read...

A Bug in the Android Google App Put Privacy at Risk

Plus: Airbnb's safety squad, a fake pharmacy crackdown, and more of the week's top security news.

Why You Suddenly Need To Delete Google Maps On Your iPhone

Hundreds of millions of iPhone users should stop using Google Maps after radical new update...

Why You Should Stop Sending Texts From Your Android Messages App

Millions of you are still putting your security at risk. Here's the serious problem you have...
SecurityWeek

Major Cyberattack on Poland Came from Russian Territory: Kaczynski

A recent "large scale" cyberattack targeting top Polish politicians was launched from Russia, Jaroslaw Kaczynski, the leader of Poland's governing right-wing party, said on Friday. read more