Thursday, August 16, 2018
The CyberWire Podcast

Notes on patching. Foreshadow speculative execution vulnerability. Influence operations. The FBI’s new cyber chief. Are stickers a temptation to thieves, hackers, and customs officers?

In today's podcast we hear some Patch Tuesday notes—both Microsoft and Adobe were busy yesterday. Foreshadow, a new speculative execution vulnerability, is reported. Malaysia gets attention from Chinese espionage services. Competition for jihadist mindshare. Influence operations as marketing. The...
The CyberWire Podcast

Cryptowars notes. DDoS in Finland. Bears aren’t under the beds; they’re in the routers. Smart city attack surfaces. Sanction notes. Training through puzzle-solving .

In today's podcast, we hear about the cryptowars down under. Major DDoS incident in Finland. Bears in the home routers, and concerns about IoT and power grid security prompt a US Senator to demand answers. Smart cities present big attack surfaces....
The CyberWire Podcast

Spyware for states and spouses. Election hacking demos. New ransomware strains, and a clipper for Android. Airline Wi-Fi is not only irritating, but insecure...

In today's podcast, we hear about spyware in the guise of a missile attack warning app. New Dharma variant out. Android.Clipper redirects transactions to crooks' cryptowallets. DLink exploits rob Brazilian banking customers. Utilities prepare for grid hacks, but researchers say an appliance botnet could...
The CyberWire Podcast

Thrip espionage group lives off the land. — Research Saturday

Researchers at Symantec have been tracking a wide-ranging espionage operation that's targeting satellite, telecom and defense companies.  Jon DiMaggio is a senior cyber intelligence analyst at Symantec, and he takes us through what they've discovered. The research can be...
The CyberWire Podcast

DPRK RAT in the wild. Vulnerable WPA2 4-way handshake implementations. Black Hat notes. Sanctions and retaliation. RoK to reorganize Cyber Command. PGA and ransomware.

In today's podcast we hear that US-CERT is warning of a North Korean RAT. Researchers find vulnerable WPA2 handshake implementations. A sales call results in inadvertent data exposure. Notes on Black Hat: circumspection, hype, barkers, and artificial intelligence. Russia...
The CyberWire Podcast

State-sponsored ransomware campaigns coming? DarkHydrus and Phishery. Hitting ATMs for alt-coin. US sanctions Russia. IBM looks at artificially intelligent malware. Black Hat notes.

In today's podcast we hear that Tehran seems ready to follow Pyongyang into state-sponsored theft to redress financial shortfalls: cryptocurrency ransomware looks like Iran's preferred approach. DarkHydrus uses commodity tool Phishery in Middle Eastern campaign. Jackpotting cryptocurrency ATMs. The US imposes sanctions on...
The CyberWire Podcast

Payment processors probed with BGP exploits for redirection attacks. WhatsApp vulnerable to manipulation? Deterrence and retaliation. Anonymous vs. QAnon. Notes from Black Hat.

In today's podcast we hare that Oracle has warned of BGP exploits against payment processors. Check Point says it's found vulnerabilities in WhatsApp that could enable chat sessions to be intercepted and manipulated. Germany, Ukraine, and the US independently...
The CyberWire Podcast

TSMC recovers from WannaCry infection. OpenEMR fixes 30 bugs. UK will ask Russia to extradite two GRU operators for Novichok attacks. Twitterbots flourish.

In today's podcast we hear that chipmaker TSMC says the virus that shut it down in Taiwan was WannaCry. It appears to have been an incidental infection enabled by inattentive installation of software. OpenEMR fixes bugs that could have exposed millions...
The CyberWire Podcast

More data exposures, from banks and a major CRM provider. Ransomware strikes back. The irresistibility of data. An unhackable wallet gets hacked…maybe. Spreading goodwill...

Leaky API may have exposed Salesforce customers' data, TSMC reports a virus in its semiconductor plants. TCM Bank discloses a paycard application leak. Ransomware in Hong Kong. The US Census Bureau prepares to secure its 2020 "fully digital" census. The unbearable,...
The CyberWire Podcast

Cortana voice assistant lets you in. — Research Saturday

Researchers at McAfee recently discovered code execution vulnerabilities in the default settings of the Cortana voice-activated digital assistant in Windows 10 systems.  Steve Povolny is head of advanced threat research at McAfee and he shares their findings. The research...
The CyberWire Podcast

Russian threats and threats to Russia. Cryptojacking wave spreads out from Brazil. Recovering from malware in Alaska and Atlanta. Notes on automotive cybersecurity.

In today's podcast we hear that the US Intelligence Community warns of Russian threats, again. A criminal spearphishing campaign hits Russian industrial companies. A cryptojacking wave is installing CoinHive in MicroTik routers. Speakers at the Billington Automotive CyberSecuirty Summit stress collaboration,...
The CyberWire Podcast

RASPITE noses around the US power grid. Cisco will buy Duo Security. Sandworm afflicts lab investigating Novichok attack. Influence ops can be no-lose proposition.Crytpojacking...

In today's podcast, we hear that Cisco plans to buy Duo Security. Dragos warns of the RASPITE adversary actor. Russia's Sandworm group is phishing people connected with a Swiss chemical forensics lab. How influence operations can be a no-lose...
The CyberWire Podcast

Reddit Hacked. Ukrainians nabbed. Facebook boots “inauthentic” accounts for malign influence. Pegasus spyware found in Amnesty phone. Yale’s old breach. Google and censorship.

In today's podcast we hear that a Swiss chemical agent forensic lab has seen Sandworm phishing attempts. Facebook kicks thirty-one "inauthentic" accounts from its platform: they seem to have been engaged in influence operations, possibly Russian. Attribution remains difficult. NSO Group's Pegasus spyware...
The CyberWire Podcast

Data-centric security. — Special Edition

In this CyberWire special edition, we take a look at data-centric security, focusing on the security of the data itself, rather than the surrounding networks, application or servers.    To help us on our journey of understanding we’ve lined...
The CyberWire Podcast

Infrastructure security, especially power, finance, and elections. Preparation pays off. Proofpoint warns of new AZORult malware. Check Point tracks Master134 malvertising. Crime news.

In today's podcast we hear more warnings about Russian cyber operators in the North American power grid. The US Department of Homeland Security announces formation of a National Risk Management Center. Cosco's preparation may have rendered the shipper more resilient to the...
The Register

Mozilla-endorsed security plug-in accused of tracking users

Web Security says there's nothing nefarious to its URL collection A security plug-in for the Firefox browser is under fire after users discovered it was collecting and uploading their online activity.…
The Register

Making money mining Coinhive? Yeah, you and nine other people

10 users controlling the bulk of cryptocoin generator funds Mining internet currency on websites with Coinhive scripts is a lucrative endeavor, but only for a handful of people.…
PC Mag

Google Launches Searchable Database on US Political Ads

The new site offers an eye-opening view of how online political ad spending through Google can work. It offers a breakdown on individual ad campaigns, including a catalog of what ads were served and to which demographic groups.

Intel Reveals New Spectre-Like Vulnerability

A new side-channel speculative execution vulnerability takes aim at a different part of the CPU architecture than similar vulnerabilities that came before it.

Miller & Valasek: Security Stakes Higher for Autonomous Vehicles

Car hacking specialists shift gears and work on car defense in their latest gigs - at GM subsidiary Cruise Automation.