Limor Kessem: Be an upstander. [Security Advisor] [Career Notes]
Executive Security Advisor at IBM Security Limor Kessem says she started her cybersecurity career by pure chance. Limor made a change from her childhood dream of being a doctor and came...
An IoT educational exercise reveals a far-reaching vulnerability. [Research Saturday]
Guest Jake Valletta, Director of Professional Services at Mandiant, joins Dave to talk about the critical vulnerability Mandiant disclosed that affects millions of IoT devices. Mandiant disclosed a critical risk vulnerability...
Patch that password manager. The hidden hand of the troll farm. Election meddling. Coin-mining’s costs, and a crackdown in China. If you really loved me, you’d speculate in Dogecoin….or something.
Patch your Zoho software now--vulnerable instances are being actively exploited. Maximum engagement isn’t necessarily good engagement: the hidden hand of the trolls replaces the invisible hand of the marketplace of ideas....
A CSO's 9/11 Story: CSO Perspectives Bonus.
For the 20th anniversary of 9/11, Rick Howard, the Cyberwire’s CSO, Chief Analyst, and Senior Fellow, recounts his experience from inside the Pentagon running the communications systems for the Army Operations...
Election-season cyber incidents in Germany. South Africa works to recover from a ransomware attack on government networks. Cryptojacking botnet moves to Windows targets. Ransomware notes.
Denial-of-service at a German election agency, as Federal prosecutors investigate GhostWriter. More nation-states get into election meddling. South Africa works to recover from a ransomware attack against government networks. A cryptojacking...
No crackdown on ransomware from Moscow (at least so far). Cyber Partisans in Belarus. A long-running Chinese cyber campaign. Phishing and other cybercrime. Mercenaries.
That Russian crackdown on ransomware gangs people thought they were seeing? Hasn’t happened, at least according to the FBI. The Cyber Partisans take a virtual whack at President Lukashenka’s government in...
NSO Group’s Pegasus was installed in a zero-click exploit: iOS users should patch. Vermillion Strike hits Linux systems. Enforcing the law against cybercrime.
Citizen Lab finds, and Apple patches, a zero-day used for zero-click installation of Pegasus spyware. A Cobalt Strike beacon has been turned to cyberespionage use against Linux targets. The Russian government...
The continuing problem of Meris and its bot-driven DDoS. Mustang Panda visits Indonesia. DPRK’s social media battlespace prep. Al Qaeda marks 9/11’s anniversary. And REvil seems to be back.
The Meris botnet continues to disrupt New Zealand banks, and has turned up elsewhere, too. Mustang Panda compromised Indonesian government networks. North Korean operators are using social media to soften up...
Joe Bradley: A bit of a winding road. [Chief Scientist] [Career Notes]
Chief Scientist at LivePerson Joe Bradley takes us down his circuitous career journey that led him back to math. Joe had many ambitions from opera singer to middle school teacher, spent some...
A Google Chrome update that just didn't feel right. [Research Saturday]
Guest Jon Hencinski from Expel joins Dave Bittner to discuss his team's recent work on "Expel SOC Stops Ransomware Attack Aimed at WordPress CMS via Drive-By Download Disguised as Google Chrome...
Investigations–the SEC looks into Solarigate, German prosecutors inquire into GhostWriter. The Meris botnet is responsible for recent DDoS attacks. Implausible deniability. The SINET 16 are announced.
The SEC’s inquiry into the SolarWinds incident may expose other, unrelated data breaches. Researchers identify an IoT botnet, Meris, as responsible for DDoS attacks against a number of banks. German prosecutors...
Credential theft at the UN? Intelligence services and privateers. DDoS hits a big multinational. A look at AlphaBay 2.0. Notes on the C2C marketplace.
A cyberattack is reported at the UN, with agency data apparently lost to parties and parts unknown. The Bears are quieter, but the privateers are up and at ‘em. DDoS hits...
BladeHawk Android cyberespionage campaign in progress. Labor Day was quiet, but the gangs are now back at it. REvil’s remnant stirs. Bulletproof hosting. Phishing keywords.
BladeHawk cyberespionage campaign in progress. Microsoft warns of targeted attacks in progress. Hey--the hoods took a breather over Labor Day, but the straw hats are off now, and they’re back at...
A threat from Ragnar Locker. GhostWriter in the Bundestag. BKA bought Pegasus. Taliban sifts data for potential opponents. France-Visas hacked. Modified apps. Privacy notes. A TrickBot arrest.
No spectacular flurry of Labor Day ransomware, but Ragnar Locker threatens its victims. Berlin complains to Moscow about GhostWriter. Another Pegasus customer is disclosed. The Taliban is searching for data on...
Security operations centers: a first principle idea. [CSO Perspectives]
The idea of operations centers has been around as far back as 5,000 B.C. This show covers the history of how we got from general purpose operations centers to the security...
How to Set Up a NAS to Securely Share Files
From file backups to movie streaming, network attached storage drives offer plenty of functions and features.
The Biden administration plans to target exchanges supporting ransomware operations with sanctions
US Government is expected to issue sanctions against crypto exchanges, wallets, and traders used by ransomware operations to cash out ransom payments.
The Biden administration is putting in place all the strategies to disrupt the operations of the ransomware...
Former US Intelligence Operatives Admit They Hacked for UAE
Plus: Remote learning spyware, an AT&T bribery scandal, and more of the week's top security news.
Expert discloses details and PoC code for Netgear Seventh Inferno bug
A new critical vulnerability in Netgear smart switches can be exploited by an attacker to potentially execute malicious code and take over impacted devices.
Researchers provided technical details about a recently addressed critical vulnerability, dubbed Seventh Inferno, in Netgear smart...
A new app helps Iranians hide messages in plain sight
Enlarge / An anti-government graffiti that reads in Farsi "Death to the dictator" is sprayed at a wall north of Tehran on September 30, 2009. (credit: Getty Images)
Amid ever-increasing government Internet control, surveillance, and censorship in...
