Sunday, September 19, 2021
The CyberWire Podcast

Limor Kessem: Be an upstander. [Security Advisor] [Career Notes]

Executive Security Advisor at IBM Security Limor Kessem says she started her cybersecurity career by pure chance. Limor made a change from her childhood dream of being a doctor and came...
The CyberWire Podcast

An IoT educational exercise reveals a far-reaching vulnerability. [Research Saturday]

Guest Jake Valletta, Director of Professional Services at Mandiant, joins Dave to talk about the critical vulnerability Mandiant disclosed that affects millions of IoT devices. Mandiant disclosed a critical risk vulnerability...
The CyberWire Podcast

Patch that password manager. The hidden hand of the troll farm. Election meddling. Coin-mining’s costs, and a crackdown in China. If you really loved me, you’d speculate in Dogecoin….or something.

Patch your Zoho software now--vulnerable instances are being actively exploited. Maximum engagement isn’t necessarily good engagement: the hidden hand of the trolls replaces the invisible hand of the marketplace of ideas....
The CyberWire Podcast

A CSO's 9/11 Story: CSO Perspectives Bonus.

For the 20th anniversary of 9/11, Rick Howard, the Cyberwire’s CSO, Chief Analyst, and Senior Fellow, recounts his experience from inside the Pentagon running the communications systems for the Army Operations...
The CyberWire Podcast

Election-season cyber incidents in Germany. South Africa works to recover from a ransomware attack on government networks. Cryptojacking botnet moves to Windows targets. Ransomware notes.

Denial-of-service at a German election agency, as Federal prosecutors investigate GhostWriter. More nation-states get into election meddling. South Africa works to recover from a ransomware attack against government networks. A cryptojacking...
The CyberWire Podcast

No crackdown on ransomware from Moscow (at least so far). Cyber Partisans in Belarus. A long-running Chinese cyber campaign. Phishing and other cybercrime. Mercenaries.

That Russian crackdown on ransomware gangs people thought they were seeing? Hasn’t happened, at least according to the FBI. The Cyber Partisans take a virtual whack at President Lukashenka’s government in...
The CyberWire Podcast

NSO Group’s Pegasus was installed in a zero-click exploit: iOS users should patch. Vermillion Strike hits Linux systems. Enforcing the law against cybercrime.

Citizen Lab finds, and Apple patches, a zero-day used for zero-click installation of Pegasus spyware. A Cobalt Strike beacon has been turned to cyberespionage use against Linux targets. The Russian government...
The CyberWire Podcast

The continuing problem of Meris and its bot-driven DDoS. Mustang Panda visits Indonesia. DPRK’s social media battlespace prep. Al Qaeda marks 9/11’s anniversary. And REvil seems to be back.

The Meris botnet continues to disrupt New Zealand banks, and has turned up elsewhere, too. Mustang Panda compromised Indonesian government networks. North Korean operators are using social media to soften up...
The CyberWire Podcast

Joe Bradley: A bit of a winding road. [Chief Scientist] [Career Notes]

Chief Scientist at LivePerson Joe Bradley takes us down his circuitous career journey that led him back to math. Joe had many ambitions from opera singer to middle school teacher, spent some...
The CyberWire Podcast

A Google Chrome update that just didn't feel right. [Research Saturday]

Guest Jon Hencinski from Expel joins Dave Bittner to discuss his team's recent work on "Expel SOC Stops Ransomware Attack Aimed at WordPress CMS via Drive-By Download Disguised as Google Chrome...
The CyberWire Podcast

Investigations–the SEC looks into Solarigate, German prosecutors inquire into GhostWriter. The Meris botnet is responsible for recent DDoS attacks. Implausible deniability. The SINET 16 are announced.

The SEC’s inquiry into the SolarWinds incident may expose other, unrelated data breaches. Researchers identify an IoT botnet, Meris, as responsible for DDoS attacks against a number of banks. German prosecutors...
The CyberWire Podcast

Credential theft at the UN? Intelligence services and privateers. DDoS hits a big multinational. A look at AlphaBay 2.0. Notes on the C2C marketplace.

A cyberattack is reported at the UN, with agency data apparently lost to parties and parts unknown. The Bears are quieter, but the privateers are up and at ‘em. DDoS hits...
The CyberWire Podcast

BladeHawk Android cyberespionage campaign in progress. Labor Day was quiet, but the gangs are now back at it. REvil’s remnant stirs. Bulletproof hosting. Phishing keywords.

BladeHawk cyberespionage campaign in progress. Microsoft warns of targeted attacks in progress. Hey--the hoods took a breather over Labor Day, but the straw hats are off now, and they’re back at...
The CyberWire Podcast

A threat from Ragnar Locker. GhostWriter in the Bundestag. BKA bought Pegasus. Taliban sifts data for potential opponents. France-Visas hacked. Modified apps. Privacy notes. A TrickBot arrest.

No spectacular flurry of Labor Day ransomware, but Ragnar Locker threatens its victims. Berlin complains to Moscow about GhostWriter. Another Pegasus customer is disclosed. The Taliban is searching for data on...
The CyberWire Podcast

Security operations centers: a first principle idea. [CSO Perspectives]

The idea of operations centers has been around as far back as 5,000 B.C. This show covers the history of how we got from general purpose operations centers to the security...

How to Set Up a NAS to Securely Share Files

From file backups to movie streaming, network attached storage drives offer plenty of functions and features.
Security Affairs

The Biden administration plans to target exchanges supporting ransomware operations with sanctions

US Government is expected to issue sanctions against crypto exchanges, wallets, and traders used by ransomware operations to cash out ransom payments. The Biden administration is putting in place all the strategies to disrupt the operations of the ransomware...

Former US Intelligence Operatives Admit They Hacked for UAE

Plus: Remote learning spyware, an AT&T bribery scandal, and more of the week's top security news.
Security Affairs

Expert discloses details and PoC code for Netgear Seventh Inferno bug

A new critical vulnerability in Netgear smart switches can be exploited by an attacker to potentially execute malicious code and take over impacted devices. Researchers provided technical details about a recently addressed critical vulnerability, dubbed Seventh Inferno, in Netgear smart...

A new app helps Iranians hide messages in plain sight

Enlarge / An anti-government graffiti that reads in Farsi "Death to the dictator" is sprayed at a wall north of Tehran on September 30, 2009. (credit: Getty Images) Amid ever-increasing government Internet control, surveillance, and censorship in...