Tuesday, December 11, 2018
The CyberWire Podcast

A bail hearing in Vancouver. The prospect of indictments in IP theft cases. Kubernetes vulnerabilities. Russia and Ukraine swap hacks? An advance fee scam asks for help getting out of jail.

In today’s podcast, we hear that Huawei’s CFO awaits her immediate fate in a Vancouver detention facility, where she faces possible extradition to the US on a sanctions-violation beef. Huawei itself receives hostile scrutiny from the Five Eyes, the...
The CyberWire Podcast

Operation Red Signature targets South Korean supply chain — Research Saturday

Researchers at Trend Micro uncovered a supply chain attack targeting organizations in South Korea. With the goal of information theft, attackers compromised the update server of a third party support provider, resulting in the installation of a RAT, or...
The CyberWire Podcast

Huawei legal and security updates. A shift to personalized spam in attacks on retailers. “Hollywood hacks” in Eastern European banks.

In today’s podcast we hear that Huawei’s CFO remains in Canadian custody, perhaps facing extradition to the US. All Five Eyes have now expressed strong reservations about Huawei on security grounds. They’ve been joined in this by Japan and...
The CyberWire Podcast

Huawei CFO arrested in Canada, faces extradition to US. Anonymous claims that Chinese intelligence hacked Marriott. Russian hospital phished. SamSam indictments, warnings. Facebook agonistes.

In today’s podcast, we hear that Huawei’s CFO was arrested in Vancouver on a US sanctions beef. Anonymous sources tell Reuters Chinese intelligence was behind the Marriott hack. A Flash zero-day is used in an attack against a Russian...
The CyberWire Podcast

DDoS and BEC risks rising. Ukraine says it stopped Russian cyber campaign. EU looks to stopping disinformation. NRCC email compromise. Facebook emails released by Parliament.

In today’s podcast, we hear that CoAp-based DDoS attacks are on the rise. A Nigerian gang has done some industrial-scale work on business email compromise. Ukraine says it stopped a major Russian cyber attack. The EU looks toward its May elections...
The CyberWire Podcast

Fancy Bear in Czech government systems. Watering hole attacks. Quora breached. Marriott breach follow-up. Kubernetes privilege escalation flaw. Scams kicked out of Apple’s App Store.

In today’s podcast we hear how Fancy Bears and free-range catphish have been disporting themselves in the Czech Republic. China reported to have used watering hole attacks to gain entry into Australian institutions. Quora suffers a data breach. Marriott’s breach response...
The CyberWire Podcast

US Defense Department and UK’s MI6 aren’t buying Russian honey over cyber operations. Iranian influence operations. Marriott breach fallout. Court upholds Kaspersky ban. Ransom and sanctions.

In today’s podcast, we hear that senior US and UK officials have harsh words for Russian actions in cyberspace even as President Putin undertakes a charm offensive at the G20 meetings. (In fairness to the US and UK officials,...
The CyberWire Podcast

Settling in with GDPR — CyberWire-X

In the second episode of our new, four-part series, called “Ground Truth or Consequences: the challenges and opportunities of regulation in cyberspace,” we take a look at the impact GDPR has had since it's implementation in May 2018. Joining us...
The CyberWire Podcast

Getting an education on Cobalt Dickens — Research Saturday

Researchers from Secureworks' Counter Threat Unit have been tracking a threat group spoofing login pages for universities. Evidence suggests the Iranian group Cobalt Dickens is likely responsible. Allison Wikoff is a senior researcher at Secureworks, and she joins us...
The CyberWire Podcast

Marriott suffers data breach. Dunkin Donuts credential stuffing attack. Urban Massage database exposed, unsecured. Fancy Bear paws at German government targets. SamSam cost.

In today’s podcast we hear about Marriott’s big breach. And Dunkin’ Donuts big breach. And, and, Urban Massage’s embarrassing exposure. Lessons are drawn about third-party risk, password reuse, and the importance of being less creepy to the people you...
The CyberWire Podcast

Reconnaissance and degradation. Hybrid war in Eastern Europe and Southwest Asia. Eternal Silence infects unpatched systems. Dell customers reset passwords. SamSam indictments.

In today’s podcast, we hear warnings of Russian recon “degradation” of the North American power grid. Information operations in Russia’s hybrid war against Ukraine. Factions in Yemen’s civil war contest cyberspace (and fiber optic cables). Eternal Silence exploits systems...
The CyberWire Podcast

DNSpionage. Cobalt Dickens’ unwelcome return. iOS spyware may be more widespread than believed. Governments move toward content moderation. Small towns, big problems.

In today’s podcast, we hear that DNSpionage espionage tools are hitting Middle Eastern targets. Iran’s Cobalt Dickens returns to pester universities. Lawful intercept vendors receive more scrutiny, and that scrutiny suggests iOS might not have escaped their attention as much as...
The CyberWire Podcast

Rotexy Trojan gets worse. Bad apps in Google Play. Backdoor for crypto-wallets. Facebook goes before Parliament. Pegasus spyware versus journalists. Russian hybrid war. Too-smart devices.

In today’s podcast we hear that the Rotexy Trojan has evolved into phishing and ransomware. Bad apps found in Google Play. An open source library used in cryptocurrency wallets had a wide-open backdoor. Facebook goes before Parliament, which seems in a...
The CyberWire Podcast

A quick look at the state of spam. Phishing for power grids. Industrial espionage. Free and command economy versions of social control. Lessons from JTF Ares.

In today’s podcast we hear that Emotet ramped up for Black Friday—beware of the spam. Social engineering and the power grid. Industrial espionage resurfaces as an issue in Sino-American relations. Huawei remains unforgiven in Washington. China’s emerging social credit system. Bottom-up...
The CyberWire Podcast

Perils of paycards, as Cyber Weekend approacheth. Tessa88 is identified. Many more people than before have now heard of High Tail Hall.

In today’s podcast, we hear that Amazon has offered customers a modified, limited hangout on some kind of data exposure. The online retailer says everything’s OK, but it hasn’t said much else. Facebook is back online—yesterday’s outage attributed to a server...

What is a keylogger? How attackers can monitor everything you type

Keylogger definitionTo read this article in full, please click here(Insider Story)
Computerworld

And that was actually the CLEAN version!

It's more than a few years back, and this oilfield services company is implementing a new email filter, says a pilot fish working there."It was part of an email security product," fish says. "The filter could identify emails containing...

Review: How StackRox protects containers

With the rise of cloud computing and later DevOps, containerization has never been more popular. But cybersecurity has yet to fully catch up. Even security applications designed to work natively in the cloud have trouble protecting the most popular...

Dark web goldmine busted by Europol

What’s the safest way to buy counterfeit banknotes? Not on the dark web market, as 235 people have just discovered to their cost.
Security Affairs

Google will shut down consumer version of Google+ earlier due to a bug

Google announced it will close the consumer version of Google+ before than originally planned due to the discovery of a new security flaw. Google will close the consumer version of Google+ in April, four months earlier than planned. According to G...