Wednesday, April 24, 2019
The CyberWire Podcast

ISIS claims responsibility for Sri Lanka massacre. Spearphishing embassies in Europe. How the Blockchain Bandit probably did it. Mexican embassy doxed.

ISIS claims responsibility for the Sri Lankan bombings. The government maintains its declared state of emergency, and has arrested at least forty in the course of its investigation. Check Point describes a spearphishing campaign against embassies in Europe. It’s...
The CyberWire Podcast

Sri Lanka’s social media clamp-down, and investigation of Easter massacres. CIA said to have details on Huawei’s relationship with China’s security services. Marcus Hutchins pleads guilty.

Sri Lanka clamps down on social media in the wake of Easter massacres. Authorities suspect an Islamist group, but no terrorist organization has so far claimed responsibility. CIA intelligence is said to have the goods on Chinese security services’...
The CyberWire Podcast

Undetectable vote manipulation in SwissPost e-voting system — Research Saturday

Researchers have discovered a number of vulnerabilities in the SwissPost e-vote system which could allow undetectable manipulation of votes.  Dr Vanessa Teague is Associate Professor and Chair, Cybersecurity and Democracy Network at the Melbourne School of Engineering, University of Melbourne,...
The CyberWire Podcast

Observations on the Mueller Report. Doxing Iranian intelligence. Insecure messaging. Old Excel macros. Wipro hack and gift cards.

Some observations on the Mueller Report, in particular its insight into what two specific GRU units were up to. (And some naming of DCLeaks and Guccifer 2.0 as GRU fronts.) Someone is doxing Iran’s OilRig cyberespionage group. A French...
The CyberWire Podcast

Mueller Report is out. Sea Turtle DNS-manipulation campaign. Over-privileged and under-honest apps kicked out of Google Play. Facebook has another privacy incident. Fraud and destruction.

The US Justice Department releases the redacted Mueller Report: investigators found no evidence sufficient to establish conspiracy or coordination between any US persons and the Russians over the 2016 campaign, but the Bears were busy. The Sea Turtle campaign...
The CyberWire Podcast

Spearphishing from “Luhansk.” Pro-Assange hacktivism. Another undercover private eye? Pirated Game of Thrones episodes carry malware.

Spearphishing campaign against Ukraine traced to the so-called “Luhansk People’s Republic.” Anonymice threaten to rain chaos on Yorkshire if Julian Assange isn’t freed--actually, more chaos since the initial chaos was perhaps too easily overlooked. An implausible venture capitalist is...
The CyberWire Podcast

Fraud will follow fire, alas. Wipro compromise. DDoS in Ecuador. Brazil’s hacker underground. Selling a keylogger. Facebook and data. EU copyright law. Huawei’s prospects. Fact-checkin’, fer real.

Condolences to the city of Paris and the people of France. And, alas, expect fraud to follow fire. A compromise may have turned a company’s networks against its customers. Denial-of-service in Ecuador. A look at Brazil’s cyber criminals. Selling...
The CyberWire Podcast

ISIS inspiration in exile. Facebook’s Sunday outage. A Microsoft IE bug, and a web-mail breach. Issues with VPNs. Last minute tax scams. Oculus Easter eggs.

An ISIS hard drive suggests the Caliphate’s plans for inspiration as it enters exile. Facebook’s Sunday outage remains unexplained. Microsoft deals with a breach in its consumer web mail products. A researcher drops an Internet Explorer zero-day that may...
The CyberWire Podcast

The ghost and the mole; Eric O’Neill’s Gray Day — Special Edition

Eric O’Neill is a former FBI counterintelligence and counterterrorism operative, and founder of the Georgetown Group, a security and investigative firm, as well as national security strategist for Carbon Black. In his book Gray Day, My Undercover Mission to...
The CyberWire Podcast

Establishing software root of trust unconditionally — Research Saturday

Researchers at Carnegie Mellon University's CyLab Security and Privacy Institute claim to have made an important breakthrough in establishing root of trust (RoT) to detect malware in computing devices. Virgil Gligor is one of the authors of the research,...
The CyberWire Podcast

Mr. Assange’s courthouse future(s). Dragonblood Wi-Fi vulnerabilities. Tax fraud and identity theft dark web souks.

Julian Assange remains in British custody. Hearings on the US extradition warrant are expected to begin next month. The US indictment revives discussion of the Computer Fraud and Abuse Act under which Mr. Assange was charged. Some notes on...
The CyberWire Podcast

Julian Assange is out of the embassy and in custody. Pyongyang’s HOPLIGHT. Operations SneakyPastes. Incident response planning blues. High school jam.

Julian Assange is out of the Ecuadoran embassy and in British custody. He’s been found guilty of bail jumping, and will face extradition to the US on charges related to conspiracy to release classified material. Hidden Cobra is back...
The CyberWire Podcast

The Triton actor seems to be back. Project TajMahal is after diplomatic secrets. California’s motor-voter program and a DMV hack.

FireEye says that the Triton actor is back. There’s some ICS malware staged in an unnamed “critical infrastructure” facility, and it looks as if the people who went after a petrochemical plant in 2017 are back for battlespace preparation....
The CyberWire Podcast

GossipGirl, the supra threat actor. LockerGoga’s destructive functionality. More hacking allegations out of Caracas. Revolutionary Guard now a designated terrorist group. Creepy crime.

In today’s podcast, we hear about GossipGirl, potentially a “supra threat actor” Chronicle sees linking Stuxnet, Flame, and Duqu. LockerGoga’s destructive functionality may be a feature, not a bug. Venezuela now says its power grid is being hacked by...
The CyberWire Podcast

US DHS Secretary Nielsen resigns. Credential stuffing campaigns. Cryptojacking disrupts a business. A duty of care, online. Tax season scams.

In today’s podcast, we hear about leadership changes at the US Department of Homeland Security. A look at credential stuffing. Cryptojacking disrupts production at an optical equipment manufacturer. The British Government moves toward establishing a duty of care that...

Stuxnet Family Tree Grows

What a newly discovered missing link to Stuxnet and the now-revived Flame cyber espionage malware add to the narrative of the epic cyber-physical attack.
ZDNet

Another dark web marketplace bites the dust –Wall Street Market

Two major dark web marketplaces for buying illegal products shut down in the span of a month.

Google File Cabinet Plays Host to Malware Payloads

Researchers detect a new drive-by download attack in which Google Sites' file cabinet template is a delivery vehicle for malware.

Demonstration Showcase Brings DevOps to Interop19

Attendees will learn how orchestration and automation can be a part of network operations and security, even at smaller companies.
isBuzz

What Home Buying Can Teach Us About Continuous Monitoring

Companies have been brainwashed to solely rely on hiring major auditing companies to help monitor and audit their vendors’ security. Assessments from these traditional auditors are typically an annual point-in-time affair. With technology advancing much more frequently, this outdated...