Previous Episodes Refresh
Dec 07, 2019
Targeting routers to hit gaming servers. — Research SaturdayDecember 07, 2019
Researchers at Palo Alto Networks' Unit 42 recently published research outlining attacks on home and small-business routers, taking advantage of known vulnerabilities to make the routers parts of botnets, ultimately used to attack gaming servers. Jen Miller-Osborn is the Deputy Director of Threat Intelligence for Unit 42 at Palo Alto Networks. She joins us to share their findings. The research can be found here: ...
Dec 06, 2019
Facebook sues over ad fraud. Tampering with VPN connections. Russian disinformation in Lithuania.December 06, 2019
Facebook sues a company for ad fraud. Unix-based VPN traffic is vulnerable to tampering. Russian disinformation in Lithuania. Apple explains why new iPhones say they’re using Location Services, even when Location Services are switched off. Researchers set a new record for cracking an encryption key. And ransomware hits a New Jersey theater. David Dufour from Webroot with a look back at 2019's nastiest cyber threats. Guest is Robert Waitman from Cisco with...
Dec 05, 2019
Data center ransomware. Third-party breach hits telco customers. Buran and Buer on the black market. The Great Canon opens fire. Russia trolls Lithuania. Big bad BEC.December 05, 2019
Data center operator CyrusOne sustains a ransomware attack. Another third-party breach involves a database inadvertently left exposed on an unprotected server. Buran ransomware finds its place in the black market, as does the new loader Buer. China’s Great Cannon is back and firing DDoS all over Hong Kong. Russian trolls are newly active in Lithuania. And a business email compromise scam fleeces a Chinese venture capital firm of $1 million--enough for a nice...
Dec 04, 2019
Lazarus Group interested in thorium reactors? Disinformation by phishing. ZeroCleare wiper in the wild. NATO addresses cyber conflict. NotPetya litigation. Black market takedown.December 04, 2019
North Korea’s Lazarus Group may have been looking for Indian reactor design information. A possible case of Russian influence operations, served up by phishing, is under investigation in the UK. The ZeroCleare wiper malware is out and active in the wild. NATO’s summit addresses cyber conflict, and a big NotPetya victim challenges insurers’ contentions that the malware was an act of war. And an international police action takes down a black market spyware...
Dec 03, 2019
Secondary Infektion may be back, and interested in UK elections. Quantum Dragon. FaceApp risks. PyXie RAT in the wild. An Ethereum developer is charged with helping North Korea evade sanctions.December 03, 2019
Someone believes, or would like others to believe, that Britain’s National Health Service is for sale to the US. There’s no word on whether the US has offered the Brooklyn Bridge in exchange. The “Quantum Dragon” study summarizes Chinese efforts to obtain quantum research results from Western institutions. The FBI says FaceApp is a security threat. PyXie, a Python RAT, has been quietly active in the wild since 2018. An Ethereum developer is accused with...
Dec 02, 2019
ANSSI considering retaliation for ransomware attack. MixCloud breached. Imminent Monitor shut down.December 02, 2019
France might go on the offensive against ransomware attackers. The UK’s NCSC has been helping an unnamed nuclear power company recover from a cyberattack. A failed cyberattack targeted the Ohio Secretary of State’s website on Election Day. MixCloud confirms data breach. The Imminent Monitor RAT is shut down by law enforcement. And a cryptocurrency exchange loses nearly fifty-million dollars. Joe Carrigan from JHU ISI on victim blaming. For...
Dec 01, 2019
Caveat 04 — Slowly awakening to the problems we faceDecember 01, 2019
Ben looks at the cozy relationship between Ring and local law enforcement, Dave shares a story about a DNA tests and search warrants. Our listener on the line wonders about deleted emails. Our guest is Michael Chertoff, former US Secretary of Homeland Security, now head of the Chertoff Group. Links to stories: ...
Nov 30, 2019
Special Edition — Peter W. Singer author of LikeWarNovember 30, 2019
In this CyberWire special edition, an extended version of our conversation from earlier this year with Peter W. Singer. We spoke not long after the publication of his book, Like War - the Weaponization of Social Media. Thanks to our special edition sponsors, McAfee.
Nov 29, 2019
Special Edition — John Maeda author of How to Speak MachineNovember 29, 2019
In this CyberWire special edition, a conversation with John Maeda. He’s a Graphic designer, visual artist, and computer scientist, and former President of the Rhode Island School of Design and founder of the SIMPLICITY Consortium at the MIT Media Lab. His newly released book is How to Speak Machine - Computational Thinking for the Rest of Us. Thanks to our special edition sponsors, McAfee.
Nov 27, 2019
Phishing, cryptojacking, and commodity malware. New supply chain security measures. And have you heard about this Black Friday thing?November 27, 2019
A Fullz House for Thanksgiving. Google finds that nation-state phishing continues at its customary high levels. DeathRansom, the low-end ransomware that didn’t actually encrypt files, has now begun to do so. The Stantinko botnet adds cryptomining functionality. Microsoft reflects on Dexphot, and the sophistication it brings to ordinary malware. Supply chain security rules are coming to the US. A lawsuit in Tel Aviv. And some final notes on Black Friday....