The CyberWire

The CyberWire


© 2018 The CyberWire, Inc.

Open in iTunes View RSS Feed

The CyberWire

More signal, less noise—we distill the day’s critical cyber security news into a concise daily briefing.
Title Date Listen Download
A fresh look at GOSSIPGIRL and the Supra Threat Actors — Research Saturday May 25, 2019 Listen Download
Stone Panda update. A new strain of Mirai. Bogus cryptocurrency apps are trending in Google Play. Mr. Assange is charged under the Espionage Act. Info ops. Law firms as phishbait. May 24, 2019 Listen Download
NATO and UK to Russia: hands off elections and infrastructure. More trouble for Huawei, and maybe for others. Notes from the Cyber Investing Summit. Equifax downgraded over 2017 breach. Is it art? May 23, 2019 Listen Download
Fancy Bear fingered, again. Warnings for travelers. Political parties get a cybersecurity grade. Updates on US restrictions on Chinese companies. May 22, 2019 Listen Download
BlackWater snoops through the Middle East. TeamViewer hacked. Android app behaving badly. A misconfigured database with scraped Instagram data. Ransomware notes. Huawei updates. May 21, 2019 Listen Download
Huawei agonistes. Hacktivism is way down. New EU sanctions regime. Facebook goes after more coordinated inauthenticity. Salesforce still fixing its fix. OGuser hacked. May 20, 2019 Listen Download
Elfin APT group targets Middle East energy sector — Research Saturday May 18, 2019 Listen Download
Slack closes a vulnerability. Email tracking in a court martial. Restrictions on doing business with Huawei come into place. A case of responsible disclosure. May 17, 2019 Listen Download
US Executive Order aimed at China, and Huawei. Hunting backdoors in Dutch networks. Spyware proliferation. Cipher stunting. Titan key spoofing. Meaconing warning. Exposed PII in Russia. May 16, 2019 Listen Download
Sharing espionage tools and infrastructure. Speculative execution flaws found in Intel chips. A big Patch Tuesday. CrowdStrike’s IPO. WhatsApp exploitation. Cyber Solarium. Ransomware in Baltimore. May 15, 2019 Listen Download
Russians hacked two Florida counties. Fxmsp targets named. WhatsApp patches spyware-enabling flaws. Breach costs. Cisco patches routers. Endless Mayfly’s endless hogwash. May 14, 2019 Listen Download
Security companies allegedly hacked by Fxmsp remain unidentified. SharePoint bug exploited in the wild. G7 preps major cyber exercise. Anthem hack motive? Amnesty takes NSO Group to court. May 13, 2019 Listen Download
Steganography enables sophisticated OceanLotus payloads — Research Saturday May 11, 2019 Listen Download
Breaches at AV companies? Pyongyang’s ElectricFish. Symantec’s CEO steps down. Calls to break up Facebook and regulate the pieces. US Federal indictments for leaks and breaches. Verizon DBIR reviewed. May 10, 2019 Listen Download
Someone is after Tehran’s hackers. GitLab misconfiguration. AI’s attack potential. Amazon pursues hackers who defrauded sellers. DeepDotWeb indictments. Evil Clippy. Lunch hacks in San Mateo. May 9, 2019 Listen Download
Turla’s new backdoor. Verizon’s 2019 Data Breach Investigations Report. Bad actors seek to influence the EU. US CYBERCOM preps for 2020. Baltimore’s ransomware. Monolingual content moderation. May 8, 2019 Listen Download
Reverse engineering Equation Group attack tools (and putting them to bad use). Hacking, jamming, and airstrikes. Taking down coordinated inauthenticity. How big is the dark web? May 7, 2019 Listen Download
Supply chain hacking campaign looks like espionage. Airstrikes versus hackers. FTC versus Facebook. Notes from the Global Cyber Innovation Summit. What’s up with MegaCortex. May 6, 2019 Listen Download
Sea Turtle state-sponsored DNS hijacking — Research Saturday May 4, 2019 Listen Download
Utility hack update. Surveillance tool proliferation. Exploit black market. Novel ransomware, old distro channel. Notes from the Global Cyber Innovation Summit. May 3, 2019 Listen Download
Wipro update. Office 365 attacks. The "Smart Content Store" is bad mojo. Russian Internet sovereignty. Global Cyber Innovation Summit notes. May 2, 2019 Listen Download
US Energy Department alludes to March cyber incident. BND 19-02 is out. Facebook likes privacy. Assange gets a short nickel. May 1, 2019 Listen Download
Telnet may not be the backdoor you’re looking for. Large PII database left exposed by parties unknown. DHS has a Critical Functions List. ISIS inspiration is back. Apr 30, 2019 Listen Download
IoT devices exposed in peer-to-peer software vulnerability. Car hacking claims. More warnings of possible violence in Sri Lanka. Curating app stores for security. eScooter’s “voices” hacked. Apr 29, 2019 Listen Download
Deep Learning threatens 3D medical imaging integrity — Research Saturday Apr 27, 2019 Listen Download
Sri Lanka bombing investigation updates. Cryptojacking targets enterprises in East Asia. Oracle web server zero-day. The criminal-to-criminal credential-stuffing market. Who talked about Huawei in UK? Apr 26, 2019 Listen Download
Pledging allegiance to ISIS, and then going forth to kill. Adware in Google Play. Context-aware phishbait. Facebook and the FTC. Server crash or exit scam? Apr 25, 2019 Listen Download
Sri Lanka bombing investigation update. Christchurch call. ShadowHammer moves upstream. Carbanak in VirusTotal after all. Spoofing banks. Bots vs. Mueller Report. ASD’s best practices. Apr 24, 2019 Listen Download
ISIS claims responsibility for Sri Lanka massacre. Spearphishing embassies in Europe. How the Blockchain Bandit probably did it. Mexican embassy doxed. Apr 23, 2019 Listen Download
Sri Lanka’s social media clamp-down, and investigation of Easter massacres. CIA said to have details on Huawei’s relationship with China’s security services. Marcus Hutchins pleads guilty. Apr 22, 2019 Listen Download
Undetectable vote manipulation in SwissPost e-voting system — Research Saturday Apr 20, 2019 Listen Download
Observations on the Mueller Report. Doxing Iranian intelligence. Insecure messaging. Old Excel macros. Wipro hack and gift cards. Apr 19, 2019 Listen Download
Mueller Report is out. Sea Turtle DNS-manipulation campaign. Over-privileged and under-honest apps kicked out of Google Play. Facebook has another privacy incident. Fraud and destruction. Apr 18, 2019 Listen Download
Spearphishing from “Luhansk.” Pro-Assange hacktivism. Another undercover private eye? Pirated Game of Thrones episodes carry malware. Apr 17, 2019 Listen Download
Fraud will follow fire, alas. Wipro compromise. DDoS in Ecuador. Brazil’s hacker underground. Selling a keylogger. Facebook and data. EU copyright law. Huawei’s prospects. Fact-checkin’, fer real. Apr 16, 2019 Listen Download
ISIS inspiration in exile. Facebook’s Sunday outage. A Microsoft IE bug, and a web-mail breach. Issues with VPNs. Last minute tax scams. Oculus Easter eggs. Apr 15, 2019 Listen Download
The ghost and the mole; Eric O'Neill's Gray Day — Special Edition Apr 14, 2019 Listen Download
Establishing software root of trust unconditionally — Research Saturday Apr 13, 2019 Listen Download
Mr. Assange’s courthouse future(s). Dragonblood Wi-Fi vulnerabilities. Tax fraud and identity theft dark web souks. Apr 12, 2019 Listen Download
Julian Assange is out of the embassy and in custody. Pyongyang’s HOPLIGHT. Operations SneakyPastes. Incident response planning blues. High school jam. Apr 11, 2019 Listen Download
The Triton actor seems to be back. Project TajMahal is after diplomatic secrets. California’s motor-voter program and a DMV hack. Apr 10, 2019 Listen Download
GossipGirl, the supra threat actor. LockerGoga’s destructive functionality. More hacking allegations out of Caracas. Revolutionary Guard now a designated terrorist group. Creepy crime. Apr 9, 2019 Listen Download
US DHS Secretary Nielsen resigns. Credential stuffing campaigns. Cryptojacking disrupts a business. A duty of care, online. Tax season scams. Apr 8, 2019 Listen Download
Lessons learned from Ukraine elections — Research Saturday Apr 6, 2019 Listen Download
Crooks use Facebook, too. Congress asks FEMA for an explanation. Card skimmers in Mexico. Apr 5, 2019 Listen Download
Keeping Winnti out of the goods while keeping an eye on them. GlitchPOS malware. What do apps want? Third-party Facebook data exposure. Digital hygiene. A scareware scam. Apr 4, 2019 Listen Download
For OceanLotus, a picture is worth a thousand words (or at least a few lines of loader code). Georgia Tech breached. Mounties raid offices associated with Orcus RAT. Apr 3, 2019 Listen Download
Ransomware deletes dupes. Exodus scandal grows in Italy. Election reports from Ukraine and Israel. Apr 2, 2019 Listen Download
Patch Magento soon. Toyota hacked again. Exodus spyware hits app stores. Moscow seeks to corral VPN providers. Facebook wants regulation. Swatting sentence. Phishing tackle in Nigeria. Apr 1, 2019 Listen Download
Bonus Episode: The grugq illuminates influence operations Mar 31, 2019 Listen Download
Alarming vulnerabilities in automotive security systems — Research Saturday Mar 30, 2019 Listen Download
Russian information operations, and lessons on election security from the Near Abroad. Magneto proof-of-concept exploit. Huawei, security, and bugs. Training AI. Labor market news. Mar 29, 2019 Listen Download
Gustuff is out and after Android devices. Microsoft takes down Phosphorus. Elfin is working for Tehran. Russian cyber troops come to help Venezuela’s Chavistas. Guilty plea expected in Martin case. Mar 28, 2019 Listen Download
State cyber-espionage. Influence operations and coordinated inauthenticity. Add Lucky Elephant to the menagerie. ASUS supply chain updates. Notes on Norsk Hydro’s recovery. Reactions to the Mueller Report. Mar 27, 2019 Listen Download
More on ASUS supply chain backdoor. FEMA data mishandling. LockerGoga ransomware. Mueller report responses. Mar 26, 2019 Listen Download
Mueller finds no evidence of Russia collusion. ISIS no longer holds any ground. LockerGoga hits chemical plants. FEMA fumbles PII. Cyber 9/12. PewDiePie versus T-Series. Mar 25, 2019 Listen Download
Ryuk ransomware relationship revelations — Research Saturday Mar 23, 2019 Listen Download
Finland’s data protection authority investigates suspicious smartphone activity. GitHub repos are leaking keys. Cardiac devices can be hacked. Mar 22, 2019 Listen Download
Russian APTs target EU governments. FIN7 is back. Google and Facebook scammed. Mar 21, 2019 Listen Download
Norsk Hydro recovers from LockerGoga infection. Cyber conflict, cyber deterrence, and an economic case for security. EU out of compliance with GDPR? Big Tech in court. Thoughts on courtship. Mar 20, 2019 Listen Download
LockerGoga hits Norse Hydro. Mirai botnet malware gets an update. The DHS is concerned about cybersecurity. Mar 19, 2019 Listen Download
Online content and terrorism. Huawei’s shifting strategy. Venezuela’s grid failure is explicable by corruption and incompetence--no hacking or sabotage required. Gnostiplayers are back. AI and evil. Mar 18, 2019 Listen Download
ThinkPHP exploit from Asia-Pacific region goes global — Research Saturday Mar 16, 2019 Listen Download
Terror, announced and celebrated online. JavaScript sniffer afflicts e-commerce sites. Cryptojacking in the cloud. Perspectives on regulation, thoughts on a pervasive IoT. China’s IP protection law. Mar 15, 2019 Listen Download
Indonesian election security. Watering hole in Pakistani passport site. RAT hunting. “Intelligence brute-forcing.” Just-patched zero-day exploited. PoS DGA attack. Operation Sheep. BND advises “nein” to Huawei. Mar 14, 2019 Listen Download
Election security and influence operations. Hacking the Fleet. Undersea cable competition. 5G worries. Calls to rein in Big Tech. UN report outlines North Korean cyber crime (there’s a lot of it). Mar 13, 2019 Listen Download
Venezuela power blackout updates. Social media and social control. Trojanized games. Free decryptor out for ransomware strain. Ads on Facebook. A look at 30 years of the web. Mar 12, 2019 Listen Download
Allegations and information operations. Iridium group may have compromised Citrix. Sino-American trade and security conflicts continue. Fashions in trolling. Mar 11, 2019 Listen Download
Job-seeker exposes banking network to Lazurus Group — Research Saturday Mar 9, 2019 Listen Download
Chinese influence campaigns. Egyptian spear phishing. Hundreds of million email records exposed. Mar 8, 2019 Listen Download
Scope of APT33 attacks revealed. GandCrab criminals shift tactics. Slub malware uses Slack. Mar 7, 2019 Listen Download
5G worries. Whitefly vs. SingHealth. Speculative execution bug. Mar 6, 2019 Listen Download
India hacks back. Rob Joyce discusses cyber conflict. Chinese hackers look for maritime technologies. Google reveals a macOS vulnerability. Mar 5, 2019 Listen Download
Operation Sharpshooter. Canada begins extradition process. Huawei will sue the US. Facebook’s global lobbying practices revealed. Visitor management systems are vulnerable. Mar 4, 2019 Listen Download
Fake Fortnite app scams infect gamers — Research Saturday Mar 2, 2019 Listen Download
Qbot spreads. Bug hunting makes a millionaire. US Cyber Command shows what “persistent engagement” looks like. Huawei agonistes. There’s no Momo, really. Mar 1, 2019 Listen Download
Third-parties can misconfigure, too. Coinhive goes out of business. Intel decides 5G project with Chinese partner is too hard. Bronze Union. Clearing Facebook data. Proper disposal of lawful intercept tools. Feb 28, 2019 Listen Download
Router vulnerabilities. Hacking around the Hanoi summit. DDoSing an election. Brushing back a troll farm. Crytpojacking an embassy. Feb 27, 2019 Listen Download
Sino-Australian, Sino-American cyber tensions. Threat trends. Bare-metal cloud issues addressed. USB-C and memory attacks, Credential stuffing in tax season. Twitter hijacking. Feb 26, 2019 Listen Download
Another warning of DNS hijacking. B0r0nt0k ransomware is out and about, and in too many servers. Whitelisting a controversial CA. Blockchain security. Bots get on the consular calendar. Feb 25, 2019 Listen Download
Rosneft suspicions shift from espionage to business email compromise — Research Saturday Feb 23, 2019 Listen Download
Influence operations in Ukraine’s elections. Australian hacks look more like China’s work. Huawei and the 5G future. Objectionable content in comments. DrainerNot. No more soldier-selfies in Russia. Feb 22, 2019 Listen Download
Hybrid war and tactical influence operations. Separ lives off the land. NoRelationship attacks get past email filters. Responsible disclosure. Man-in-the-room bug. Ship hacking. Password managers. Feb 21, 2019 Listen Download
Fancy Bear phishes in think tanks. Lazarus Group takes a swipe at Russian organizations. New decryptor for GandCrab. Citizen Lab and Novalpina discuss NSO Group. Ryuk’s lousy help desk. Feb 20, 2019 Listen Download
International cyber conflict: India and Pakistan; Australia and China. Rietspoof malware. Microsoft ejects cyptojackers from its store. NCSC may go easy on Huawei. Parliament criticizes Facebook. Feb 19, 2019 Listen Download
Seedworm digs Middle East intelligence — Research Saturday Feb 16, 2019 Listen Download
GandCrab notes. Make tests, not bans, says GSMA. Content moderation. Takedown of inauthentic accounts. Influence operations. Happy birthday, GCHQ. Feb 15, 2019 Listen Download
Former Air Force counterintelligence specialist indicted on charges of spying for Iran. Where’s the stolen Equifax data? Two alleged Apophis Squad clowns indicted. Feb 14, 2019 Listen Download
China says it had nothing to do with the Parliament hack in Australia. Notes on Patch Tuesday. Shlayer and GreyEnergy malware analyzed. Tomorrow is Valentine’s Day—act accordingly. Feb 13, 2019 Listen Download
VFEmail attacked, infrastructure wiped. EU considers a response to APT10. US Executive Order on AI is out. GPS jamming threat. Stryker hack. Shadow IT in the Corps. Feb 12, 2019 Listen Download
Cryptojackers gone wild. Attempted hack of Australia’s Parliament investigated. Huawei security concerns continue. Russia tests Internet autarky. Prosecutors investigate alleged blackmail. Feb 11, 2019 Listen Download
Trends and tips for cloud security — Research Saturday Feb 9, 2019 Listen Download
Australia’s Federal Parliament has a cyber incident. DHS warns of third-party spying. Legit privacy app tampered with. Credit Union phishing. Bezos vs. Pecker. FaceTime bounty. Seal scat. Feb 8, 2019 Listen Download
Social engineering and the power of brands. Insecure check-ins? APT10 is quiet but not gone. MacOS Keychain bug. Assessment of Chinese device manufacturers continues. Feb 7, 2019 Listen Download
APT10 stays busy. More skepticism about Huawei (and ZTE, for that matter). No foreign “material effect” on US midterms. Reverse RDP risk. IIoT bug found. RSA Innovation Sandbox finalists. Feb 6, 2019 Listen Download
ExileRAT versus Tibet. SpeakUp backdoors Linux. Facebook bans Myanmar militias. Norway sees a threat in Huawei. Westminster gets hacked? Bangladesh Bank sues over SWIFT caper. Feb 5, 2019 Listen Download
Tracking the impresario behind Collection#1. OceanLotus and a new downloader. CookieMiner malware afflicts Macs. Huawei’ prospects. Influence ops. Extortion by bluff. Feb 4, 2019 Listen Download
Online underground markets in the Middle East — Research Saturday Feb 2, 2019 Listen Download
No more Apple time-out for Facebook and Google. Inauthentic sites taken down. Fancy Bear paws at Washington, again. Malware-serving ads. Amplification DDoS. Data exposures in India. Feb 1, 2019 Listen Download
Commodity credential stuffing gets four new collections. Google was also doing a pay-to-pwn, like Facebook. Russian trolling. FaceTime bug investigation. Joanap botnet. Other online scams. Jan 31, 2019 Listen Download
US IC on cyber threats. Iran goes after PII. UAE surveillance described. Scanning for unpatched routers. Huawei’s possible fates. Scam exploits child. FaceTime disclosure. Facebook Research. Jan 30, 2019 Listen Download
004 Case studies in risk and regulation — CyberWire-X Jan 30, 2019 Listen Download
FaceTime’s odd bug, and how to squash it. FormBook malware surges through a new hosting service. Some international law enforcement wins. International conflict in cyberspace. Jan 29, 2019 Listen Download
Someone takes an unhealthy interest in Citizen Lab. Ukraines accuses Russia of election phishing. Russian bigshots doxed. Tension over Venezuela. Swatting indictments. National Privacy Day. Jan 28, 2019 Listen Download
Amplification bots and how to detect them. — Research Saturday Jan 26, 2019 Listen Download
Glitches, not attacks or takedowns. Tracing Gray Energy and Zebrocy back to their servers. US Army tactical cyber operations. Venezuela crisis. Bellingcat and OSINT. Roger Stone arrested. Jan 25, 2019 Listen Download
The US House of Representatives wants to know more about DNS-hijacking. Huawei skepticism. Anonymous dunnit, say the Russians. Financial data exposed. Family spooked by hackers. Jan 24, 2019 Listen Download
Emergency Directive 19-01 versus DNS hijacking. 2019 US National Intelligence Strategy on cyber. France says cyber war is upon us. Courts in UK have email trouble. Hacks and lulz. Jan 23, 2019 Listen Download
Ex-employee backdoor. Stealthy DDoS. Anubis dropper looks for motion. Influence operations. Privacy actions. The curious case of the espionage arrest in Russia. Jan 22, 2019 Listen Download
Luring IoT botnets to the honeypot — Research Saturday Jan 19, 2019 Listen Download
Collection #1 and the threat of credential stuffing. Cryptojacker disables some cloud security tools. Don’t chat with strange bots. Facbebook shutters more Russian coordinated inauthenticity. Jan 18, 2019 Listen Download
Cyber espionage vs. the RoK MoD. Fancy Bear’s old Lojax tricks. US rumored to be prepping another case against Huawei. Database exposure in Oklahoma. Yes Men prank Post. Jan 17, 2019 Listen Download
SEC, DoJ, issue civil and criminal complaints against EDGAR hackers. Lazarus Group in Chile? Iran’s Ashiyane Forum. Cryptomix ransomware. Money laundering through Fortnite. Fake WaPo edition. Jan 16, 2019 Listen Download
Web hosts fix account takeover issues. Passenger Name Record exposure proof-of-concept. Swatting isn’t funny. Chinese manufacturers and suspicions of espinonage. Jan 15, 2019 Listen Download
Polish espionage case. Ryuk tactics, and some thoughts on its attribution. Access-control system zero-days. Lawsuit may bring clarity to cyber insurance war exclusion clauses. Jan 14, 2019 Listen Download
Magecart payment card theft analysis — Research Saturday Jan 12, 2019 Listen Download
Iran linked to DNS hijacking campaign. Smart doorbells not smart enough about security. Fuze cards are convenient for crooks, too. Huawei espionage arrest in Poland. Russian sympathy for NSA. Jan 11, 2019 Listen Download
TA505’s new tools. ISIS turns to emerging chat apps. Reddit asks for password resets. The EU’s right to be forgotten gets some court-imposed limits. The tweets Kaspersky flagged to NSA. Jan 10, 2019 Listen Download
ICEPick-3PC in the wild. Influence ops warning in Israel. Hackerangriff and a lone hacktivist. OXO and Magecart. The Dark Overlord wants you. Oversharing. Internet autarky. Kaspersky helped NSA? Jan 9, 2019 Listen Download
German police have a suspect in #hackerangriff. Cyber espionage awareness campaign. Cyber cold war in the offing? US political operators learn from Russian trolls. WikiLeaks on the record. Jan 8, 2019 Listen Download
German doxing incident remains under investigation. Marriott breach update. Dark Overlord watch. Can cryptocurrency become less burdensome in terms of energy consumption? Jan 7, 2019 Listen Download
NOKKI, Reaper and DOGCALL target Russians and Cambodians — Research Saturday Jan 5, 2019 Listen Download
Doxing in Germany. How Lojax works. Spyware found in apps downloaded from Google Play. ISIS hijacks dormant Twitter accounts. Update on Moscow spy case. Chromecast hacking endgame. Jan 4, 2019 Listen Download
2019’s first noteworthy breach. Update on the Tribune Publishing hack. reCAPTCHA defeated in proof-of-concept. Dark Overlord should avail itself of the right to remain silent. Jan 3, 2019 Listen Download
Stop the presses—the presses were stopped by ransomware. Video security system found vulnerable to oversharing. Changes in US DoD leadership. An arrest in Moscow, a court ruling in Baltimore.  Jan 2, 2019 Listen Download
Apple Device Enrollment Program vulnerabilities explored — Research Saturday Dec 22, 2018 Listen Download
Operation Cloudhopper and industrial espionage. Anonymous social network Blind server left exposed. Reputation jacking. Alexa shares too much, by accident. Hitman scam is back. Dec 21, 2018 Listen Download
003 Risk and regulation in the financial sector — CyberWire X Dec 21, 2018 Listen Download
US indicts two Stone Panda operators amid ongoing international concern over Chinese IP theft. Suspicious customer support traffic on Twitter. Emergency IE patch. Influence experiment. Dec 20, 2018 Listen Download
Suspicion of Chinese hardware manufacturers continues. EU diplomatic cables leaked. Hiding out by dumbing down. Facebook data-sharing. NASA PII exposed. Parrot uses Alexa to advantage. Dec 19, 2018 Listen Download
Shamoon 3 and Charming Kitten. Czech CERT issues warning concerning Huawei, ZTE. Influence ops and a Facebook boycott. PewDiePie’s followers versus the Wall Street Journal. Dec 18, 2018 Listen Download
Huawei and the Five Eyes. Report on Russian trolling finds fluency in American. Boomstortion scammers turn to new threats. PewDiePie followers hack printers, again. Dec 17, 2018 Listen Download
The Sony hack and the perils of attribution — Research Saturday Dec 15, 2018 Listen Download
False flags and real flags. ISIS claims the Strasbourg killer as one of its soldiers. A bogus bomb threat circulates by email. Dec 14, 2018 Listen Download
Shamoon variant implicated in Saipem hack. Charming Kitten reappears. Sino-American tension over trade and industrial espionage. Dec 13, 2018 Listen Download
Operation Sharpshooter. Meng makes bail. Sino-American cyber tensions. Leadership crises in the UK and France. Congress doesn’t lay a glove on Google. 2018’s bad password practices. Dec 12, 2018 Listen Download
Audit finds no Chinese spy chips on motherboards. Huawei CFO hearings continue in Vancouver. Oilfield services firm’s servers attacked. Spyware and adware. Congressional hearings, reports. Dec 11, 2018 Listen Download
A bail hearing in Vancouver. The prospect of indictments in IP theft cases. Kubernetes vulnerabilities. Russia and Ukraine swap hacks? An advance fee scam asks for help getting out of jail. Dec 10, 2018 Listen Download
Operation Red Signature targets South Korean supply chain — Research Saturday Dec 8, 2018 Listen Download
Huawei legal and security updates. A shift to personalized spam in attacks on retailers. “Hollywood hacks” in Eastern European banks. Dec 7, 2018 Listen Download
Huawei CFO arrested in Canada, faces extradition to US. Anonymous claims that Chinese intelligence hacked Marriott. Russian hospital phished. SamSam indictments, warnings. Facebook agonistes. Dec 6, 2018 Listen Download
DDoS and BEC risks rising. Ukraine says it stopped Russian cyber campaign. EU looks to stopping disinformation. NRCC email compromise. Facebook emails released by Parliament. Dec 5, 2018 Listen Download
Fancy Bear in Czech government systems. Watering hole attacks. Quora breached. Marriott breach follow-up. Kubernetes privilege escalation flaw. Scams kicked out of Apple’s App Store. Dec 4, 2018 Listen Download
US Defense Department and UK’s MI6 aren’t buying Russian honey over cyber operations. Iranian influence operations. Marriott breach fallout. Court upholds Kaspersky ban. Ransom and sanctions. Dec 3, 2018 Listen Download
Settling in with GDPR — CyberWire-X Dec 3, 2018 Listen Download
Getting an education on Cobalt Dickens — Research Saturday Dec 1, 2018 Listen Download
Marriott suffers data breach. Dunkin Donuts credential stuffing attack. Urban Massage database exposed, unsecured. Fancy Bear paws at German government targets. SamSam cost. Nov 30, 2018 Listen Download
Reconnaissance and degradation. Hybrid war in Eastern Europe and Southwest Asia. Eternal Silence infects unpatched systems. Dell customers reset passwords. SamSam indictments. Nov 29, 2018 Listen Download
DNSpionage. Cobalt Dickens’ unwelcome return. iOS spyware may be more widespread than believed. Governments move toward content moderation. Small towns, big problems. Nov 28, 2018 Listen Download
Rotexy Trojan gets worse. Bad apps in Google Play. Backdoor for crypto-wallets. Facebook goes before Parliament. Pegasus spyware versus journalists. Russian hybrid war. Too-smart devices. Nov 27, 2018 Listen Download
A quick look at the state of spam. Phishing for power grids. Industrial espionage. Free and command economy versions of social control. Lessons from JTF Ares. Nov 26, 2018 Listen Download
Perils of paycards, as Cyber Weekend approacheth. Tessa88 is identified. Many more people than before have now heard of High Tail Hall. Nov 21, 2018 Listen Download
Nation-state cyber campaigns: North Korean, Iranian, Russian, and unknown. Social media outages. Nov 20, 2018 Listen Download
CISA is now officially an agency. Cozy Bear is back. Gmail spoofing issue opens social engineering possibilities. Speculation about “cyber 9/11s.” Nov 19, 2018 Listen Download
Doubling down on Cobalt Group activity — Research Saturday Nov 17, 2018 Listen Download
GPS jamming. Bank phishing. Exposed server. Censorship, East, West, and South. Is there a sealed indictment of Julian Assange? Nov 16, 2018 Listen Download
RATs and the long game. New ransomware, Learning from other espionage services. Advance-fee scams continue to infest Twitter. Fancy Bear says it can’t be sued. Nov 15, 2018 Listen Download
When BGP hijacking isn’t hijacking at all. The White Company’s Operation Shaheen. SWAuTistic pleads guilty. NPPD will become CISA. Nov 14, 2018 Listen Download
GPS jamming. Jihadist account hijacking. ISIS on Wickr? Magecart exposed. Cathay Pacific breach. Paris Call for Trust and Security in Cyberspace. Nov 13, 2018 Listen Download
Regulation in the U.S. — CyberWire X Nov 13, 2018 Listen Download
Establishing international norms in cyberspace — Research Saturday Nov 10, 2018 Listen Download
Critical infrastructure resiliency. Lazarus Group’s FASTcash robberies. China’s ongoing industrial espionage. Trolls aside, Russian observers think the US elections were A-OK. Nov 9, 2018 Listen Download
Post hack ergo propter hack: DHS calls Russian claims “noisy garbage.” Responsible and irresponsible disclosure. FCC wants an end to robocalls. USPS Informed Delivery abused. Post Canada—whoa. Nov 8, 2018 Listen Download
A quick look back at the US midterms, and the cyber Pearl Harbor that wasn’t. Update Apache Struts. Smishing with the Play Store. Another advance fee scam. Nov 7, 2018 Listen Download
Iran complains, threatens, and spies. Election Day cybersecurity notes. Nov 6, 2018 Listen Download
US midterm election cybersecurity updates. PortSmash side-channel proof-of-concept. Botnets compete to cryptojack Android devices. And will the GRU get its "R" back? Nov 5, 2018 Listen Download
Election protection — Research Saturday Nov 3, 2018 Listen Download
Cyber Sitzkrieg. Waiting for the Bears to show up (and ready to set the Dogs on them). Facebook private messages for sale. Nov 2, 2018 Listen Download
Wi-Fi access point zero-day reported. US Cyber Command on the offensive. Transparency is tougher than it looks. GandCrab not paying out as much—good. PIPEDA takes effect. Soulmate spyware. Nov 1, 2018 Listen Download
Influence operations, and advice on recognizing them. Ransomware updates. US indicts Chinese nationals for industrial espionage. An object lesson from the US Geological Survey. Oct 31, 2018 Listen Download
The Malware Mash Oct 31, 2018 Listen Download
This cybersecurity stuff is tougher than it looks, US state election officials learn. Saudi surveillance. Espionage in Iran. New attack varieties. Chinese hardware concerns. US sanctions chipmaker. Oct 30, 2018 Listen Download
Facebook takes down Iranian-run accounts. Criminal investigations look online. IBM to buy Red Hat. Satori is still with us. British Airways and Magecart. Oct 29, 2018 Listen Download
Faxploitation — Research Saturday Oct 27, 2018 Listen Download
Airline breach bigger than thought. Securing Mexican financial institutions. Demonbot vs. Hadoop. New decryptor out for GandCrab ransomware. Civilian Cybersecurity Corps? Oct 26, 2018 Listen Download
Influence operations, da. Direct hacking? Maybe nyet. Chalubo botnet borrows old tricks. Financial sector alert in Mexico. Airline breach disclosed. Lawsuits over privacy. ICS Security notes. Oct 25, 2018 Listen Download
Trolling the trolls. Triton/Trisis attributed to Russia. Asset management in ICS. Threat intelligence drives threat evolution. Shadow web-apps. Apple likes GDPR, hates the Data-Industrial Complex. Oct 24, 2018 Listen Download
Influence operations in Brazil and the US. Vulnerabilities disclosed in commonly used software. breach. Industrial control system cybersecurity. Oct 23, 2018 Listen Download
Making the business case for privacy. — Special Edition Oct 23, 2018 Listen Download
Russian indicted in US midterm election influence conspiracy case. Styles and goals of info ops. Cyber deterrence. DPRK petty crime. Alt-coin scammer. Spy chip story remains unconfirmed, unretracted. Oct 22, 2018 Listen Download
Stormy weather in the Office 365 cloud. — Research Saturday Oct 20, 2018 Listen Download
Chinese supply-chain hack story gets vanishingly thin. Twitter downs pro-Saudi bots. SEO poisoning. OceanLotus evolves. Ransomware notes. Oct 19, 2018 Listen Download
Looks like Comment Crew, but probably isn't. Facebook breached by spammers. Twitter's big troll trove. Router issues. Who dunnit to YouTube? Oct 18, 2018 Listen Download
Meddling with the midterms — Special Edition Oct 17, 2018 Listen Download
Two ways of hacking the vote. BlackEnergy is active in Poland and Ukraine. ISIS and info ops. Hurricane-stressed utility further stressed by ransomware. Silicon Valley governance. Oct 17, 2018 Listen Download
Facebook in Myanmar. Supply chain seeding attack update. Election hacking. NCSC reports. EU prepares sanctions (Russia feels ill-used). Oct 16, 2018 Listen Download
Facebook breach details. Privacy issues and an image problem for advocates. Supply-chain-attack skepticism. Info ops, bikers, and deniable paramilitaries. Oct 15, 2018 Listen Download
Driving GPS manipulation — Research Saturday Oct 13, 2018 Listen Download
Busy Bears, again. Mixing IT and OT is a risky business. New Android Trojan. Supply chain seeding attack updates. Facebook purges more "inauthentic" accounts. Data privacy. Cyber sanctions. Oct 12, 2018 Listen Download
Seeding-attack skepticism. MSS officer arrested, will face industrial espionage charges in the US. Russia says again that it didn't hack the OPCW. Oct 11, 2018 Listen Download
Updates on supply-chain seeding reports. DDoS in Ukraine. GAO reports on US weapon system cyber vulnerabilities. Bugs exploited by Mirai persist. Patch note and toe dialing. Oct 10, 2018 Listen Download
Update on supply chain seeding reports. GRU comes in for more criticism. UK prepares cyber retaliatory capability. Power grid resilience. Panda Banker. Google's good and bad news. Oct 9, 2018 Listen Download
Cryptojacking criminal capers continue — Research Saturday Oct 6, 2018 Listen Download
Reports of Chinese seeding attacks on the supply chain. Five Eyes and other allies push back at Russia's GRU. NPPD to become Cybersecurity and Infrastructure Security Agency Oct 5, 2018 Listen Download
Bloomberg reports a seeding attack on the supply chain by Chinese intelligence services. GRU is named, shamed, indicted, and expelled. Oct 4, 2018 Listen Download
Facebook breach updates. Bogus Zoho Office Suite. Brazil's big botnet. Vulnerable router firmware. Patch news. A DGSI officer arrested for dark web collusion with the mob. Bad Fortnite cheats. Oct 3, 2018 Listen Download
RDP exploitation. More on the Facebook breach. Google and content moderation. Reaper Group stayed busy even after US-DPRK summit. Spyware in Canada. Hacking an airport. Oct 2, 2018 Listen Download
Facebook agonistes. Election meddling. Livestreamed hack gets cancelled. Oct 1, 2018 Listen Download
Sophisticated FIN7 criminal group hits payment card data — Research Saturday. Sep 29, 2018 Listen Download
Facebook discloses a major breach. Botnet brute forcing ransomware. Retail domain typosquatting. ATM wiretapping. Ransomware in San Diego. SEC hits cyber deficiencies. Assange retires? Sep 28, 2018 Listen Download
Fancy Bear, again and again. QRecorder is a banking Trojan. Authentication issues with Apple's Device Enrollment Program. Notes on regulation. Farewell to a code-breaker. Sep 27, 2018 Listen Download
Cryptojacking and ransomware news. The black market in zero-days looks like a bear market. Google budges (a little) on Chrome login. Senate hearings on privacy. Political campaign cybersecurity. Sep 26, 2018 Listen Download
Follow-up to terror attack in Iran. UN data exposure. Kodi and cryptojacking. SHEIN retail breach. Atlanta's ransomware remediation. Payroll phishing. Quantum strategy. Sep 25, 2018 Listen Download
Terror attack in Iran prompts info skirmishing, and perhaps worse to come. JET bug disclosed. ANSSI open-sources OS. Anglo-American response to Russian cyber ops. Russian elections. Scam notes. Sep 24, 2018 Listen Download
ICS honeypots attract sophisticated snoops. — Research Saturday Sep 22, 2018 Listen Download
US National Cyber Strategy. New sanctions. GCHQ beefs up Russia unit. Cryptocurrency heist. Hacking Senatorial Gmail. Crime and punishment. Sep 21, 2018 Listen Download
Magecart is back. Bad apps booted from Google Play. OilRig taken seriously. Election influence operations. Sending in the National Guard. ICO fines Equifax for last year's breach. Sep 20, 2018 Listen Download
State Department cybersecurity issues. Iron Group's pseudoransomware. Bristol Airport's deliberate recovery. State of cryptojacking. Facebook offers campaigns help. US cyber strategy. Mirai masters. Sep 19, 2018 Listen Download
Tracking Pegasus. OilRig spearphishing. IP theft from universities. Peekaboo bug in surveillance cameras. WannaMine won't be EternalBlue's last ride. Preventing data abuse. Sep 18, 2018 Listen Download
Ransomware and cryptojacking are all the rage. Iran seeks IP, North Korea seeks a quick buck. More on EU content moderation. Alleged Russian hacking of WADA, Spiez Laboratory. Propaganda overreach? Sep 17, 2018 Listen Download
Android device eavesdropping investigation. — Research Saturday Sep 15, 2018 Listen Download
Magecart continues its way. Evil cursor attacks. Seasonal trends in Trojans. More Novichok disinformation. Pyongyand denounces a "smear campaign." Wait and see on pipeline fires. Sep 14, 2018 Listen Download
Domestic Kitten spyware. Crypto wallet shenanigans. Firmware issues enable cold boot attacks. BlueBorne bugs are still out and about. Tech support scams. Election security. Sep 13, 2018 Listen Download
Executive Order mandates election interference sanctions. British Airways regulatory exposure. Patch Tuesday notes. EU passes copyright law. Russia says no to Novichok. WhatsApp scam. Sep 12, 2018 Listen Download
Trend Micro answers spying allegations. Magecart blamed for British Airways breach. Tor Browser exploit disclosed. Google vs. the right to be forgotten. Accused JPMorgan hacker extradited. Sep 11, 2018 Listen Download
Elections and information operations, but not necessarily the elections you expect. Apple purges dodgy security apps. Who are the Silence criminals? BA's breach. Cyber moonshots. Sep 10, 2018 Listen Download
Leafminer espionage digs the Middle East. — Research Saturday Sep 8, 2018 Listen Download
Russia does the info ops dance. An indictment of a Lazarus Groupie. FOIA shares too much. British Airways breaches. Silence makes some noise. Notes from the Billington Cybersecurity Summit. Sep 7, 2018 Listen Download
Cyberwar looms between Russia and the UK. Twitter and Facebook complete testimony, but inquiries continue. Unpatched MikroTik routers exploited. OilRig's new tricks. Sep 6, 2018 Listen Download
Sleeper malware. Hakai botnet spreads. SamSam is still with us. US DNI warns of election threats. Congressional panels interrogate Facebook and Twitter, but not Google. Sep 5, 2018 Listen Download
Tracking Stone Panda to the Tianjin Bureau. Ad-fraud and Tokelau. RansomWarrior decrypted. US Congress to grill Facebook, Google, and Twitter. Celebrity scams. Sep 4, 2018 Listen Download
ATM hacks on the rise. — Research Saturday Sep 1, 2018 Listen Download
Recruiting spies via LinkedIn. WindShift in the Gulf. GlobeImposter ransomware. Blocking Telegram is harder than it looks. Policy notes from the Five Eyes. Aug 31, 2018 Listen Download
Twitter bots in Swedish politics. A different approach to influence operations. Hotel guest PII for sale. Medical device vulnerabilities. Charges in the case of the Satori botnet. Aug 30, 2018 Listen Download
Unpatched Apache Struts installations being exploited in the wild. Windows local privilege escalation flaw. Similarities among spyware. Stalkerware hack. Criminal threats to the grid. Breaches. Aug 29, 2018 Listen Download
Social media struggle with their social role. Election hacking concerns remain high. Australia's new government shuffles cybersecurity responsibilities. Aug 28, 2018 Listen Download
Moscow HUMINT drought? Spying on the Patriarch. Ottoman hacktivism. Iranian information operations. ISIS in cyberspace. RtPOS malware discovered. Aug 27, 2018 Listen Download
Cyber espionage coming from Chinese University. — Research Saturday Aug 25, 2018 Listen Download
More action against Iranian influence operations. Tehran's cyberespionage against universities. Counter-value targeting in cyber deterrence. Sino-Australian trade war? Law and order. Aug 24, 2018 Listen Download
If you're running a red team, let someone know it's a drill. Apache patches Struts. Another exposed AWS bucket. Remcos abused by hackers. DPRK goes after Macs. Dark Tequila runs in Mexico. Aug 23, 2018 Listen Download
Facebook takes down "inauthentic" Russian and Iranian fronts. Twitter blocks Iranian false-flags, and FireEye explains why they think it's Tehran. Triout Android spyware described. Hacking back? Aug 22, 2018 Listen Download
Fancy Bear bogus sites taken down. Some in the US Congress think they want hack-back laws. Cyber and sanctions. Operation Red Signature. Doxing Chinese Intelligence. Buggy medical devices. Aug 21, 2018 Listen Download
Beers with Talos — Live from the RiRa at Black Hat Aug 21, 2018 Listen Download
DarkHotel is back. So is Necurs, and it's distributing a modular malware dropper. Industrial espionage follows international trade. Election meddling. The use and abuse of data. Aug 20, 2018 Listen Download
Stealthy ad fraud campaign evades detection. — Research Saturday Aug 18, 2018 Listen Download
Election risks—hacking and influence. Chinese industrial espionage spike. Misconfigured project management. Necurs appears briefly. Bogus Fortnite downloads. What they heard in the banya. Aug 17, 2018 Listen Download
Hacking Old Man River. Nation-state cyber conflict: objectives and norms of behavior. Australia's new cyber laws. ATM campaign. Lawsuits, and the Dread Pirate Robert asks for pardon. Aug 16, 2018 Listen Download
Notes on patching. Foreshadow speculative execution vulnerability. Influence operations. The FBI's new cyber chief. Are stickers a temptation to thieves, hackers, and customs officers? Aug 15, 2018 Listen Download
Cryptowars notes. DDoS in Finland. Bears aren't under the beds; they're in the routers. Smart city attack surfaces. Sanction notes. Training through puzzle-solving . Aug 14, 2018 Listen Download
Spyware for states and spouses. Election hacking demos. New ransomware strains, and a clipper for Android. Airline Wi-Fi is not only irritating, but insecure as well. Aug 13, 2018 Listen Download
Thrip espionage group lives off the land. — Research Saturday Aug 11, 2018 Listen Download
DPRK RAT in the wild. Vulnerable WPA2 4-way handshake implementations. Black Hat notes. Sanctions and retaliation. RoK to reorganize Cyber Command. PGA and ransomware. Aug 10, 2018 Listen Download
State-sponsored ransomware campaigns coming? DarkHydrus and Phishery. Hitting ATMs for alt-coin. US sanctions Russia. IBM looks at artificially intelligent malware. Black Hat notes. Aug 9, 2018 Listen Download
Payment processors probed with BGP exploits for redirection attacks. WhatsApp vulnerable to manipulation? Deterrence and retaliation. Anonymous vs. QAnon. Notes from Black Hat. Aug 8, 2018 Listen Download
TSMC recovers from WannaCry infection. OpenEMR fixes 30 bugs. UK will ask Russia to extradite two GRU operators for Novichok attacks. Twitterbots flourish. Aug 7, 2018 Listen Download
More data exposures, from banks and a major CRM provider. Ransomware strikes back. The irresistibility of data. An unhackable wallet gets hacked…maybe. Spreading goodwill through Akido? Aug 6, 2018 Listen Download
Cortana voice assistant lets you in. — Research Saturday Aug 4, 2018 Listen Download
Russian threats and threats to Russia. Cryptojacking wave spreads out from Brazil. Recovering from malware in Alaska and Atlanta. Notes on automotive cybersecurity. Aug 3, 2018 Listen Download
RASPITE noses around the US power grid. Cisco will buy Duo Security. Sandworm afflicts lab investigating Novichok attack. Influence ops can be no-lose proposition.Crytpojacking and malspam. Aug 2, 2018 Listen Download
Reddit Hacked. Ukrainians nabbed. Facebook boots "inauthentic" accounts for malign influence. Pegasus spyware found in Amnesty phone. Yale's old breach. Google and censorship. Aug 1, 2018 Listen Download
Data-centric security. — Special Edition Aug 1, 2018 Listen Download
Infrastructure security, especially power, finance, and elections. Preparation pays off. Proofpoint warns of new AZORult malware. Check Point tracks Master134 malvertising. Crime news. Jul 31, 2018 Listen Download
NetSpectre proof-of-concept. Election hacking, in the US and Australia. Cyber industrial espionage. Cyber threats to power grids. Hacking JPay. Jul 30, 2018 Listen Download
BabaYaga strangely symbiotic Wordpress malware — Research Saturday Jul 28, 2018 Listen Download
Fancy Bear sniffs around Senatorial staffs. US NSC considers Russian election interference. Chinese and Iranian cyberespionage. Malware loaders. Smart home bugs. Stealing WiFi. Jul 27, 2018 Listen Download
LifeLock closes proof-of-concept hole. US-CERT warns of active campaigns against ERP applications. Ad blockers may function as spyware. Parasite HTTP RAT. Underminer EK. NSA's IG scowls. Jul 26, 2018 Listen Download
Leafminer wants to learn from the best, and that's not good. Shipper hacked. Old malware resurfaces in improved form. Russian grid and election threats. What insurance covers. Jul 25, 2018 Listen Download
Warnings of Russian cyber threat to power grids. Phishing rises. Patch gets patched. SingHealth breach. Satori botnet. Bluetooth MitM. Evil maids? Jul 24, 2018 Listen Download
SingHealth breach hits Singapore. Manufacturers afflicted with third-party data exposure. Aspen Security Forum takes cyber threats seriously. Ecuador may withdraw asylum from Assange. Jul 23, 2018 Listen Download
Measuring the spearphishing threat — Research Saturday Jul 21, 2018 Listen Download
Cyberespionage and influence operations. Big botnet assembled in less than a day. Monetizing stolen paycards through online games. Amazon nudges developers. Report on Huawei. Phishing notes. Jul 20, 2018 Listen Download
Fancy Bear's Roman Holiday. RAT phishing in Ukraine. AWS S3 bucket leaks robocaller data. Bug or abuse? NIST to withdraw outdated cybersecurity publications. Content moderation. Jul 19, 2018 Listen Download
Magnibur ransomware spreads. LabCorp discloses suspicious incident on its networks. Spectre, Meltdown notes. Oracle patches. Helsinki summit backing and filling and backing. Jul 18, 2018 Listen Download
Trump-Putin summit. East Asian cyberespionage campaigns. Vulnerable DVRs. Concern about census security. Jul 17, 2018 Listen Download
DNI warns of cyber threats. Russo-US summit. Mueller investigation and indictments. Huawei agonists. Congress reconsiders ZTE reinstatement. Kaspersky receives no emergency ban relief. Jul 16, 2018 Listen Download
A new approach to mission critical systems — Research Saturday Jul 14, 2018 Listen Download
Fancy Bear indictments. VPNFilter found in Ukrainian water-treatment chlorine plant. Comment spam. Speculative execution side-channel attacks. MDM exploits in India. Jul 13, 2018 Listen Download
Timehop refines its breach disclosure. Speculative execution side-channel attacks described. Tech manuals offered for sale on the dark web. Twitter versus bots. Jul 12, 2018 Listen Download
Ticketmaster paycard breach is part of a very large skimmer campaign. Chinese cyberespionage and censorship. Smartphone privacy issues. Data misuse litigation. Affirming the consequent. Jul 11, 2018 Listen Download
More Elon Musk impersonators in social media. Cryptocurrency raided. Spearphishing in Palestine. BlackTech espionage group. Apple upgrades. Polar Flow fitness app and oversharing. Jul 10, 2018 Listen Download
Malware infections down during World Cup matches. UK-Russia tensions. Australian National University hacked. Data breach notes. Calls for cooperation. Tell it to the Marines. Jul 9, 2018 Listen Download
No Distribute Scanners help sell malware Jul 7, 2018 Listen Download
When catphishing, it pays to know what bait they'll take. Permission hogs are often misers. Cyber comes to the NTC. Natural intelligence screening for artificial intelligence. The Thermanator. Jul 6, 2018 Listen Download
Catphish and Charming Kittens. Data-sharing receives more scrutiny. European copyright law won't be fast-tracked. ZTE gets some relief. Juggalos and Juggalettes defeat facial recognition tools. Jul 5, 2018 Listen Download
Hybrid warfare. Inveterate DDoS against ProtonMail. Security concerns about Chinese companies. Retail breaches. Agencies scrutinize Facebook data abuse. Infrasound weapons? Jul 3, 2018 Listen Download
Adidas data breach. Facebook on data abuse. Investigation of Exactis data exposure continues. Algonquin College hacked. Tenable's IPO. US-Russia summit will talk election influence ops. Jul 2, 2018 Listen Download
VPNFilter malware could brick devices worldwide — Research Saturday Jun 30, 2018 Listen Download
Data breaches and data exposure. Privacy legislation. Improperly collected phone call records destroyed. Jun 29, 2018 Listen Download
Ukraine accuses Russia of preparing a cyber campaign. China eyes Tibetan diaspora. A decryptor for Thanatos ransomware. Nudging away from privacy. Dark web undercover. Jun 28, 2018 Listen Download
Separating fools from money. — Hacking Humans Jun 28, 2018 Listen Download
DDoS attack on ProtonMail. Rancor cyberespionage campaign. PythonBot serves ads and a cryptominer. EU joint cyber response unit forming. Arrests in BEC campaign. Reality Winner's plea. Jun 27, 2018 Listen Download
Romania, UK, warn of Russian cyber ops. International norms of cyber conflict. Bronze Butler's USB drives. Too-smart batteries not smart enough. Industry notes. Game cheater gets jail time. Jun 26, 2018 Listen Download
Nation-state cyberespionage and cybercrime. Cryptocurrency fraud and theft give alt-coins a rocky ride. Sino-US trade conflict update. GDPR data extortion. Spammy protection racket. Jun 25, 2018 Listen Download
LG smartphone keyboard vulnerabilities — Research Saturday Jun 23, 2018 Listen Download
Phishing plays small ball with depressing success. Chinese cyberespionage up. US IC, JCS, worries about innovation. Guilty plea in US espionage case. Ex-Knesset member suspected of spying. Supreme Court decides location privacy case. Jun 22, 2018 Listen Download
Malicious apps, a clever botnet, and cryptojacking. Patch notes. EU copyright regulations. Congress still doesn't like the cut of ZTE's or Huawei's jib. Tesla sues a former employee. Jun 21, 2018 Listen Download
Playing on Kindness — Hacking Humans Jun 21, 2018 Listen Download
Satellite communications suffer from Thrip(s). Zacinlo rootkit poses as a VPN. Insecure Firebase apps. EU copyright legislation. Kardon Loader. Bithumb robbed. #Opicarus2018. Bitcoin Baron jailed. Jun 20, 2018 Listen Download
Charges in Vault 7 case. Olympic Destroyer appears to be back. Liberty Life hack. Does Tesla have a rogue insider? US Senate hits at ZTE. Guilty plea in OPM hack-related fraud. Motive: blackmail. Jun 19, 2018 Listen Download
Date extortion attempt against Liberty Life. Rex Mundi, Black Hand arrests. Hidden Cobra's back. Clipboard hijacking hits cryptocurrency wallets. ZTE, Huawei security fears. Pulp fiction. Jun 18, 2018 Listen Download
Cyber bank heists — Research Saturday Jun 16, 2018 Listen Download
MysteryBot developed from LokiBot. Satan rebranded as DBGer. Snooping on iOS got harder, but maybe not impossible. IG report on the FBI is out, not damning but not good, either. Jun 15, 2018 Listen Download
Chinese espionage in Central Asia. Dixons Carphone data exposure. Lazy State speculative execution bug. Pyongyang is expected to come roaring back into cyberspace. Unlucky 13. Chinese espionage in Central Asia. Dixons Carphone data exposure. Lazy State sp Jun 14, 2018 Listen Download
Hacking Humans — Gaming pro athletes online. Jun 14, 2018 Listen Download
Cable-tapping for a new century. Lazarus Group update. BabaYaga's cannibalistic malware. Patch Tuesday notes. Cryptojacking. World Cup surveillance. Beware of strangers bearing gifts with USB connections. Jun 13, 2018 Listen Download
Don't get cozy with Cozy Bear. Code-signing issues stem from muddled documentation. Devices ship with inadvertent backdoor. Matryosha attack. Operation WireWire versus BEC scammers. Jun 12, 2018 Listen Download
SWIFT fraud (behind a wiper). Coinrail ICO robbery. Chinese espionage. G7 agrees to a coordinated response to hostile cyber operations. Malwaretech faces new charges. Jun 11, 2018 Listen Download
Winnti Umbrella Chinese threat group — Research Saturday Jun 9, 2018 Listen Download
Adobe patches a zero-day being exploited in the wild. Chinese cyber espionage, and the risks of data-sharing. Facebook default settings glitch. Industry notes. Jun 8, 2018 Listen Download
New criminal campaigns out and about. Fancy Bear changes style, but not management. VPNFilter hits more devices. CloudPets overshare, but maybe more benignly than Google and Facebook. Jun 7, 2018 Listen Download
Hacking Humans — A flood of misinformation and fake news Jun 7, 2018 Listen Download
Espionage, influence, summits, and elections. What counts as a luxury? An iCloud warrant raises cryptowars speculation. Microsoft's GitHub acquisition. Facebook's coziness with Shanghai? Jun 6, 2018 Listen Download
DPRK hackers quieter in the run-up to the Kim-Trump summit. Russian EW. Cryptocurrencies and crime. Law firm social engineering. Dodgy World Cup Wi-Fi. Bad AI, a time-traveler's poly. Jun 5, 2018 Listen Download
Microsoft buys GitHub for $7.5 billion. VPNFilter tries to reconstitute itself. Ransomware and DDoS notes. USA Really seems to be latest in Russian disinformation. Jun 4, 2018 Listen Download
Islamic State propaganda persistence — Research Saturday Jun 2, 2018 Listen Download
Lazarus Group updates. Cybercrime's GDP. New Zealand a Chinese espionage target? ZTE and Huawei criticized. BND will continue to monitor Frankfurt hub. Google's knowledge panels. Jun 1, 2018 Listen Download
Kaspersky loses court challenge to US Government ban. Cryptomix ransomware. US Departments of Commerce, Homeland Security, and Energy plan resiliency. A packrat at CIA? Reboot your routers. May 31, 2018 Listen Download
Hacking Humans - Social engineering works because we're human. May 31, 2018 Listen Download
More North Korean malware identified. EOS scanned for misconfigurations by parties unknown. Canadian banks won't pay extortion. Stay away from Joker's Stash. Crime and punishment. May 30, 2018 Listen Download
Rebooting routers against VPNFilter. Canadian banks compromised? Cobalt gang is back. 51% attacks on blockchains. "Courvoisier" sentenced. NATO looks at Russia's weaponized jokes. May 29, 2018 Listen Download
UPnProxy infiltrates home routers — Research Saturday May 26, 2018 Listen Download
VPNFilter takedown. Low-cost Android phones with preloaded adware. Alexa's selective attention. BMW patches connected cars. Cryptocurrency crimes. New swatting charges. GDPR is here. May 25, 2018 Listen Download
VPNFilter and battlespace preparation. XENOTIME may be back, and after industrial systems. GDPR updates. Following Presidential Tweets. May 24, 2018 Listen Download
Variant 4 and other chipset vulnerabilities. Confucius and Patchwork. Turla goes two-stage. Misconfigured not-for-profit bucket. ZTE's fraying lifeline. Facebook and the EU. Brain Food. May 23, 2018 Listen Download
Speculative Store Bypass. GPON-based botnet. Customer data exposures. Roaming Mantis gets more capable. Nation-state threats. May 22, 2018 Listen Download
DPRK's Sun Team works from three apps in Google Play. PII for sale in Zheijiang. SPEI theft. Jihadist content in social media. SEA charges. DDoS-for-hire sentencing. ZipperDown bug. May 21, 2018 Listen Download
Threat actors hijack Lojack — Research Saturday May 19, 2018 Listen Download
Something Wicked this way comes. Automating wallet pilferage. Office 365 phsihing scams. DPRK hackers remain active. Recognizing alt-coin investment frauds. May 18, 2018 Listen Download
Competing for terrorist mindshare. ICS threat group update. AnonPlus vandalizes US state sites. GDPR's disclosure timeline. Congressional hearings. DarkOverlord collared. May 17, 2018 Listen Download
Spyware campaigns: phishing and watering holes. Signal patches (fast). DHS cyber strategy. Russian election hacking. Cyber Investing Summit. Do smart people pick better passwords? May 16, 2018 Listen Download
Email client vulnerabilities. Sanctions and trade policy. FinFisher in Turkey. myPersonality data scandal. Patch news. High school phishing. May 15, 2018 Listen Download
Unauthorized banking transfers in Mexico? A lifeline for ZTE. Iranian cyber op-tempo rises. Russian troll farm's ad buys. Reining in apps. Cell tracking. Anonymous is back. May 14, 2018 Listen Download
Three pillars of Artificial Intelligence — Research Saturday May 12, 2018 Listen Download
Vigilantes and hacktivists. Point-of-sale malware source code leaks. Malicious extensions and apps. US Federal indictments: spying and hacking. Robo-caller gets record fine. May 11, 2018 Listen Download
Cyber conflict between Iran and the US widely expected. ALLENITE threat group is after US, UK power grids. Jack-in-the-Box vulnerability. Signal's memory. Is ZTE going down? May 10, 2018 Listen Download
Subborn IoT botnets. Razzle-dazzle HTML phishing lure. Fancy Bear's false flag. Busy Yahoo boys. Crooks turn from Tor to Telegram. Kaspersky and contractors. Patch notes. SB 315 vetoed. May 9, 2018 Listen Download
Greek and Turkish hacktivists swap defacements. Process Doppelgänging in the wild. GDRP is coming (like winter, for you Game of Thrones fans.) Profiling infosec enthusiasts. May 8, 2018 Listen Download
2018 RSAC Outlook - Special Edition May 8, 2018 Listen Download
Winnti Umbrella covers multiple threat actors. DPRK off-shores cyber ops. ZooPark is in its fourth generation. GPON router bugs exploited in the wild. Russian Twitterbots. Block the EU? May 7, 2018 Listen Download
BlackTDS and ThreadKit offered in criminal markets — Research Saturday May 5, 2018 Listen Download
In the shredder or off the truck? Battlespace prep for a supply chain campaign? NG-Spectre found in Intel chips. No domain fronting for you. Kitty mines monero. NSA, US Cyber Command under new management. May 4, 2018 Listen Download
Lojack for Laptops backdoor? World Cup cybersecurity. Schneider Electric patch. Reward points for sale. Medical device vulnerabilities. PPD-20 revision? May 3, 2018 Listen Download
New nation-state actors in cyberspace. SiliVaccine AV said to incorporate pirated code. Credential stuffing and password reuse. GravityRAT evades sandboxes. GDPR approaches. May 2, 2018 Listen Download
Payment system hack investigated. Patch weaponization. Medical zero-days for sale. Responsible disclosure. Bad bots attack. Car hacking. Trends in phishbait. May 1, 2018 Listen Download
Bank hack in Mexico. FacexWorm goes cryptomining. SamSam's volume discount. Influence ops. Researchers confirm that teams use teamwork. Apr 30, 2018 Listen Download
New MacOS backdoor linked to OceanLotus — Research Saturday Apr 28, 2018 Listen Download
Crimeware kits, ransomware, and source code breaches. The Internet conduces to organic radicalization. Russia in Finland. Snooper's Charter notes. Crypt armistice or just key escrow? Apr 27, 2018 Listen Download
Some fix fast, others not at all. Ransomware campaign's demands are non-negotiable (for most victims—Russians get a hometown discount). Content filtering. Jamming in Syria. Apr 26, 2018 Listen Download
DPRK plays offense and defense. PyRoMine and EternalRomance. Russian disinformation on Syrian massacre. Alt-coin heist may be misdirection. Nakasone confirmed at NSA. Webstresser takedown. Apr 25, 2018 Listen Download
Ransomware in Ukraine's Energy Ministry. Energetic Bear infrastructure. Anonymous Twitter accounts equal bots? Orangeworm in x-ray, MRI machines. Sanction notes. Election security. Apr 24, 2018 Listen Download
ISIS coordinates online inspiration campaign with terror attacks. APT10 spearphishing. IE zero day. Twitter won't sell Kaspersky ads. UK sentence in Crackas with Attitude case. Apr 23, 2018 Listen Download
InnaputRAT exfiltrates victim data — Research Saturday Apr 21, 2018 Listen Download
RSA wraps up. Staging offensive cyber operations. (Information ops, too.) Business email compromise affects maritime shipping sectors. Sanctions bit Chinese device giants. Apr 20, 2018 Listen Download
Dispatches from RSA 2018. Russia continues to test the Five Eyes' patience and resolve. Trustjacking, Stresspaint, and an exposed AWS bucket. Apr 19, 2018 Listen Download
More cyber battlespace preparation. Hacking as the continuation of war by other means. Ongoing social media privacy concerns. Tech glitch extends tax deadline. Notes from RSA. Apr 18, 2018 Listen Download
Russia versus routers. Desert Scorpion swept out of Google Play. ZTE faces sanctions. RSA notes, and a Sandbox winner. Apr 17, 2018 Listen Download
Info ops follow airstrikes, to be followed by sanctions. Expect cyberattacks and reprisals, with a chance of kompromat. Apr 16, 2018 Listen Download
Energetic Dragonfly and DYMALLOY Bear 2.0 — Research Saturday Apr 14, 2018 Listen Download
Operation Parliament seems to have got what it came for. EITest finally sinkholed. Facebook testimony on Capitol Hill. Estonia reports. Swatting case teaches nothing? Apr 13, 2018 Listen Download
Zuckerberg testimony. Supply chain cyber threat to satellites. DPRK destructive malware. "Early bird" code injection. GCHQ vs. ISIS. Germany blames compromise on Russia. Salisbury attack update. Apr 12, 2018 Listen Download
Mark Zuckerberg testifies about Facebook, big data, and influence. Patch Tuesday notes. Deterrence or open conflict in cyberspace? Apr 11, 2018 Listen Download
Facebook comes to Washington. Research ethics? IoT threats. Switch bug exploited in the wild. Criminal misdirection. Russia and the West, again. And what do cybercriminals earn? Apr 10, 2018 Listen Download
Hacktivists may be warning Russia and Iran against interfering in US elections. Britain on alert for Russian moves against infrastructure. Facebook preps for Congress. Ransomware updates. Apr 9, 2018 Listen Download
Crypto crumple zones — Research Saturday Apr 7, 2018 Listen Download
Multibreach via chat app. OceanLotus notes. Mirai vs. Banks. Energetic Bear vs. Switches. Russia warns Britain against provocation. DataTribe finalists. Apr 6, 2018 Listen Download
Facebook agonistes. Really agonizing. Ad-supported apps like them some data. Sino-US trade tensions and Chinese cyber espionage. Russian wet work and disinformation. Western reprisals. Apr 5, 2018 Listen Download
Facebook boots Russian trolls for being trolls. Zuckerberg will testify before Congress. Different continents, different privacy protections. YouTube shootings. Pipeline hacks. Panera Bread's incident response. Apr 4, 2018 Listen Download
Magento brute-forcing. Android IM spyware. njRAT updated. Panera breach. Pipeline operator hacked. Cyber tensions. Cambridge Analytica named in class action suit. Apr 3, 2018 Listen Download
Department stores suffer a paycard breach. Atlanta still working on SamSam recovery. Ransomware in India. SWIFT fraud attempt. Facebook's troubles. Kremlin doxed. Reality Winner case update. Apr 2, 2018 Listen Download
Chasing FlawedAMMYY — Research Saturday Mar 31, 2018 Listen Download
Under Armour fitness app breached. Warning shot from WannaCry. Lazarus Group update. Aadhaar security questions. Ransomware and city governments. FBI agent charged in leak case. Mar 30, 2018 Listen Download
Russia retaliates against the US with tit-for-tat PNGs, consular closure. Assange has no more Internet (until he behaves). Fauxpersky and WannaCry seen in the wild. Facebook works on privacy. Mar 29, 2018 Listen Download
Tensions over Salisbury nerve agent attack remain high. BranchScope raises concerns about side-channel attacks. Facebook data scandal updates. Atlanta and Baltimore recover from hacks. Mar 28, 2018 Listen Download
Blockchains that bind us — Special Edition Mar 28, 2018 Listen Download
Phishing from the library. Facebook and Cambridge Analytica updates. Bots as propaganda readers. SamSam still plagues Atlanta. Aadhaar leaky? Many nations expel Russian diplomats. Mar 27, 2018 Listen Download
Persona non grata, Ivan Ivanovich. Grid threat worries. Data scandal updates. Malware notes. Reaction to Iranian indictments. Alleged Carbanak kingpin collared. Mar 26, 2018 Listen Download
Code comments cause SAML conundrum — Research Saturday Mar 24, 2018 Listen Download
US indicts Iranian hackers. Guccifer 2.0 is a GRU Bear. Atlanta hit with ransomware. Equifax breach cost consumers plenty. Facebook's troubles persist, as do Cambridge Analytica's. Mar 23, 2018 Listen Download
Kaspersky burned a JSOC op? Facebook affair: apps, legal fallout, regulatory inspiration, apologies and resolution to sin no more. Tariffs against IP theft. Best Buy shows Huawei the highway. Mar 22, 2018 Listen Download
Preparing for grid attacks. Notes on breaches, crime, and punishment. And Facebook's no-good, bad, awful week. Mar 21, 2018 Listen Download
Power grid threats coming through the router. Cambridge Analytica and Facebook face tough questions. Mar 20, 2018 Listen Download
Power grid hacking fears running high. Social media problems. Election DDoS reported in Russia. FTC and SEC cyber enforcement actions. NSA hoarder case update. Mar 19, 2018 Listen Download
Cryptojacking injections heat up - Research Saturday Mar 17, 2018 Listen Download
NATO-Russian cyber tensions high. They're also high between Saudi Arabia and Iran. Updates on AMD vulnerability report. Another exposed AWS S3 bucket? Mar 16, 2018 Listen Download
Chip vulnerability disclosure controversial. Black market and point-of-sale malware. SEC charges ex-Equifax exec with breach-related insider trading. Tensions over Salisbury nerve agent attack. Mar 15, 2018 Listen Download
AMD investigates report of processor flaws. A look at OceanLotus. Patch Tuesday. Russo-British tensions high. MuddyWater threatens researchers. Mar 14, 2018 Listen Download
May hands Putin an ultimatum (and cyber conflict is expected). HenBox spies on Uyghurs. Vixen Panda creeps in UK targets by backdoors. Changes at US State Department, CIA. SINET ITSEF notes. Mar 13, 2018 Listen Download
Iran grows more capable and assertive in cyberspace. Bots have nothing on humans when it comes to peddling disinformation. Chinese influence ops. Fancy Bear, Slingshot updates. Mar 12, 2018 Listen Download
Dark Caracal APT steals out of Lebanon — Research Saturday Mar 10, 2018 Listen Download
Cyber reconnaissance. Vulnerability database misdirection. Cryptoming attempts. New Memcrash DDoS. Policy changes in the US coming as agencies report? Mar 9, 2018 Listen Download
A Memcrash kill-switch. Shadow Brokers' leaked "Territorial Dispute" tools. Dutch DDoS, Indian hacks. FBI and backdoors. Notes from SINET ITSEF. Mar 8, 2018 Listen Download
Patchable vulnerabilities in Apache Struts and Exim. CombJack malware. DPRK vs. UN Panel of Experts. Cyberwar and legal limits. Espionage Act prosecution. Infowars turn grimly kinetic. Mar 7, 2018 Listen Download
Cyber espionage in Central and Eastern Europe. Cyber deterrence. Notes from Matrosskaya Tishina. Exabeam describes what crooks can get from your browser. Mar 6, 2018 Listen Download
Humanitarian organizations targeted. Memcrash extortion. Spring Break bug. Equifax breach update. Russian influence operations (and American "yelling and hollering"). Mar 5, 2018 Listen Download
Lebal malware phishes for victims — Research Saturday Mar 3, 2018 Listen Download
Memcrashing no longer just a theoretical possibility. Fancy Bear's pawprints in German networks and other peoples' embassies. Deterrence in cyberspace. High-profile fraud victims. Mar 2, 2018 Listen Download
Fancy Bear finds Berlin just right. RedDrop Android blackmail malware. Another AWS S3 exposure. FTC settles; SEC investigates. Blockchain radix malorum? Mar 1, 2018 Listen Download
Memcrash and amplification attacks. SAML vulnerabilities. Thanatos ransomware. Petya returns (so does Marcher). Deterrence and election security. Feb 28, 2018 Listen Download
Cryptojacking through an AWS S3 bucket. Threats, risk, and unintentional mistakes. Crime and punishment. Industry notes. Alien hackers? Feb 27, 2018 Listen Download
Olympic hacking—false flags and attack infrastructure. Cryptojacking. Smartphone security bans. Heraldic animals of hacking. Feb 26, 2018 Listen Download
Phishing for holiday winnings — Research Saturday Feb 24, 2018 Listen Download
Mirai variant establishes proxies. Buggy smart contracts. Banking glitch. Studies from Verizon, Thales. FTC addresses credential stuffing. Feb 23, 2018 Listen Download
Code signing certificates for sale. Impact of cybercrime on the world economy. Reaper out from under Lazarus's shadow. Catphishing. Cyber intelligence against terror. Ransomware and other hacks. Feb 22, 2018 Listen Download
SWIFT phishbait. DPRK hacking gets better; GRU hacking looks east. Coldroot RAT. Cryptojacking. Election cybersecurity. Feb 21, 2018 Listen Download
SWIFT fraud in India. DPRK hacking updates. Notes on Russian influence ops, both indictments and continuing activity. Alleged Florida gunman may have been an Internet known wolf. Feb 20, 2018 Listen Download
The uncanny HEX men — Research Saturday Feb 17, 2018 Listen Download
The complexities of Olympic Destroyer. More blame for Russia in the matter of NotPetya. Congress mulls election security. New York cyber milestone. Ed Snowden as phishbait. Feb 16, 2018 Listen Download
Olympic Destroyer took its time, compromised the IT supply chain. NotPetya attribution. Coin scams. Coin miners. Botnets old and new. Feb 15, 2018 Listen Download
Olympic Destroyer updates. Cyber forecasts from the US Intelligence Community. Patch notes. Cryptojacking and coinming. Ad blockers (also an incentive to coin mining). Feb 14, 2018 Listen Download
Patch Tuesday notes. Skype DLL hijacking vulnerability. Olympic Destroyer malware described. Lazarus Group newly active. BitGrail heist? Cyber Valentine. Feb 13, 2018 Listen Download
Olympic hacking, cryptojacking and other illicit coin mining. Ransomware updates. The curious case of an alleged kompromat buy. Bots turn to ticket scalping. Feb 12, 2018 Listen Download
IcedID banking trojan — Research Saturday Feb 10, 2018 Listen Download
Trends in phishing. Olympic hacking. Cryptojacking spreads. Litecoin gains black market share. Influence operations. Can Strava be exploited by bicycle thieves? Feb 9, 2018 Listen Download
Operation Shadow Web rolls up carding gang. Fancy Bear sightings. DPRK buying zero-days? Cryptojacking ICS. Huawei, ZTE get Congressional razzing. Jita scams. Feb 8, 2018 Listen Download
Dutch DDoS arrest. Pyongyang is interested in cryptocurrency. So is the US SEC (in a different way). Uber explains its breach disclosure. New wrinkle in the "Microsoft" Help Desk scam. Feb 7, 2018 Listen Download
More Eternal exploits found more troublesome. Cryptominer updates. NIST SP 800-171. Paycard skimmers. Tsunami false alarm. Feb 6, 2018 Listen Download
DPRK exploiting Flash Player zero-day. ISIS wants hacking help. JenX DDoS, Scrareby ransomware updates. Crime and punishment. Feb 5, 2018 Listen Download
Advanced adware with nation-state tactics — Research Saturday Feb 3, 2018 Listen Download
JenX botnet and DDoS-for-hire. RoK CERT warns of Flash Player zero-day. Cryptocurrency mining and scamming. ICS security trends. Twitter cleared in terror trial. The Nunes Memo is out. Feb 2, 2018 Listen Download
ISIS war on families. Cryptomining botnets. The weaponization of Spectre and Meltdown. Phishig with bogus emails spoofing Google, Microsoft. Apps that know too much. Feb 1, 2018 Listen Download
Phishing campaign targets Israeli scientists. Low-level contract phishing in China's hinterlands? Apps with privacy flaws. Cisco patches ASA products. Cryptocurrency speculation and fraud. Jan 31, 2018 Listen Download
Netherlands financial sector recovers from DDoS. Lizard Squad, Mirai, and coin mining. IOTA wallets emptied. Snooper's Charter loses in court. US House may release surveillance memos. Strava OPSEC. Jan 30, 2018 Listen Download
Coincheck cryptocurrency heist. ICO phishing. Jackpotting comes to America. Dridex and FriedEx. Transduction attack threat to IoT sensors. Jihadist steganography. Oversharing with Strava? Jan 29, 2018 Listen Download
Targeting Olympic organizations — Research Saturday Jan 27, 2018 Listen Download
Lebal's layered approach to infection. Crytominers are becoming a big problem. Tracking influence ops. Dutch intelligence spotted Cozy Bear early. Exploiting password recovery. Jan 26, 2018 Listen Download
2018 forecast — CyberWire Special Edition Jan 26, 2018 Listen Download
Patriotic hacktivism. HNS botnet spreads P2P. Electron vulnerabilities found, mitigated, Criminals target ICOs. Ransomware-as-a-service. Cryptowars. Fancy Bear doxes luge. Jan 25, 2018 Listen Download
Satori variants. Hacking in Anatolia. Lazarus Group improves its tradecraft. Tindr vulnerabilties. UK's new office to combat disinformation. Pirated pdfs hold malware. Jan 24, 2018 Listen Download
ISIS messaging. Intel will roll out new Spectre/Meltdown patches. Identities for sale on the dark web. IDN spoofing. SpriteCoin ransomware, with a malware chaser. Three Sonic games may be trouble. Jan 23, 2018 Listen Download
Evrial and the Clipboard threat. SamSam ransomware recovery. Olympic hacking? Russian bots. Crime and punishment. Speculated origins of Bitcoin. Jan 22, 2018 Listen Download
Fancy Bear Duping Doping Domains — Research Saturday Jan 20, 2018 Listen Download
AllScripts works to remediate ransomware in medical apps. Group 123 hits ROK targets. Triton/Trisis zero-day. Dark Caracal espionage op. Section 702 renewed. GhostTeam ejected from Play Store. Jan 19, 2018 Listen Download
Big healthcare data breach. False civil defense alerts. Davos will take up cyber next week (among other topics). Exobot on the block. Satori in your wallet? Ponzi scheme or pump-and-dump? Jan 18, 2018 Listen Download
Section 702 update. Kaspersky reports on Skygofree—dangerous Android spyware. Recorded Future on DPRK spearphishing. Healthcare hacks. Bogus patches. VR game could expose users. Jan 17, 2018 Listen Download
New Mirai variant forming. Meltdown and Spectre remediation updates. Notes on Russian hacking. Charges in swatting death. Jan 16, 2018 Listen Download
Shake Your MoneyTaker — Research Saturday Jan 13, 2018 Listen Download
Spectre and Meltdown patches may be messy, but not as performance-killing as feared. AMT exploit. Mobile ICS apps. Monero mining. Badness in the Play Store. Huawei ban? Droning while drunk. Jan 12, 2018 Listen Download
Aadhaar updates. Fancy Bear doxes the Olympics. WhatsApp snooping vulnerability discussed. Spectre and Meltdown patching. US House reauthorizes Section 702. Bitcoin isn't Bitcoin Cash. Jan 11, 2018 Listen Download
Turla returns. Moscow interested in Mexican elections? FakeBank mobile Trojan hits Russian banks. Phishing the Olympics. Patch Tuesday. Bad flashlights, nice doggie. Jan 10, 2018 Listen Download
Spectre and Meltdown mitigations. Psiphon and Iran's unrest. Olympic phishing. Mobil pop-up redirection. Alt-coin speculation. Jan 9, 2018 Listen Download
Korean-language phishing targets interest in the Winter Olympics. Unrest continues in Iran. Meltdown and Spectre updates. Aadhaar security. Admiral Rogers will retire this spring from NSA. Jan 8, 2018 Listen Download
TRISIS Malware: Fail-safe fail — Research Saturday Jan 6, 2018 Listen Download
Meltdown and Spectre, risks and mitigations. Aadhaar compromised. Blockchain bubbles. Jan 5, 2018 Listen Download
Meltdown and Spectre arose from engineering for speed—most chips are affected. Bogus security apps kicked out of Google Play. Iran's Internet crackdown. Indications of a guilty plea in NSA leak case. Jan 4, 2018 Listen Download
Iranian dissent takes to Tor. Iran cracks down on Internet services (and Infy gets busy). Kernel memory issue in Intel processors. macOS bug published. "Trackmageddon." Curating YouTube. Condolences to a SWATTING victim's family. Jan 3, 2018 Listen Download
ISIS claims responsibility for bombing in Russia. Iranian unrest involves Telegram, Instagram. Proposed FERC reporting standards. YouTube gone bad, and an arrest in a horrific swatting prank. Jan 2, 2018 Listen Download
Hunting the Sowbug — Research Saturday Dec 30, 2017 Listen Download
The German Cybersecurity Market with Gerald Hahn Dec 29, 2017 Listen Download
The CISO's changing role with Andrew Wild Dec 28, 2017 Listen Download
"Hacked Again" author Scott Schober Dec 27, 2017 Listen Download
Active defense and “hacking back" with Johnathan Braverman from Cymmetria Dec 26, 2017 Listen Download
Keyboys back in town — Research Saturday Dec 23, 2017 Listen Download
Updates on Triton ICS malware attack. DPRK and WannaCry. Cryptocurrency crime and an alt-coin market correction. Fancy Bear sightings. Dec 22, 2017 Listen Download
More data found exposed in an AWS S3 bucket. EtherDelta's DNS impersonation issue. DPRK says it doesn't hack. FISA Section 702 nears sunset. Wassenaar updated. Kaspersky says its due process rights have been violated. Dec 21, 2017 Listen Download
Pyongyang's snarling through cyberspace, and what others are doing about it. Coppersmith espionage campaign in the Middle East. GDPR approaches. Giving your kid a smartphone? Dec 20, 2017 Listen Download
North Korea officially blamed for WannaCry. US National Security Strategy and cyber. Hex Men are up to no good. Cryptocurrency crimes. Cyberespionage. Misconfigured printers. Bad passwords. Dec 19, 2017 Listen Download
Zealot and Monero mining. Bitfinex DDoS. Triton/Trisis shows risks of committing safety and control to the same systems. Bitcoin crime. M&A news. Hair of the dog. Dec 18, 2017 Listen Download
The unique culture of the Middle Eastern and North African underground — Research Saturday Dec 16, 2017 Listen Download
Internet shut down in Ethiopia. TRITON ICS malware updates. Security products patched. Cryptocurrency capers. Dec 15, 2017 Listen Download
Hacktivism threatened over embassy move. Significant probe of an industrial plant. That was no BGP error. TV blues. Dec 14, 2017 Listen Download
A look back at Patch Tuesday. Classic games on Android serve malware. Cryptocurrency speculation. Info ops updates. Phony hitmen. Guilty pleas in Mirai case. Dec 13, 2017 Listen Download
Catphishing for spies. Banking Trojans. Spider ransomware. CoinHive comes to Starbucks. SEC stops another ICO. BrickerBot retired? Dec 12, 2017 Listen Download
Al Qaeda tries its hand at inspiration. MoneyTaker cyber bank robbers. Dark web database holds a billion credentials. Bitcoin speculation and Bitcoin fraud. Dec 11, 2017 Listen Download
Stealthy Zberp Banking Trojan — Research Saturday Dec 9, 2017 Listen Download
Iranian reconnaissance of critical infrastructure? Leaky banking apps. Microsoft's emergency patch. Ghosts of the Caliphate threaten, but have yet to deliver. New horizons in biometrics. Dec 8, 2017 Listen Download
Hamas calls for intifada; hacktivism expected. Ethiopian government surveillance ops. Crime and cryptocurrency. Keylogger in the wild. Fixes to MacOS, Android app development tools. Uber hack and bug bounties. Dec 7, 2017 Listen Download
Satori botnet is awake (and it's not engaged in enlightenment). State-sponsored spyware campaigns. ISIS threatens cyberattacks. Dec 6, 2017 Listen Download
Andromeda takedown (with an arrest in Belarus). Mirai is back; Reaper still threatens. PayPal phishing. Tech support scam evolves. Cryptowars notes. SEC goes after an ICO. Dec 5, 2017 Listen Download
Nghia Hoang Pho charged with mishandling classified NSA material. A review of other recent leaks. Kaspersky under fire in the UK. More Uber executives depart. Dec 4, 2017 Listen Download
Staying ahead of Fast Flux Networks — Research Saturday Dec 2, 2017 Listen Download
Flynn pleads guilty in Mueller probe. Misconfigured AWS S3 buckets, again. Election trolling and spy versus oligarch. Black Friday fraud down. Crime and punishment. Dec 1, 2017 Listen Download
Breaches, extortion, and insider threats. Credit bureaus and GDPR. HP addresses spyware allegations. When is a snack bag more than a snack bag? Nov 30, 2017 Listen Download
Building your cyber security career — CyberWire Special Edition Nov 30, 2017 Listen Download
Another misconfigured AWS S3 bucket, this one with US Army INSCOM files. Apple fixes a major issue in MacOS. Influence ops and autarky. Boyusec disbanded. Nov 29, 2017 Listen Download
Who's the third man in the Shadow Brokers leaks? ISIS diaspora means more ISIS online. Monero miner identified. Tizi backdoored apps booted from Google Play. Scarab ransomware. M&A notes. Indictments in IP theft. Nov 28, 2017 Listen Download
Breach disclosure: fast and slow. Mirai's minor comeback. Anti-ISIS Hacktivsts strike Amaq. North Koreans studying blockchain. Alleged Game of Thrones hacker indicted. Nov 27, 2017 Listen Download
Waiting for Terdot, a sneaky banking Trojan — Research Saturday Nov 25, 2017 Listen Download
The Right to Be Forgotten with Yale Law School's Tiffany Li Nov 22, 2017 Listen Download
Cyberspace in Peace and War author Martin C. Libicki Nov 21, 2017 Listen Download
PwC Principal Jocelyn Aqua on Earning Consumer Trust and Business Nov 20, 2017 Listen Download
Dark Net Pricing with Flashpoint's Liv Rowley — Research Saturday Nov 18, 2017 Listen Download
AWS S3 misconfigurations. Kaspersky's report on the Equation Group affair. Cybercrime notes. DPRK cyber campaigns. The VEP reviews continue positive. Amazon Key has issues. Nov 17, 2017 Listen Download
Revisions to the US VEP (and comparisons to China's). DPRK hacking. Laurel mole hunt. BlueBorne is back. Snakes in the Play Store. Can you sound like a child? Nov 16, 2017 Listen Download
Hidden Cobra's RATs. IoT bugs. Patch Tuesday notes. Backdoored smartphones. Russian trolling, propaganda. DPRK short wave hacked? Nov 15, 2017 Listen Download
Influence operations in Catalonia? IcedID banking Trojan. The Shadow Brokers: an intelligence service or a bunch of moles? Patch notes. Nov 14, 2017 Listen Download
Vault 8 and false-flag allegations. Mole hunting. Equifax breach costs. ISIS returns to WordPress defacements. RoK domestic political influence scandal. Nov 13, 2017 Listen Download
Taiwan Bank Heist and Lazurus Group with BAE's Adrian Nish — Research Saturday Nov 11, 2017 Listen Download
Macro-less malware. Metacriminals and botnet herders. Hacking ships and airliners. Cryptocurrency glitch. Congratulations to the SINET 16. Nov 9, 2017 Listen Download
Fancy Bear's new moves. OceanLotus and Sowbug cyber espionage groups active. Notes from CyCon, and a look at industry news. Nov 8, 2017 Listen Download
Stolen Paradise Papers aren't making people or companies look good. Off-year election security. Trollhunting. Notes on the future of cyber conflict from CyCon 2017. Nov 7, 2017 Listen Download
The Paradise Papers, tax avoidance, and quiet investments. Kaspersky affair updates. Retaliation against influence operations? Nov 6, 2017 Listen Download
Exploring Phishing Kits with Duo Security's Jordan Wright — Research Saturday Nov 4, 2017 Listen Download
BadRabbit misdirection? Fancy Bear's wish list. AWS misconfigurations. Data breach notes. Nov 3, 2017 Listen Download
The Manhattan terror suspect claims allegiance to ISIS, but ISIS hasn't claimed him. Crimeware notes. Patching news. Crypto wars update. What the Senate learned about info ops. Nov 2, 2017 Listen Download
Ransomware old and ransomware new, but can you distinguish it from a wiper? Influence operations hearings on Capitol Hill. Nov 1, 2017 Listen Download
A BadRabbit and Reaper update. EU and cyberwar. DPRK denies WannaCry responsibility. China's cyber espionage shifts. Oracle emergency patch. Buganizer wide open. Influence ops. Heathrow security. Oct 31, 2017 Listen Download
Reaper looks like a criminal booter on the Chinese black market. BadRabbit shows some moves. Catch-All malicious Chrome extension. Android currency miners in Google Play. Indictments in Russia probe. Oct 30, 2017 Listen Download
Tracking a Trojan: KHRAT on Research Saturday Oct 28, 2017 Listen Download
BadRabbit ransomware and Reaper botnet updates. SATCOM bugs. ICS cybersecurity notes. Moscow's free commercial speech piety. Anonymous is back. Oct 27, 2017 Listen Download
Dogs that haven't barked. Surveillance authority reauthorization advances in the US Senate. Notes on ICS cybersecurity. Oct 26, 2017 Listen Download
BadRabbit hopping though Eastern and Central Europe, and Southwest Asia. DUHK risks. Kaspersky on how a laptop was backdoored. Notes from Atlanta's ICS Cybersecurity Conference. Oct 25, 2017 Listen Download
Reaper botnet update, Election hacking in Kenya, Czech Republic. M&A notes. APT28's phishing. Kaspersky's offer of code review. FBI shots in the crypto wars. Oct 24, 2017 Listen Download
Reaper botnet looming, but not yet landed. CyCon phishing. How to troll for influence. Oct 23, 2017 Listen Download
WireX BotNet with Justin Paine from Cloudflare — Research Saturday Oct 21, 2017 Listen Download
IoT DDoS hurricane forming? Sofacy exploits patched Flash bug. NotPetya continues to impose costs. Snooping with mobile app ads. Oct 20, 2017 Listen Download
Leviathan group exploits patched .NET flaw. North Korean cyber ops. Russian suspicions. Cutlet Maker ATM malware, Sockbot Minecraft malware. Ransomware and backups. Oct 19, 2017 Listen Download
DPRK returns to bank robbery. Ransomware updates. Patches from Oracle, Lenovo, BlackBerry. Criminal coin miners. Oct 18, 2017 Listen Download
Panama Papers assassination? Black Oasis exploits Flash Player. DPRK hacked TV show. Patching KRACK and ROCA. WikiLeaks prepping something? DHS BOD 18-01. SCOTUS to rule on data warrants. Oct 17, 2017 Listen Download
KRACK attacks. Iran's growing capability in cyberspace. Swedish and Polish targets probed by state-directed cyber ops. QR code security issues. Russia to introduce official cryptocurrency. Oct 16, 2017 Listen Download
Synthesized DNA Malware with Peter Ney — Research Saturday Oct 14, 2017 Listen Download
Germany's BSI sees no problem in Kasperky software. Equifax, TransUnion, suffer from third-party malvertizing code. ISIS expected to change its inspiration. Notes on the dark web. Oct 13, 2017 Listen Download
Panama Papers pinch. North Korean spearphishing against ICS. CyberMaryland notes. Google Home Mini was tale-bearing (but now it's better). Oct 12, 2017 Listen Download
Israel said to have tipped the US off concerning Kaspersky risks. Accenture databases exposed. Deloitte breach may be worse than initially thought. Oct 11, 2017 Listen Download
Cyberespionage in the Korean peninsula. Russian influence operators bought Facebook, Google ads. Forrester hacked. Kovter, OilRig get upgrades. US CYBERCOM CSM notes. Oct 10, 2017 Listen Download
GDPR: Privacy from Across the Pond - Special Edition Oct 9, 2017 Listen Download
Android Toast Overlay: Ryan Olson from Palo Alto Networks - Research Saturday Oct 7, 2017 Listen Download
FSB got NSA with an assist (witting or unwitting) from Kaspersky? Germany calls off mass surveillance investigation. Reality Winner stays in jail. Oct 6, 2017 Listen Download
NSA breach announced today (occurred in 2015, discovered in 2016) may be final nail in Kaspersky Lab's coffin. Oct 5, 2017 Listen Download
No insight yet into Las Vegas gunman's motive as ISIS inspiration generally discounted. Yahoo! breach affected 3, not 1, billion user accounts. Equifax updates. Oct 4, 2017 Listen Download
Fake news and information operations with no obvious solution. Equifax update. US Cyber Command vs. DPRK Oct 3, 2017 Listen Download
Bots, sockpuppets, and trolls. Facebook talks to Congress. Some suggest China hacked Equifax. DPRK gets more Internet. ISIS inspiration. Section 702 authority in doubt. Oct 2, 2017 Listen Download
APT 33: FireEye's John Hultquist on an Iranian Cyber Espionage Group - Research Saturday Sep 30, 2017 Listen Download
Whole Foods breached. Illusion gap and Windows Defender. Exposed AWS S3 buckets. Equifax incident response. Reality Winner proceedings. Sep 29, 2017 Listen Download
Deloitte and Equifax under the microscope. Congress grills the SEC. Credential theft trends. Sep 28, 2017 Listen Download
Comments on the Deloitte breach. SEC Commissioner talks to the Senate. Sonic breached. Vulnerable stock-trading apps. Russian influence operations shift their focus. Sep 27, 2017 Listen Download
Equifax C-suite retirements continue. Deloitte still has little to say about its breach. Mac OS zero-day goes unpatched. Russian influence operations. Sep 26, 2017 Listen Download
Deloitte hacked. Verizon AWS S3 exposure. Phantom Squad's protection racket. Nuclear tension expected to spawn cyberattacks. Updates on CCleaner backdoor and FinFisher distro. Carlos Danger goes to jail. Sep 25, 2017 Listen Download
Pacifier APT : Bitdefender's Liviu Arsene describes a sophisticated, multifaceted malware campaign - Research Saturday Sep 23, 2017 Listen Download
Hacks shake confidence in financial system. FinFisher using MitM. CCleaner backdoor had specific targets in mind? US Forces Korea debunks bogus NEO warning. Locky masters like Game of Thrones. nRansomware asks for a different kind of payout. Sep 22, 2017 Listen Download
EDGAR hack enabled illicit stock trades? Equifax tweets phishing url to troubled inquirers. Kaspersky ban clarified. Sep 21, 2017 Listen Download
German election update: nichts neues. Equifax breach. Viacom dodges a bad bucket. Like Sandworm, but from Tehran. Less than fully successful criminals. Sep 20, 2017 Listen Download
Russia Spy Files from WikiLeaks. Disinformation and influence operations. Equifax sustained a breach in March. Software supply chain issues. Sep 19, 2017 Listen Download
Russian dogs not yet barking in German elections. ISIS is doing a lot of howling at lone wolves. Equifax updates. CCleaner found unclean. OurMine hacks Vevo to avenge its honor. Sep 18, 2017 Listen Download
Research Saturday— Cobian RAT: Zscaler’s Deepen Desai describes some clever malware Sep 16, 2017 Listen Download
Equifax agonistes. Kaspersky denies his company's a security risk. Political database for sale found exposed. Trolling the DCI. Sep 15, 2017 Listen Download
Binding Operational Directive 17-01 hits Kaspersky. Point-of-sale malware found in some ElastiSearch servers. BlueBorne proves widespread. Equifax breach updates, industry notes, a look at the Billington Summit. Sep 14, 2017 Listen Download
North Korea turns to cryptocurrency theft. Equifax breach gets worse. Patch Tuesday. Duma says US election hacked Sep 13, 2017 Listen Download
Equifax breach news. Unsecured admin accounts. BlueBorne via Bluetooth. Hackable medical devices. Bots convince. A guilty plea draws a long sentence. Sep 12, 2017 Listen Download
Everything Equifax, with some notes on German election vulnerabilities and an update on the Crackas With Attitude. Sep 11, 2017 Listen Download
Equifax decides to tell people it's been breached. Notes from the Intelligence and National Security Summit. WikiLeaks dumps missile guidance documents from Vault7. The ShadowBrokers are back, with a new offer. Sep 8, 2017 Listen Download
DragonFly 2.0 in power grids. Cyberespionage in the South China Sea. Russian Facebook ads. "Fake News" survey. Sep 7, 2017 Listen Download
Apache Struts patched. Dragonfly is in the power grid. Ransomware notes. Taringa breached. Cryptocurrencies in China and Russia. Signal stealing that's not SIGINT. Sep 6, 2017 Listen Download
Influence operations in Germany. More Turla. KHRAT looks like political spying. Exposed AWS S3 and MongoDB databases hit. Ransomware notes. Cyber gangland rumbles. Sep 5, 2017 Listen Download
Kenyan election nullified over electronic irregularities. South China Sea cyber espionage. WikiLeaks' Vault7 dumps Angelfire. Accused leaker wants her statements excluded. DPRK raids ROK Bitcoin. WhopperCoin is here. Sep 1, 2017 Listen Download
Turla's Gazer backdoor. OurMine vs. WikiLeaks; WikiLeaks vs. CIA. Reality Winner trial. House of Cards material leaks. Patching notes. Insecure APIs. Aug 31, 2017 Listen Download
Phishing and watering hole alerts. Is DPRK stealing Bitcoin? NHS Lanarkshire ransomware identified as Bit Paymer. Onliner spambot has hundreds of millions of email addresses. St. Jude pacemaker patch. Aug 30, 2017 Listen Download
NIST Cybersecurity Framework - A CyberWire Special Edition Aug 30, 2017 Listen Download
Cyberespionage in South Asia. NHS hack confirmed as ransomare. Notes on Hancitor. WireX Android botnet taken down. Fat-fingering BGP. Topical phishbait. Aug 29, 2017 Listen Download
Maritime cybersecurity concerns. ExpressLane dump stirs up international trouble. IoT botnet threat addressed. Defray ransomware. Cyberattack in Scotland. Tehran's info-ops rapper. Aug 28, 2017 Listen Download
Clouds, crooks, cheats, and cryptocurrencies. Vault7 leaks liaisonware. Rumors about FSB officers charged with treason. FBI arrests Chinese national in OPM hack. Extremism online flows more than it ebbs. Aug 25, 2017 Listen Download
Cyberattacks that may not have been. Ropemaker corrupts email after delivery. Concerns about companies working for intelligence services. Aug 24, 2017 Listen Download
Independence day cyberattack worries in Ukraine. US Navy eliminating possibility of cyberattack on USS McCain. More malicious apps in Google Play. US state cyber regs. ISIS still works to inspire online. Aug 23, 2017 Listen Download
Cyber concerns about naval and maritime shipping operations. AWS S3 data exposure. Game of Thrones hack. NHS breach? Killer robots. Scareware. Aug 22, 2017 Listen Download
GCHQ and MalwareTech's arrest. Chinese oilfield sustains malware infestation. US Cyber Command now a UCC. Ukraine fears another cyber campaign. Turla returns. GPS spoofing. Extremism online. ICO hack. Aug 21, 2017 Listen Download
Ransomware updates. ShadowPad backdoor may have got into the supply chain from a Chinese APT group. Apple Secure Enclave decryption key released. Profexor and Fancy Bear. Misconfigured AWS S3 exposes voter data. Countering extremism online. FBI continues Aug 18, 2017 Listen Download
Email brute-forcing. Aadhaar woes. Leaked Equation Group exploits remain a problem. Hijacked Chrome extensions. Pulse wave DDoS. FBI interviews "Profexor." Extremism and vigilantism. OurMine hacks HBO Twitter, Facebook. Aug 17, 2017 Listen Download
NIST SP 800-53 updated. Attack on Scotland Parliament's email system. Consequences of Equation Group leaks. "Mr. Smith" and HBO. Attacks of note: Trickbot, OLE exploits, NetSarang backdoor. Extremist inspiration. BEC. Aug 16, 2017 Listen Download
Lazarus Group is back, phishing in English. Extremist content online. Google cleans up SonicSpy. Arrests for HBO hacking are unrelated to "Mr. Smith." Marcus Hutchins is out on. DJI drones get a security makeover. Help desk scams. Aug 15, 2017 Listen Download
Charlottesville hacking. Operation #LeakTheAnalyst. Dissatisfied customer calls ShadowBrokers a "ripoff." More HBO leaks. Google purging SonicSpy. Collusion attacks. Marcus Hutchins in court. Aug 14, 2017 Listen Download
HBO offered Mr. Smith a bug bounty, but no takers. Fancy Bear's in hotel Wi-Fi. DNC leak argument resumes. Locky and Mamba ransomware are back. ISIS on eBay. NotPetya arrest. WikiLeaks dumps more from Vault7. Aug 11, 2017 Listen Download
Kenyan elections, not hacked? Someone's poking into DPRK systems. DDoS in Ukraine. Pseudoransomware protection. Spyware in Play Store. HBO hack. Aug 10, 2017 Listen Download
Patches, passwords, wipers, and pseudoransomware. New fronts in hybrid war? KONNI, OnionDog, and Israbye. Aug 9, 2017 Listen Download
Power grid risks. Update on the Mandiant employee hack. "Mr. Smith" holds HBO for ransom. Shipping industry looks for GPS backup. DHL sees a NotPetya windfall. Google patches ten Android remote-code execution vulnerabilities. NIST issues a Cybersecurity W Aug 8, 2017 Listen Download
US Army bans DJI COTS drones. Amazon will scan AWS customers' S3 buckets for public accessibility. Recommendations for election security. Marcus Huchins pleads not guilty to Kronos-related charges. Aug 7, 2017 Listen Download
MalwareTech arrested over Kronos banking Trojan. "Bateleur" in the wild. Long DDoS hits Chinese telco. Russian influence operations no longer novel? FBI investigates HBO hack. Aug 4, 2017 Listen Download
WikiLeaks dumps Dumbo dox. HBO's hack gets bigger. Group IB outs the United Islamic Cyber Force. Cerber goes after Bitcoin. Lawsuits over NotPetya; more companies warn. Election fraud in Venezuela. Aug 3, 2017 Listen Download
Following up on security scrambles in Sweden and Ukraine. #LeakTheAnalyst. Blu Product phones booted by Amazon. BitCoin's hard fork. The Internet of Things Cybersecurity Improvement Act of 2017. Aug 2, 2017 Listen Download
HBO hacked. Operation #LeakTheAnalyst targets individual security researchers. Election hacking notes. UK's Home Secretary opposes strong encryption. Russia bans VPNs. Bitcoin, crime, and punishment. Aug 1, 2017 Listen Download
Black Hat 2017 - Research and Investment - CyberWire Special Edition Aug 1, 2017 Listen Download
Investigation into ShadowBrokers focuses on former insiders. Threat analyst doxed. Trickbot and NotPetya updates. Sweden's big breach. DPRK hacks online gaming for revenue. Jul 31, 2017 Listen Download
WikiLeaks and the ShadowBrokers are both back. Catphishing the French elections. Pyongyang's Bitcoin miners. Malware notes, industry news, and a rundown of the Pwnie Awards. Jul 28, 2017 Listen Download
"Mia Ash" is an Iranian catphish. WikiLeaks dumps UMBRAGE from Vault7. Germany braces for hacking by Russia, China, and Iran. Google kicks unwelcome intercept tool Lipizzan out of the PlayStore. WhatsApp scammers phish for banking credentials. Anti-drone Jul 27, 2017 Listen Download
Counterattackers' advantage? Juche no competition for cat videos, next-day delivery. CopyKitten crude but effective. FBI investigated Fruitfly Mac malware. Adobe will retire Flash in 2020. BSides notes. Jul 26, 2017 Listen Download
Google Groups oversharing. E-discovery don'ts. Energetic Bear may be back. The CopyKittens seem to be Persian cats. Ethereum hacks (and white hats). Jul 25, 2017 Listen Download
Buckets leak, but so do CDs. NotPetya and Sandworm. Fruitfly versus Macs. ISIS strained in cyberspace. A look at dark web souks. Hacked fish tank. Jul 24, 2017 Listen Download
Hansa Market takedown. Recovery from EternalBlue exploits is a long slog. Banking malware rising. Power grid vulnerabilities. Devil's Ivy and the IoT. A look at criminal markets. Jul 21, 2017 Listen Download
Configuring AWS buckets. New threats and vulnerabilities. Apple and Oracle patch. Jul 20, 2017 Listen Download
Dow Jones AWS S3 bucket exposed. FedEx 10-K and NotPetya. Game of Thrones torrent virus. Securing voting. Botnet defense research. M&A and VC notes. Initial coin offering hacked. Jul 19, 2017 Listen Download
Qatar and the United Arab Emirates at loggerheads over hacking. Commonly used gSOAP IoT code vulnerable to exploitation. A data exposure risk in connected toys. And what could be in that EULA. Jul 18, 2017 Listen Download
Qatar accuses UAE of disinformation, hacking campaign. Other international cyberconflict. Ransomware and clickfraud in one campaign. Banking credential-stealing malware vs. Macs. Jul 17, 2017 Listen Download
More from WikiLeaks' Vault7. Cyber ops and national policy. NotPetya's costs. Clouds of misconfiguration. Chasing innovation. AlphaBay takedown. Phishbait. Jul 14, 2017 Listen Download
Motives behind NotPetya, other operations. Verizon customer data exposed. Industry notes. Licensing hackers in Singapore. Jul 13, 2017 Listen Download
Patch Tuesday. Infrastructure hacking and hackers. Industry notes. Influence operations. Jamming a radio station. Jul 12, 2017 Listen Download
Russia's phishing for nuclear power plants. NATO offers aid to Ukraine. Election hacking updates. M&A and venture news. Crime, punishment, and cryptocurrency. Jul 11, 2017 Listen Download
Infrastructure hacking. No Russo-American agreement in cyberspace. Android malware infestations. Misspelling as OPSEC Jul 10, 2017 Listen Download
NotPetya still looks like an act of state; intended result or not, companies warn of possible material effect from the attack. Another S3 database found exposed. Jul 7, 2017 Listen Download
Ukraine says it blocked a second wave of NotPetya attacks. Notes on hybrid warfare and the challenges of sharing data. Will the EU get a right to repair? Jul 6, 2017 Listen Download
Recovering from NotPetya. State-actor seen behind wiper attack. Ukraine mulls criminal negligence charges. Documents behind US Congressional wariness of Kaspersky. Jul 5, 2017 Listen Download
Recovery and attribution: Petya/Nyetya/NotPetya. Cyber conflict and collective defense. Online inspiration and online censorship. The EU's regulatory big stick. Vishing Parliament. Jul 3, 2017 Listen Download
What's up with Petya/Nyetya/NotPetya? It's a wiper—the extortion is just misdirection. WikiLeaks dumps "OutlawCountry" from Vault7. The ShadowBrokers raise prices. Russia says boo to cybercrime. Jun 30, 2017 Listen Download
Ransomware, nyet; wiper, da. Shipping, manufacturing, and Big Law may share some common risks. WikiLeaks and the ShadowBrokers are back again. Jun 29, 2017 Listen Download
IoT 2017 – Securing the Things: A CyberWire Special Edition Jun 29, 2017 Listen Download
Petya/PetrWrap/Goldeneye updates. Jun 28, 2017 Listen Download
Petya goes WannaCry one better. Westminster email hack. ISIS in Maryland and Ohio websites. Jun 27, 2017 Listen Download
Brute-forcing Parliament. Election hacking retaliation? Cyberspies hunt IP in East Asia. Microsoft security issues. ISIS hacktivists deface Ohio websites.  Jun 26, 2017 Listen Download
Vault7 leak: Brutal Kangaroo toolkit. Data breach and ransomware updates. Notes on code audit requirements. Jun 23, 2017 Listen Download
WannaCry's back and the industrial IoT's got it. Business email scams hit the unwary (and most of would count as unwary). Testimony on Russian election influence operations. Grid security. Jun 22, 2017 Listen Download
Investigation, introspection, watchdogs, and leakers. The risk of collecting and storing data.  Jun 21, 2017 Listen Download
Who's behind the Android malware infestations? Mirai and Erbus updates. Industry notes. Brussels takes the pro-crypto side in the crypto wars. CrashOverride as a weapon. IG report on NSA insider threat management. Jun 20, 2017 Listen Download
Bouncing bad adware apps from Google Play. More on WannaCry attribution. Voter data exposed on an Amazon S3 account. Assessment of Russian influence on UK elections: they didn't do it. (Didn't need to?) Hackers sentenced. Jun 19, 2017 Listen Download
More from Vault7. How and why the DPRK hacks. FIN10 hits North American businesses with extortion demands. UK unis sustain ransomware infestation. Free decryptors are out, and ISACs seem to be working. Jun 16, 2017 Listen Download
Hidden Cobra strikes from Pyongyang. Microsoft patches last of ShadowBrokers' leaked exploits. Sanctions coming over Russian election influence operations. Electrical and natural gas sectors brace for CrashOverride. Jun 15, 2017 Listen Download
A CrashOverride update from Robert M. Lee. Patch news. Terrorist funding goes cyber. Cozy and Fancy Bear were more active than earlier believed. Jun 14, 2017 Listen Download
CrashOverride update. Influence ops harder to disrupt than infrastructure. Samba exploited for cryptocurrency mining. NSO Group for sale. Botnets and fake news. Airliner laptop bans. Jun 13, 2017 Listen Download
CrashOverride implicated in Ukraine grid hack—possibly as a proof-of-concept. Hack-induced Gulf diplomatic troubles continue. New malware strains, exploits appear. Jun 12, 2017 Listen Download
Comey's testimony calls Russian election influence operations massive and ongoing. New Android malware. Malicious hyperlinks infect with a mouse-over. Data privacy issues. Jun 9, 2017 Listen Download
Qatar—provocation, and disinformation online. Influence operations move from doxing to disinformation. 2FA still a good idea. Former FBI Director Comey testifies. And assume the boss is watching. Jun 8, 2017 Listen Download
Farewell to Jean Sammet, co-developer of COBOL. Remembering Midway. NSA leak investigation. Signs of Russian disinformation in the Gulf. Data breaches, script kiddies, EternalBlue, and Turla. Jun 7, 2017 Listen Download
Report leaked on Russian influence operations (alleged leaker in custody). ISIS continues inspiration; anarchist groups said to follow same playbook. The DarkOverlord is back. Jun 6, 2017 Listen Download
ISIS claims responsibility for inspiring attacks in London. More are expected during Ramadan. Hacks roil Middle Eastern diplomatic waters. Ransomware updates. Indian investigates possible aircraft hacking. Jun 5, 2017 Listen Download
Patriotic and free-spirited hacking? WikiLeaks has a new Vault7 dump. Cyber conflict over the South China Sea. Fireball malware infests more than 250 million devices. Trident security. Kmart breach. Bikers turn hackers. Jun 2, 2017 Listen Download
It's the first of June, and the ShadowBrokers' exploit-of-the-month club is open for business (exploits to be delivered to subscribers in July). Jun 1, 2017 Listen Download
Exploit-of-the-month club open for business. Disinformation technology. Lazarus Group tied to North Korean intelligence (again). Extortion is big, but carding is still with us. Spammy apps in Google Play. May 31, 2017 Listen Download
Implications of Manchester bombing investigation on policy, Five Eyes relations. British Airways IT outage. Fancy Bear and Malta? ShadowBrokers prep exploit-of-the-month club. Google deals with Chrome, PlayStore issues. Mall boards and ricrolling. May 30, 2017 Listen Download
WannaCry aftershocks. Influence ops and data corruption. Samba patched. Biometrics and impersonation. GDPR approaches. US legislation update. May 26, 2017 Listen Download
Worm alert. Stumblebums or masterminds? Widia commodity ransomware in its early stages. Taking the fight to ISIS in cyberspace. May 25, 2017 Listen Download
Manchester bombing investigators look at bomber's network. EnSilo patches ESTEEMAUDIT. Cron cyber gangsters arrested. What we hear at the Cyber Investing Summit. May 24, 2017 Listen Download
ISIS claims Manchester concert bombing. The case for a North Korean Wannacry. US lawmakers consider cyber legislation. May 23, 2017 Listen Download
How were US agents in China compromised between 2010 and 2012? EternalBlue updates (including notes on WannaCry and EternalRock). May 22, 2017 Listen Download
WannaCry wraps up its first week. No patches for Marshmallow. Women in Cybersecurity survey results. May 19, 2017 Listen Download
OilRig hires the Russian cyber-mob. WannaCry updates. Other EternalBlue exploits surface in the wild. Pending legislation in the US Congress. NIST issues guidelines for Executive Order compliance. May 18, 2017 Listen Download
Gothic Panda seems to have a government job. Not all extortion is ransomware (ask Disney). WannaCry update. The ShadowBrokers are back. So is WikiLeaks May 17, 2017 Listen Download
WannaCry, worm wars, ransomware pandemics, and a place for kill switches. And what might a cyber Pearl Harbor look like? May 16, 2017 Listen Download
WannaCry ransomware—a pandemic. Baijiu spyware in East Asia. APT32 seems to be spying for Vietnam. Al Qaeda calls to lone wolves. Influence operations and tactical operations. The long arm of the law reaches out to tech-support scammers. May 15, 2017 Listen Download
WannaCry ransomware spreads via ShadowBrokers' dumped exploit. Necurs delivers Jaff ransomware. Fancy Bear spoofs NATO emails. President Trump's Executive Order on cybersecurity. May 12, 2017 Listen Download
French media recover from DDoS. XaverAd infests Android ecosystem. Zero-days patched, but exploited in the wild. Mother's day giftcard hacking. Telephonic harassment. May 11, 2017 Listen Download
NSA says it warned France of election influence ops. Deterrence and retaliatory capability. SLocky ransomware rising. Patch Tuesday. FBI Director Comey dismissed. May 10, 2017 Listen Download
Metadata signs point to St. Petersburg in l'affaire Macron. UK, Germany, US expect more Russian election influence ops. New IoT botnet appears. US FCC sustains DDoS. Microsoft fixes MsMpEngine. SS7 weakness and 2FA. May 9, 2017 Listen Download
Election cyber-influence campaign in France. (Will UK and Germany follow?) AMT bug to be fixed. HandBrake compromised. Kazuar upgrade for Snake. Ransomware black market. May 8, 2017 Listen Download
Influence operations and elections, and the difficulty of doing anything about them. Dynamite phishing investigation. Snake hisses at Macs. Fatboy at your (criminal) service. May 5, 2017 Listen Download
Phishing with a big worm (and other lures). Botnet mining cryptocurrency. Blackmoon upgraded. Aadhaar troubles in India. Passwords, security questions, and Grand Moff Tarkin's CISO. May 4, 2017 Listen Download
Shamoon update. Sabre discloses possible breach to SEC. Mobile device and VPN threats and vulnerabilities. Information operations and cyberespionage. May 3, 2017 Listen Download
IBM, Apple, and Intel all fix vulnerabilities and block threats. Neustar's DDoS report. Updates on the DarkOverlord and (separately) LizardSquad. Info ops and what they're after. May 2, 2017 Listen Download
NSA changes collection policy in a privacy-friendly direction. Latest Vault7 leaks look anodyne. Election influence concerns in Europe and the US. Blocking social media. DarkOverlord returns with extortion caper. May 1, 2017 Listen Download
OilRig fingered as Iranian state-sponsored group behind attempted hacks of Israeli targets. Shamoon still under the same management. Botnet wars in the IoT. Countermessaging, hopes of missile hacks, and more.  Apr 28, 2017 Listen Download
Fancy Bear in France (and in Germany, too). Israel debates Cyber Authority's charter. Sudan says its using Electronic Jihad against ISIS. Verizon, Symantec threat reports out. Adware campaigns. Apr 27, 2017 Listen Download
Elections, influence operations, and hacking. How clever phishing succeeds. Chipotle's point-of-sale breach. Hacking in Fast and Furious 8. Apr 26, 2017 Listen Download
Fancy Bear spotted in France, Denmark, and maybe Bulgaria. Tensions mount around North Korean weapon programs. Power grid fragility. Milkydoor in the PlayStore. AV misunderstanding. Kelihos indictment. Ashley Madison blackmail. Apr 25, 2017 Listen Download
Nation-state tensions in cyberspace over North Korean threats and presumably Russian cyberespionage. Locky returns. More pharma spam. Seleznev gets 27 years for carding. Apr 24, 2017 Listen Download
States and gangs. Insider threats and mole hunts. The misguided vigilante behind BrikerBot. Hollywood hacks. Not a Nigerian prince this time, just the Director General of the National Intelligence Agency. Apr 21, 2017 Listen Download
Trojanized apps in the PlayStore. How cybergangs talk, cooperate, and improve their game. More troubles reported for Tanium.  A Chicago lawsuit brings privacy issues to the fore. Apr 20, 2017 Listen Download
Vigilantes in the IoT. Bad actors find a friend in the ShadowBrokers. BankBot is back in the PlayStore. Pixel-tracking for target recon. A very big Oracle patch. Apr 19, 2017 Listen Download
Karmen in the black market. Homograph vulnerabilities. Vault 7 and ShadowBrokers updates. Hacks and missiles. Competing for botnets. Apr 18, 2017 Listen Download
Missiles and malware? ShadowBrokers' leaks examined. Syrian info ops. ISIS recruits women for martyrdom. Ransomware, medical device vulnerability updates. Troubled unicorn? Apr 17, 2017 Listen Download
ShadowBrokers frustrated with the peoples. Callisto Group was active against UK Foreign Office. US DCI denounces WikiLeaks as a hostile intelligence service. Surveillance vendors said willing to deal with pariah regimes. Weaponized memes. Apr 14, 2017 Listen Download
Ewind adware infesting Android third-party app stores. Influence operations. Russian state use of organized crime. Finspy a payload in Word zero-day exploits.  Apr 13, 2017 Listen Download
Patch Tuesday notes. Cyber threats to healthcare, New Helsinki information operations center forming. Updates on WikiLeaks and the ShadowBrokers Apr 12, 2017 Listen Download
Women in Cybersecurity 2017: A CyberWire Special Edition Apr 12, 2017 Listen Download
Word zero-day spreading Dridex. Password reuse bites Amazon third-party sellers. Mirai now mines Bitcoin. WikiLeaks, the ShadowBrokers, and war in Syria. Cyber first use. Crypto wars in Europe. APT10 in India. Penn State prof takes  Gödel Prize Apr 11, 2017 Listen Download
Information operations respond to kinetic strikes. Dallas emergency sirens hacked. Alleged spam king arrested. Okta files its IPO. Apr 10, 2017 Listen Download
APT10's Operation TradeSecret. BrickerBot may be vigilante PDoS. Amnesia and Sathurbot exploit known vulnerabilities in, respectively, DVRs and WordPress. Ransomware, surveillance, and info ops updates. Apr 7, 2017 Listen Download
Operations TradeSecret and Cloudhopper attributed to APT10. Third party risks. Lazarus Group update. US investigation of Russian influence operations and US surveillance allegations proceeds. Apr 6, 2017 Listen Download
Operation Cloudhopper. Chrysaor spyware. Microsoft to upgrade Office security. Notes from SeaAirSpace. High school hacking. Apr 5, 2017 Listen Download
Pegasus version now affects Android. UK on alert for ISIS infrastructure cyberattack. DPRK tied, again, to Bangladesh Bank heist. Fancy Bear and Turla updates. Samsung Tizen 0-day. Tax season security.  Apr 4, 2017 Listen Download
WikiLeaks dumps alleged CIA obfuscation code. Attribution skeptics speculate about Russian ops (or the lack thereof). ISIS information operations manual revealed. RATs in the wild. Apr 3, 2017 Listen Download
Fancy Bear's phishing expeditions. Cryptowars and privacy regs in the EU. Is that really you, Dr. Niebuhr?  Mar 31, 2017 Listen Download
Apple patched this week—how are your systems? Lastpass working on a patch for an undescribed bug (said to be complex). What IT staff actually work on. And a long talk about emerging Administration cyber policy. Mar 30, 2017 Listen Download
Hybrid warfare objectives and tactics. Physical threats, lost and found. Vulnerability and threat recap. Mar 29, 2017 Listen Download
Updates on Cozy Bear and Shamoon tradecraft. Crypto wars flare in the UK. FBI warns of attacks against FTP servers. Typosquatting, scareware, and other problems. Mar 28, 2017 Listen Download
Lone wolves howl to each other over WhatsApp? Industry yawns at WikiLeaks zero-days. How online gamers cheat. America's JobLink breach update. Ukrainian artillery hack notes. April 7 deadlines. Mar 27, 2017 Listen Download
WikiLeaks' Vault 7 "Dark Matter" docs. Information operations, Russian style and ISIS style. Job database exposed.  Mar 24, 2017 Listen Download
Newly disclosed threats and vulnerabilities, mostly criminal. Catphishing peer review. The US may indict North Korea for the Bangladesh Bank heist.   Mar 23, 2017 Listen Download
Laptop restrictions are for physical, not cyber reasons. Necurs is back, pumping and dumping. MajikPOS notes. Mar 22, 2017 Listen Download
Extortion claims. Election influence operations seem likely to continue. A Russian bank claims it's being framed by DNS spoofing. "Cyber Pearl Harbor" fears may be a distraction. Mar 21, 2017 Listen Download
Careless criminals, Cisco mitigations, and Vault 7 disclosure conditions. A look at the Atlantic Council's Cyber 9/12. Cabin fever and malware infections. Kirk ransomware. Mar 20, 2017 Listen Download
Cyberspace and "Cold War Two." Who's leaking to WikiLeaks? Wishbone breached—warn the kids. Crimeware-as-a-service. The Active Cyber Defense Certainty Act. Mar 17, 2017 Listen Download
Lazarus Group is back. Dun & Bradstreet loses data; so does ABTA. Patriotic cyber rioting or state influence operations. US indicts four in the Yahoo! breach. Mar 16, 2017 Listen Download
Influence ops, third-party apps with an appetite for permissions, and criminal competition. Google purges malicious apps from the Play Store. Advice for whistleblowers. Farewell to Becky Bace. Mar 15, 2017 Listen Download
Canadian government sites recover from the Apache Struts vulnerability. FireEye's M-Trends report is out, calling out greater sophistication in financial cybercrime. USAF accidentally exposes SF86s. Vault 7 update. Mar 14, 2017 Listen Download
Vault 7 updates—observers speculate about an inside leaker. Pre-loaded Android malware raises supply chain concerns. Ransomware in Japan. Convincing Chrome-spoofing malware. GCHQ warns UK parties to expect Russian influence operations. Mar 13, 2017 Listen Download
WikiLeaks, responsible disclosure, and insider threats. Playstation credentials rumored to have been compromised. Apache Struts bug being actively exploited. DPRK missile cyber security. A look at West African cybergangs. Mar 10, 2017 Listen Download
Vault 7 doesn't show much evidence of false flag operations. The most interesting question the WikiLeaks dump raises is, where did the material come from? RAND studies the zero-day market. The Near Abroad wishes for more US soft power. Mar 9, 2017 Listen Download
WikiLeaks and Vault 7 Mar 8, 2017 Listen Download
StoneDrill succeeds Shamoon. Trojanized Android Facebook Lite. Progressive groups threatened with doxing, blackmail. WikiLeaks' Vault 7. Hacking back? Wiretapping? Mar 7, 2017 Listen Download
RSA 2017 Roundup – Perspectives, Pitches and Predictions Mar 7, 2017 Listen Download
Warnings of DNSMessenger. Cyber deterrence, and cyber offensive operations. Notes on DDoS. Election surveillance allegations.   Mar 6, 2017 Listen Download
Risk mitigation scores some wins this week. Amazon finds the typo that took out the Internet. Symantec gets into the VC game. Yahoo! agonistes. Wassenaar's prospects. PRC wants cyber peace. And farewell to Howard Schmidt. Mar 3, 2017 Listen Download
Online banking funds transfer fraud. Telegram and phone scams. FCC regulatory update. Insider threats in the IC. And bad robots. Mar 2, 2017 Listen Download
Internet outages were errors, not attacks. Evolving Trojans and botnets. M&A news. Cyber casus belli. Terminators and teddy bears. Mar 1, 2017 Listen Download
Alleged BND surveillance of news organizations. Snake Wine in Japan, for disinformation? Singapore military phished. Google discloses more Microsoft unpatched bugs. Cloudbleed update. CloudPets may have privacy issues. Feb 28, 2017 Listen Download
If I Only Had a Brain... Artificial Intelligence Gets Real at RSA 2017 - CyberWire Special Edition Feb 28, 2017 Listen Download
Cloudbleed and what it means to you. Ransomware updates. News from the Moscow treason trials. Coachella Festival breached. Feb 27, 2017 Listen Download
SHA-1 is broken. Grizzly Steppe and Carbanak. M&A notes. Linux patched. Arrest in Deutsche Telekom hack. The insecurities of connected cars.  Feb 24, 2017 Listen Download
Patcher ransomware. Locky, Cryptowall, and Cerber are still active; so is old-fashioned blackmail. NSA keeps the VEP. Reactions to New York State's cyber regs for banks. Observations of BugDrop, and thoughts on cyber war and attribution. Feb 23, 2017 Listen Download
Influence operations. A new Mirai version is potentially more dangerous than the old one. Proofs of concept. New York's cyber security regulations for banks. What Verizon will get from Yahoo! Feb 22, 2017 Listen Download
A coming surge in North Korean hacking? Middle Eastern cyber espionage campaigns. Microsoft patch issues. Infowar updates. NIST's draft electrical utility cyber guidance. Problematic toys. Feb 21, 2017 Listen Download
International norms of cyber conflict. Fancy Bear's tradecraft (with a side of дезинформа́ция). RDPPatcher, Cerber, Ticketbleed, and Hermes. And the vibe around RSA 2017. Feb 17, 2017 Listen Download
Ukraine accused Russia of renewed hacking by BlackEnergy actors. ASLR bypass proof-of-concept reported.  Notes from RSA, and an update on Android gunnery malware. Feb 16, 2017 Listen Download
Nation-states or criminal gangs? Update on Polish banking attacks. And an update on RSA. Feb 15, 2017 Listen Download
RSA Updates. Microsoft calls for Geneva Convention for cyber. Phishing. Feb 14, 2017 Listen Download
Cyber attacks reported in the Middle East, from both states and non-state actors. Italy's Foreign Ministry hacked for months in 2016. Cyber and kinetic operations. RSA's Innovation Sandbox. Feb 13, 2017 Listen Download
Patching: the good, the bad, and the ugly. Script kiddies and disinhibition (with a caution about attribution). Industry notes, RSA, and Valentine's Day. Feb 10, 2017 Listen Download
The Martin NSA-contractor case. Fileless malware hits banks worldwide. DDoS tools undergo refinement. Ransomware developments. Industry notes. Feb 9, 2017 Listen Download
Islamist hackers hit websites in Britain and Austria. Mac malware linked to Iran. Criminals follow the money into the cloud. M&A notes. Dendroid RAT author gets probation. Feb 8, 2017 Listen Download
Brokerages in Taiwan face DDoS extortion. Polish banks hit in watering hole attack. Cyber vigilantes. Information operations. ShadowBrokers update? Feb 7, 2017 Listen Download
Crime, not education. Slot machine scams. Ransomware updates. Fancy Bear in Norway? Russian treason charges. GCHQ say no to "witchcraft." Feb 6, 2017 Listen Download
Jailbreaking or forensics? W-2s and business email compromise. Router vulnerabilities. Windows zero-day. Enterprise security priorities. Iranians cyber ops and Iranian dissent. US-Russian cyber tensions. Feb 3, 2017 Listen Download
A black market for insider information. Cisco studies data breaches. The Internet as a threat actor's R&D infrastructure. Feb 2, 2017 Listen Download
Bear prints around the Czech Foreign Ministry. Tinker, tailor, soldier, hacker, Humpty Dumpty. Gamer forum breaches. Where in the world is Phineas Phisher? Feb 1, 2017 Listen Download
Ransomware updates. Netgear vulnerabilities and patches. Breaking Android pattern lock. Delegated Recovery. Information operations. Jan 31, 2017 Listen Download
Special Edition: 2017 Cyber Security Forecast Jan 31, 2017 Listen Download
Russian treason arrests may be tied to espionage. ANSSI director warns of cyber jihad. Symantec remediates Shamoon 2. U.S. Cellular was not breached. Jan 30, 2017 Listen Download
LeakedSource is down. DoubleFlag's called out for bogus stolen goods. Fancy Bear is in UK, German networks. Shamoon alert in Saudi Arabia. Scamming tech support scammers. Jan 27, 2017 Listen Download
Dark Web trading post compromised. Ransomware updates. Reactions to Risk Based Security's 2016 breach report. International cyber conflict notes, and a treason case in Russia. Jan 26, 2017 Listen Download
Cleaning ransomware out of the Play Store (but snakes still get into the walled garden, so watch your apps). Vigilantes, vulnerabilities, and industry news. Jan 25, 2017 Listen Download
Shamoon and Greenbug. HummingWhale purged from Play Store. Apple patches across its product line. Leadership changes at CIA, GCHQ. Lloyds Bank incident update. Honor among thieves? Nope. Jan 24, 2017 Listen Download
Fake news tweets (from hijackers, not opinion-makers). Ransomware. New Android Trojans. Closing in on Mirai's master? Jan 23, 2017 Listen Download
Carbanak gets trickier and more ambitious. Ransomware updates. It's beginning to look a lot like 1949 (at least from Moscow). Jan 20, 2017 Listen Download
France braces for election hacking. Ukrainian utility says December blackouts were hacker-induced. Finding "Fruitfly." Tracking Mirai's master. Jan 19, 2017 Listen Download
Carbanak gang is back. GhostAdmin works on data theft. Trolling security researchers. M&A notes. Pardons, commutations, and extraditions. Jan 18, 2017 Listen Download
Election influence and election security. Threats to power grids. Ransomware and phishing updates. Loyalty program risks. Jan 17, 2017 Listen Download
Grid hacking in Ukraine. Cellebrite breached. WhatsApp encryption issue. EyePyramid notes. Sharing SIGINT. IG looks at FBI. Guccifer 2.0 and the ShadowBrokers take their bows. Jan 13, 2017 Listen Download
Grid hacks and influence operations. Propaganda sauce spread liberally over geese and ganders. Peace sign hacks? Hamas catphishes the IDF. Jan 12, 2017 Listen Download
Shamoon is back, now with credentials for virtual desktops. Ukraine believes it was hacked again. Ransomware updates. Elections, investigations, and influence operations. The Pokemon threat? Jan 11, 2017 Listen Download
Witch hunts and yard sales. See relationships, not dox. Rebrandings, mergers, acquisitions, and executive moves. Building anti-witch capabilities. Jan 10, 2017 Listen Download
Election hacking, influence operations, and official reports. EU hacking concerns. Lawsuit over email's invention. Twitter frowns on unrequited love. Billy Bass, meet Alexa.   Jan 9, 2017 Listen Download
Spearphishing in industrial espionage. Ransomware gets more widespread, ruthless, and perfidious. The US Intelligence Community assures the Senate that the Russians hacked the DNC. Jan 6, 2017 Listen Download
Indiscriminate IOCs erode confidence in attributions. Official leaks erode trust in information sharing. Exploit updates. Jan 5, 2017 Listen Download
Hacktivists claim to perform a public service. Once and Recorded Future ransomware. Attribution controversies. Disturbing toys. Jan 4, 2017 Listen Download
Attribution issues: one story fizzles; another looks disappointingly circumstantial. Great powers jostle in cyberspace. Hacktivists resurface online. So, alas, do terrorists. Jan 3, 2017 Listen Download
Best of: Daniel Ennis Dec 30, 2016 Listen Download
Buying Cyber Security - A CyberWire Special Edition Dec 30, 2016 Listen Download
Best of: Tom Coale Dec 29, 2016 Listen Download
Best of: Tom Wingfield Dec 28, 2016 Listen Download
Best of: Abby Smith Rumsey Dec 27, 2016 Listen Download
Daily & Week in Review: Gunnery hacking. Influence operations and a proportionate response thereto? Yahoo breach post mortems. NIST issues Special Publication 800-184: "Guide for Cybersecurity Event Recovery." Dec 23, 2016 Listen Download
Daily: ISIS offers Christmas inspiration (and it's got nothing to do with peace or good will). Fancy Bear makes a battlefield appearance. Blogging services under attack. Dec 22, 2016 Listen Download
Daily: Grid hacking in Ukraine? German terror investigations. Airliner vulnerability dispute. NIST wants post-quantum crypto standards. Project Wycheproof. Wassenaar update. Dec 21, 2016 Listen Download
Daily: Another Ukrainian power grid outage may have cyber causes. ShadowBrokers may have got Equation Group code from a rogue insider. WordPress brute-forcing. Evading volumetric detection. Methbot ad fraud. Wassenaar remains controversial.  Dec 20, 2016 Listen Download
Daily: ShadowBrokers update. More consequences of the Yahoo! breach. Other sites suffer data compromises. US investigations of, plans for retaliation against, Russian influence operations proceed. Dec 19, 2016 Listen Download
Daily & Week in Review: US Election Assistance Commission hacked. US, Russia, swap hard words over influence operations. Ransomware updates. More on the effects of the Yahoo! breach. Autonomous vehicles approaching. Dec 16, 2016 Listen Download
Daily: Yahoo's big breach—industry reactions. Spyware circulates in the wild. Investigation of election hacking continues. Hacktivism and "faketivism." The ShadowBrokers are back. Dec 15, 2016 Listen Download
Daily: Nation-state hacking (and nation-state victims of hacking). Loyalty program breaches, and a new Android Trojan strain. Dec 14, 2016 Listen Download
Daily: SWIFT issues new fraud warnings. US investigates Russian influence operations. Patch news. Wages of sin are in-game purchases? Dec 13, 2016 Listen Download
Daily: Stressor, booter shoppers arrested. Small DDoS against Russian banks. Botnets and home routers. Popcorn Time ransomware. US investigates Russian influence operations. Dec 12, 2016 Listen Download
Daily & Week in Review: Korean cyber alert amid a presidential impeachment. Germany calls out Fancy Bear for influence ops. Georgia—the Dixie one, not the one in the Caucasus—demands a cyber explanation. Holiday phishing, the enduring DDoS threat, and Dec 9, 2016 Listen Download
Daily: IP theft in Germany. "Sledgehammer" looks like DDoS by Turkish patriotic hacktivists. Floki Bot and Dridex in the wild. Competition for cyber talent in a tight labor market. Dec 8, 2016 Listen Download
Daily: Ransomware updates. IP camera vulnerabilities. Steganography makes a comeback. Controlling content, with or without Internet autarky. Zo replaces Tay?  Dec 7, 2016 Listen Download
Daily: State-directed cyberattacks in the 2017 forecast. Tenable's Cybersecurity Assurance Report Card. DDoS and ransomware notes. Content filtering in social media. Connected toys too curious. Dec 6, 2016 Listen Download
Presidential Commission on Cybersecurity offers its recommendations to the next President. Russia says its financial system is under cyber threat. Cybercrime notes, and a scorecard. Dec 5, 2016 Listen Download
Daily & Week in Review: Europol and its partners say they've got the head of the Avalanche snake. DDoS and IoT botnet updates. Android vulnerability. New rules for warrants and insider threats. Dec 2, 2016 Listen Download
Daily: Shamoon and Fancy Bear are back. Mirai never left. San Francisco Muni saved by good backups. New Android Trojan found. Firefox patches threat to Tor anonymity. Surveillance policy, ISIS investigations in Germany.  Dec 1, 2016 Listen Download
Daily: Mirai remains a threat; experts expect more IoT-driven DDoS. ISIS, online radicalization, and terror attacks in the US. Snooper's Charter and its alternatives. Gooligan Android malware. Nov 30, 2016 Listen Download
Daily: ISIS online sympathizers (but not ISIS itself, which is lying a bit low) claim Ohio State attacker. German security agencies warn of possible Russian disruption of elections. Mirai strikes again. San Francisco's Muni shrugs off ransomware. A look a Nov 29, 2016 Listen Download
Securing a Deal - Cyber Security Venture Capitalists on what they look for. A CyberWire Special Edition. Nov 29, 2016 Listen Download
Daily: Military, law enforcement cooperation take a toll of ISIS operators. DDoS investigations. Mirai botnet can be rented on the black market. Beware ATM skimmers. Ransomware hits San Francisco light rail. Bogus news of cable show hacking. Nov 28, 2016 Listen Download
Daily: ISIS shows a slightly different face in cyberspace. BITAG issues advice to the IoT industry. Jackpotting and carding investigated. Nov 23, 2016 Listen Download
Daily: Banks are vulnerable to more than carding and transfer fraud. Ransomware updates. Lessons for users from the Three Mobile hack. Biometrics (with hedgehog). Election hacking retrospective. Nov 22, 2016 Listen Download
Daily: More of the customary cybercrime, but with additional warnings of new ransomware vectors. Dodgy apps and holiday shopping. Credential abuse. No pardon for Snowden, for now, anyway. Nov 21, 2016 Listen Download
Daily & Week in Review: US DNI Clapper says Russia "curtailed" election hacking after being named. Three Mobile breached. Android and iOS issues. Good news on ransomware. Start-up rundown. China calls its Internet controls "wisdom." Nov 18, 2016 Listen Download
Daily: Social media aren't automatically on the right side of history, it seems. More on the Adups backdoor. Holiday shopping cyber-safety and security. Nov 17, 2016 Listen Download
Daily: An insider threat deadline approaches. Lawful intercept tools from Italy. Carbanak moves to new targets. Security policy in Germany and the US. A guilty plea in the TalkTalk hack. Nov 16, 2016 Listen Download
Daily: It walks, it talks, it reports to Shanghai. Locky takes a run at US Army Cyber Command. CrySis decrypted. SpamTorte 2.0 is out. Adults should be warned off by "adult." Nov 15, 2016 Listen Download
Daily: Russian banks suffer IoT botnet DDoS. Fancy Bear's still phishing. Lessons from Tesco fraud. Third-party risk hits Michael Page. Casino Rama data breach. Adult website loses data for 339 million accounts. FTC litigation. Moscow anti-trust case. Nov 14, 2016 Listen Download
Daily: Yahoo! warns Verizon deal may be at risk. More OPM-themed ransomware phishing. Cyber policy advice for, and speculation about, the next US Administration. Nov 10, 2016 Listen Download
US elections proceeded undisrupted by hacking. Patch Tuesday review. Banking Trojans, Android trigger-malware, and thermostats gone wild. Nov 9, 2016 Listen Download
Daily: Election Day cyber updates. Mirai goes to pieces. Five Eyes and Europol take down dark web souks. Turkey and clamps down on their Internet. Nov 8, 2016 Listen Download
Daily: Election Eve cyber threat roundup. Retail bank Tesco stops online banking after wave of fraud. Nov 7, 2016 Listen Download
Mirai, "Botnet #14," hits Liberian networks. Anonymous doesn't much care for either jihad or the Man. A new security company forms with acquisition of Cryptzone, Catbird, Easy Solutions, and Brainspace. Election hacking updates. Nov 4, 2016 Listen Download
Daily: Sources say FBI is confident foreign intelligence services penetrated former Secretary of State's private email server. WikiLeaks says it's not a Russian tool. Notes on industry; notes on cybercrime. Nov 3, 2016 Listen Download
Daily: To disclose or not to disclose…in public. A look into the dark web. Chrome and Firefox disallow shaky certificates. Anonymous gets an incomplete. The Shadow Brokers are still after the Wealthy Elite. Nov 2, 2016 Listen Download
Daily: The Shadow Brokers say trick or treat to the Amerikanski. Are free elections like free beer? Google wants faster patching. The state of Mirai. Nov 1, 2016 Listen Download
Daily: Halloween special: mummies, lycanthropes, vampires, villagers with pitchforks, and virtual stakes through virtual hearts. Oct 31, 2016 Listen Download
Daily & Week in Review: Not all experts agree you should resign yourself to being hacked. The state of fraud, 2016. Ransomware and DDoS updates. The Kremlin gets doxed. Oct 28, 2016 Listen Download
Special Edition: Exploring Cyber Security Education Oct 28, 2016 Listen Download
Daily: DDoS concerns mount—not just Mirai botnets, but LDAP exploitation. Ukrainian hacktivists release emails they say belong to one of Putin's closest advisors. (Moscow says they're fake. Moscow's on its own.) Oct 27, 2016 Listen Download
Daily: Youth and cyber make a bad-news-good-news story (it's complicated). Mirai DDoS may be the work of skids. ISIS adjusts its messaging. Oct 26, 2016 Listen Download
Daily: The Mirai botnet DDoS attack, its consequences and attribution, with commentary from various observers. Oct 25, 2016 Listen Download
Daily: Recovering from Friday's IoT-botnet driven Internet outages. Industry notes and news of cyber conflict in East Asia and the Middle East. And US-Russian tension in cyberspace remains high. Oct 24, 2016 Listen Download
Daily & Week in Review: Bear again, and WikiLeaks (also again). Chinese hackers return, now after infrastructure companies. Debit card hacking epidemic in India. Oct 21, 2016 Listen Download
Daily: CyberMaryland updates. Great power cyber conflict (and organized cyber crime on the side). Vote hacking, agents of influence, and information operations. IoT botnets continue to romp. Oct 20, 2016 Listen Download
Daily: Blockchains at a brewery. Ecuador says it cut Assange's Internet connection. US retaliation against Russian cyber ops may aim at embarrassment. Ransomware in London's City. Oct 19, 2016 Listen Download
Daily: Assange still has asylum, but not so much connectivity. RT's banking woes. US-Russian cyber relations continue to worsen. General (ret.) Cartwright pleads guilty to lying about Stuxnet leaks. Email server controversy gutters on. Oct 18, 2016 Listen Download
Daily: Pakistan phishes Indian Army. US election hacks continue as the US investigates and mulls its response. New ransomware strains. More IoT botnet infestations. ISIS struggles to explain loss of Dabiq. Oct 17, 2016 Listen Download
Daily & Week in Review: Political hacks: email, Twitter, and iCloud. Calls mount for tough US response to Russian cyber operations. Two Android vulnerabilities and one threat revealed. Verizon calls Yahoo! breach "material." Oct 14, 2016 Listen Download
Daily: Patriotic hacktivism in South Asia? US, Russia cyber stare-down continues. IoT devices exploited as proxies. Cyber sector sees market volatility. Cartels launder money through games. Oct 13, 2016 Listen Download
Daily: Australia confirms foreign intelligence service hacked Bureau of Meteorology. TV5Monde and its false-flag hack. Trojan hitting SWIFT. Patch Tuesday notes. US-Russian cyber showdown. Oct 12, 2016 Listen Download
Daily: US attributes DNC hacking to Russian government, promises to protect itself. Russia dismisses attribution as "rubbish." WikiLeaks posts Clinton campaign emails. Oct 11, 2016 Listen Download
Daily & Week in Review: Skepticism concerning Guccifer 2.0's claimed hack of the Clinton Foundation. NSA contractor arrest. Mirai botnet exploits. Security fatigue. Oct 7, 2016 Listen Download
Daily: NSA contract worker arrested with classified material. TalkTalk gets a record data breach fine. Yahoo! surveillance story's still murky. Thoughts from AUSA on cyber innovation and information warfare. Oct 6, 2016 Listen Download
Daily: Guccifer 2.0 claims (to general skepticism) a Clinton Foundation hack. Information operations versus voting. Yahoo! and surveillance of customers. Insulin pump vulnerability reported. Oct 5, 2016 Listen Download
Daily: AUSA update. Mirai botnet shows risks of default IoT passwords. US-Russian tensions rise over imposition of costs. Oct 4, 2016 Listen Download
Daily: Hackers said to "probe" US voting systems. IoT botnet source code released. "DressCode" malware afflicts Android devices. Industry notes. SEC urged to make an example of Yahoo! Oct 3, 2016 Listen Download
Daily & Week in Review: Election hacking, journalist hacking, and the rise of TbpS DDoS. More reflections on the Yahoo! breach. Ransomware and other forms of extortion. Sep 30, 2016 Listen Download
Daily: Yahoo! hackers seem to have been crooks (who sold to other crooks, and to government(s)). Toxic data and credential problems. Election hacking. Sep 29, 2016 Listen Download
Daily: Alleged Russian hacking & info ops, under investigation by US. IoT botnets continue to exact a DDoS toll. Yahoo! security practices. Sep 28, 2016 Listen Download
Daily: Yahoo!'s Verizon deal still on. Mac trojan hits aerospace. Facebook poked by German privacy laws. Sep 27, 2016 Listen Download
Daily: Yahoo! breach fallout, Krebs back online, election hack concerns. Sep 26, 2016 Listen Download
Daily & Week in Review: Yahoo! breach, infected torrents, insider threats. Sep 23, 2016 Listen Download
Daily: Record breaking DDoS, record breaking account info theft. Sep 22, 2016 Listen Download
Daily: Russian hackers hit German targets. New ransomware. DPRK domains revealed. Sep 21, 2016 Listen Download
Daily: FBI hunts Russian bears, election hacking, chat bot warnings. Sep 20, 2016 Listen Download
Daily: New York area bombings, ISIS defacements, Snowden pardon debate. Sep 19, 2016 Listen Download
Daily & Week in Review: VIPs scrub email, cyber war vs cold war, industry news and more. Sep 16, 2016 Listen Download
Daily: Does Fancy Bear care if it's caught? Retaliation, vulnerabilities, litigation, and more. Sep 15, 2016 Listen Download
Daily: Pentesting meets the gig economy. Stingrays, machine learning, and more. Sep 14, 2016 Listen Download
Daily: Lessons from recent incidents. Russia says, it's not us, it's you, and more. Sep 13, 2016 Listen Download
Daily: Zero-days, industry notes, the Intelligence & National Security Summit, and more. Sep 12, 2016 Listen Download
Daily & Week in Review: Malware mines Monero. That sad OPM breach, Crackas cracked, and more. Sep 9, 2016 Listen Download
Daily: US voting security, cyber M&A action, OPM breach post mortem, Pokémon, and more. Sep 8, 2016 Listen Download
Daily: Election hacking (again). Also key sharing risks, and more. Sep 7, 2016 Listen Download
Daily: Slap leather, Vlad. If cyberspace is the "Wild West," here's the best showdown since Blazing Saddles, and more. Sep 6, 2016 Listen Download
Daily & Week in Review: Election hacking, OS X patched, cyber saber-rattling, finding security talent, and more. Sep 2, 2016 Listen Download
Daily: Russia's cyber long game, SWIFT fraud, hack physics (not metaphors), and more. Sep 1, 2016 Listen Download
Daily: The compleat hacker: wading pool, laptop, MiG 21; no hoodie, no problem, and more. Aug 31, 2016 Listen Download
Special Edition: Fundraising and Cyber Startups Aug 31, 2016 Listen Download
Daily: Bug hunters turn shorts. Cyber frame-ups, election fraud, spearphishing, whalephishing, and more. Aug 30, 2016 Listen Download
Daily: Bug bounty? Nah, just short the stock. Pegasus, cyber arms control, and more. Aug 29, 2016 Listen Download
Daily & Week in Review: Sorry, kids, it's back-to-school. What you should know, fellow youths, and more. Aug 26, 2016 Listen Download
Daily: Info ops drive hacks. Cryptowar resurgence in Europe, and more. Aug 25, 2016 Listen Download
Daily: "It walks, it talks, it reports back to Moscow. (Other news, too, gamers.) Aug 24, 2016 Listen Download
Daily: Shadow Brokers: zero-day hoarding (or not) and firewall exploitation. Aug 23, 2016 Listen Download
Daily: Hacking and hybrid warfare. Industry notes (including Wassenaar's next round). Aug 22, 2016 Listen Download
Daily & Week in Review: Hulk smash. Pokemon smish. And more on the Shadow Brokers. Aug 19, 2016 Listen Download
Daily: Who is Boson Spider? Legit zero-days among Shadow Brokers' leaks. Aug 18, 2016 Listen Download
Daily: Shadow Brokers warn 'Wealthy Elite'--new cyber cold war? And cybercrooks are still out there. Aug 17, 2016 Listen Download
Daily: All your attack code are belong us. Guccifer 2.0 suddenly more fluent. Aug 16, 2016 Listen Download
Daily: Cryptocoin for DDoS? ISIS info ops more murderous as territory shrinks. Aug 15, 2016 Listen Download
Daily & Week in Review: FBI has "high confidence" Russians hacked DNC. Olympic hacks, cyber vigilantes, criminal markets. Aug 12, 2016 Listen Download
Daily: Info ops as battlespace prep. It's hard to count Australians. Aug 11, 2016 Listen Download
Daily: Australia's census clogged. Iran ups its offense? Ransomware and file deletion. Aug 10, 2016 Listen Download
Daily: A look back at Vegas. Rio's rogue Wi-Fi. Cyberwar & actual war. Aug 9, 2016 Listen Download
Special Edition: Black Hat, Part 2 - Trends and Insights from Industry Leaders Aug 9, 2016 Listen Download
Daily: DARPA CTF: Mayhem (win), Xandra (place), Mechphish (show). Blame it on Rio. Aug 8, 2016 Listen Download
Daily: Election hacking, layoff rumors, the unbearable lightness of Pokemon. Aug 5, 2016 Listen Download
Special Edition: Black Hat - Cyber Security Trends and Investment Aug 4, 2016 Listen Download
Daily: Black Hat, of course. US election concerns, and more jihadist info ops. Aug 4, 2016 Listen Download
Daily: Black Hat USA, Android upgrades, and mind control (maybe). Aug 3, 2016 Listen Download
Daily: US, Russia trading hacks in cyberspace? Brazilian cybercrime ramps up. Aug 2, 2016 Listen Download
Daily: Election, infrastructure hacks in US, Russia. Advice on Black Hat. Aug 1, 2016 Listen Download
Daily & Week in Review: US sifts ISIS recruiting files. Black market economics. Should leakers curate? Jul 29, 2016 Listen Download
Daily: ISIS doubles down on info ops. Window shopping in crimeware souks. Jul 28, 2016 Listen Download
Daily: DNC hacks, encryption, IoT hacks, and Pokémon. Jul 27, 2016 Listen Download
Daily: Russians interested in US elections? Russia says nyet, but DNC says da. Jul 26, 2016 Listen Download
Daily: ISIS, al Qaeda compete online. WikiLeaks doxes DNC (courtesy FSB, GRU). Jul 25, 2016 Listen Download
Daily & Week in Review: Hacktivists hit Library of Congress, Stingrays and Security Clearances Jul 22, 2016 Listen Download
Daily: DDoSing ISIS. Political hacks. Inspiration is an info op. Jul 21, 2016 Listen Download
Daily: Brazilian, Chinese groups pledge allegiance to ISIS. Turkey's coup aftermath online. Jul 20, 2016 Listen Download
Daily: Influence online, from jihad to kawaii. Cybercrime. Industry updates. Jul 19, 2016 Listen Download
Special Edition: Quantifying Cyber Risk Jul 19, 2016 Listen Download
Daily: Dark web observations on coups and lists. Pokémon Go and the madness of crowds. Jul 18, 2016 Listen Download
Daily & Week in Review: Pokémon Go's astonishing success. (And attack surface?) Crime, folly, the punishment thereof. Jul 15, 2016 Listen Download
Daily: Slinging cyber lingo. Bad robots. Pokémon Go's long march. Jul 14, 2016 Listen Download
Daily: Patch Tuesday notes. Pokémon Go (of course), ICS security, energy recon, fansmitters. Jul 13, 2016 Listen Download
Daily: Medical device, record hacks. (Un)welcome new ransomware: Alfa, Ranscam. ISIS online decline? Jul 12, 2016 Listen Download
Daily: Pokémon Go is out, with troubles in its popular trail. Cybercrime & hacktivist miscellany. Jul 11, 2016 Listen Download
Daily & Week in Review: Classified info--goose sauce, gander sauce. Security industry buoyed by Avast, AVG. Jul 8, 2016 Listen Download
Daily: Blockchains and their uses. Pirrit adware attribution. Avast buys AVG for $1.3B. Jul 7, 2016 Listen Download
Daily: Cybercrime campaigns. States hope ISIS overplayed its violent hand. No indictment of Clinton over email. Jul 6, 2016 Listen Download
Daily: Statecraft, spycraft, & warcraft: inspiration, cells, & espionage. Cybercrime & punishment. Jul 5, 2016 Listen Download
Daily & Week in Review: Conficker worms into medical IoT. Talking key management, DevOps. NERC standards take effect. Jul 1, 2016 Listen Download
Daily: Hacktivism or denial-&-deception? (Smart money's on D&D.) LizardStressor herds CCTV bots. Jun 30, 2016 Listen Download
Daily: Istanbul bombings prompt global intel collection re-look. Cyber threats to transportation. Jun 29, 2016 Listen Download
Daily: Not interested in Fancy Bear? Fancy Bear's interested in you. No dark-grey hats, please. Jun 28, 2016 Listen Download
Daily: Ransomware: MIRCOP, Cerber, CryptXXX, Bart, TeslaCrypt (& the #95 car). Intel selling security unit? Jun 27, 2016 Listen Download
Daily & Week in Review: Brexit beats Bremain. Cyber combat support. The usual ransomware. Jun 24, 2016 Listen Download
Daily: Insecurity cascades from credential breaches, homebrew servers? Cyber casus belli. Waiting for Brexit (or not). Jun 23, 2016 Listen Download
Daily: Android malware circulating in the wild. Did bears find Clinton Foundation servers just right? Help me, ObiWan. Jun 22, 2016 Listen Download
Daily: DNC hack looks like Russia's work, but Guccifer 2.0 still says no. (Nyet?) Jun 21, 2016 Listen Download
Daily: Assange to DNC: buckle up. False flags and acts of war. Blockchain notes. Jun 20, 2016 Listen Download
Daily & Week in Review: Car hacking. Flash Player Patched. DNC hack updates, fighting terror in cyberspace. Jun 17, 2016 Listen Download
Daily: xDedic, Guccifer 2.0...but what really knocks us out is those cheap sunglasses. Jun 16, 2016 Listen Download
Daily: Run DNC has legs. NFL players get social media savvy. Online jihad. More big breaches. Jun 15, 2016 Listen Download
Daily: Run DNC. Online inspiration and the limits of investigation. North Korean cyber ops. Jun 14, 2016 Listen Download
Daily: Jihadists continue online inspiration. India worries about China's cyber activity. Symantec buys Blue Coat, Microsoft LinkedIn. Jun 13, 2016 Listen Download
Daily & Week in Review: Breach reactions. Attention grid substations: squirrels, and snakes, and monkeys, oh my... Jun 10, 2016 Listen Download
Daily: Ransomware spreads (backup or pay up?). Safe travels. FTC, NFL embarrassed. Jun 9, 2016 Listen Download
Daily: US banks warned to get their security act together. Security trends. Jun 8, 2016 Listen Download
Daily: Hybrid SUV proof-of-concept hack. Al Qaeda peeks over Twitter's parapet. Jun 7, 2016 Listen Download
Daily: Sovereign mafia state? Spearphishing with Pay Commission bait. IoT risks. Jun 6, 2016 Listen Download
Daily & Week in Review: Money laundering, cyber fraud, lost laptops, & how cyber criminals get paid. Jun 3, 2016 Listen Download
Daily: A look at markets, legitimate and criminal. ICS proof-of-concept exploit. Jun 2, 2016 Listen Download
Daily: Stealth Falcon, OEM issues, black market trends. Jun 1, 2016 Listen Download
Daily: Social media breach woes, sector analysts & investor sentiment. May 31, 2016 Listen Download
Daily & Week in Review: Crypto wars update, story stocks, AI, encryption, and the usual crime. May 27, 2016 Listen Download
Daily: Ransomware threats. Industry (mostly good) news. US State Department IG reports on email. May 26, 2016 Listen Download
Daily: Ransomware & DDoS combining. Malicious USB chargers. Cyber ops aren't 'bombs? May 25, 2016 Listen Download
Daily: Good guy update: SWIFT. Bad guy update: Turla, CryptXXX, DMA Locker, Flash 0-day... Bonus: Scunthorpe Problem. May 24, 2016 Listen Download
Daily: SWIFT seeks better security, what business wants from (US, UK) government, fast exploits. May 23, 2016 Listen Download
Daily & Week in Review: TeslaCrypt says "sorry, here's the key." 50-cent-ers troll China. May 20, 2016 Listen Download
Daily: Cyber-chumming the Donbas. Cisco surprises (in a good way). May 19, 2016 Listen Download
Daily: LinkedIn may have been breached. Malicious apps, a new Skimmer, and honor among thieves. May 18, 2016 Listen Download
Daily: Current exploits and bugs, fraught China-US cyber relations, and industry notes. May 17, 2016 Listen Download
Daily: Social media collection suggests ISIS in trouble. Russian government cyber activities. US VA wants dark web help. May 16, 2016 Listen Download
Daily & Week in Review: Android issues, SWIFT hacks, the cyber security marketplace. May 13, 2016 Listen Download
Daily: US-CERT warns of SAP issues. Business disruption big criminal business. A talk with IBM about Watson. May 12, 2016 Listen Download
Daily: Reports of venture capital's death seem much exaggerated. Quantum technology, adapted to the meanest understanding. May 11, 2016 Listen Download
Daily: Ransomware evolves (and gets brutal). Dataminr blocks IC--bad Gov-industry blood? May 10, 2016 Listen Download
Daily: Panama Papers updates, info ops, pro- & anti-ISIS, market jitters. May 9, 2016 Listen Download
Daily & Week in Review: Responsible disclosure & why the cool miscreants are on Twitter. May 6, 2016 Listen Download
Daily: World Password Day, OpIcarus May 5, 2016 Listen Download
Daily: Hey, padawans: Supreme Leader Snope hints he's got your back! May 4, 2016 Listen Download
Daily: Anonymous hits Bank of Greece. I am Satoshi! May 3, 2016 Listen Download
Daily: DPRK jamming prompts search for GPS alternative. Satoshi, is that you? May 2, 2016 Listen Download
Daily & Week in Review: Backdoors or legit apps? Serpents in walled gardens. Verizon's Data Breach Report. Apr 29, 2016 Listen Download
Daily: Malware found in nuclear plant. Threat actors tracked in Asia. And who's Aquaman? Apr 28, 2016 Listen Download
Daily: Paranoia -as-a-service? Cyber con jobs. Apr 27, 2016 Listen Download
Daily: Snowden advanced crypto by 7 years." Proofread your way to security. Apr 26, 2016 Listen Download
Daily: US cyberwar vs. ISIS. IPO fizzle? (Investors want profit.) Apr 25, 2016 Listen Download
Daily & Week in Review: Voter dbase compromises. How not to sell security. Apr 22, 2016 Listen Download
Daily: Australia's new cyber strategy, Dorkbot's old; CryptXXX is new. Apr 21, 2016 Listen Download
Daily: Industry news, and some plaintiffs may wish to reconsider. Apr 20, 2016 Listen Download
Daily: New ransomware, along with some golden oldies. Quantifying cyber risk. Apr 19, 2016 Listen Download
Daily: Confidence building. Offensive cyber ops. M&A notes. Apr 18, 2016 Listen Download
Daily & Week in Review: Industry notes, including a look at labor markets. Cyber gangland and its neighborhoods. Apr 15, 2016 Listen Download
Daily: Info ops for and against ISIS. Industry notes. Apr 14, 2016 Listen Download
Daily: Dogs still not barking in Panama. (But ransomware bites.) Apr 13, 2016 Listen Download
Daily: State hacking, state messaging. Crimeware evolution. Apr 12, 2016 Listen Download
Daily: Ukraine's PM resigns, in part over Panama Papers controversy. Patch news. Apr 11, 2016 Listen Download
Daily & Week in Review: Anonymous vs. Israel. Panama Papers. The view from Japan. Apr 8, 2016 Listen Download
Special Edition: In Their Own Words — The 2016 Women in Cybersecurity Conference Apr 7, 2016 Listen Download
Daily: Panama Papers, privacy, & financial transparency. MedStar ransomware incident update. Current scams. Apr 7, 2016 Listen Download
Daily: Panama Papers count coup. Trojanized Android apps found. Apr 6, 2016 Listen Download
Daily: Governments nervously investigate Panama Papers. Industry sees layoffs & an IPO. Apr 5, 2016 Listen Download
Daily: MedStar recovers. More on ransomware, and one weird trick to hiding $2B. Apr 4, 2016 Listen Download
Daily & Week in Review: Ransomware, state actors, the current state of the crypto wars. Apr 1, 2016 Listen Download
Daily: DDoS, business email threats remain. How to set up your new machine. Mar 31, 2016 Listen Download
Daily: Hospital hack, ransomware evolution, the FBI, and Scotland Yard. Mar 30, 2016 Listen Download
Daily: Healthcare cyber risks. Jihadi's iPhone accessed. Working with MSSPs. Mar 29, 2016 Listen Download
Daily: Ransomware and hospitals. Why random numbers matter. Stolen certificates. Mar 28, 2016 Listen Download
Week in Review: Inspiring gangsters & cyber riots? Operation Dust Storm. ISIS seeks gangsters; EU seeks intelligence capability. Verizon breached. New ransomware out. Google & Oracle patch. Mar 25, 2016 Listen Download
Daily: ISIS info ops target gangsta demo. Snakes in walled gardens. US indicts Iranians. Mar 25, 2016 Listen Download
Daily: Collection outstrips analysis & dissemination. When an air-gap...isn't. Mar 24, 2016 Listen Download
Daily: Inspiration in info ops. Processing unstructured data. Ethics & standards of care. Mar 23, 2016 Listen Download
Daily: ISIS inspiration, radicalization. FBI says no help needed to crack iPhone. Mar 22, 2016 Listen Download
Daily: Elves vs. trolls in the Baltic. Updates on Bangladesh bank heist, DoJ vs. Apple. Mar 21, 2016 Listen Download
Week in Review: ISIS messaging & countermessaging. Cryptowar updates. Notes on the cyber sector. Mar 18, 2016 Listen Download
Daily: Buhtrap raked in the rubles. Dridex is back. So are Stagefright and Rowhammer. Mar 18, 2016 Listen Download
Daily: Spies & crooks, together again. Artful spearphishers will eventually learn to proofread. Mar 17, 2016 Listen Download
Daily: Crypto wars updates. Iran vs. US in cyberspace. Big Angler malvertising campaign. Mar 16, 2016 Listen Download
Daily: Naming & shaming Iran's hackers? Palo Alto spots "Digital Quartermaster." Team Apple bigger than Team DoJ. Mar 15, 2016 Listen Download
Daily: ISIS security breaches threaten narrative. Cyber industry issues. Updates on the crypto wars. Mar 14, 2016 Listen Download
Week in Review: Apple vs DOJ heats up. Ransomware and DDoS. Patching gets out of hand? Mar 11, 2016 Listen Download
Daily: US to indict Iranians for Rye hack? ISIS loses HR records. Apple vs. FBI gets nastier. Mar 11, 2016 Listen Download
RSA Special: Trade and Investment Mar 10, 2016 Listen Download
Daily: ISIS rival in Syria. OnionDog hits Korea. Ransomware and DDoS. Remorse in Manitoba. Mar 10, 2016 Listen Download
RSA Special: Emerging Technologies Mar 10, 2016 Listen Download
Daily: DPRK attempt on RoK rail ICS? Ransomware updates. US tax season cyber issues. Mar 9, 2016 Listen Download
RSA Special: Threat Intelligence Mar 8, 2016 Listen Download
Daily: RSA retrospective. RoK accuses DPRK of hacking. KeRanger updates. Cyberwar investments. Mar 8, 2016 Listen Download
Daily: Looking back at RSA. "Transparent Tribe" and "Pawn Storm" expand target sets. Mac ransomware found, blocked. Apple's amici. Mar 7, 2016 Listen Download
Week in Review: RSA wraps up. Much debate over Apple vs FBI. US DoD steps up offensive against ISIS. Angler still out there. Mar 5, 2016 Listen Download
Daily: RSA wraps up. Naikon disappears, BlackEnergy is scrutinized, and mobile threats get sophisticated. Mar 4, 2016 Listen Download
Daily: RSA update - SecDef sounds libertarian? Ashley Madison extortion. DROWN update. More on Ukraine grid hack. Mar 3, 2016 Listen Download
Daily: RSA updates. DROWN SSL vulnerability. Apple vs. DoJ. Mar 2, 2016 Listen Download
Daily: RSA updates. US opens anti-ISIS cyber offensive. Industry consolidation? Mar 2, 2016 Listen Download
Daily: Norway reports Chinese cyber espionage. Hospital ransomware. Carding black market. RSA update. Feb 29, 2016 Listen Download
Week in Review: Utilities advised to isolate control systems. Crimeware industrialized. Operation Blockbuster. Operation Dust Storm. US Gov looks to foster cyber exports. Apple vs FBI. Feb 26, 2016 Listen Download
Daily: US Govt on Ukraine grid hack. ISIS threatens social media hacks. Ransomware rising. "Government OS." Feb 26, 2016 Listen Download
Daily: Hacktivism vs. Italy & the UN. Ransomware update. Report on healthcare's cyber threat model. Apple takes the 5th? Feb 25, 2016 Listen Download
Daily: Operation Dust Storm vs Japan. Operation Blockbuster vs. The Lazarus Group. Venture capital gets tight. Feb 24, 2016 Listen Download
Daily: Anonymous hits Belgium & Cincinnati. Twitter vs. jihad? MouseJack. Apple, FBI dispute updates. Feb 23, 2016 Listen Download
Daily: Russian cyber ops in Syria. Ransomware evolutions. Apple vs. the US Justice Department. Feb 22, 2016 Listen Download
Week-in-Review: Apple hangs tough. Ransomware gets paid. Online bomb threats. Ukraine's grid hack. US asks Hollywood for anti-ISIS help. Feb 19, 2016 Listen Download
Daily: DDoS by pingback. Twitter flaw patched. Security system flaws. Apple vs. FBI, continued. Feb 19, 2016 Listen Download
Dridex, Locky, PadCrypt, and extortion. Hollywood vs. ISIS? ISIS vs. ISIS? Apple vs. FBI. Feb 18, 2016 Listen Download
Dridex & Locky, macro-spread malware. Apple, FBI, spar in & out of court. Dark Reading watches 20 startups. Feb 17, 2016 Listen Download
The CyberWire - 2.16.2016 - Daily cyber security news brief. Feb 16, 2016 Listen Download
The CyberWire Week in Review 2.12.16 Feb 12, 2016 Listen Download
The CyberWire Daily Podcast 2.12.16 Feb 12, 2016 Listen Download
The CyberWire Daily Podcast 2.11.16 Feb 11, 2016 Listen Download
The CyberWire Daily Podcast 2.10.16 Feb 10, 2016 Listen Download
The CyberWire Daily Podcast 2.9.16 Feb 8, 2016 Listen Download
The CyberWire Daily Podcast 2.8.16 Feb 8, 2016 Listen Download
The CyberWire Week in Review 2.5.16 Feb 5, 2016 Listen Download
The CyberWire Daily Podcast 2.5.16 Feb 5, 2016 Listen Download
The CyberWire Daily Podcast 2.4.16 Feb 4, 2016 Listen Download
The CyberWire 2.3.16 Feb 3, 2016 Listen Download
The CyberWire 2.2.16 Feb 2, 2016 Listen Download
The CyberWire 2.1.16 Feb 1, 2016 Listen Download
The CyberWire Week in Review 1.29.16 Jan 29, 2016 Listen Download
The CyberWire 1.29.16 Jan 29, 2016 Listen Download
The CyberWire 1.28.16 Jan 28, 2016 Listen Download
The CyberWire 1.27.16 Jan 27, 2016 Listen Download
The CyberWire 1.26.16 Jan 26, 2016 Listen Download
The CyberWire 1.25.16 Jan 25, 2016 Listen Download
The CyberWire Week in Review 1.22.16 Jan 22, 2016 Listen Download
The CyberWire 1.22.16 Jan 22, 2016 Listen Download
The CyberWire 1.21.16 Jan 21, 2016 Listen Download
The CyberWire 1.20.16 Jan 20, 2016 Listen Download
The CyberWire 1.19.16 Jan 19, 2016 Listen Download
The CyberWire Week in Review 1.15.16 Jan 15, 2016 Listen Download
The CyberWire 1.15.16 Jan 15, 2016 Listen Download
The CyberWire 1.14.16 Jan 14, 2016 Listen Download
The CyberWire 1.13.16 Jan 13, 2016 Listen Download
The CyberWire 1.12.16 Jan 12, 2016 Listen Download
The CyberWire 1.11.16 Jan 11, 2016 Listen Download
The CyberWire Week in Review 1.8.16 Jan 8, 2016 Listen Download
The CyberWire 1.8.16 Jan 8, 2016 Listen Download
The CyberWire 1.7.16 Jan 7, 2016 Listen Download
The CyberWire 1.6.16 Jan 6, 2016 Listen Download
The CyberWire 1.5.16 Jan 5, 2016 Listen Download
The CyberWire 1.4.16 Jan 4, 2016 Listen Download
The CyberWire Week in Review 12.30.15 Dec 30, 2015 Listen Download
The CyberWire 12.30.15 Dec 30, 2015 Listen Download
The CyberWire 12.29.15 Dec 29, 2015 Listen Download
The CyberWire 12.28.15 Dec 28, 2015 Listen Download
The CyberWire Week in Review 12.23.15 Dec 23, 2015 Listen Download
The CyberWire 12.23.15 Dec 23, 2015 Listen Download
The CyberWire 12.22.15 Dec 22, 2015 Listen Download
The CyberWire 12.21.15 Dec 21, 2015 Listen Download

Comments (0)

Please login to comment.

Sign in

Don't have an account yet?

Sign up