))
Deception, influence, and social engineering in the world of cyber crime.
The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
A fun and informative cybersecurity audio glossary from the CyberWire.
A weekly conversation on cybersecurity law and policy, surveillance and digital privacy. Hosted by the CyberWire's Dave Bittner and Ben Yelin from the University of Maryland Center for Health and Homeland Security. They break down important current legal cases, policy battles, and regulatory matters along with the news headlines that matter most. It’s not just a podcast for lawyers and policymakers; security professionals, businesses, and anyone concerned about privacy and security in the di ...
Readings from the dark underworld of cybercrime and espionage, recalled to life, reinterpreted, and reimagined for the benefit of the infosec literati. Oh, and it’s also just play and parody from the ever-restless imaginations of the CyberWire editorial team.
C
Caveat
1
The tools have changed, but the tactics have remained basically the same.
44:33
44:33
+
Play later
Play later
+
Lists
Like
Liked
44:33
Dave a story about the US Department of Justice bringing antitrust charges against Google, Ben looks at the increased use of phone cracking tools by law enforcement, and later in the show, Dave talks with Morgan Wright, chief security advisor at SentinelOne, former Senior Law Enforcement Advisor for the 2012 Republican National Convention and Senio…
T
The CyberWire Daily
1
Election phishing, without hook, but with line and sinker? Data breaches, and the importance of prompt disclosure. Misplaced hacktivist sympathy.
25:05
25:05
+
Play later
Play later
+
Lists
Like
Liked
25:05
EI-ISAC reports a curious election-related phishing campaign, widespread, but indifferently coordinated and without an obvious motive. Nitro discloses a “low impact security incident.” A breach at a law firm affects current and former Googlers. Finnish psychological clinic Vastaamo dismisses its CEO for not disclosing a breach promptly. Ben Yelin l…
A word, phrase, or sentence formed from another by rearranging its letters. For example, cracking a columnar transposition cipher by hand involves looking for anagrams.By CyberWire Inc.
A probability simulation technique used to understand the impact of risk and uncertainty in complex problems.By CyberWire, Inc.
T
The CyberWire Daily
1
Russian research institute sanctioned for its role in Triton/Trisis. Coordinated inauthenticity in Myanmar. Clean Network program update. Major data breach in Finland.
26:21
26:21
+
Play later
Play later
+
Lists
Like
Liked
26:21
The US Treasury Department sanctions a Russian research institute for its role in the Triton/Trisis ICS malware attacks. Coordinated inauthenticity with a commercial as well as a political purpose. The Clean Network project gains ground in Central and Eastern Europe. Rob Lee from Dragos on insights on the recent DOJ indictments of Russians allegedl…
T
The CyberWire Daily
1
Sal Aurigemma: How things work. [Education] [Career Notes]
7:17
7:17
+
Play later
Play later
+
Lists
Like
Liked
7:17
Associate Professor of Computer Information Systems at the University of Tulsa Sal Aurigemma shares how his interest in how things worked shaped his career path in nuclear power and computers, Being introduced to computers in high school and learning about the Chernobyl event led Sal to study nuclear engineering followed by time in the Navy as a su…
T
The CyberWire Daily
1
Just saying there are attacks is not enough. [Research Saturday]
27:53
27:53
+
Play later
Play later
+
Lists
Like
Liked
27:53
Ben-Gurion University researchers have developed a new artificial intelligence technique that will protect medical devices from malicious operating instructions in a cyberattack as well as other human and system errors. Complex medical devices such as CT (computed tomography), MRI (magnetic resonance imaging) and ultrasound machines are controlled …
T
The CyberWire Daily
51
Energetic Bear’s battlespace preparation. Selling voter and consumer personal data. GRU, Qods Force sanctioned. How they knew that Iran dunnit.
25:39
25:39
+
Play later
Play later
+
Lists
Like
Liked
25:39
Energetic Bear is back, and maybe getting ready to go berserk in a network near you, Mr. and Mrs. United States. Someone’s selling publicly available voter and consumer information on the dark web. Sanctions against the GRU for the Bundestag hack. The US sanctions Qods Force and associated organizations for disinformation efforts. Johannes Ullrich …
T
The CyberWire Daily
1
Recent email threats to US voters appear to be an Iranian operation. Notes on cyberespionage and influence operations. Hold the “blatant Russophobia,” TASS?
22:30
22:30
+
Play later
Play later
+
Lists
Like
Liked
22:30
Emailed election threats to US voters are identified as an Iranian influence operation, disruptive, and so more in the Russian style. Both Iran and Russia appear to be preparing direct marketing influence campaigns. Cyber criminals are also exploiting US election news as phishbait. Seedworm is said to be ‘retooling.” Caleb Barlow from Cynergistek o…
H
Hacking Humans
1
What is true and important versus what is the spin.
35:37
35:37
+
Play later
Play later
+
Lists
Like
Liked
35:37
Dave's story is about some cybercriminal gangs that have stolen $22 million from users of the Electrum wallet app, Joe's story talks about a business email compromise scam cost a US company $15 million, The Catch of the Day is a gift card scam that includes references to National Treasure movie, and later in the show, later in the show, Dave's conv…
T
The CyberWire Daily
1
TrickBot’s return is interrupted. Election rumor control. Supply chain security. Securing the Olympics. NSS Labs closes down.
22:45
22:45
+
Play later
Play later
+
Lists
Like
Liked
22:45
TrickBot came back, but so did its nemesis from Redmond--Microsoft and its partners have taken down most of the new infrastructure the gang reestablished. CISA publishes election rumor control. The Cyberspace Solarium Commission has a white paper on supply chain security. Japan says it will take steps to secure next summer’s Olympics. Joe Carrigan …
Ben looks at a case involving mobile device passwords and Miranda rights, Dave has a story about warrants for Google keyword searches. and later in the show Ben speaks with Ben Wright, Professor at SANS Institute on setting performance standards for security and associated liabilities. While this show covers legal topics, and Ben is a lawyer, the v…
T
The CyberWire Daily
1
International cyberespionage: China and Russia versus the Five Eyes and others. Google faces an anti-trust suit. Abandonware.
24:35
24:35
+
Play later
Play later
+
Lists
Like
Liked
24:35
America’s NSA reviews twenty-five vulnerabilities under active exploitation by Chinese intelligence services. The UK’s NCSC accuses the GRU of more international cyberattacks. The US Justice Department brings its long-expected anti-trust suit against Google. Ben Yelin examines overly invasive company Zoom policies. Our guest is Jessica Gulick from …
1. A wireless access point installed by employees in an office or data center environment as a convenience to connectivity without the consent or the knowledge of the network manager. 2. A wireless access point, sometimes called an Evil Twin, installed by a cyber adversary in or near an office or data center environment designed to bypass security …
A software, hardware or hybrid encryption layer between two devices on the network that makes the traffic between the sites opaque to the other devices on the same network.By CyberWire, Inc.
T
The CyberWire Daily
1
Influence operations and cyber probes of presidential campaigns. TrickBot’s recovery. Remote learning woes. Port facilities in Iran reported to have been targeted in cyberattacks.
27:49
27:49
+
Play later
Play later
+
Lists
Like
Liked
27:49
Updates on influence ops and campaign hacking show that the opposition has its troubles, too. TrickBot operators seem to have returned to business. Schools’ remote learning programs are providing attractive targets for cybercriminals. Iranian news outlets say ports were the targets of last week’s cyberattacks. David Dufour explains how phishing cam…
T
The CyberWire Daily
1
Rosa Smothers: Secure the planet. [Career Notes]
6:47
6:47
+
Play later
Play later
+
Lists
Like
Liked
6:47
Senior VP of Cyber Operations at KnowBe4, Rosa Smothers, talks about her career as an early cybersecurity professional in what she describes as the Wild, Wild West to her path through government intelligence work. Rosa shares how she always knew she wanted to be involved with computers and how being a big Star Trek nerd and fan particularly of Spoc…
T
The CyberWire Daily
1
Intentionally not drawing attention. [Research Saturday]
25:54
25:54
+
Play later
Play later
+
Lists
Like
Liked
25:54
Bitdefender researchers recently uncovered a sophisticated APT-style attack targeting an international architectural and video production company. The attack shows signs of industrial espionage, similar to another of Bitdefender’s recent investigations of the StrongPity APT group. The real-estate industry is highly competitive, and information exfi…
T
The CyberWire Daily
1
Misdirection and redirection. Content moderation, influence operations, and Section 230. Money-laundering gang taken down. And no wolves in Nova Scotia.
25:17
25:17
+
Play later
Play later
+
Lists
Like
Liked
25:17
Phishing through redirector domains. Content moderation, influence operations, and Section 230. A Twitter outage is due to an error, not an attack. QQAAZZ money-laundering gang members indicted. Johannes Ullrich tracks Mirai Bots going after Amanda backups. Our guest is Richard Hummel from Netscout with research on cybersecurity trends and forecast…
T
The CyberWire Daily
1
Disinformation, foreign and domestic. Content moderation, always harder than it seems. US Cyber Command’s defend forward doctrine.
25:37
25:37
+
Play later
Play later
+
Lists
Like
Liked
25:37
Tehran says this week’s cyberattacks are under investigation. Silent Librarian returns to campus for academic year 2020-2021. Crooks are posing as nation-state hackers. Domestic disinformation reported in Guinea and Ghana. Disinformation, content moderation, and the difficulties presented by both. US Cyber Command’s forward engagement campaign. Mik…
H
Hacking Humans
1
Use a Dance Dance Revolution floor lock for your data centers.
36:08
36:08
+
Play later
Play later
+
Lists
Like
Liked
36:08
Starting with some listener follow-up on password managers, Joe's story has an angel investor bilking people out of due diligence fees, Dave's story comes from Graham Cluley on a malware campaign talking about details on Donald Trump's COVID-19 status, The Catch of the Day is an animal vaccine phishing scam, and later in the show, we’ve got a speci…
T
The CyberWire Daily
1
Cyber conflict and cyberespionage. Social engineering as a turnstile business. Inside a social engineering campaign. A warning about fraudulent unemployment claims.
23:20
23:20
+
Play later
Play later
+
Lists
Like
Liked
23:20
Reports of cyberattacks against Iranian government and, possibly, economic targets, are circulating, but details are sparse. Norway accuses Russia of hacking parliamentary emails. A cybercriminal gang’s secret is volume. A social engineering campaign singles out victims with US IP addresses. Joe Carrigan on a million dollar REvil recruitment offer.…
Dave has a story about police foundations buying hacking tools for local law enforcement, Ben looks at California’s prop-24 fight over the future of privacy, Dave takes a look at the conclusions of a House report that many of tech’s biggest firms are enjoying unfair monopoly power, and later in the show our conversation with Travis Leblanc from Coo…
T
The CyberWire Daily
1
Suppressing Trickbot: cyber warfare and cyber lawfare. Chaining vulnerabilities. An intergovernmental call for backdoors in the aid of law enforcement.
24:39
24:39
+
Play later
Play later
+
Lists
Like
Liked
24:39
Trickbot gets hit by both US Cyber Command and an industry team led by Microsoft. CISA and the FBI warn that an unnamed threat actor is chaining vulnerabilities, including Zerologon, to gain access to infrastructure and government targets. Ben Yelin shares his thoughts on the US House’s report on monopoly status for some of tech's biggest players. …
W
Word Notes
1
Network Time Protocol (NTP) attack (noun)
6:07
6:07
+
Play later
Play later
+
Lists
Like
Liked
6:07
A reflection or amplification distributed denial-of-service attack in which hackers query Internet network time protocol servers, NTP servers for short, for the correct time, but spoof the destination address of their target victims.By CyberWire, Inc.
A subset of the internet where communications between two parties or client-server transactions are obscured from search engines and surveillance systems by layers of encryption. The U.S. Navy designed the original Darknet by developing The Onion Router network, or TOR, back in the 1990s. Roger Dingledine and Nick Mathewson deployed the first alpha…
Ben describes a decades-long global espionage campaign alleged to have been carried out by the CIA and NSA, Dave shares a story about the feds using cell phone location data for immigration enforcement, and later in the show our conversation with Drew Harwell from the Washington Post on his article on how Colleges are turning students’ phones into …
T
The CyberWire Daily
1
Geoff White: Suddenly all of the pieces start to line up. [Career Notes]
7:31
7:31
+
Play later
Play later
+
Lists
Like
Liked
7:31
Investigative journalist and author Geoff White talks about tracing a line through the dots of his career covering technology. Geoff shares that he has always been "quite geeky," but came to covering technology after several roles in the journalism industry. Newspapers, magazines and television were all media Geoff worked in before covering technol…
T
The CyberWire Daily
1
It's still possible to find ways to break out. [Research Saturday]
20:14
20:14
+
Play later
Play later
+
Lists
Like
Liked
20:14
Containers offer speed, performance, and portability, but do they actually contain? While they try their best, the shared kernel is a disturbing attack surface: a mere kernel vulnerability may allow containerized processes to escape and compromise the host. This issue prompted a new wave of sandboxing tools that use either unikernels, lightweight V…
