TitleDate
Huawei and the Five Eyes. Report on Russian trolling finds fluency in American. Boomstortion scammers turn to new threats. PewDiePie followers hack printers, again. Dec 17, 2018 Listen
The Sony hack and the perils of attribution — Research SaturdayDec 15, 2018 Listen
False flags and real flags. ISIS claims the Strasbourg killer as one of its soldiers. A bogus bomb threat circulates by email.Dec 14, 2018 Listen
Shamoon variant implicated in Saipem hack. Charming Kitten reappears. Sino-American tension over trade and industrial espionage. Dec 13, 2018 Listen
Operation Sharpshooter. Meng makes bail. Sino-American cyber tensions. Leadership crises in the UK and France. Congress doesn’t lay a glove on Google. 2018’s bad password practices. Dec 12, 2018 Listen
Audit finds no Chinese spy chips on motherboards. Huawei CFO hearings continue in Vancouver. Oilfield services firm’s servers attacked. Spyware and adware. Congressional hearings, reports.Dec 11, 2018 Listen
A bail hearing in Vancouver. The prospect of indictments in IP theft cases. Kubernetes vulnerabilities. Russia and Ukraine swap hacks? An advance fee scam asks for help getting out of jail.Dec 10, 2018 Listen
Operation Red Signature targets South Korean supply chain — Research SaturdayDec 08, 2018 Listen
Huawei legal and security updates. A shift to personalized spam in attacks on retailers. “Hollywood hacks” in Eastern European banks.Dec 07, 2018 Listen
Huawei CFO arrested in Canada, faces extradition to US. Anonymous claims that Chinese intelligence hacked Marriott. Russian hospital phished. SamSam indictments, warnings. Facebook agonistes.Dec 06, 2018 Listen
DDoS and BEC risks rising. Ukraine says it stopped Russian cyber campaign. EU looks to stopping disinformation. NRCC email compromise. Facebook emails released by Parliament. Dec 05, 2018 Listen
Fancy Bear in Czech government systems. Watering hole attacks. Quora breached. Marriott breach follow-up. Kubernetes privilege escalation flaw. Scams kicked out of Apple’s App Store.Dec 04, 2018 Listen
US Defense Department and UK’s MI6 aren’t buying Russian honey over cyber operations. Iranian influence operations. Marriott breach fallout. Court upholds Kaspersky ban. Ransom and sanctions.Dec 03, 2018 Listen
Settling in with GDPR — CyberWire-XDec 03, 2018 Listen
Getting an education on Cobalt Dickens — Research SaturdayDec 01, 2018 Listen
Marriott suffers data breach. Dunkin Donuts credential stuffing attack. Urban Massage database exposed, unsecured. Fancy Bear paws at German government targets. SamSam cost. Nov 30, 2018 Listen
Reconnaissance and degradation. Hybrid war in Eastern Europe and Southwest Asia. Eternal Silence infects unpatched systems. Dell customers reset passwords. SamSam indictments.Nov 29, 2018 Listen
DNSpionage. Cobalt Dickens’ unwelcome return. iOS spyware may be more widespread than believed. Governments move toward content moderation. Small towns, big problems.Nov 28, 2018 Listen
Rotexy Trojan gets worse. Bad apps in Google Play. Backdoor for crypto-wallets. Facebook goes before Parliament. Pegasus spyware versus journalists. Russian hybrid war. Too-smart devices. Nov 27, 2018 Listen
A quick look at the state of spam. Phishing for power grids. Industrial espionage. Free and command economy versions of social control. Lessons from JTF Ares.Nov 26, 2018 Listen
Perils of paycards, as Cyber Weekend approacheth. Tessa88 is identified. Many more people than before have now heard of High Tail Hall.Nov 21, 2018 Listen
Nation-state cyber campaigns: North Korean, Iranian, Russian, and unknown. Social media outages.Nov 20, 2018 Listen
CISA is now officially an agency. Cozy Bear is back. Gmail spoofing issue opens social engineering possibilities. Speculation about “cyber 9/11s.” Nov 19, 2018 Listen
Doubling down on Cobalt Group activity — Research SaturdayNov 17, 2018 Listen
GPS jamming. Bank phishing. Exposed server. Censorship, East, West, and South. Is there a sealed indictment of Julian Assange?Nov 16, 2018 Listen
RATs and the long game. New ransomware, Learning from other espionage services. Advance-fee scams continue to infest Twitter. Fancy Bear says it can’t be sued. Nov 15, 2018 Listen
When BGP hijacking isn’t hijacking at all. The White Company’s Operation Shaheen. SWAuTistic pleads guilty. NPPD will become CISA. Nov 14, 2018 Listen
GPS jamming. Jihadist account hijacking. ISIS on Wickr? Magecart exposed. Cathay Pacific breach. Paris Call for Trust and Security in Cyberspace.Nov 13, 2018 Listen
Regulation in the U.S. — CyberWire XNov 13, 2018 Listen
Establishing international norms in cyberspace — Research SaturdayNov 10, 2018 Listen
Critical infrastructure resiliency. Lazarus Group’s FASTcash robberies. China’s ongoing industrial espionage. Trolls aside, Russian observers think the US elections were A-OK.Nov 09, 2018 Listen
Post hack ergo propter hack: DHS calls Russian claims “noisy garbage.” Responsible and irresponsible disclosure. FCC wants an end to robocalls. USPS Informed Delivery abused. Post Canada—whoa. Nov 08, 2018 Listen
A quick look back at the US midterms, and the cyber Pearl Harbor that wasn’t. Update Apache Struts. Smishing with the Play Store. Another advance fee scam.Nov 07, 2018 Listen
Iran complains, threatens, and spies. Election Day cybersecurity notes.Nov 06, 2018 Listen
US midterm election cybersecurity updates. PortSmash side-channel proof-of-concept. Botnets compete to cryptojack Android devices. And will the GRU get its "R" back?Nov 05, 2018 Listen
Election protection — Research SaturdayNov 03, 2018 Listen
Cyber Sitzkrieg. Waiting for the Bears to show up (and ready to set the Dogs on them). Facebook private messages for sale.Nov 02, 2018 Listen
Wi-Fi access point zero-day reported. US Cyber Command on the offensive. Transparency is tougher than it looks. GandCrab not paying out as much—good. PIPEDA takes effect. Soulmate spyware.Nov 01, 2018 Listen
Influence operations, and advice on recognizing them. Ransomware updates. US indicts Chinese nationals for industrial espionage. An object lesson from the US Geological Survey.Oct 31, 2018 Listen
The Malware MashOct 31, 2018 Listen
This cybersecurity stuff is tougher than it looks, US state election officials learn. Saudi surveillance. Espionage in Iran. New attack varieties. Chinese hardware concerns. US sanctions chipmaker.Oct 30, 2018 Listen
Facebook takes down Iranian-run accounts. Criminal investigations look online. IBM to buy Red Hat. Satori is still with us. British Airways and Magecart. Oct 29, 2018 Listen
Faxploitation — Research SaturdayOct 27, 2018 Listen
Airline breach bigger than thought. Securing Mexican financial institutions. Demonbot vs. Hadoop. New decryptor out for GandCrab ransomware. Civilian Cybersecurity Corps? Oct 26, 2018 Listen
Influence operations, da. Direct hacking? Maybe nyet. Chalubo botnet borrows old tricks. Financial sector alert in Mexico. Airline breach disclosed. Lawsuits over privacy. ICS Security notes. Oct 25, 2018 Listen
Trolling the trolls. Triton/Trisis attributed to Russia. Asset management in ICS. Threat intelligence drives threat evolution. Shadow web-apps. Apple likes GDPR, hates the Data-Industrial Complex. Oct 24, 2018 Listen
Influence operations in Brazil and the US. Vulnerabilities disclosed in commonly used software. Healthcare.gov breach. Industrial control system cybersecurity. Oct 23, 2018 Listen
Making the business case for privacy. — Special EditionOct 23, 2018 Listen
Russian indicted in US midterm election influence conspiracy case. Styles and goals of info ops. Cyber deterrence. DPRK petty crime. Alt-coin scammer. Spy chip story remains unconfirmed, unretracted. Oct 22, 2018 Listen
Stormy weather in the Office 365 cloud. — Research SaturdayOct 20, 2018 Listen
Chinese supply-chain hack story gets vanishingly thin. Twitter downs pro-Saudi bots. SEO poisoning. OceanLotus evolves. Ransomware notes.Oct 19, 2018 Listen
Looks like Comment Crew, but probably isn't. Facebook breached by spammers. Twitter's big troll trove. Router issues. Who dunnit to YouTube?Oct 18, 2018 Listen
Meddling with the midterms — Special EditionOct 17, 2018 Listen
Two ways of hacking the vote. BlackEnergy is active in Poland and Ukraine. ISIS and info ops. Hurricane-stressed utility further stressed by ransomware. Silicon Valley governance.Oct 17, 2018 Listen
Facebook in Myanmar. Supply chain seeding attack update. Election hacking. NCSC reports. EU prepares sanctions (Russia feels ill-used).Oct 16, 2018 Listen
Facebook breach details. Privacy issues and an image problem for advocates. Supply-chain-attack skepticism. Info ops, bikers, and deniable paramilitaries.Oct 15, 2018 Listen
Driving GPS manipulation — Research SaturdayOct 13, 2018 Listen
Busy Bears, again. Mixing IT and OT is a risky business. New Android Trojan. Supply chain seeding attack updates. Facebook purges more "inauthentic" accounts. Data privacy. Cyber sanctions.Oct 12, 2018 Listen
Seeding-attack skepticism. MSS officer arrested, will face industrial espionage charges in the US. Russia says again that it didn't hack the OPCW.Oct 11, 2018 Listen
Updates on supply-chain seeding reports. DDoS in Ukraine. GAO reports on US weapon system cyber vulnerabilities. Bugs exploited by Mirai persist. Patch note and toe dialing.Oct 10, 2018 Listen
Update on supply chain seeding reports. GRU comes in for more criticism. UK prepares cyber retaliatory capability. Power grid resilience. Panda Banker. Google's good and bad news.Oct 09, 2018 Listen
Cryptojacking criminal capers continue — Research SaturdayOct 06, 2018 Listen
Reports of Chinese seeding attacks on the supply chain. Five Eyes and other allies push back at Russia's GRU. NPPD to become Cybersecurity and Infrastructure Security AgencyOct 05, 2018 Listen
Bloomberg reports a seeding attack on the supply chain by Chinese intelligence services. GRU is named, shamed, indicted, and expelled.Oct 04, 2018 Listen
Facebook breach updates. Bogus Zoho Office Suite. Brazil's big botnet. Vulnerable router firmware. Patch news. A DGSI officer arrested for dark web collusion with the mob. Bad Fortnite cheats.Oct 03, 2018 Listen
RDP exploitation. More on the Facebook breach. Google and content moderation. Reaper Group stayed busy even after US-DPRK summit. Spyware in Canada. Hacking an airport.Oct 02, 2018 Listen
Facebook agonistes. Election meddling. Livestreamed hack gets cancelled.Oct 01, 2018 Listen
Sophisticated FIN7 criminal group hits payment card data — Research Saturday.Sep 29, 2018 Listen
Facebook discloses a major breach. Botnet brute forcing ransomware. Retail domain typosquatting. ATM wiretapping. Ransomware in San Diego. SEC hits cyber deficiencies. Assange retires?Sep 28, 2018 Listen
Fancy Bear, again and again. QRecorder is a banking Trojan. Authentication issues with Apple's Device Enrollment Program. Notes on regulation. Farewell to a code-breaker.Sep 27, 2018 Listen
Cryptojacking and ransomware news. The black market in zero-days looks like a bear market. Google budges (a little) on Chrome login. Senate hearings on privacy. Political campaign cybersecurity.Sep 26, 2018 Listen
Follow-up to terror attack in Iran. UN data exposure. Kodi and cryptojacking. SHEIN retail breach. Atlanta's ransomware remediation. Payroll phishing. Quantum strategy.Sep 25, 2018 Listen
Terror attack in Iran prompts info skirmishing, and perhaps worse to come. JET bug disclosed. ANSSI open-sources OS. Anglo-American response to Russian cyber ops. Russian elections. Scam notes.Sep 24, 2018 Listen
ICS honeypots attract sophisticated snoops. — Research SaturdaySep 22, 2018 Listen
US National Cyber Strategy. New sanctions. GCHQ beefs up Russia unit. Cryptocurrency heist. Hacking Senatorial Gmail. Crime and punishment.Sep 21, 2018 Listen
Magecart is back. Bad apps booted from Google Play. OilRig taken seriously. Election influence operations. Sending in the National Guard. ICO fines Equifax for last year's breach.Sep 20, 2018 Listen
State Department cybersecurity issues. Iron Group's pseudoransomware. Bristol Airport's deliberate recovery. State of cryptojacking. Facebook offers campaigns help. US cyber strategy. Mirai masters.Sep 19, 2018 Listen
Tracking Pegasus. OilRig spearphishing. IP theft from universities. Peekaboo bug in surveillance cameras. WannaMine won't be EternalBlue's last ride. Preventing data abuse.Sep 18, 2018 Listen
Ransomware and cryptojacking are all the rage. Iran seeks IP, North Korea seeks a quick buck. More on EU content moderation. Alleged Russian hacking of WADA, Spiez Laboratory. Propaganda overreach?Sep 17, 2018 Listen
Android device eavesdropping investigation. — Research SaturdaySep 15, 2018 Listen
Magecart continues its way. Evil cursor attacks. Seasonal trends in Trojans. More Novichok disinformation. Pyongyand denounces a "smear campaign." Wait and see on pipeline fires.Sep 14, 2018 Listen
Domestic Kitten spyware. Crypto wallet shenanigans. Firmware issues enable cold boot attacks. BlueBorne bugs are still out and about. Tech support scams. Election security. Sep 13, 2018 Listen
Executive Order mandates election interference sanctions. British Airways regulatory exposure. Patch Tuesday notes. EU passes copyright law. Russia says no to Novichok. WhatsApp scam. Sep 12, 2018 Listen
Trend Micro answers spying allegations. Magecart blamed for British Airways breach. Tor Browser exploit disclosed. Google vs. the right to be forgotten. Accused JPMorgan hacker extradited. Sep 11, 2018 Listen
Elections and information operations, but not necessarily the elections you expect. Apple purges dodgy security apps. Who are the Silence criminals? BA's breach. Cyber moonshots. Sep 10, 2018 Listen
Leafminer espionage digs the Middle East. — Research SaturdaySep 08, 2018 Listen
Russia does the info ops dance. An indictment of a Lazarus Groupie. FOIA shares too much. British Airways breaches. Silence makes some noise. Notes from the Billington Cybersecurity Summit. Sep 07, 2018 Listen
Cyberwar looms between Russia and the UK. Twitter and Facebook complete testimony, but inquiries continue. Unpatched MikroTik routers exploited. OilRig's new tricks. Sep 06, 2018 Listen
Sleeper malware. Hakai botnet spreads. SamSam is still with us. US DNI warns of election threats. Congressional panels interrogate Facebook and Twitter, but not Google. Sep 05, 2018 Listen
Tracking Stone Panda to the Tianjin Bureau. Ad-fraud and Tokelau. RansomWarrior decrypted. US Congress to grill Facebook, Google, and Twitter. Celebrity scams. Sep 04, 2018 Listen
ATM hacks on the rise. — Research SaturdaySep 01, 2018 Listen
Recruiting spies via LinkedIn. WindShift in the Gulf. GlobeImposter ransomware. Blocking Telegram is harder than it looks. Policy notes from the Five Eyes. Aug 31, 2018 Listen
Twitter bots in Swedish politics. A different approach to influence operations. Hotel guest PII for sale. Medical device vulnerabilities. Charges in the case of the Satori botnet. Aug 30, 2018 Listen
Unpatched Apache Struts installations being exploited in the wild. Windows local privilege escalation flaw. Similarities among spyware. Stalkerware hack. Criminal threats to the grid. Breaches. Aug 29, 2018 Listen
Social media struggle with their social role. Election hacking concerns remain high. Australia's new government shuffles cybersecurity responsibilities. Aug 28, 2018 Listen
Moscow HUMINT drought? Spying on the Patriarch. Ottoman hacktivism. Iranian information operations. ISIS in cyberspace. RtPOS malware discovered. Aug 27, 2018 Listen
Cyber espionage coming from Chinese University. — Research SaturdayAug 25, 2018 Listen
More action against Iranian influence operations. Tehran's cyberespionage against universities. Counter-value targeting in cyber deterrence. Sino-Australian trade war? Law and order. Aug 24, 2018 Listen
If you're running a red team, let someone know it's a drill. Apache patches Struts. Another exposed AWS bucket. Remcos abused by hackers. DPRK goes after Macs. Dark Tequila runs in Mexico. Aug 23, 2018 Listen
Facebook takes down "inauthentic" Russian and Iranian fronts. Twitter blocks Iranian false-flags, and FireEye explains why they think it's Tehran. Triout Android spyware described. Hacking back? Aug 22, 2018 Listen
Fancy Bear bogus sites taken down. Some in the US Congress think they want hack-back laws. Cyber and sanctions. Operation Red Signature. Doxing Chinese Intelligence. Buggy medical devices. Aug 21, 2018 Listen
Beers with Talos — Live from the RiRa at Black HatAug 21, 2018 Listen
DarkHotel is back. So is Necurs, and it's distributing a modular malware dropper. Industrial espionage follows international trade. Election meddling. The use and abuse of data.Aug 20, 2018 Listen
Stealthy ad fraud campaign evades detection. — Research SaturdayAug 18, 2018 Listen
Election risks—hacking and influence. Chinese industrial espionage spike. Misconfigured project management. Necurs appears briefly. Bogus Fortnite downloads. What they heard in the banya. Aug 17, 2018 Listen
Hacking Old Man River. Nation-state cyber conflict: objectives and norms of behavior. Australia's new cyber laws. ATM campaign. Lawsuits, and the Dread Pirate Robert asks for pardon. Aug 16, 2018 Listen
Notes on patching. Foreshadow speculative execution vulnerability. Influence operations. The FBI's new cyber chief. Are stickers a temptation to thieves, hackers, and customs officers? Aug 15, 2018 Listen
Cryptowars notes. DDoS in Finland. Bears aren't under the beds; they're in the routers. Smart city attack surfaces. Sanction notes. Training through puzzle-solving .Aug 14, 2018 Listen
Spyware for states and spouses. Election hacking demos. New ransomware strains, and a clipper for Android. Airline Wi-Fi is not only irritating, but insecure as well. Aug 13, 2018 Listen
Thrip espionage group lives off the land. — Research SaturdayAug 11, 2018 Listen
DPRK RAT in the wild. Vulnerable WPA2 4-way handshake implementations. Black Hat notes. Sanctions and retaliation. RoK to reorganize Cyber Command. PGA and ransomware. Aug 10, 2018 Listen
State-sponsored ransomware campaigns coming? DarkHydrus and Phishery. Hitting ATMs for alt-coin. US sanctions Russia. IBM looks at artificially intelligent malware. Black Hat notes. Aug 09, 2018 Listen
Payment processors probed with BGP exploits for redirection attacks. WhatsApp vulnerable to manipulation? Deterrence and retaliation. Anonymous vs. QAnon. Notes from Black Hat. Aug 08, 2018 Listen
TSMC recovers from WannaCry infection. OpenEMR fixes 30 bugs. UK will ask Russia to extradite two GRU operators for Novichok attacks. Twitterbots flourish. Aug 07, 2018 Listen
More data exposures, from banks and a major CRM provider. Ransomware strikes back. The irresistibility of data. An unhackable wallet gets hacked…maybe. Spreading goodwill through Akido? Aug 06, 2018 Listen
Cortana voice assistant lets you in. — Research SaturdayAug 04, 2018 Listen
Russian threats and threats to Russia. Cryptojacking wave spreads out from Brazil. Recovering from malware in Alaska and Atlanta. Notes on automotive cybersecurity. Aug 03, 2018 Listen
RASPITE noses around the US power grid. Cisco will buy Duo Security. Sandworm afflicts lab investigating Novichok attack. Influence ops can be no-lose proposition.Crytpojacking and malspam. Aug 02, 2018 Listen
Reddit Hacked. Ukrainians nabbed. Facebook boots "inauthentic" accounts for malign influence. Pegasus spyware found in Amnesty phone. Yale's old breach. Google and censorship. Aug 01, 2018 Listen
Data-centric security. — Special EditionAug 01, 2018 Listen
Infrastructure security, especially power, finance, and elections. Preparation pays off. Proofpoint warns of new AZORult malware. Check Point tracks Master134 malvertising. Crime news. Jul 31, 2018 Listen
NetSpectre proof-of-concept. Election hacking, in the US and Australia. Cyber industrial espionage. Cyber threats to power grids. Hacking JPay. Jul 30, 2018 Listen
BabaYaga strangely symbiotic Wordpress malware — Research SaturdayJul 28, 2018 Listen
Fancy Bear sniffs around Senatorial staffs. US NSC considers Russian election interference. Chinese and Iranian cyberespionage. Malware loaders. Smart home bugs. Stealing WiFi. Jul 27, 2018 Listen
LifeLock closes proof-of-concept hole. US-CERT warns of active campaigns against ERP applications. Ad blockers may function as spyware. Parasite HTTP RAT. Underminer EK. NSA's IG scowls. Jul 26, 2018 Listen
Leafminer wants to learn from the best, and that's not good. Shipper hacked. Old malware resurfaces in improved form. Russian grid and election threats. What insurance covers. Jul 25, 2018 Listen
Warnings of Russian cyber threat to power grids. Phishing rises. Patch gets patched. SingHealth breach. Satori botnet. Bluetooth MitM. Evil maids? Jul 24, 2018 Listen
SingHealth breach hits Singapore. Manufacturers afflicted with third-party data exposure. Aspen Security Forum takes cyber threats seriously. Ecuador may withdraw asylum from Assange. Jul 23, 2018 Listen
Measuring the spearphishing threat — Research SaturdayJul 21, 2018 Listen
Cyberespionage and influence operations. Big botnet assembled in less than a day. Monetizing stolen paycards through online games. Amazon nudges developers. Report on Huawei. Phishing notes. Jul 20, 2018 Listen
Fancy Bear's Roman Holiday. RAT phishing in Ukraine. AWS S3 bucket leaks robocaller data. Bug or abuse? NIST to withdraw outdated cybersecurity publications. Content moderation. Jul 19, 2018 Listen
Magnibur ransomware spreads. LabCorp discloses suspicious incident on its networks. Spectre, Meltdown notes. Oracle patches. Helsinki summit backing and filling and backing. Jul 18, 2018 Listen
Trump-Putin summit. East Asian cyberespionage campaigns. Vulnerable DVRs. Concern about census security. Jul 17, 2018 Listen
DNI warns of cyber threats. Russo-US summit. Mueller investigation and indictments. Huawei agonists. Congress reconsiders ZTE reinstatement. Kaspersky receives no emergency ban relief. Jul 16, 2018 Listen
A new approach to mission critical systems — Research SaturdayJul 14, 2018 Listen
Fancy Bear indictments. VPNFilter found in Ukrainian water-treatment chlorine plant. Comment spam. Speculative execution side-channel attacks. MDM exploits in India.Jul 13, 2018 Listen
Timehop refines its breach disclosure. Speculative execution side-channel attacks described. Tech manuals offered for sale on the dark web. Twitter versus bots. Jul 12, 2018 Listen
Ticketmaster paycard breach is part of a very large skimmer campaign. Chinese cyberespionage and censorship. Smartphone privacy issues. Data misuse litigation. Affirming the consequent. Jul 11, 2018 Listen
More Elon Musk impersonators in social media. Cryptocurrency raided. Spearphishing in Palestine. BlackTech espionage group. Apple upgrades. Polar Flow fitness app and oversharing. Jul 10, 2018 Listen
Malware infections down during World Cup matches. UK-Russia tensions. Australian National University hacked. Data breach notes. Calls for cooperation. Tell it to the Marines. Jul 09, 2018 Listen
No Distribute Scanners help sell malwareJul 07, 2018 Listen
When catphishing, it pays to know what bait they'll take. Permission hogs are often misers. Cyber comes to the NTC. Natural intelligence screening for artificial intelligence. The Thermanator. Jul 06, 2018 Listen
Catphish and Charming Kittens. Data-sharing receives more scrutiny. European copyright law won't be fast-tracked. ZTE gets some relief. Juggalos and Juggalettes defeat facial recognition tools. Jul 05, 2018 Listen
Hybrid warfare. Inveterate DDoS against ProtonMail. Security concerns about Chinese companies. Retail breaches. Agencies scrutinize Facebook data abuse. Infrasound weapons? Jul 03, 2018 Listen
Adidas data breach. Facebook on data abuse. Investigation of Exactis data exposure continues. Algonquin College hacked. Tenable's IPO. US-Russia summit will talk election influence ops. Jul 02, 2018 Listen
VPNFilter malware could brick devices worldwide — Research Saturday Jun 30, 2018 Listen
Data breaches and data exposure. Privacy legislation. Improperly collected phone call records destroyed. Jun 29, 2018 Listen
Ukraine accuses Russia of preparing a cyber campaign. China eyes Tibetan diaspora. A decryptor for Thanatos ransomware. Nudging away from privacy. Dark web undercover. Jun 28, 2018 Listen
Separating fools from money. — Hacking HumansJun 28, 2018 Listen
DDoS attack on ProtonMail. Rancor cyberespionage campaign. PythonBot serves ads and a cryptominer. EU joint cyber response unit forming. Arrests in BEC campaign. Reality Winner's plea. Jun 27, 2018 Listen
Romania, UK, warn of Russian cyber ops. International norms of cyber conflict. Bronze Butler's USB drives. Too-smart batteries not smart enough. Industry notes. Game cheater gets jail time. Jun 26, 2018 Listen
Nation-state cyberespionage and cybercrime. Cryptocurrency fraud and theft give alt-coins a rocky ride. Sino-US trade conflict update. GDPR data extortion. Spammy protection racket. Jun 25, 2018 Listen
LG smartphone keyboard vulnerabilities — Research SaturdayJun 23, 2018 Listen
Phishing plays small ball with depressing success. Chinese cyberespionage up. US IC, JCS, worries about innovation. Guilty plea in US espionage case. Ex-Knesset member suspected of spying. Supreme Court decides location privacy case.Jun 22, 2018 Listen
Malicious apps, a clever botnet, and cryptojacking. Patch notes. EU copyright regulations. Congress still doesn't like the cut of ZTE's or Huawei's jib. Tesla sues a former employee. Jun 21, 2018 Listen
Playing on Kindness — Hacking HumansJun 21, 2018 Listen
Satellite communications suffer from Thrip(s). Zacinlo rootkit poses as a VPN. Insecure Firebase apps. EU copyright legislation. Kardon Loader. Bithumb robbed. #Opicarus2018. Bitcoin Baron jailed. Jun 20, 2018 Listen
Charges in Vault 7 case. Olympic Destroyer appears to be back. Liberty Life hack. Does Tesla have a rogue insider? US Senate hits at ZTE. Guilty plea in OPM hack-related fraud. Motive: blackmail. Jun 19, 2018 Listen
Date extortion attempt against Liberty Life. Rex Mundi, Black Hand arrests. Hidden Cobra's back. Clipboard hijacking hits cryptocurrency wallets. ZTE, Huawei security fears. Pulp fiction. Jun 18, 2018 Listen
Cyber bank heists — Research SaturdayJun 16, 2018 Listen
MysteryBot developed from LokiBot. Satan rebranded as DBGer. Snooping on iOS got harder, but maybe not impossible. IG report on the FBI is out, not damning but not good, either. Jun 15, 2018 Listen
Chinese espionage in Central Asia. Dixons Carphone data exposure. Lazy State speculative execution bug. Pyongyang is expected to come roaring back into cyberspace. Unlucky 13. Chinese espionage in Central Asia. Dixons Carphone data exposure. Lazy State spJun 14, 2018 Listen
Hacking Humans — Gaming pro athletes online.Jun 14, 2018 Listen
Cable-tapping for a new century. Lazarus Group update. BabaYaga's cannibalistic malware. Patch Tuesday notes. Cryptojacking. World Cup surveillance. Beware of strangers bearing gifts with USB connections. Jun 13, 2018 Listen
Don't get cozy with Cozy Bear. Code-signing issues stem from muddled documentation. Devices ship with inadvertent backdoor. Matryosha attack. Operation WireWire versus BEC scammers. Jun 12, 2018 Listen
SWIFT fraud (behind a wiper). Coinrail ICO robbery. Chinese espionage. G7 agrees to a coordinated response to hostile cyber operations. Malwaretech faces new charges. Jun 11, 2018 Listen
Winnti Umbrella Chinese threat group — Research SaturdayJun 09, 2018 Listen
Adobe patches a zero-day being exploited in the wild. Chinese cyber espionage, and the risks of data-sharing. Facebook default settings glitch. Industry notes. Jun 08, 2018 Listen
New criminal campaigns out and about. Fancy Bear changes style, but not management. VPNFilter hits more devices. CloudPets overshare, but maybe more benignly than Google and Facebook. Jun 07, 2018 Listen
Hacking Humans — A flood of misinformation and fake newsJun 07, 2018 Listen
Espionage, influence, summits, and elections. What counts as a luxury? An iCloud warrant raises cryptowars speculation. Microsoft's GitHub acquisition. Facebook's coziness with Shanghai? Jun 06, 2018 Listen
DPRK hackers quieter in the run-up to the Kim-Trump summit. Russian EW. Cryptocurrencies and crime. Law firm social engineering. Dodgy World Cup Wi-Fi. Bad AI, a time-traveler's poly. Jun 05, 2018 Listen
Microsoft buys GitHub for $7.5 billion. VPNFilter tries to reconstitute itself. Ransomware and DDoS notes. USA Really seems to be latest in Russian disinformation. Jun 04, 2018 Listen
Islamic State propaganda persistence — Research SaturdayJun 02, 2018 Listen
Lazarus Group updates. Cybercrime's GDP. New Zealand a Chinese espionage target? ZTE and Huawei criticized. BND will continue to monitor Frankfurt hub. Google's knowledge panels. Jun 01, 2018 Listen
Kaspersky loses court challenge to US Government ban. Cryptomix ransomware. US Departments of Commerce, Homeland Security, and Energy plan resiliency. A packrat at CIA? Reboot your routers. May 31, 2018 Listen
Hacking Humans - Social engineering works because we're human.May 31, 2018 Listen
More North Korean malware identified. EOS scanned for misconfigurations by parties unknown. Canadian banks won't pay extortion. Stay away from Joker's Stash. Crime and punishment. May 30, 2018 Listen
Rebooting routers against VPNFilter. Canadian banks compromised? Cobalt gang is back. 51% attacks on blockchains. "Courvoisier" sentenced. NATO looks at Russia's weaponized jokes. May 29, 2018 Listen
UPnProxy infiltrates home routers — Research SaturdayMay 26, 2018 Listen
VPNFilter takedown. Low-cost Android phones with preloaded adware. Alexa's selective attention. BMW patches connected cars. Cryptocurrency crimes. New swatting charges. GDPR is here. May 25, 2018 Listen
VPNFilter and battlespace preparation. XENOTIME may be back, and after industrial systems. GDPR updates. Following Presidential Tweets. May 24, 2018 Listen
Variant 4 and other chipset vulnerabilities. Confucius and Patchwork. Turla goes two-stage. Misconfigured not-for-profit bucket. ZTE's fraying lifeline. Facebook and the EU. Brain Food. May 23, 2018 Listen
Speculative Store Bypass. GPON-based botnet. Customer data exposures. Roaming Mantis gets more capable. Nation-state threats. May 22, 2018 Listen
DPRK's Sun Team works from three apps in Google Play. PII for sale in Zheijiang. SPEI theft. Jihadist content in social media. SEA charges. DDoS-for-hire sentencing. ZipperDown bug. May 21, 2018 Listen
Threat actors hijack Lojack — Research SaturdayMay 19, 2018 Listen
Something Wicked this way comes. Automating wallet pilferage. Office 365 phsihing scams. DPRK hackers remain active. Recognizing alt-coin investment frauds. May 18, 2018 Listen
Competing for terrorist mindshare. ICS threat group update. AnonPlus vandalizes US state sites. GDPR's disclosure timeline. Congressional hearings. DarkOverlord collared. May 17, 2018 Listen
Spyware campaigns: phishing and watering holes. Signal patches (fast). DHS cyber strategy. Russian election hacking. Cyber Investing Summit. Do smart people pick better passwords? May 16, 2018 Listen
Email client vulnerabilities. Sanctions and trade policy. FinFisher in Turkey. myPersonality data scandal. Patch news. High school phishing. May 15, 2018 Listen
Unauthorized banking transfers in Mexico? A lifeline for ZTE. Iranian cyber op-tempo rises. Russian troll farm's ad buys. Reining in apps. Cell tracking. Anonymous is back. May 14, 2018 Listen
Three pillars of Artificial Intelligence — Research SaturdayMay 12, 2018 Listen
Vigilantes and hacktivists. Point-of-sale malware source code leaks. Malicious extensions and apps. US Federal indictments: spying and hacking. Robo-caller gets record fine. May 11, 2018 Listen
Cyber conflict between Iran and the US widely expected. ALLENITE threat group is after US, UK power grids. Jack-in-the-Box vulnerability. Signal's memory. Is ZTE going down? May 10, 2018 Listen
Subborn IoT botnets. Razzle-dazzle HTML phishing lure. Fancy Bear's false flag. Busy Yahoo boys. Crooks turn from Tor to Telegram. Kaspersky and contractors. Patch notes. SB 315 vetoed. May 09, 2018 Listen
Greek and Turkish hacktivists swap defacements. Process Doppelgänging in the wild. GDRP is coming (like winter, for you Game of Thrones fans.) Profiling infosec enthusiasts. May 08, 2018 Listen
2018 RSAC Outlook - Special EditionMay 08, 2018 Listen
Winnti Umbrella covers multiple threat actors. DPRK off-shores cyber ops. ZooPark is in its fourth generation. GPON router bugs exploited in the wild. Russian Twitterbots. Block the EU? May 07, 2018 Listen
BlackTDS and ThreadKit offered in criminal markets — Research SaturdayMay 05, 2018 Listen
In the shredder or off the truck? Battlespace prep for a supply chain campaign? NG-Spectre found in Intel chips. No domain fronting for you. Kitty mines monero. NSA, US Cyber Command under new management. May 04, 2018 Listen
Lojack for Laptops backdoor? World Cup cybersecurity. Schneider Electric patch. Reward points for sale. Medical device vulnerabilities. PPD-20 revision? May 03, 2018 Listen
New nation-state actors in cyberspace. SiliVaccine AV said to incorporate pirated code. Credential stuffing and password reuse. GravityRAT evades sandboxes. GDPR approaches. May 02, 2018 Listen
Payment system hack investigated. Patch weaponization. Medical zero-days for sale. Responsible disclosure. Bad bots attack. Car hacking. Trends in phishbait. May 01, 2018 Listen
Bank hack in Mexico. FacexWorm goes cryptomining. SamSam's volume discount. Influence ops. Researchers confirm that teams use teamwork. Apr 30, 2018 Listen
New MacOS backdoor linked to OceanLotus — Research SaturdayApr 28, 2018 Listen
Crimeware kits, ransomware, and source code breaches. The Internet conduces to organic radicalization. Russia in Finland. Snooper's Charter notes. Crypt armistice or just key escrow? Apr 27, 2018 Listen
Some fix fast, others not at all. Ransomware campaign's demands are non-negotiable (for most victims—Russians get a hometown discount). Content filtering. Jamming in Syria. Apr 26, 2018 Listen
DPRK plays offense and defense. PyRoMine and EternalRomance. Russian disinformation on Syrian massacre. Alt-coin heist may be misdirection. Nakasone confirmed at NSA. Webstresser takedown. Apr 25, 2018 Listen
Ransomware in Ukraine's Energy Ministry. Energetic Bear infrastructure. Anonymous Twitter accounts equal bots? Orangeworm in x-ray, MRI machines. Sanction notes. Election security. Apr 24, 2018 Listen
ISIS coordinates online inspiration campaign with terror attacks. APT10 spearphishing. IE zero day. Twitter won't sell Kaspersky ads. UK sentence in Crackas with Attitude case. Apr 23, 2018 Listen
InnaputRAT exfiltrates victim data — Research SaturdayApr 21, 2018 Listen
RSA wraps up. Staging offensive cyber operations. (Information ops, too.) Business email compromise affects maritime shipping sectors. Sanctions bit Chinese device giants. Apr 20, 2018 Listen
Dispatches from RSA 2018. Russia continues to test the Five Eyes' patience and resolve. Trustjacking, Stresspaint, and an exposed AWS bucket. Apr 19, 2018 Listen
More cyber battlespace preparation. Hacking as the continuation of war by other means. Ongoing social media privacy concerns. Tech glitch extends tax deadline. Notes from RSA. Apr 18, 2018 Listen
Russia versus routers. Desert Scorpion swept out of Google Play. ZTE faces sanctions. RSA notes, and a Sandbox winner. Apr 17, 2018 Listen
Info ops follow airstrikes, to be followed by sanctions. Expect cyberattacks and reprisals, with a chance of kompromat. Apr 16, 2018 Listen
Energetic Dragonfly and DYMALLOY Bear 2.0 — Research SaturdayApr 14, 2018 Listen
Operation Parliament seems to have got what it came for. EITest finally sinkholed. Facebook testimony on Capitol Hill. Estonia reports. Swatting case teaches nothing? Apr 13, 2018 Listen
Zuckerberg testimony. Supply chain cyber threat to satellites. DPRK destructive malware. "Early bird" code injection. GCHQ vs. ISIS. Germany blames compromise on Russia. Salisbury attack update. Apr 12, 2018 Listen
Mark Zuckerberg testifies about Facebook, big data, and influence. Patch Tuesday notes. Deterrence or open conflict in cyberspace? Apr 11, 2018 Listen
Facebook comes to Washington. Research ethics? IoT threats. Switch bug exploited in the wild. Criminal misdirection. Russia and the West, again. And what do cybercriminals earn? Apr 10, 2018 Listen
Hacktivists may be warning Russia and Iran against interfering in US elections. Britain on alert for Russian moves against infrastructure. Facebook preps for Congress. Ransomware updates. Apr 09, 2018 Listen
Crypto crumple zones — Research SaturdayApr 07, 2018 Listen
Multibreach via chat app. OceanLotus notes. Mirai vs. Banks. Energetic Bear vs. Switches. Russia warns Britain against provocation. DataTribe finalists. Apr 06, 2018 Listen
Facebook agonistes. Really agonizing. Ad-supported apps like them some data. Sino-US trade tensions and Chinese cyber espionage. Russian wet work and disinformation. Western reprisals. Apr 05, 2018 Listen
Facebook boots Russian trolls for being trolls. Zuckerberg will testify before Congress. Different continents, different privacy protections. YouTube shootings. Pipeline hacks. Panera Bread's incident response. Apr 04, 2018 Listen
Magento brute-forcing. Android IM spyware. njRAT updated. Panera breach. Pipeline operator hacked. Cyber tensions. Cambridge Analytica named in class action suit. Apr 03, 2018 Listen
Department stores suffer a paycard breach. Atlanta still working on SamSam recovery. Ransomware in India. SWIFT fraud attempt. Facebook's troubles. Kremlin doxed. Reality Winner case update. Apr 02, 2018 Listen
Chasing FlawedAMMYY — Research SaturdayMar 31, 2018 Listen
Under Armour fitness app breached. Warning shot from WannaCry. Lazarus Group update. Aadhaar security questions. Ransomware and city governments. FBI agent charged in leak case. Mar 30, 2018 Listen
Russia retaliates against the US with tit-for-tat PNGs, consular closure. Assange has no more Internet (until he behaves). Fauxpersky and WannaCry seen in the wild. Facebook works on privacy. Mar 29, 2018 Listen
Tensions over Salisbury nerve agent attack remain high. BranchScope raises concerns about side-channel attacks. Facebook data scandal updates. Atlanta and Baltimore recover from hacks. Mar 28, 2018 Listen
Blockchains that bind us — Special EditionMar 28, 2018 Listen
Phishing from the library. Facebook and Cambridge Analytica updates. Bots as propaganda readers. SamSam still plagues Atlanta. Aadhaar leaky? Many nations expel Russian diplomats. Mar 27, 2018 Listen
Persona non grata, Ivan Ivanovich. Grid threat worries. Data scandal updates. Malware notes. Reaction to Iranian indictments. Alleged Carbanak kingpin collared. Mar 26, 2018 Listen
Code comments cause SAML conundrum — Research SaturdayMar 24, 2018 Listen
US indicts Iranian hackers. Guccifer 2.0 is a GRU Bear. Atlanta hit with ransomware. Equifax breach cost consumers plenty. Facebook's troubles persist, as do Cambridge Analytica's. Mar 23, 2018 Listen
Kaspersky burned a JSOC op? Facebook affair: apps, legal fallout, regulatory inspiration, apologies and resolution to sin no more. Tariffs against IP theft. Best Buy shows Huawei the highway. Mar 22, 2018 Listen
Preparing for grid attacks. Notes on breaches, crime, and punishment. And Facebook's no-good, bad, awful week. Mar 21, 2018 Listen
Power grid threats coming through the router. Cambridge Analytica and Facebook face tough questions. Mar 20, 2018 Listen
Power grid hacking fears running high. Social media problems. Election DDoS reported in Russia. FTC and SEC cyber enforcement actions. NSA hoarder case update. Mar 19, 2018 Listen
Cryptojacking injections heat up - Research SaturdayMar 17, 2018 Listen
NATO-Russian cyber tensions high. They're also high between Saudi Arabia and Iran. Updates on AMD vulnerability report. Another exposed AWS S3 bucket? Mar 16, 2018 Listen
Chip vulnerability disclosure controversial. Black market and point-of-sale malware. SEC charges ex-Equifax exec with breach-related insider trading. Tensions over Salisbury nerve agent attack. Mar 15, 2018 Listen
AMD investigates report of processor flaws. A look at OceanLotus. Patch Tuesday. Russo-British tensions high. MuddyWater threatens researchers. Mar 14, 2018 Listen
May hands Putin an ultimatum (and cyber conflict is expected). HenBox spies on Uyghurs. Vixen Panda creeps in UK targets by backdoors. Changes at US State Department, CIA. SINET ITSEF notes. Mar 13, 2018 Listen
Iran grows more capable and assertive in cyberspace. Bots have nothing on humans when it comes to peddling disinformation. Chinese influence ops. Fancy Bear, Slingshot updates. Mar 12, 2018 Listen
Dark Caracal APT steals out of Lebanon — Research SaturdayMar 10, 2018 Listen
Cyber reconnaissance. Vulnerability database misdirection. Cryptoming attempts. New Memcrash DDoS. Policy changes in the US coming as agencies report? Mar 09, 2018 Listen
A Memcrash kill-switch. Shadow Brokers' leaked "Territorial Dispute" tools. Dutch DDoS, Indian hacks. FBI and backdoors. Notes from SINET ITSEF. Mar 08, 2018 Listen
Patchable vulnerabilities in Apache Struts and Exim. CombJack malware. DPRK vs. UN Panel of Experts. Cyberwar and legal limits. Espionage Act prosecution. Infowars turn grimly kinetic. Mar 07, 2018 Listen
Cyber espionage in Central and Eastern Europe. Cyber deterrence. Notes from Matrosskaya Tishina. Exabeam describes what crooks can get from your browser. Mar 06, 2018 Listen
Humanitarian organizations targeted. Memcrash extortion. Spring Break bug. Equifax breach update. Russian influence operations (and American "yelling and hollering"). Mar 05, 2018 Listen
Lebal malware phishes for victims — Research SaturdayMar 03, 2018 Listen
Memcrashing no longer just a theoretical possibility. Fancy Bear's pawprints in German networks and other peoples' embassies. Deterrence in cyberspace. High-profile fraud victims. Mar 02, 2018 Listen
Fancy Bear finds Berlin just right. RedDrop Android blackmail malware. Another AWS S3 exposure. FTC settles; SEC investigates. Blockchain radix malorum? Mar 01, 2018 Listen
Memcrash and amplification attacks. SAML vulnerabilities. Thanatos ransomware. Petya returns (so does Marcher). Deterrence and election security. Feb 28, 2018 Listen
Cryptojacking through an AWS S3 bucket. Threats, risk, and unintentional mistakes. Crime and punishment. Industry notes. Alien hackers? Feb 27, 2018 Listen
Olympic hacking—false flags and attack infrastructure. Cryptojacking. Smartphone security bans. Heraldic animals of hacking. Feb 26, 2018 Listen
Phishing for holiday winnings — Research SaturdayFeb 24, 2018 Listen
Mirai variant establishes proxies. Buggy smart contracts. Banking glitch. Studies from Verizon, Thales. FTC addresses credential stuffing. Feb 23, 2018 Listen
Code signing certificates for sale. Impact of cybercrime on the world economy. Reaper out from under Lazarus's shadow. Catphishing. Cyber intelligence against terror. Ransomware and other hacks. Feb 22, 2018 Listen
SWIFT phishbait. DPRK hacking gets better; GRU hacking looks east. Coldroot RAT. Cryptojacking. Election cybersecurity. Feb 21, 2018 Listen
SWIFT fraud in India. DPRK hacking updates. Notes on Russian influence ops, both indictments and continuing activity. Alleged Florida gunman may have been an Internet known wolf. Feb 20, 2018 Listen
The uncanny HEX men — Research SaturdayFeb 17, 2018 Listen
The complexities of Olympic Destroyer. More blame for Russia in the matter of NotPetya. Congress mulls election security. New York cyber milestone. Ed Snowden as phishbait. Feb 16, 2018 Listen
Olympic Destroyer took its time, compromised the IT supply chain. NotPetya attribution. Coin scams. Coin miners. Botnets old and new. Feb 15, 2018 Listen
Olympic Destroyer updates. Cyber forecasts from the US Intelligence Community. Patch notes. Cryptojacking and coinming. Ad blockers (also an incentive to coin mining). Feb 14, 2018 Listen
Patch Tuesday notes. Skype DLL hijacking vulnerability. Olympic Destroyer malware described. Lazarus Group newly active. BitGrail heist? Cyber Valentine. Feb 13, 2018 Listen
Olympic hacking, cryptojacking and other illicit coin mining. Ransomware updates. The curious case of an alleged kompromat buy. Bots turn to ticket scalping. Feb 12, 2018 Listen
IcedID banking trojan — Research SaturdayFeb 10, 2018 Listen
Trends in phishing. Olympic hacking. Cryptojacking spreads. Litecoin gains black market share. Influence operations. Can Strava be exploited by bicycle thieves? Feb 09, 2018 Listen
Operation Shadow Web rolls up carding gang. Fancy Bear sightings. DPRK buying zero-days? Cryptojacking ICS. Huawei, ZTE get Congressional razzing. Jita scams. Feb 08, 2018 Listen
Dutch DDoS arrest. Pyongyang is interested in cryptocurrency. So is the US SEC (in a different way). Uber explains its breach disclosure. New wrinkle in the "Microsoft" Help Desk scam. Feb 07, 2018 Listen
More Eternal exploits found more troublesome. Cryptominer updates. NIST SP 800-171. Paycard skimmers. Tsunami false alarm. Feb 06, 2018 Listen
DPRK exploiting Flash Player zero-day. ISIS wants hacking help. JenX DDoS, Scrareby ransomware updates. Crime and punishment. Feb 05, 2018 Listen
Advanced adware with nation-state tactics — Research SaturdayFeb 03, 2018 Listen
JenX botnet and DDoS-for-hire. RoK CERT warns of Flash Player zero-day. Cryptocurrency mining and scamming. ICS security trends. Twitter cleared in terror trial. The Nunes Memo is out. Feb 02, 2018 Listen
ISIS war on families. Cryptomining botnets. The weaponization of Spectre and Meltdown. Phishig with bogus emails spoofing Google, Microsoft. Apps that know too much. Feb 01, 2018 Listen
Phishing campaign targets Israeli scientists. Low-level contract phishing in China's hinterlands? Apps with privacy flaws. Cisco patches ASA products. Cryptocurrency speculation and fraud. Jan 31, 2018 Listen
Netherlands financial sector recovers from DDoS. Lizard Squad, Mirai, and coin mining. IOTA wallets emptied. Snooper's Charter loses in court. US House may release surveillance memos. Strava OPSEC. Jan 30, 2018 Listen
Coincheck cryptocurrency heist. ICO phishing. Jackpotting comes to America. Dridex and FriedEx. Transduction attack threat to IoT sensors. Jihadist steganography. Oversharing with Strava? Jan 29, 2018 Listen
Targeting Olympic organizations — Research SaturdayJan 27, 2018 Listen
Lebal's layered approach to infection. Crytominers are becoming a big problem. Tracking influence ops. Dutch intelligence spotted Cozy Bear early. Exploiting password recovery. Jan 26, 2018 Listen
2018 forecast — CyberWire Special EditionJan 26, 2018 Listen
Patriotic hacktivism. HNS botnet spreads P2P. Electron vulnerabilities found, mitigated, Criminals target ICOs. Ransomware-as-a-service. Cryptowars. Fancy Bear doxes luge. Jan 25, 2018 Listen
Satori variants. Hacking in Anatolia. Lazarus Group improves its tradecraft. Tindr vulnerabilties. UK's new office to combat disinformation. Pirated pdfs hold malware. Jan 24, 2018 Listen
ISIS messaging. Intel will roll out new Spectre/Meltdown patches. Identities for sale on the dark web. IDN spoofing. SpriteCoin ransomware, with a malware chaser. Three Sonic games may be trouble. Jan 23, 2018 Listen
Evrial and the Clipboard threat. SamSam ransomware recovery. Olympic hacking? Russian bots. Crime and punishment. Speculated origins of Bitcoin. Jan 22, 2018 Listen
Fancy Bear Duping Doping Domains — Research SaturdayJan 20, 2018 Listen
AllScripts works to remediate ransomware in medical apps. Group 123 hits ROK targets. Triton/Trisis zero-day. Dark Caracal espionage op. Section 702 renewed. GhostTeam ejected from Play Store. Jan 19, 2018 Listen
Big healthcare data breach. False civil defense alerts. Davos will take up cyber next week (among other topics). Exobot on the block. Satori in your wallet? Ponzi scheme or pump-and-dump? Jan 18, 2018 Listen
Section 702 update. Kaspersky reports on Skygofree—dangerous Android spyware. Recorded Future on DPRK spearphishing. Healthcare hacks. Bogus patches. VR game could expose users. Jan 17, 2018 Listen
New Mirai variant forming. Meltdown and Spectre remediation updates. Notes on Russian hacking. Charges in swatting death. Jan 16, 2018 Listen
Shake Your MoneyTaker — Research SaturdayJan 13, 2018 Listen
Spectre and Meltdown patches may be messy, but not as performance-killing as feared. AMT exploit. Mobile ICS apps. Monero mining. Badness in the Play Store. Huawei ban? Droning while drunk. Jan 12, 2018 Listen
Aadhaar updates. Fancy Bear doxes the Olympics. WhatsApp snooping vulnerability discussed. Spectre and Meltdown patching. US House reauthorizes Section 702. Bitcoin isn't Bitcoin Cash. Jan 11, 2018 Listen
Turla returns. Moscow interested in Mexican elections? FakeBank mobile Trojan hits Russian banks. Phishing the Olympics. Patch Tuesday. Bad flashlights, nice doggie. Jan 10, 2018 Listen
Spectre and Meltdown mitigations. Psiphon and Iran's unrest. Olympic phishing. Mobil pop-up redirection. Alt-coin speculation. Jan 09, 2018 Listen
Korean-language phishing targets interest in the Winter Olympics. Unrest continues in Iran. Meltdown and Spectre updates. Aadhaar security. Admiral Rogers will retire this spring from NSA. Jan 08, 2018 Listen
TRISIS Malware: Fail-safe fail — Research SaturdayJan 06, 2018 Listen
Meltdown and Spectre, risks and mitigations. Aadhaar compromised. Blockchain bubbles. Jan 05, 2018 Listen
Meltdown and Spectre arose from engineering for speed—most chips are affected. Bogus security apps kicked out of Google Play. Iran's Internet crackdown. Indications of a guilty plea in NSA leak case. Jan 04, 2018 Listen
Iranian dissent takes to Tor. Iran cracks down on Internet services (and Infy gets busy). Kernel memory issue in Intel processors. macOS bug published. "Trackmageddon." Curating YouTube. Condolences to a SWATTING victim's family. Jan 03, 2018 Listen
ISIS claims responsibility for bombing in Russia. Iranian unrest involves Telegram, Instagram. Proposed FERC reporting standards. YouTube gone bad, and an arrest in a horrific swatting prank. Jan 02, 2018 Listen
Hunting the Sowbug — Research SaturdayDec 30, 2017 Listen
The German Cybersecurity Market with Gerald HahnDec 29, 2017 Listen
The CISO's changing role with Andrew WildDec 28, 2017 Listen
"Hacked Again" author Scott SchoberDec 27, 2017 Listen
Active defense and “hacking back" with Johnathan Braverman from CymmetriaDec 26, 2017 Listen
Keyboys back in town — Research SaturdayDec 23, 2017 Listen
Updates on Triton ICS malware attack. DPRK and WannaCry. Cryptocurrency crime and an alt-coin market correction. Fancy Bear sightings. Dec 22, 2017 Listen
More data found exposed in an AWS S3 bucket. EtherDelta's DNS impersonation issue. DPRK says it doesn't hack. FISA Section 702 nears sunset. Wassenaar updated. Kaspersky says its due process rights have been violated. Dec 21, 2017 Listen
Pyongyang's snarling through cyberspace, and what others are doing about it. Coppersmith espionage campaign in the Middle East. GDPR approaches. Giving your kid a smartphone? Dec 20, 2017 Listen
North Korea officially blamed for WannaCry. US National Security Strategy and cyber. Hex Men are up to no good. Cryptocurrency crimes. Cyberespionage. Misconfigured printers. Bad passwords. Dec 19, 2017 Listen
Zealot and Monero mining. Bitfinex DDoS. Triton/Trisis shows risks of committing safety and control to the same systems. Bitcoin crime. M&A news. Hair of the dog. Dec 18, 2017 Listen
The unique culture of the Middle Eastern and North African underground — Research SaturdayDec 16, 2017 Listen
Internet shut down in Ethiopia. TRITON ICS malware updates. Security products patched. Cryptocurrency capers. Dec 15, 2017 Listen
Hacktivism threatened over embassy move. Significant probe of an industrial plant. That was no BGP error. TV blues. Dec 14, 2017 Listen
A look back at Patch Tuesday. Classic games on Android serve malware. Cryptocurrency speculation. Info ops updates. Phony hitmen. Guilty pleas in Mirai case. Dec 13, 2017 Listen
Catphishing for spies. Banking Trojans. Spider ransomware. CoinHive comes to Starbucks. SEC stops another ICO. BrickerBot retired? Dec 12, 2017 Listen
Al Qaeda tries its hand at inspiration. MoneyTaker cyber bank robbers. Dark web database holds a billion credentials. Bitcoin speculation and Bitcoin fraud. Dec 11, 2017 Listen
Stealthy Zberp Banking Trojan — Research SaturdayDec 09, 2017 Listen
Iranian reconnaissance of critical infrastructure? Leaky banking apps. Microsoft's emergency patch. Ghosts of the Caliphate threaten, but have yet to deliver. New horizons in biometrics. Dec 08, 2017 Listen
Hamas calls for intifada; hacktivism expected. Ethiopian government surveillance ops. Crime and cryptocurrency. Keylogger in the wild. Fixes to MacOS, Android app development tools. Uber hack and bug bounties. Dec 07, 2017 Listen
Satori botnet is awake (and it's not engaged in enlightenment). State-sponsored spyware campaigns. ISIS threatens cyberattacks. Dec 06, 2017 Listen
Andromeda takedown (with an arrest in Belarus). Mirai is back; Reaper still threatens. PayPal phishing. Tech support scam evolves. Cryptowars notes. SEC goes after an ICO. Dec 05, 2017 Listen
Nghia Hoang Pho charged with mishandling classified NSA material. A review of other recent leaks. Kaspersky under fire in the UK. More Uber executives depart. Dec 04, 2017 Listen
Staying ahead of Fast Flux Networks — Research SaturdayDec 02, 2017 Listen
Flynn pleads guilty in Mueller probe. Misconfigured AWS S3 buckets, again. Election trolling and spy versus oligarch. Black Friday fraud down. Crime and punishment. Dec 01, 2017 Listen
Breaches, extortion, and insider threats. Credit bureaus and GDPR. HP addresses spyware allegations. When is a snack bag more than a snack bag? Nov 30, 2017 Listen
Building your cyber security career — CyberWire Special EditionNov 30, 2017 Listen
Another misconfigured AWS S3 bucket, this one with US Army INSCOM files. Apple fixes a major issue in MacOS. Influence ops and autarky. Boyusec disbanded. Nov 29, 2017 Listen
Who's the third man in the Shadow Brokers leaks? ISIS diaspora means more ISIS online. Monero miner identified. Tizi backdoored apps booted from Google Play. Scarab ransomware. M&A notes. Indictments in IP theft. Nov 28, 2017 Listen
Breach disclosure: fast and slow. Mirai's minor comeback. Anti-ISIS Hacktivsts strike Amaq. North Koreans studying blockchain. Alleged Game of Thrones hacker indicted. Nov 27, 2017 Listen
Waiting for Terdot, a sneaky banking Trojan — Research SaturdayNov 25, 2017 Listen
The Right to Be Forgotten with Yale Law School's Tiffany LiNov 22, 2017 Listen
Cyberspace in Peace and War author Martin C. LibickiNov 21, 2017 Listen
PwC Principal Jocelyn Aqua on Earning Consumer Trust and BusinessNov 20, 2017 Listen
Dark Net Pricing with Flashpoint's Liv Rowley — Research SaturdayNov 18, 2017 Listen
AWS S3 misconfigurations. Kaspersky's report on the Equation Group affair. Cybercrime notes. DPRK cyber campaigns. The VEP reviews continue positive. Amazon Key has issues. Nov 17, 2017 Listen
Revisions to the US VEP (and comparisons to China's). DPRK hacking. Laurel mole hunt. BlueBorne is back. Snakes in the Play Store. Can you sound like a child? Nov 16, 2017 Listen
Hidden Cobra's RATs. IoT bugs. Patch Tuesday notes. Backdoored smartphones. Russian trolling, propaganda. DPRK short wave hacked? Nov 15, 2017 Listen
Influence operations in Catalonia? IcedID banking Trojan. The Shadow Brokers: an intelligence service or a bunch of moles? Patch notes. Nov 14, 2017 Listen
Vault 8 and false-flag allegations. Mole hunting. Equifax breach costs. ISIS returns to WordPress defacements. RoK domestic political influence scandal. Nov 13, 2017 Listen
Taiwan Bank Heist and Lazurus Group with BAE's Adrian Nish — Research SaturdayNov 11, 2017 Listen
Macro-less malware. Metacriminals and botnet herders. Hacking ships and airliners. Cryptocurrency glitch. Congratulations to the SINET 16. Nov 09, 2017 Listen
Fancy Bear's new moves. OceanLotus and Sowbug cyber espionage groups active. Notes from CyCon, and a look at industry news. Nov 08, 2017 Listen
Stolen Paradise Papers aren't making people or companies look good. Off-year election security. Trollhunting. Notes on the future of cyber conflict from CyCon 2017. Nov 07, 2017 Listen
The Paradise Papers, tax avoidance, and quiet investments. Kaspersky affair updates. Retaliation against influence operations? Nov 06, 2017 Listen
Exploring Phishing Kits with Duo Security's Jordan Wright — Research SaturdayNov 04, 2017 Listen
BadRabbit misdirection? Fancy Bear's wish list. AWS misconfigurations. Data breach notes. Nov 03, 2017 Listen
The Manhattan terror suspect claims allegiance to ISIS, but ISIS hasn't claimed him. Crimeware notes. Patching news. Crypto wars update. What the Senate learned about info ops. Nov 02, 2017 Listen
Ransomware old and ransomware new, but can you distinguish it from a wiper? Influence operations hearings on Capitol Hill. Nov 01, 2017 Listen
A BadRabbit and Reaper update. EU and cyberwar. DPRK denies WannaCry responsibility. China's cyber espionage shifts. Oracle emergency patch. Buganizer wide open. Influence ops. Heathrow security. Oct 31, 2017 Listen
Reaper looks like a criminal booter on the Chinese black market. BadRabbit shows some moves. Catch-All malicious Chrome extension. Android currency miners in Google Play. Indictments in Russia probe. Oct 30, 2017 Listen
Tracking a Trojan: KHRAT on Research SaturdayOct 28, 2017 Listen
BadRabbit ransomware and Reaper botnet updates. SATCOM bugs. ICS cybersecurity notes. Moscow's free commercial speech piety. Anonymous is back. Oct 27, 2017 Listen
Dogs that haven't barked. Surveillance authority reauthorization advances in the US Senate. Notes on ICS cybersecurity. Oct 26, 2017 Listen
BadRabbit hopping though Eastern and Central Europe, and Southwest Asia. DUHK risks. Kaspersky on how a laptop was backdoored. Notes from Atlanta's ICS Cybersecurity Conference. Oct 25, 2017 Listen
Reaper botnet update, Election hacking in Kenya, Czech Republic. M&A notes. APT28's phishing. Kaspersky's offer of code review. FBI shots in the crypto wars. Oct 24, 2017 Listen
Reaper botnet looming, but not yet landed. CyCon phishing. How to troll for influence. Oct 23, 2017 Listen
WireX BotNet with Justin Paine from Cloudflare — Research SaturdayOct 21, 2017 Listen
IoT DDoS hurricane forming? Sofacy exploits patched Flash bug. NotPetya continues to impose costs. Snooping with mobile app ads. Oct 20, 2017 Listen
Leviathan group exploits patched .NET flaw. North Korean cyber ops. Russian suspicions. Cutlet Maker ATM malware, Sockbot Minecraft malware. Ransomware and backups. Oct 19, 2017 Listen
DPRK returns to bank robbery. Ransomware updates. Patches from Oracle, Lenovo, BlackBerry. Criminal coin miners. Oct 18, 2017 Listen
Panama Papers assassination? Black Oasis exploits Flash Player. DPRK hacked TV show. Patching KRACK and ROCA. WikiLeaks prepping something? DHS BOD 18-01. SCOTUS to rule on data warrants. Oct 17, 2017 Listen
KRACK attacks. Iran's growing capability in cyberspace. Swedish and Polish targets probed by state-directed cyber ops. QR code security issues. Russia to introduce official cryptocurrency. Oct 16, 2017 Listen
Synthesized DNA Malware with Peter Ney — Research SaturdayOct 14, 2017 Listen
Germany's BSI sees no problem in Kasperky software. Equifax, TransUnion, suffer from third-party malvertizing code. ISIS expected to change its inspiration. Notes on the dark web. Oct 13, 2017 Listen
Panama Papers pinch. North Korean spearphishing against ICS. CyberMaryland notes. Google Home Mini was tale-bearing (but now it's better). Oct 12, 2017 Listen
Israel said to have tipped the US off concerning Kaspersky risks. Accenture databases exposed. Deloitte breach may be worse than initially thought. Oct 11, 2017 Listen
Cyberespionage in the Korean peninsula. Russian influence operators bought Facebook, Google ads. Forrester hacked. Kovter, OilRig get upgrades. US CYBERCOM CSM notes. Oct 10, 2017 Listen
GDPR: Privacy from Across the Pond - Special EditionOct 09, 2017 Listen
Android Toast Overlay: Ryan Olson from Palo Alto Networks - Research SaturdayOct 07, 2017 Listen
FSB got NSA with an assist (witting or unwitting) from Kaspersky? Germany calls off mass surveillance investigation. Reality Winner stays in jail. Oct 06, 2017 Listen
NSA breach announced today (occurred in 2015, discovered in 2016) may be final nail in Kaspersky Lab's coffin. Oct 05, 2017 Listen
No insight yet into Las Vegas gunman's motive as ISIS inspiration generally discounted. Yahoo! breach affected 3, not 1, billion user accounts. Equifax updates. Oct 04, 2017 Listen
Fake news and information operations with no obvious solution. Equifax update. US Cyber Command vs. DPRK Oct 03, 2017 Listen
Bots, sockpuppets, and trolls. Facebook talks to Congress. Some suggest China hacked Equifax. DPRK gets more Internet. ISIS inspiration. Section 702 authority in doubt. Oct 02, 2017 Listen
APT 33: FireEye's John Hultquist on an Iranian Cyber Espionage Group - Research SaturdaySep 30, 2017 Listen
Whole Foods breached. Illusion gap and Windows Defender. Exposed AWS S3 buckets. Equifax incident response. Reality Winner proceedings. Sep 29, 2017 Listen
Deloitte and Equifax under the microscope. Congress grills the SEC. Credential theft trends. Sep 28, 2017 Listen
Comments on the Deloitte breach. SEC Commissioner talks to the Senate. Sonic breached. Vulnerable stock-trading apps. Russian influence operations shift their focus. Sep 27, 2017 Listen
Equifax C-suite retirements continue. Deloitte still has little to say about its breach. Mac OS zero-day goes unpatched. Russian influence operations. Sep 26, 2017 Listen
Deloitte hacked. Verizon AWS S3 exposure. Phantom Squad's protection racket. Nuclear tension expected to spawn cyberattacks. Updates on CCleaner backdoor and FinFisher distro. Carlos Danger goes to jail. Sep 25, 2017 Listen
Pacifier APT : Bitdefender's Liviu Arsene describes a sophisticated, multifaceted malware campaign - Research SaturdaySep 23, 2017 Listen
Hacks shake confidence in financial system. FinFisher using MitM. CCleaner backdoor had specific targets in mind? US Forces Korea debunks bogus NEO warning. Locky masters like Game of Thrones. nRansomware asks for a different kind of payout. Sep 22, 2017 Listen
EDGAR hack enabled illicit stock trades? Equifax tweets phishing url to troubled inquirers. Kaspersky ban clarified. Sep 21, 2017 Listen
German election update: nichts neues. Equifax breach. Viacom dodges a bad bucket. Like Sandworm, but from Tehran. Less than fully successful criminals. Sep 20, 2017 Listen
Russia Spy Files from WikiLeaks. Disinformation and influence operations. Equifax sustained a breach in March. Software supply chain issues. Sep 19, 2017 Listen
Russian dogs not yet barking in German elections. ISIS is doing a lot of howling at lone wolves. Equifax updates. CCleaner found unclean. OurMine hacks Vevo to avenge its honor. Sep 18, 2017 Listen
Research Saturday— Cobian RAT: Zscaler’s Deepen Desai describes some clever malwareSep 16, 2017 Listen
Equifax agonistes. Kaspersky denies his company's a security risk. Political database for sale found exposed. Trolling the DCI. Sep 15, 2017 Listen
Binding Operational Directive 17-01 hits Kaspersky. Point-of-sale malware found in some ElastiSearch servers. BlueBorne proves widespread. Equifax breach updates, industry notes, a look at the Billington Summit. Sep 14, 2017 Listen
North Korea turns to cryptocurrency theft. Equifax breach gets worse. Patch Tuesday. Duma says US election hackedSep 13, 2017 Listen
Equifax breach news. Unsecured admin accounts. BlueBorne via Bluetooth. Hackable medical devices. Bots convince. A guilty plea draws a long sentence.Sep 12, 2017 Listen
Everything Equifax, with some notes on German election vulnerabilities and an update on the Crackas With Attitude.Sep 11, 2017 Listen
Equifax decides to tell people it's been breached. Notes from the Intelligence and National Security Summit. WikiLeaks dumps missile guidance documents from Vault7. The ShadowBrokers are back, with a new offer.Sep 08, 2017 Listen
DragonFly 2.0 in power grids. Cyberespionage in the South China Sea. Russian Facebook ads. "Fake News" survey.Sep 07, 2017 Listen
Apache Struts patched. Dragonfly is in the power grid. Ransomware notes. Taringa breached. Cryptocurrencies in China and Russia. Signal stealing that's not SIGINT. Sep 06, 2017 Listen
Influence operations in Germany. More Turla. KHRAT looks like political spying. Exposed AWS S3 and MongoDB databases hit. Ransomware notes. Cyber gangland rumbles.Sep 05, 2017 Listen
Kenyan election nullified over electronic irregularities. South China Sea cyber espionage. WikiLeaks' Vault7 dumps Angelfire. Accused leaker wants her statements excluded. DPRK raids ROK Bitcoin. WhopperCoin is here.Sep 01, 2017 Listen
Turla's Gazer backdoor. OurMine vs. WikiLeaks; WikiLeaks vs. CIA. Reality Winner trial. House of Cards material leaks. Patching notes. Insecure APIs.Aug 31, 2017 Listen
Phishing and watering hole alerts. Is DPRK stealing Bitcoin? NHS Lanarkshire ransomware identified as Bit Paymer. Onliner spambot has hundreds of millions of email addresses. St. Jude pacemaker patch.Aug 30, 2017 Listen
NIST Cybersecurity Framework - A CyberWire Special EditionAug 30, 2017 Listen
Cyberespionage in South Asia. NHS hack confirmed as ransomare. Notes on Hancitor. WireX Android botnet taken down. Fat-fingering BGP. Topical phishbait.Aug 29, 2017 Listen
Maritime cybersecurity concerns. ExpressLane dump stirs up international trouble. IoT botnet threat addressed. Defray ransomware. Cyberattack in Scotland. Tehran's info-ops rapper.Aug 28, 2017 Listen
Clouds, crooks, cheats, and cryptocurrencies. Vault7 leaks liaisonware. Rumors about FSB officers charged with treason. FBI arrests Chinese national in OPM hack. Extremism online flows more than it ebbs.Aug 25, 2017 Listen
Cyberattacks that may not have been. Ropemaker corrupts email after delivery. Concerns about companies working for intelligence services.Aug 24, 2017 Listen
Independence day cyberattack worries in Ukraine. US Navy eliminating possibility of cyberattack on USS McCain. More malicious apps in Google Play. US state cyber regs. ISIS still works to inspire online.Aug 23, 2017 Listen
Cyber concerns about naval and maritime shipping operations. AWS S3 data exposure. Game of Thrones hack. NHS breach? Killer robots. Scareware. Aug 22, 2017 Listen
GCHQ and MalwareTech's arrest. Chinese oilfield sustains malware infestation. US Cyber Command now a UCC. Ukraine fears another cyber campaign. Turla returns. GPS spoofing. Extremism online. ICO hack.Aug 21, 2017 Listen
Ransomware updates. ShadowPad backdoor may have got into the supply chain from a Chinese APT group. Apple Secure Enclave decryption key released. Profexor and Fancy Bear. Misconfigured AWS S3 exposes voter data. Countering extremism online. FBI continues Aug 18, 2017 Listen
Email brute-forcing. Aadhaar woes. Leaked Equation Group exploits remain a problem. Hijacked Chrome extensions. Pulse wave DDoS. FBI interviews "Profexor." Extremism and vigilantism. OurMine hacks HBO Twitter, Facebook.Aug 17, 2017 Listen
NIST SP 800-53 updated. Attack on Scotland Parliament's email system. Consequences of Equation Group leaks. "Mr. Smith" and HBO. Attacks of note: Trickbot, OLE exploits, NetSarang backdoor. Extremist inspiration. BEC.Aug 16, 2017 Listen
Lazarus Group is back, phishing in English. Extremist content online. Google cleans up SonicSpy. Arrests for HBO hacking are unrelated to "Mr. Smith." Marcus Hutchins is out on. DJI drones get a security makeover. Help desk scams.Aug 15, 2017 Listen
Charlottesville hacking. Operation #LeakTheAnalyst. Dissatisfied customer calls ShadowBrokers a "ripoff." More HBO leaks. Google purging SonicSpy. Collusion attacks. Marcus Hutchins in court.Aug 14, 2017 Listen
HBO offered Mr. Smith a bug bounty, but no takers. Fancy Bear's in hotel Wi-Fi. DNC leak argument resumes. Locky and Mamba ransomware are back. ISIS on eBay. NotPetya arrest. WikiLeaks dumps more from Vault7.Aug 11, 2017 Listen
Kenyan elections, not hacked? Someone's poking into DPRK systems. DDoS in Ukraine. Pseudoransomware protection. Spyware in Play Store. HBO hack.Aug 10, 2017 Listen
Patches, passwords, wipers, and pseudoransomware. New fronts in hybrid war? KONNI, OnionDog, and Israbye.Aug 09, 2017 Listen
Power grid risks. Update on the Mandiant employee hack. "Mr. Smith" holds HBO for ransom. Shipping industry looks for GPS backup. DHL sees a NotPetya windfall. Google patches ten Android remote-code execution vulnerabilities. NIST issues a Cybersecurity WAug 08, 2017 Listen
US Army bans DJI COTS drones. Amazon will scan AWS customers' S3 buckets for public accessibility. Recommendations for election security. Marcus Huchins pleads not guilty to Kronos-related charges.Aug 07, 2017 Listen
MalwareTech arrested over Kronos banking Trojan. "Bateleur" in the wild. Long DDoS hits Chinese telco. Russian influence operations no longer novel? FBI investigates HBO hack.Aug 04, 2017 Listen
WikiLeaks dumps Dumbo dox. HBO's hack gets bigger. Group IB outs the United Islamic Cyber Force. Cerber goes after Bitcoin. Lawsuits over NotPetya; more companies warn. Election fraud in Venezuela.Aug 03, 2017 Listen
Following up on security scrambles in Sweden and Ukraine. #LeakTheAnalyst. Blu Product phones booted by Amazon. BitCoin's hard fork. The Internet of Things Cybersecurity Improvement Act of 2017.Aug 02, 2017 Listen
HBO hacked. Operation #LeakTheAnalyst targets individual security researchers. Election hacking notes. UK's Home Secretary opposes strong encryption. Russia bans VPNs. Bitcoin, crime, and punishment.Aug 01, 2017 Listen
Black Hat 2017 - Research and Investment - CyberWire Special EditionAug 01, 2017 Listen
Investigation into ShadowBrokers focuses on former insiders. Threat analyst doxed. Trickbot and NotPetya updates. Sweden's big breach. DPRK hacks online gaming for revenue.Jul 31, 2017 Listen
WikiLeaks and the ShadowBrokers are both back. Catphishing the French elections. Pyongyang's Bitcoin miners. Malware notes, industry news, and a rundown of the Pwnie Awards.Jul 28, 2017 Listen
"Mia Ash" is an Iranian catphish. WikiLeaks dumps UMBRAGE from Vault7. Germany braces for hacking by Russia, China, and Iran. Google kicks unwelcome intercept tool Lipizzan out of the PlayStore. WhatsApp scammers phish for banking credentials. Anti-drone Jul 27, 2017 Listen
Counterattackers' advantage? Juche no competition for cat videos, next-day delivery. CopyKitten crude but effective. FBI investigated Fruitfly Mac malware. Adobe will retire Flash in 2020. BSides notes.Jul 26, 2017 Listen
Google Groups oversharing. E-discovery don'ts. Energetic Bear may be back. The CopyKittens seem to be Persian cats. Ethereum hacks (and white hats).Jul 25, 2017 Listen
Buckets leak, but so do CDs. NotPetya and Sandworm. Fruitfly versus Macs. ISIS strained in cyberspace. A look at dark web souks. Hacked fish tank.Jul 24, 2017 Listen
Hansa Market takedown. Recovery from EternalBlue exploits is a long slog. Banking malware rising. Power grid vulnerabilities. Devil's Ivy and the IoT. A look at criminal markets.Jul 21, 2017 Listen
Configuring AWS buckets. New threats and vulnerabilities. Apple and Oracle patch.Jul 20, 2017 Listen
Dow Jones AWS S3 bucket exposed. FedEx 10-K and NotPetya. Game of Thrones torrent virus. Securing voting. Botnet defense research. M&A and VC notes. Initial coin offering hacked.Jul 19, 2017 Listen
Qatar and the United Arab Emirates at loggerheads over hacking. Commonly used gSOAP IoT code vulnerable to exploitation. A data exposure risk in connected toys. And what could be in that EULA.Jul 18, 2017 Listen
Qatar accuses UAE of disinformation, hacking campaign. Other international cyberconflict. Ransomware and clickfraud in one campaign. Banking credential-stealing malware vs. Macs.Jul 17, 2017 Listen
More from WikiLeaks' Vault7. Cyber ops and national policy. NotPetya's costs. Clouds of misconfiguration. Chasing innovation. AlphaBay takedown. Phishbait.Jul 14, 2017 Listen
Motives behind NotPetya, other operations. Verizon customer data exposed. Industry notes. Licensing hackers in Singapore.Jul 13, 2017 Listen
Patch Tuesday. Infrastructure hacking and hackers. Industry notes. Influence operations. Jamming a radio station.Jul 12, 2017 Listen
Russia's phishing for nuclear power plants. NATO offers aid to Ukraine. Election hacking updates. M&A and venture news. Crime, punishment, and cryptocurrency.Jul 11, 2017 Listen
Infrastructure hacking. No Russo-American agreement in cyberspace. Android malware infestations. Misspelling as OPSECJul 10, 2017 Listen
NotPetya still looks like an act of state; intended result or not, companies warn of possible material effect from the attack. Another S3 database found exposed.Jul 07, 2017 Listen
Ukraine says it blocked a second wave of NotPetya attacks. Notes on hybrid warfare and the challenges of sharing data. Will the EU get a right to repair?Jul 06, 2017 Listen
Recovering from NotPetya. State-actor seen behind wiper attack. Ukraine mulls criminal negligence charges. Documents behind US Congressional wariness of Kaspersky.Jul 05, 2017 Listen
Recovery and attribution: Petya/Nyetya/NotPetya. Cyber conflict and collective defense. Online inspiration and online censorship. The EU's regulatory big stick. Vishing Parliament.Jul 03, 2017 Listen
What's up with Petya/Nyetya/NotPetya? It's a wiper—the extortion is just misdirection. WikiLeaks dumps "OutlawCountry" from Vault7. The ShadowBrokers raise prices. Russia says boo to cybercrime.Jun 30, 2017 Listen
Ransomware, nyet; wiper, da. Shipping, manufacturing, and Big Law may share some common risks. WikiLeaks and the ShadowBrokers are back again.Jun 29, 2017 Listen
IoT 2017 – Securing the Things: A CyberWire Special EditionJun 29, 2017 Listen
Petya/PetrWrap/Goldeneye updates.Jun 28, 2017 Listen
Petya goes WannaCry one better. Westminster email hack. ISIS in Maryland and Ohio websites.Jun 27, 2017 Listen
Brute-forcing Parliament. Election hacking retaliation? Cyberspies hunt IP in East Asia. Microsoft security issues. ISIS hacktivists deface Ohio websites. Jun 26, 2017 Listen
Vault7 leak: Brutal Kangaroo toolkit. Data breach and ransomware updates. Notes on code audit requirements.Jun 23, 2017 Listen
WannaCry's back and the industrial IoT's got it. Business email scams hit the unwary (and most of would count as unwary). Testimony on Russian election influence operations. Grid security.Jun 22, 2017 Listen
Investigation, introspection, watchdogs, and leakers. The risk of collecting and storing data. Jun 21, 2017 Listen
Who's behind the Android malware infestations? Mirai and Erbus updates. Industry notes. Brussels takes the pro-crypto side in the crypto wars. CrashOverride as a weapon. IG report on NSA insider threat management.Jun 20, 2017 Listen
Bouncing bad adware apps from Google Play. More on WannaCry attribution. Voter data exposed on an Amazon S3 account. Assessment of Russian influence on UK elections: they didn't do it. (Didn't need to?) Hackers sentenced.Jun 19, 2017 Listen
More from Vault7. How and why the DPRK hacks. FIN10 hits North American businesses with extortion demands. UK unis sustain ransomware infestation. Free decryptors are out, and ISACs seem to be working.Jun 16, 2017 Listen
Hidden Cobra strikes from Pyongyang. Microsoft patches last of ShadowBrokers' leaked exploits. Sanctions coming over Russian election influence operations. Electrical and natural gas sectors brace for CrashOverride.Jun 15, 2017 Listen
A CrashOverride update from Robert M. Lee. Patch news. Terrorist funding goes cyber. Cozy and Fancy Bear were more active than earlier believed. Jun 14, 2017 Listen
CrashOverride update. Influence ops harder to disrupt than infrastructure. Samba exploited for cryptocurrency mining. NSO Group for sale. Botnets and fake news. Airliner laptop bans.Jun 13, 2017 Listen
CrashOverride implicated in Ukraine grid hack—possibly as a proof-of-concept. Hack-induced Gulf diplomatic troubles continue. New malware strains, exploits appear.Jun 12, 2017 Listen
Comey's testimony calls Russian election influence operations massive and ongoing. New Android malware. Malicious hyperlinks infect with a mouse-over. Data privacy issues.Jun 09, 2017 Listen
Qatar—provocation, and disinformation online. Influence operations move from doxing to disinformation. 2FA still a good idea. Former FBI Director Comey testifies. And assume the boss is watching.Jun 08, 2017 Listen
Farewell to Jean Sammet, co-developer of COBOL. Remembering Midway. NSA leak investigation. Signs of Russian disinformation in the Gulf. Data breaches, script kiddies, EternalBlue, and Turla.Jun 07, 2017 Listen
Report leaked on Russian influence operations (alleged leaker in custody). ISIS continues inspiration; anarchist groups said to follow same playbook. The DarkOverlord is back.Jun 06, 2017 Listen
ISIS claims responsibility for inspiring attacks in London. More are expected during Ramadan. Hacks roil Middle Eastern diplomatic waters. Ransomware updates. Indian investigates possible aircraft hacking.Jun 05, 2017 Listen
Patriotic and free-spirited hacking? WikiLeaks has a new Vault7 dump. Cyber conflict over the South China Sea. Fireball malware infests more than 250 million devices. Trident security. Kmart breach. Bikers turn hackers.Jun 02, 2017 Listen
It's the first of June, and the ShadowBrokers' exploit-of-the-month club is open for business (exploits to be delivered to subscribers in July).Jun 01, 2017 Listen
Exploit-of-the-month club open for business. Disinformation technology. Lazarus Group tied to North Korean intelligence (again). Extortion is big, but carding is still with us. Spammy apps in Google Play.May 31, 2017 Listen
Implications of Manchester bombing investigation on policy, Five Eyes relations. British Airways IT outage. Fancy Bear and Malta? ShadowBrokers prep exploit-of-the-month club. Google deals with Chrome, PlayStore issues. Mall boards and ricrolling.May 30, 2017 Listen
WannaCry aftershocks. Influence ops and data corruption. Samba patched. Biometrics and impersonation. GDPR approaches. US legislation update.May 26, 2017 Listen
Worm alert. Stumblebums or masterminds? Widia commodity ransomware in its early stages. Taking the fight to ISIS in cyberspace.May 25, 2017 Listen
Manchester bombing investigators look at bomber's network. EnSilo patches ESTEEMAUDIT. Cron cyber gangsters arrested. What we hear at the Cyber Investing Summit.May 24, 2017 Listen
ISIS claims Manchester concert bombing. The case for a North Korean Wannacry. US lawmakers consider cyber legislation. May 23, 2017 Listen
How were US agents in China compromised between 2010 and 2012? EternalBlue updates (including notes on WannaCry and EternalRock).May 22, 2017 Listen
WannaCry wraps up its first week. No patches for Marshmallow. Women in Cybersecurity survey results. May 19, 2017 Listen
OilRig hires the Russian cyber-mob. WannaCry updates. Other EternalBlue exploits surface in the wild. Pending legislation in the US Congress. NIST issues guidelines for Executive Order compliance.May 18, 2017 Listen
Gothic Panda seems to have a government job. Not all extortion is ransomware (ask Disney). WannaCry update. The ShadowBrokers are back. So is WikiLeaksMay 17, 2017 Listen
WannaCry, worm wars, ransomware pandemics, and a place for kill switches. And what might a cyber Pearl Harbor look like?May 16, 2017 Listen
WannaCry ransomware—a pandemic. Baijiu spyware in East Asia. APT32 seems to be spying for Vietnam. Al Qaeda calls to lone wolves. Influence operations and tactical operations. The long arm of the law reaches out to tech-support scammers.May 15, 2017 Listen
WannaCry ransomware spreads via ShadowBrokers' dumped exploit. Necurs delivers Jaff ransomware. Fancy Bear spoofs NATO emails. President Trump's Executive Order on cybersecurity.May 12, 2017 Listen
French media recover from DDoS. XaverAd infests Android ecosystem. Zero-days patched, but exploited in the wild. Mother's day giftcard hacking. Telephonic harassment.May 11, 2017 Listen
NSA says it warned France of election influence ops. Deterrence and retaliatory capability. SLocky ransomware rising. Patch Tuesday. FBI Director Comey dismissed.May 10, 2017 Listen