This browser doesn't support Spotify Web Player. Switch browsers or download Spotify for your desktop.

The CyberWire

By The CyberWire

More signal, less noise—we distill the day’s critical cyber security news into a concise daily briefing.

  1. 1.
    Not every incident is necessarily an attack. Not everything that purrs is a kitten (sometimes it’s a bear that would like you to think it’s a kitten). ICS security notes.10/21/2019
  2. 2.
    Hoping for SOHO security — Research Saturday10/19/2019
  3. 3.
    Clickfraud and third-parties (both SDKs and stores). Trojanized TOR browser steals from Russian users. WiFi bugs. Sketchy jailbreak. Big Tech on free speech. Cooperation against terrorism.10/18/2019
  4. 4.
    Cozy Bear never really left. Iran denies it suffered a US cyberattack. Malicious WAV files. Darknet dragnet hauls in child exploitation ring. Graboid infests Docker hosts.10/17/2019
  5. 5.
    Cyber retaliation for a kinetic attack, again. Industrial espionage from China. Botnet does sextortion. Typosquatting the other candidate. A poor approach to reputation management.10/16/2019
  6. 6.
    Ransomware hits US, French companies. ISPs as combat support arms. Lawful intercept gone rogue? Lazarus Group is back and in GitHub. China’s security laws and security risks.10/15/2019
  7. 7.
    Decrypting ransomware for good. — Research Saturday10/12/2019
  8. 8.
    Ransomware and a zero-day. A newly discovered espionage platform. FIN7’s new tricks. Beijing speaks and Apple listens. A visit to NSA’s Cybersecurity Directorate.10/11/2019
  1. 9.
    Alleged DIA leaker. Europol cybergang study. Protecting the DIB. Chinese information operations.10/10/2019
  2. 10.
    Twitter and two-factor authentication. Privacy concerns. The US Senate Intelligence Committee reports on Russian troll farms. Turla is back with some new tricks.10/09/2019
  3. 11.
    Riding herd on Mustang Panda. Drupalgeddon2 is out in the wild. VPN warnings and mitigations. Patch notes. An offer to share intelligence about Huawei. Presidential sites get low privacy grades.10/08/2019
  4. 12.
    Iran hacks for influence. Brazilian PII up for auction. Prince Harry vs. Fleet Street. Electrical infrastructure cyber risk. Paying ransom. HildaCrypt developers say they’re going straight.10/07/2019
  5. 13.
    The fuzzy boundaries of APT41. — Research Saturday10/05/2019
  6. 14.
    Android vulnerability exploited in the wild. Careless spycraft. The Eye on the Nile. A new Chinese threat actor. A spoiling attack in the CryptoWars. Take election interference, please.10/04/2019
  7. 15.
    A new threat group, Avivore, is called out in the Airbus hack. Ransomware and VPN exploit warnings. EU tells Facebook to take down some content, everywhere. Spearphishing ANU. SandCat’s bad opsec.10/03/2019
  8. 16.
    RATs, ransomware, payloads, and unsecured data: a look at the cybercriminal underground.10/02/2019
  9. 17.
    Piling on sanctions. The disinformation-as-a-service black market. Technological sovereignty through R&D investment? Ransomware continues to rise. NSA’s new Cybersecurity Directorate.10/01/2019
  10. 18.
    Industrial firms disclose cyber incidents. US DHS to check airliner cybersecurity. RCMP security case update. Bulletproof host taken down. Gnosticplayers. Royal phish.09/30/2019
  11. 19.
    Focusing on Autumn Aperture. — Research Saturday09/28/2019
  12. 20.
    Supply chain hacks versus Airbus. Phishing around Google Cloud. Masad Clipper and Stealer on the criminal-to-criminal market. Quick zero-day exploitation. DoorDash hack. Inside JTF Ares.09/27/2019
  13. 21.
    Lazarus Group in India. Suspected Chinese APT uses fake Narrator. Fleeceware. DNI testimony. TalkTalk hacker charged in US. Yahoo breach compensation. Chameleon spam campaign.09/26/2019
  14. 22.
    Notes on Tortoiseshell. Fancy Bear snuffles around embassies and foreign ministries. Poison Carp targets Tibetan groups. GandCrab unretires. And Chameleon’s curious spam.09/25/2019
  15. 23.
    Utility phishing. Google wins on the right to be forgotten. Transatlantic data transfer. Responsible state behavior in cyberspace. Huawei and 5G. Permanent Record, temporarily phishbait.09/24/2019
  16. 24.
    YouTube account hijacking. Facebook finds more apps misusing data. Cyber deterrence in the Gulf region. Huawei’s CFO continues to fight extradition from Canada to the US. Pentesting blues.09/23/2019
  17. 25.
    Leaky guest networks and covert channels. — Research Saturday09/21/2019
  18. 26.
    Coordinated inauthenticity in five countries draws action from Twitter. Cryptomining continues. Huawei fights its ban in US Federal court. Notes from CISA’s Cybersecurity Summit.09/20/2019
  19. 27.
    Notes from the CISA Summit. New DDoS vector reported. Medical images exposed online. Huawei and US sanctions. Engaging ISIS in cyberspace.09/19/2019
  20. 28.
    Tortoiseshell threat-actor active in the Middle East. Simjacker less dangerous than thought? Decentralizing cyber attack. The Ortis affair. Mr. Snowden’s book deal.09/18/2019
  21. 29.
    More updates on the Royal Canadian Mounted Police counterintelligence case. Australian elections and China’s interests. ISIS howls to the lone wolves. Ed Snowden would prefer Paris to Moscow.09/17/2019
  22. 30.
    Espionage and counter-espionage in at least three of the FIve Eyes. New sanctions against North Korea. Password managers and flashlights.09/16/2019
  23. 31.
    Bluetooth blues: KNOB attack explained. — Research Saturday09/14/2019
  24. 32.
    CRASHOVERRIDE tried to be worse than it was. InnfiRAT scouts for wallets. Simjacker exploited in the Middle East. SINET 16 are out. Pentesting scope. Back up your files, Mayor.09/13/2019
  25. 33.
    The StingRays that were n DC. Old-school file formats and attack code. Ransomware becomes spyware. Joker apps ejected from the Play store. Multifaceted deterrence. Advice on BEC.09/12/2019
  26. 34.
    Cobalt Dickens, coming to a university library near you. UNICEF data exposure. Election security notes. Operation reWired arrests 281 alleged BEC scammers.09/11/2019
  27. 35.
    US National Security Advisor to be replaced. Stealth Falcon’s new backdoor. DDoS, social engineering investigations proceed. Exfiltrating an agent. Patch Tuesday notes.09/10/2019
  28. 36.
    BEC attack pulls millions from car parts company. Wikipedia DDoS. NERC and FERC on grid hacking. Trolling Pyongyang. Mike Hammer goes to the DMV.09/09/2019
  29. 37.
    VOIP phone system harbors decade-old vulnerability. — Research Saturday09/07/2019
  30. 38.
    China hacks to track. Turning the enemy’s weapons against them? Notes from the Billington CyberSecurity Summit. Anti-trust investigations for Facebook and, probably, Google.09/06/2019
  31. 39.
    Scraped data found gurgling around in an unsecured third-party database. Ransomware and election security. Spy in your pocket? (Probably not.) Guilty plea in the Satori case.09/05/2019
  32. 40.
    Ransomware, Bitcoin, underwriters, and the bandit economy. OTA provisioning could lead to subtle phishing. Alleged spammers indicted. ZAO flashes and flickers out, for now.09/04/2019
  33. 41.
    Stuxnet’s story. Watering hole was designed to attract China’s Muslim minority. USBAnywhere affects some Supermicro servers. Twitter’s CEO has his Twitter stream hijacked.09/03/2019
  34. 42.
    Emotet's updated business model — Research Saturday08/31/2019
  35. 43.
    Watering hole for iPhones. Dental record service hit with ransomware. Huawei reportedly under investigation for IP theft. “erratic” faces cryptojacking charges. Farewell to a Bletchley Wren.08/30/2019
  36. 44.
    Cyberattacks and intelligence trade-offs. TrickBot’s new interests. Fancy Bear versus machine learning. Facebook looks for more ad transparency. Retadup take-down.08/29/2019
  37. 45.
    LYCEUM active against Middle Eastern energy-sector targets. LinkedIn used to recruit spies. Autonomous car expert indicted. Imperva exposure. VPN software patches. AI writes.08/28/2019
  38. 46.
    Hostinger resets passwords after an intrusion. Social media fraud. Notes on RATs and ransomware. Free decryptor for Syrk. Hedge funds go bananas.08/27/2019
  39. 47.
    BioWatch info potentially exposed. Scammers indicted. Ukrainian cryptojacking exposed sensitive data. Social engineering notes. Boo birds and lawsuits. Data use and privacy. Low-earth orbit hack.08/26/2019
  40. 48.
    Gift card bots evolve and adapt — Research Saturday08/24/2019
  41. 49.
    Google takes down YouTube influence operation. Cryptomining in a nuclear plant. Spyware in the Google Play Store.08/23/2019
  42. 50.
    North Korean and Chinese cyber espionage. Updates on Texas ransomware. Steam zero-day released.08/22/2019
  43. 51.
    China criticizes Twitter and Facebook. Silence expands internationally. A popular Ruby library was backdoored.08/21/2019
  44. 52.
    Chinese information operations on Twitter and Facebook. iOS jailbreak released. Adult websites leak information.08/20/2019
  45. 53.
    ISIS claims Kabul massacre. Huawei gets a temporary break. Texas governments hit by ransomware. Hy-Vee warns of point-of-sale attack.08/19/2019
  46. 54.
    Detecting dating profile fraud — Research Saturday08/17/2019
  47. 55.
    ECB sustains an intrusion into a third-party-hosted service. Norman quietly mines Monero. MetaMorph appears in a stealthy phishing campaign. Information operations.08/16/2019
  48. 56.
    Huawei accused of abetting domestic surveillance in Africa. Cyber gangs adapt and evolve. Prosecutors indicate they’ll add charges to “erratic.” Bluetana detects card skimmers.08/15/2019
  49. 57.
    Hacking the Czech Foreign Ministry. Microsoft patches new wormable bugs. More controversial human review of AI. Insecure links, exposed databases, and a California vanity plate.08/14/2019
  50. 58.
    UN Security Council looks at North Korean cybercrime. Notes on PsiXBot and BITTER APT. The state of spearphishing. Election security. A final look back at Black Hat and Def Con.08/13/2019
  51. 59.
    A look back at Black Hat and Def Con. Sometimes failures that look like accidents are accidents. Russia wants better content suppression from Google. Notes on intelligence services.08/12/2019
  52. 60.
    Unpacking the Malvertising Ecosystem — Research Saturday08/10/2019
  53. 61.
    Voting machine security. Airliner firmware. Attribution and deterrence in cyberwar. Monitoring social media. Broadcom buys Symantec’s enterprise security business. Policing, privacy, and an IoT OS.08/09/2019
  54. 62.
    Hacking in the Gulf region. Vulnerability research into airliner avionics. Phishing and ransomware move to the cloud. EU data responsibilities. US bans five Chinese companies.08/08/2019
  55. 63.
    Another speculative execution flaw. LokiBot evolves. APT41 moonlights. Scammers exploit tragedies. Black Hat notes.08/07/2019
  56. 64.
    Fancy Bear is snuffling around corporate IoT devices. Machete takes its cuts at Venezuelan military targets. What Mr. Kim is buying. MegaCortex goes for automation. Vigilantes, misconfigurations, etc.08/06/2019
  57. 65.
    Ransomware attacks in Mexico and Germany. Wipers in criminal service. Supervising Siri and Alexa. Mass shooters find inspiration and online expression.08/05/2019
  58. 66.
    Package manager repository malware detection — Research Saturday08/03/2019
  59. 67.
    Spearphishing utility companies. Bellingcat as gadfly, and target. Facebook takes down more coordinated inauthenticity. Card skimming. Tech regulation. Random acts of cruelty.08/02/2019
  60. 68.
    Capital One investigation update. Don’t give up on the cloud. Exposed databases and backdoors. Cybercrime as high-stakes poker. Phishing the financials. Bots on holiday.08/01/2019
  61. 69.
    Capital One breach update. CISA warns of avionics CAN bus vulnerabilities. More attacks on local Louisiana governments. Change at the SEC. Cyber summer school for NATO, EU diplomats.07/31/2019
  62. 70.
    Capital One sustains a major data breach. Phishing in LinkedIn. VxWorks patches and mitigations. Brute-forcing NAS credentials. LAPD doxed?07/30/2019
  63. 71.
    Bears sniff at Bellingcat. Magecart in spoofed domains. MyDoom is still active. Shipboard malware was Emotet. Hutchins sentenced. Digital assistants have big ears. Taxes owed on alt-coin gains.07/29/2019
  64. 72.
    Special Edition - Cult of the Dead Cow author Joseph Menn extended interview07/28/2019
  65. 73.
    Day to day app fraud in the Google Play store — Research Saturday07/27/2019
  66. 74.
    Winnti and other Chinese espionage activity. Volume I of the US Senate report on election meddling is out. Ransomware from Sabine, Louisiana, to Johannesburg, South Africa.07/26/2019
  67. 75.
    News about Russian and Chinese government threat actors. Powerful crimeware active in Brazil. BlueKeep really needs to be patched. Messenger Kids issues. Dispatches from the cryptowars.07/25/2019
  68. 76.
    Lancaster University breached. Kazakhstan is testing out HTTPS interception. The UK postpones its decision on Huawei’s 5G gear. The FTC is requiring Facebook to set up a privacy committee.07/24/2019
  69. 77.
    Venezuela blames power failure on exotic sabotage, again. Huawei may have built North Korea’s 3G wireless networks. Were record privacy fines high enough? Logic bombing the customer.07/23/2019
  70. 78.
    FSB contractor hacked. Pegasus now able to rummage clouds? Iranian cyber ops spike. Fraudulent student profiles. Judgement in Equifax FTC case. NSA hoarder gets nine years.07/22/2019
  71. 79.
    Special Edition — The Fifth Domain coauthor Richard A. Clarke07/21/2019
  72. 80.
    Nansh0u not your normal cryptominer — Research Saturday07/20/2019
  73. 81.
    Following K3chang. Bulgaria’s tax agency breach. An alternative currency gets some incipient regulatory scrutiny. Why towns are hit with ransomware. A hair-care hack.07/19/2019
  74. 82.
    TrickBot’s new tricks. Poisoning the ad supply chain. Clouds get schooled. Novel phishing tackle, but stale bait. Cyberwar powers. Election interference. FaceApp fears. Bad macro suspect arrested.07/18/2019
  75. 83.
    Telco data breach. Firmware supply chain problems. Hacking BLE. Census security. Continuity of operations. Decryptor for GandCrab, NSPM 13. Bulgaria’s tax hack.07/17/2019
  76. 84.
    GandCrab hoods may be back with new ransomware. Video-on issues. Broadcom-Symantec talks are off, for now. Treason or just business? Robo-calls. A decryptor for Ims0rry ransomware.07/16/2019
  77. 85.
    Voting machine woes. Router exploits trouble Brazil, Bitpoint alt-coin exchange investigates theft. Facebook fined $5 billion. Power failures probably unrelated to cyberattacks. Amazon Prime phishing.07/15/2019
  78. 86.
    Opportunistic botnets round up vulnerable routers — Research Saturday07/13/2019
  79. 87.
    Buhtrap gets into the spying game. US cyber operations against Iran considered: there are both strategic and Constitutional issues. Election security. Water bills. And again with the WannaCry.07/12/2019
  80. 88.
    Magecart is getting interested in exposed databases. Agent Smith may be in your Android app store. Tracking FinSpy. A contractor gets spearphished.07/11/2019
  81. 89.
    Zoom addresses concerns about call joining and cameras. ICS vulnerabilities addressed. Patch Tuesday notes. Tracing a disinformation campaign.07/10/2019
  82. 90.
    Security issues with Zoom for Macs. Astaroth fileless malware reported in Brazil. GoBotKR distributed by torrent. ICO hits British Airways with a record fine. State attacks and state defenses.07/09/2019
  83. 91.
    Another ransomware victim pays extortionists. Business email compromise. Government impostor scams. ShadowBrokers still airborne. Exploit supply chain. Silence suspected in bank heists.07/08/2019
  84. 92.
    Warnings of Outlook exploitation, with a possible Iranian connection. GPS jamming in the Eastern Med. Satellite vulnerabilities. 505 errors. TA505’s new tactics. Content moderation updates.07/03/2019
  85. 93.
    US-Iranian tension expressed in cyberspace. OceanLotus and Ratsnif. Ransomware in Georgia, again. Going low-tech to protect the grid. Magecart update. Cryptowars and agency equities.07/02/2019
  86. 94.
    Huawei spits the hook? CISA warns about the risk of Iranian cyberattack. Power grid security. Cryptocurrency and fraud. Content moderation. Senators like Hack the Pentagon.07/01/2019
  87. 95.
    Giving everyone a stake in the success of Open Source implementation — Research Saturday06/29/2019
  88. 96.
    Regin in Yandex? Golang is out and busy. So is the ShadowGate crew. The ICO wants an explanation from the Metropolitan Police. Trackers in news sites. Phishing those who seek “Verification.”06/28/2019
  89. 97.
    Washington and Tehran confront one another in cyberspace. Dominion National investigates data incident. Facebook on info ops (and identity). Labor market notes. Skids on skids.06/27/2019
  90. 98.
    Militia said to be target of US cyberattack. Myanmar shuts down networks. Spam campaign. Supply chain issues for Huawei gear. Election security. Recovering from ransomware by paying up?06/26/2019
  91. 99.
    Operation Soft Cell targets mobile networks. DC and Tehran trade barbs. Critical infrastructure concerns. Maryland’s Cyber Defense Initiative.06/25/2019
  92. 100.
    Notes on a reported US cyberattack against Iran. A look at “Secondary Infektion.” And some cases of cyber stalking.06/24/2019
  93. 101.
    Middleboxes may be meddling with TLS connections — Research Saturday06/22/2019
  94. 102.
    US-Iranian tensions find expression in cyberspace as Refined Kitten returns. Facebook tries friction against abuse. Cryptominers in the wild. Lead generation for cyber criminals.06/21/2019
  95. 103.
    Turla hijacks OilRig infrastructure. Bouncing Golf is no game. CISA panel recommends supply chain security reforms. AMCA driven toward bankruptcy by data breach. Florida town pays ransom.06/20/2019
  96. 104.
    BlueKeep, again. Facebook’s cryptocurrency play. Updates on alleged or suspected electrical grid hacks. Catphishing and spying. Compromised social media accounts.06/19/2019
  97. 105.
    Power grids, accidents, the challenge of forensics, and the nature of deterrence. BlueKeep considerations. Third- and fourth-party risks.06/18/2019
  98. 106.
    Cyber deterrence? What grid failure looks like (and it needn’t come from a cyberattack). EU complains of Russian info ops. Twitter takes down inauthentic accounts.06/17/2019
  99. 107.
    Apps on third-party Android store carry unwelcome code — Research Saturday06/15/2019
  100. 108.
    Xenotime is now interested in the power grid. Vulnerable Exim servers under attack. Mr. Assange goes to court. Credential-stuffing attacks on gamers. And that Ms Katie Jones? Not a real person.06/14/2019
  101. 109.
    Telegram recovers from DDoS. Fishwrap campaign breaks old news. Ransomware hits ACSO plants. Congress considers hacking back, again. That ol’ devil limbic system.06/13/2019
  102. 110.
    Shifting techniques in cybercrime. Miscreants take note: “the aperture” will henceforth be wider for US Cyber Command and offensive ops. What Radiohead did.06/12/2019
  103. 111.
    Russia’s sovereign Internet. Huawei updates. CBP discloses exposure of images collected at a border crossing. Gmail features used for social engineering. M&A notes. Top bugs found by bounty hunters.06/11/2019
  104. 112.
    An espionage campaign succeeds without zero-days. Spam serves up old Office exploit. Disinformation makes it into YouTube. The Huawei Affair. Raytheon to be acquired.06/10/2019
  105. 113.
    Xwo scans for default credentials and exposed web services — Research Saturday06/08/2019
  106. 114.
    Recruiting spies at university? GoldBrute botnet and RDP vulnerabilities. MuddyWater update. RIG delivers Buran. Achilles claims to sell access. NRC’s IG reports on cyber. Antitrust for Big Tech.06/07/2019
  107. 115.
    BlueKeep proofs-of-concept. BeiTaAd plug-in is a serious Android pest. Cyber espionage against the EU’s Moscow embassy. Influence operations. A motive for GPS spoofing?06/06/2019
  108. 116.
    AMCA breach extends to LabCorp. Still no EternalBlue in Baltimore ransomware attack. Frankenstein malware. Real hacking isn’t like the movies. Huawei’s no-spy deal. US Data Strategy. Patch BlueKeep.06/05/2019
  109. 117.
    Iranian brute-forcing tool leaked. Third-party data breach touches medical testing company. Ransomware news and updates. An antitrust look at Silicon Valley?06/04/2019
  110. 118.
    Recovery from network congestion. GandCrab to close. BlackSquid drops XMRig. BlueKeep patching lags. Crypto for criminals trial. Antitrust investigation of Google. “Persistence of Chaos” sold.06/03/2019
  111. 119.
    Blockchain bandits plunder weak wallets — Research Saturday06/01/2019
  112. 120.
    Malicious misdirection. Found on the subway. A summary of file exposure. Turla’s back, and as clever as ever. ICRC proposes rules of cyberwar. Baltimore ransomware update.05/31/2019
  113. 121.
    Malicious misdirection. Found on the subway. A summary of file exposure. Turla’s back, and as clever as ever. ICRC proposes rules of cyberwar. Baltimore ransomware update.05/30/2019
  114. 122.
    Special Counsel Mueller speaks about his investigation of Russian influence in the 2016 US presidential campaign. Iranian coordinated inauthenticity. BlueKeep, Pegasus updates.05/29/2019
  115. 123.
    Sensitive mortgage documents left exposed online. Someone’s scanning for BlueKeep RDP issues. Huawei updates. The case of Baltimore City’s ransomware.05/28/2019
  116. 124.
    A fresh look at GOSSIPGIRL and the Supra Threat Actors — Research Saturday05/25/2019
  117. 125.
    Stone Panda update. A new strain of Mirai. Bogus cryptocurrency apps are trending in Google Play. Mr. Assange is charged under the Espionage Act. Info ops. Law firms as phishbait.05/24/2019
  118. 126.
    NATO and UK to Russia: hands off elections and infrastructure. More trouble for Huawei, and maybe for others. Notes from the Cyber Investing Summit. Equifax downgraded over 2017 breach. Is it art?05/23/2019
  119. 127.
    Fancy Bear fingered, again. Warnings for travelers. Political parties get a cybersecurity grade. Updates on US restrictions on Chinese companies.05/22/2019
  120. 128.
    BlackWater snoops through the Middle East. TeamViewer hacked. Android app behaving badly. A misconfigured database with scraped Instagram data. Ransomware notes. Huawei updates.05/21/2019
  121. 129.
    Huawei agonistes. Hacktivism is way down. New EU sanctions regime. Facebook goes after more coordinated inauthenticity. Salesforce still fixing its fix. OGuser hacked.05/20/2019
  122. 130.
    Elfin APT group targets Middle East energy sector — Research Saturday05/18/2019
  123. 131.
    Slack closes a vulnerability. Email tracking in a court martial. Restrictions on doing business with Huawei come into place. A case of responsible disclosure.05/17/2019
  124. 132.
    US Executive Order aimed at China, and Huawei. Hunting backdoors in Dutch networks. Spyware proliferation. Cipher stunting. Titan key spoofing. Meaconing warning. Exposed PII in Russia.05/16/2019
  125. 133.
    Sharing espionage tools and infrastructure. Speculative execution flaws found in Intel chips. A big Patch Tuesday. CrowdStrike’s IPO. WhatsApp exploitation. Cyber Solarium. Ransomware in Baltimore.05/15/2019
  126. 134.
    Russians hacked two Florida counties. Fxmsp targets named. WhatsApp patches spyware-enabling flaws. Breach costs. Cisco patches routers. Endless Mayfly’s endless hogwash.05/14/2019
  127. 135.
    Security companies allegedly hacked by Fxmsp remain unidentified. SharePoint bug exploited in the wild. G7 preps major cyber exercise. Anthem hack motive? Amnesty takes NSO Group to court.05/13/2019
  128. 136.
    Steganography enables sophisticated OceanLotus payloads — Research Saturday05/11/2019
  129. 137.
    Breaches at AV companies? Pyongyang’s ElectricFish. Symantec’s CEO steps down. Calls to break up Facebook and regulate the pieces. US Federal indictments for leaks and breaches. Verizon DBIR reviewed.05/10/2019
  130. 138.
    Someone is after Tehran’s hackers. GitLab misconfiguration. AI’s attack potential. Amazon pursues hackers who defrauded sellers. DeepDotWeb indictments. Evil Clippy. Lunch hacks in San Mateo.05/09/2019
  131. 139.
    Turla’s new backdoor. Verizon’s 2019 Data Breach Investigations Report. Bad actors seek to influence the EU. US CYBERCOM preps for 2020. Baltimore’s ransomware. Monolingual content moderation.05/08/2019
  132. 140.
    Reverse engineering Equation Group attack tools (and putting them to bad use). Hacking, jamming, and airstrikes. Taking down coordinated inauthenticity. How big is the dark web?05/07/2019
  133. 141.
    Supply chain hacking campaign looks like espionage. Airstrikes versus hackers. FTC versus Facebook. Notes from the Global Cyber Innovation Summit. What’s up with MegaCortex.05/06/2019
  134. 142.
    Sea Turtle state-sponsored DNS hijacking — Research Saturday05/04/2019
  135. 143.
    Utility hack update. Surveillance tool proliferation. Exploit black market. Novel ransomware, old distro channel. Notes from the Global Cyber Innovation Summit.05/03/2019
  136. 144.
    Wipro update. Office 365 attacks. The "Smart Content Store" is bad mojo. Russian Internet sovereignty. Global Cyber Innovation Summit notes.05/02/2019
  137. 145.
    US Energy Department alludes to March cyber incident. BND 19-02 is out. Facebook likes privacy. Assange gets a short nickel.05/01/2019
  138. 146.
    Telnet may not be the backdoor you’re looking for. Large PII database left exposed by parties unknown. DHS has a Critical Functions List. ISIS inspiration is back.04/30/2019
  139. 147.
    IoT devices exposed in peer-to-peer software vulnerability. Car hacking claims. More warnings of possible violence in Sri Lanka. Curating app stores for security. eScooter’s “voices” hacked.04/29/2019
  140. 148.
    Deep Learning threatens 3D medical imaging integrity — Research Saturday04/27/2019
  141. 149.
    Sri Lanka bombing investigation updates. Cryptojacking targets enterprises in East Asia. Oracle web server zero-day. The criminal-to-criminal credential-stuffing market. Who talked about Huawei in UK?04/26/2019
  142. 150.
    Pledging allegiance to ISIS, and then going forth to kill. Adware in Google Play. Context-aware phishbait. Facebook and the FTC. Server crash or exit scam?04/25/2019
  143. 151.
    Sri Lanka bombing investigation update. Christchurch call. ShadowHammer moves upstream. Carbanak in VirusTotal after all. Spoofing banks. Bots vs. Mueller Report. ASD’s best practices.04/24/2019
  144. 152.
    ISIS claims responsibility for Sri Lanka massacre. Spearphishing embassies in Europe. How the Blockchain Bandit probably did it. Mexican embassy doxed.04/23/2019
  145. 153.
    Sri Lanka’s social media clamp-down, and investigation of Easter massacres. CIA said to have details on Huawei’s relationship with China’s security services. Marcus Hutchins pleads guilty.04/22/2019
  146. 154.
    Undetectable vote manipulation in SwissPost e-voting system — Research Saturday04/20/2019
  147. 155.
    Observations on the Mueller Report. Doxing Iranian intelligence. Insecure messaging. Old Excel macros. Wipro hack and gift cards.04/19/2019
  148. 156.
    Mueller Report is out. Sea Turtle DNS-manipulation campaign. Over-privileged and under-honest apps kicked out of Google Play. Facebook has another privacy incident. Fraud and destruction.04/18/2019
  149. 157.
    Spearphishing from “Luhansk.” Pro-Assange hacktivism. Another undercover private eye? Pirated Game of Thrones episodes carry malware.04/17/2019
  150. 158.
    Fraud will follow fire, alas. Wipro compromise. DDoS in Ecuador. Brazil’s hacker underground. Selling a keylogger. Facebook and data. EU copyright law. Huawei’s prospects. Fact-checkin’, fer real.04/16/2019
  151. 159.
    ISIS inspiration in exile. Facebook’s Sunday outage. A Microsoft IE bug, and a web-mail breach. Issues with VPNs. Last minute tax scams. Oculus Easter eggs.04/15/2019
  152. 160.
    The ghost and the mole; Eric O'Neill's Gray Day — Special Edition04/14/2019
  153. 161.
    Establishing software root of trust unconditionally — Research Saturday04/13/2019
  154. 162.
    Mr. Assange’s courthouse future(s). Dragonblood Wi-Fi vulnerabilities. Tax fraud and identity theft dark web souks.04/12/2019
  155. 163.
    Julian Assange is out of the embassy and in custody. Pyongyang’s HOPLIGHT. Operations SneakyPastes. Incident response planning blues. High school jam.04/11/2019
  156. 164.
    The Triton actor seems to be back. Project TajMahal is after diplomatic secrets. California’s motor-voter program and a DMV hack.04/10/2019
  157. 165.
    GossipGirl, the supra threat actor. LockerGoga’s destructive functionality. More hacking allegations out of Caracas. Revolutionary Guard now a designated terrorist group. Creepy crime.04/09/2019
  158. 166.
    US DHS Secretary Nielsen resigns. Credential stuffing campaigns. Cryptojacking disrupts a business. A duty of care, online. Tax season scams.04/08/2019
  159. 167.
    Lessons learned from Ukraine elections — Research Saturday04/06/2019
  160. 168.
    Crooks use Facebook, too. Congress asks FEMA for an explanation. Card skimmers in Mexico.04/05/2019
  161. 169.
    Keeping Winnti out of the goods while keeping an eye on them. GlitchPOS malware. What do apps want? Third-party Facebook data exposure. Digital hygiene. A scareware scam.04/04/2019
  162. 170.
    For OceanLotus, a picture is worth a thousand words (or at least a few lines of loader code). Georgia Tech breached. Mounties raid offices associated with Orcus RAT.04/03/2019
  163. 171.
    Ransomware deletes dupes. Exodus scandal grows in Italy. Election reports from Ukraine and Israel.04/02/2019
  164. 172.
    Patch Magento soon. Toyota hacked again. Exodus spyware hits app stores. Moscow seeks to corral VPN providers. Facebook wants regulation. Swatting sentence. Phishing tackle in Nigeria.04/01/2019
  165. 173.
    Bonus Episode: The grugq illuminates influence operations03/31/2019
  166. 174.
    Alarming vulnerabilities in automotive security systems — Research Saturday03/30/2019
  167. 175.
    Russian information operations, and lessons on election security from the Near Abroad. Magneto proof-of-concept exploit. Huawei, security, and bugs. Training AI. Labor market news.03/29/2019
  168. 176.
    Gustuff is out and after Android devices. Microsoft takes down Phosphorus. Elfin is working for Tehran. Russian cyber troops come to help Venezuela’s Chavistas. Guilty plea expected in Martin case.03/28/2019
  169. 177.
    State cyber-espionage. Influence operations and coordinated inauthenticity. Add Lucky Elephant to the menagerie. ASUS supply chain updates. Notes on Norsk Hydro’s recovery. Reactions to the Mueller Report.03/27/2019
  170. 178.
    More on ASUS supply chain backdoor. FEMA data mishandling. LockerGoga ransomware. Mueller report responses.03/26/2019
  171. 179.
    Mueller finds no evidence of Russia collusion. ISIS no longer holds any ground. LockerGoga hits chemical plants. FEMA fumbles PII. Cyber 9/12. PewDiePie versus T-Series.03/25/2019
  172. 180.
    Ryuk ransomware relationship revelations — Research Saturday03/23/2019
  173. 181.
    Finland’s data protection authority investigates suspicious smartphone activity. GitHub repos are leaking keys. Cardiac devices can be hacked.03/22/2019
  174. 182.
    Russian APTs target EU governments. FIN7 is back. Google and Facebook scammed.03/21/2019
  175. 183.
    Norsk Hydro recovers from LockerGoga infection. Cyber conflict, cyber deterrence, and an economic case for security. EU out of compliance with GDPR? Big Tech in court. Thoughts on courtship.03/20/2019
  176. 184.
    LockerGoga hits Norse Hydro. Mirai botnet malware gets an update. The DHS is concerned about cybersecurity.03/19/2019
  177. 185.
    Online content and terrorism. Huawei’s shifting strategy. Venezuela’s grid failure is explicable by corruption and incompetence--no hacking or sabotage required. Gnostiplayers are back. AI and evil.03/18/2019
  178. 186.
    ThinkPHP exploit from Asia-Pacific region goes global — Research Saturday03/16/2019
  179. 187.
    Terror, announced and celebrated online. JavaScript sniffer afflicts e-commerce sites. Cryptojacking in the cloud. Perspectives on regulation, thoughts on a pervasive IoT. China’s IP protection law.03/15/2019
  180. 188.
    Indonesian election security. Watering hole in Pakistani passport site. RAT hunting. “Intelligence brute-forcing.” Just-patched zero-day exploited. PoS DGA attack. Operation Sheep. BND advises “nein” to Huawei.03/14/2019
  181. 189.
    Election security and influence operations. Hacking the Fleet. Undersea cable competition. 5G worries. Calls to rein in Big Tech. UN report outlines North Korean cyber crime (there’s a lot of it).03/13/2019
  182. 190.
    Venezuela power blackout updates. Social media and social control. Trojanized games. Free decryptor out for ransomware strain. Ads on Facebook. A look at 30 years of the web.03/12/2019
  183. 191.
    Allegations and information operations. Iridium group may have compromised Citrix. Sino-American trade and security conflicts continue. Fashions in trolling.03/11/2019
  184. 192.
    Job-seeker exposes banking network to Lazurus Group — Research Saturday03/09/2019
  185. 193.
    Chinese influence campaigns. Egyptian spear phishing. Hundreds of million email records exposed.03/08/2019
  186. 194.
    Scope of APT33 attacks revealed. GandCrab criminals shift tactics. Slub malware uses Slack.03/07/2019
  187. 195.
    5G worries. Whitefly vs. SingHealth. Speculative execution bug.03/06/2019
  188. 196.
    India hacks back. Rob Joyce discusses cyber conflict. Chinese hackers look for maritime technologies. Google reveals a macOS vulnerability.03/05/2019
  189. 197.
    Operation Sharpshooter. Canada begins extradition process. Huawei will sue the US. Facebook’s global lobbying practices revealed. Visitor management systems are vulnerable.03/04/2019
  190. 198.
    Fake Fortnite app scams infect gamers — Research Saturday03/02/2019
  191. 199.
    Qbot spreads. Bug hunting makes a millionaire. US Cyber Command shows what “persistent engagement” looks like. Huawei agonistes. There’s no Momo, really.03/01/2019
  192. 200.
    Third-parties can misconfigure, too. Coinhive goes out of business. Intel decides 5G project with Chinese partner is too hard. Bronze Union. Clearing Facebook data. Proper disposal of lawful intercept tools.02/28/2019

Listen to The CyberWire now.

Listen to The CyberWire in full in the Spotify app