This browser doesn't support Spotify Web Player. Switch browsers or download Spotify for your desktop.

The CyberWire

By The CyberWire

More signal, less noise—we distill the day’s critical cyber security news into a concise daily briefing.

  1. 1.
    Not every incident is necessarily an attack. Not everything that purrs is a kitten (sometimes it’s a bear that would like you to think it’s a kitten). ICS security notes.10/21/2019
    15:06
  2. 2.
    Hoping for SOHO security — Research Saturday10/19/2019
    15:22
  3. 3.
    Clickfraud and third-parties (both SDKs and stores). Trojanized TOR browser steals from Russian users. WiFi bugs. Sketchy jailbreak. Big Tech on free speech. Cooperation against terrorism.10/18/2019
    25:40
  4. 4.
    Cozy Bear never really left. Iran denies it suffered a US cyberattack. Malicious WAV files. Darknet dragnet hauls in child exploitation ring. Graboid infests Docker hosts.10/17/2019
    20:28
  5. 5.
    Cyber retaliation for a kinetic attack, again. Industrial espionage from China. Botnet does sextortion. Typosquatting the other candidate. A poor approach to reputation management.10/16/2019
    19:07
  6. 6.
    Ransomware hits US, French companies. ISPs as combat support arms. Lawful intercept gone rogue? Lazarus Group is back and in GitHub. China’s security laws and security risks.10/15/2019
    20:48
  7. 7.
    Decrypting ransomware for good. — Research Saturday10/12/2019
    19:58
  8. 8.
    Ransomware and a zero-day. A newly discovered espionage platform. FIN7’s new tricks. Beijing speaks and Apple listens. A visit to NSA’s Cybersecurity Directorate.10/11/2019
    22:37
  1. 9.
    Alleged DIA leaker. Europol cybergang study. Protecting the DIB. Chinese information operations.10/10/2019
    19:40
  2. 10.
    Twitter and two-factor authentication. Privacy concerns. The US Senate Intelligence Committee reports on Russian troll farms. Turla is back with some new tricks.10/09/2019
    20:44
  3. 11.
    Riding herd on Mustang Panda. Drupalgeddon2 is out in the wild. VPN warnings and mitigations. Patch notes. An offer to share intelligence about Huawei. Presidential sites get low privacy grades.10/08/2019
    19:05
  4. 12.
    Iran hacks for influence. Brazilian PII up for auction. Prince Harry vs. Fleet Street. Electrical infrastructure cyber risk. Paying ransom. HildaCrypt developers say they’re going straight.10/07/2019
    17:08
  5. 13.
    The fuzzy boundaries of APT41. — Research Saturday10/05/2019
    22:58
  6. 14.
    Android vulnerability exploited in the wild. Careless spycraft. The Eye on the Nile. A new Chinese threat actor. A spoiling attack in the CryptoWars. Take election interference, please.10/04/2019
    25:19
  7. 15.
    A new threat group, Avivore, is called out in the Airbus hack. Ransomware and VPN exploit warnings. EU tells Facebook to take down some content, everywhere. Spearphishing ANU. SandCat’s bad opsec.10/03/2019
    20:01
  8. 16.
    RATs, ransomware, payloads, and unsecured data: a look at the cybercriminal underground.10/02/2019
    20:23
  9. 17.
    Piling on sanctions. The disinformation-as-a-service black market. Technological sovereignty through R&D investment? Ransomware continues to rise. NSA’s new Cybersecurity Directorate.10/01/2019
    20:24
  10. 18.
    Industrial firms disclose cyber incidents. US DHS to check airliner cybersecurity. RCMP security case update. Bulletproof host taken down. Gnosticplayers. Royal phish.09/30/2019
    19:18
  11. 19.
    Focusing on Autumn Aperture. — Research Saturday09/28/2019
    18:30
  12. 20.
    Supply chain hacks versus Airbus. Phishing around Google Cloud. Masad Clipper and Stealer on the criminal-to-criminal market. Quick zero-day exploitation. DoorDash hack. Inside JTF Ares.09/27/2019
    25:57
  13. 21.
    Lazarus Group in India. Suspected Chinese APT uses fake Narrator. Fleeceware. DNI testimony. TalkTalk hacker charged in US. Yahoo breach compensation. Chameleon spam campaign.09/26/2019
    20:43
  14. 22.
    Notes on Tortoiseshell. Fancy Bear snuffles around embassies and foreign ministries. Poison Carp targets Tibetan groups. GandCrab unretires. And Chameleon’s curious spam.09/25/2019
    20:16
  15. 23.
    Utility phishing. Google wins on the right to be forgotten. Transatlantic data transfer. Responsible state behavior in cyberspace. Huawei and 5G. Permanent Record, temporarily phishbait.09/24/2019
    18:59
  16. 24.
    YouTube account hijacking. Facebook finds more apps misusing data. Cyber deterrence in the Gulf region. Huawei’s CFO continues to fight extradition from Canada to the US. Pentesting blues.09/23/2019
    16:29
  17. 25.
    Leaky guest networks and covert channels. — Research Saturday09/21/2019
    15:29
  18. 26.
    Coordinated inauthenticity in five countries draws action from Twitter. Cryptomining continues. Huawei fights its ban in US Federal court. Notes from CISA’s Cybersecurity Summit.09/20/2019
    24:54
  19. 27.
    Notes from the CISA Summit. New DDoS vector reported. Medical images exposed online. Huawei and US sanctions. Engaging ISIS in cyberspace.09/19/2019
    18:30
  20. 28.
    Tortoiseshell threat-actor active in the Middle East. Simjacker less dangerous than thought? Decentralizing cyber attack. The Ortis affair. Mr. Snowden’s book deal.09/18/2019
    19:47
  21. 29.
    More updates on the Royal Canadian Mounted Police counterintelligence case. Australian elections and China’s interests. ISIS howls to the lone wolves. Ed Snowden would prefer Paris to Moscow.09/17/2019
    20:14
  22. 30.
    Espionage and counter-espionage in at least three of the FIve Eyes. New sanctions against North Korea. Password managers and flashlights.09/16/2019
    17:19
  23. 31.
    Bluetooth blues: KNOB attack explained. — Research Saturday09/14/2019
    17:00
  24. 32.
    CRASHOVERRIDE tried to be worse than it was. InnfiRAT scouts for wallets. Simjacker exploited in the Middle East. SINET 16 are out. Pentesting scope. Back up your files, Mayor.09/13/2019
    25:24
  25. 33.
    The StingRays that were n DC. Old-school file formats and attack code. Ransomware becomes spyware. Joker apps ejected from the Play store. Multifaceted deterrence. Advice on BEC.09/12/2019
    19:16
  26. 34.
    Cobalt Dickens, coming to a university library near you. UNICEF data exposure. Election security notes. Operation reWired arrests 281 alleged BEC scammers.09/11/2019
    20:54
  27. 35.
    US National Security Advisor to be replaced. Stealth Falcon’s new backdoor. DDoS, social engineering investigations proceed. Exfiltrating an agent. Patch Tuesday notes.09/10/2019
    20:46
  28. 36.
    BEC attack pulls millions from car parts company. Wikipedia DDoS. NERC and FERC on grid hacking. Trolling Pyongyang. Mike Hammer goes to the DMV.09/09/2019
    15:55
  29. 37.
    VOIP phone system harbors decade-old vulnerability. — Research Saturday09/07/2019
    26:07
  30. 38.
    China hacks to track. Turning the enemy’s weapons against them? Notes from the Billington CyberSecurity Summit. Anti-trust investigations for Facebook and, probably, Google.09/06/2019
    25:53
  31. 39.
    Scraped data found gurgling around in an unsecured third-party database. Ransomware and election security. Spy in your pocket? (Probably not.) Guilty plea in the Satori case.09/05/2019
    19:14
  32. 40.
    Ransomware, Bitcoin, underwriters, and the bandit economy. OTA provisioning could lead to subtle phishing. Alleged spammers indicted. ZAO flashes and flickers out, for now.09/04/2019
    19:02
  33. 41.
    Stuxnet’s story. Watering hole was designed to attract China’s Muslim minority. USBAnywhere affects some Supermicro servers. Twitter’s CEO has his Twitter stream hijacked.09/03/2019
    19:59
  34. 42.
    Emotet's updated business model — Research Saturday08/31/2019
    23:06
  35. 43.
    Watering hole for iPhones. Dental record service hit with ransomware. Huawei reportedly under investigation for IP theft. “erratic” faces cryptojacking charges. Farewell to a Bletchley Wren.08/30/2019
    21:29
  36. 44.
    Cyberattacks and intelligence trade-offs. TrickBot’s new interests. Fancy Bear versus machine learning. Facebook looks for more ad transparency. Retadup take-down.08/29/2019
    19:44
  37. 45.
    LYCEUM active against Middle Eastern energy-sector targets. LinkedIn used to recruit spies. Autonomous car expert indicted. Imperva exposure. VPN software patches. AI writes.08/28/2019
    20:18
  38. 46.
    Hostinger resets passwords after an intrusion. Social media fraud. Notes on RATs and ransomware. Free decryptor for Syrk. Hedge funds go bananas.08/27/2019
    19:44
  39. 47.
    BioWatch info potentially exposed. Scammers indicted. Ukrainian cryptojacking exposed sensitive data. Social engineering notes. Boo birds and lawsuits. Data use and privacy. Low-earth orbit hack.08/26/2019
    19:49
  40. 48.
    Gift card bots evolve and adapt — Research Saturday08/24/2019
    23:28
  41. 49.
    Google takes down YouTube influence operation. Cryptomining in a nuclear plant. Spyware in the Google Play Store.08/23/2019
    22:28
  42. 50.
    North Korean and Chinese cyber espionage. Updates on Texas ransomware. Steam zero-day released.08/22/2019
    20:04
  43. 51.
    China criticizes Twitter and Facebook. Silence expands internationally. A popular Ruby library was backdoored.08/21/2019
    20:38
  44. 52.
    Chinese information operations on Twitter and Facebook. iOS jailbreak released. Adult websites leak information.08/20/2019
    21:09
  45. 53.
    ISIS claims Kabul massacre. Huawei gets a temporary break. Texas governments hit by ransomware. Hy-Vee warns of point-of-sale attack.08/19/2019
    19:26
  46. 54.
    Detecting dating profile fraud — Research Saturday08/17/2019
    25:03
  47. 55.
    ECB sustains an intrusion into a third-party-hosted service. Norman quietly mines Monero. MetaMorph appears in a stealthy phishing campaign. Information operations.08/16/2019
    23:27
  48. 56.
    Huawei accused of abetting domestic surveillance in Africa. Cyber gangs adapt and evolve. Prosecutors indicate they’ll add charges to “erratic.” Bluetana detects card skimmers.08/15/2019
    18:32
  49. 57.
    Hacking the Czech Foreign Ministry. Microsoft patches new wormable bugs. More controversial human review of AI. Insecure links, exposed databases, and a California vanity plate.08/14/2019
    20:07
  50. 58.
    UN Security Council looks at North Korean cybercrime. Notes on PsiXBot and BITTER APT. The state of spearphishing. Election security. A final look back at Black Hat and Def Con.08/13/2019
    20:15
  51. 59.
    A look back at Black Hat and Def Con. Sometimes failures that look like accidents are accidents. Russia wants better content suppression from Google. Notes on intelligence services.08/12/2019
    20:35
  52. 60.
    Unpacking the Malvertising Ecosystem — Research Saturday08/10/2019
    26:08
  53. 61.
    Voting machine security. Airliner firmware. Attribution and deterrence in cyberwar. Monitoring social media. Broadcom buys Symantec’s enterprise security business. Policing, privacy, and an IoT OS.08/09/2019
    25:06
  54. 62.
    Hacking in the Gulf region. Vulnerability research into airliner avionics. Phishing and ransomware move to the cloud. EU data responsibilities. US bans five Chinese companies.08/08/2019
    19:42
  55. 63.
    Another speculative execution flaw. LokiBot evolves. APT41 moonlights. Scammers exploit tragedies. Black Hat notes.08/07/2019
    20:07
  56. 64.
    Fancy Bear is snuffling around corporate IoT devices. Machete takes its cuts at Venezuelan military targets. What Mr. Kim is buying. MegaCortex goes for automation. Vigilantes, misconfigurations, etc.08/06/2019
    20:43
  57. 65.
    Ransomware attacks in Mexico and Germany. Wipers in criminal service. Supervising Siri and Alexa. Mass shooters find inspiration and online expression.08/05/2019
    18:27
  58. 66.
    Package manager repository malware detection — Research Saturday08/03/2019
    11:37
  59. 67.
    Spearphishing utility companies. Bellingcat as gadfly, and target. Facebook takes down more coordinated inauthenticity. Card skimming. Tech regulation. Random acts of cruelty.08/02/2019
    24:34
  60. 68.
    Capital One investigation update. Don’t give up on the cloud. Exposed databases and backdoors. Cybercrime as high-stakes poker. Phishing the financials. Bots on holiday.08/01/2019
    20:42
  61. 69.
    Capital One breach update. CISA warns of avionics CAN bus vulnerabilities. More attacks on local Louisiana governments. Change at the SEC. Cyber summer school for NATO, EU diplomats.07/31/2019
    19:48
  62. 70.
    Capital One sustains a major data breach. Phishing in LinkedIn. VxWorks patches and mitigations. Brute-forcing NAS credentials. LAPD doxed?07/30/2019
    20:21
  63. 71.
    Bears sniff at Bellingcat. Magecart in spoofed domains. MyDoom is still active. Shipboard malware was Emotet. Hutchins sentenced. Digital assistants have big ears. Taxes owed on alt-coin gains.07/29/2019
    19:53
  64. 72.
    Special Edition - Cult of the Dead Cow author Joseph Menn extended interview07/28/2019
    23:17
  65. 73.
    Day to day app fraud in the Google Play store — Research Saturday07/27/2019
    20:07
  66. 74.
    Winnti and other Chinese espionage activity. Volume I of the US Senate report on election meddling is out. Ransomware from Sabine, Louisiana, to Johannesburg, South Africa.07/26/2019
    25:35
  67. 75.
    News about Russian and Chinese government threat actors. Powerful crimeware active in Brazil. BlueKeep really needs to be patched. Messenger Kids issues. Dispatches from the cryptowars.07/25/2019
    20:08
  68. 76.
    Lancaster University breached. Kazakhstan is testing out HTTPS interception. The UK postpones its decision on Huawei’s 5G gear. The FTC is requiring Facebook to set up a privacy committee.07/24/2019
    19:17
  69. 77.
    Venezuela blames power failure on exotic sabotage, again. Huawei may have built North Korea’s 3G wireless networks. Were record privacy fines high enough? Logic bombing the customer.07/23/2019
    19:26
  70. 78.
    FSB contractor hacked. Pegasus now able to rummage clouds? Iranian cyber ops spike. Fraudulent student profiles. Judgement in Equifax FTC case. NSA hoarder gets nine years.07/22/2019
    19:56
  71. 79.
    Special Edition — The Fifth Domain coauthor Richard A. Clarke07/21/2019
    22:39
  72. 80.
    Nansh0u not your normal cryptominer — Research Saturday07/20/2019
    17:47
  73. 81.
    Following K3chang. Bulgaria’s tax agency breach. An alternative currency gets some incipient regulatory scrutiny. Why towns are hit with ransomware. A hair-care hack.07/19/2019
    24:46
  74. 82.
    TrickBot’s new tricks. Poisoning the ad supply chain. Clouds get schooled. Novel phishing tackle, but stale bait. Cyberwar powers. Election interference. FaceApp fears. Bad macro suspect arrested.07/18/2019
    19:45
  75. 83.
    Telco data breach. Firmware supply chain problems. Hacking BLE. Census security. Continuity of operations. Decryptor for GandCrab, NSPM 13. Bulgaria’s tax hack.07/17/2019
    20:31
  76. 84.
    GandCrab hoods may be back with new ransomware. Video-on issues. Broadcom-Symantec talks are off, for now. Treason or just business? Robo-calls. A decryptor for Ims0rry ransomware.07/16/2019
    19:46
  77. 85.
    Voting machine woes. Router exploits trouble Brazil, Bitpoint alt-coin exchange investigates theft. Facebook fined $5 billion. Power failures probably unrelated to cyberattacks. Amazon Prime phishing.07/15/2019
    19:38
  78. 86.
    Opportunistic botnets round up vulnerable routers — Research Saturday07/13/2019
    18:03
  79. 87.
    Buhtrap gets into the spying game. US cyber operations against Iran considered: there are both strategic and Constitutional issues. Election security. Water bills. And again with the WannaCry.07/12/2019
    23:50
  80. 88.
    Magecart is getting interested in exposed databases. Agent Smith may be in your Android app store. Tracking FinSpy. A contractor gets spearphished.07/11/2019
    20:08
  81. 89.
    Zoom addresses concerns about call joining and cameras. ICS vulnerabilities addressed. Patch Tuesday notes. Tracing a disinformation campaign.07/10/2019
    20:43
  82. 90.
    Security issues with Zoom for Macs. Astaroth fileless malware reported in Brazil. GoBotKR distributed by torrent. ICO hits British Airways with a record fine. State attacks and state defenses.07/09/2019
    20:16
  83. 91.
    Another ransomware victim pays extortionists. Business email compromise. Government impostor scams. ShadowBrokers still airborne. Exploit supply chain. Silence suspected in bank heists.07/08/2019
    20:23
  84. 92.
    Warnings of Outlook exploitation, with a possible Iranian connection. GPS jamming in the Eastern Med. Satellite vulnerabilities. 505 errors. TA505’s new tactics. Content moderation updates.07/03/2019
    20:10
  85. 93.
    US-Iranian tension expressed in cyberspace. OceanLotus and Ratsnif. Ransomware in Georgia, again. Going low-tech to protect the grid. Magecart update. Cryptowars and agency equities.07/02/2019
    19:37
  86. 94.
    Huawei spits the hook? CISA warns about the risk of Iranian cyberattack. Power grid security. Cryptocurrency and fraud. Content moderation. Senators like Hack the Pentagon.07/01/2019
    20:13
  87. 95.
    Giving everyone a stake in the success of Open Source implementation — Research Saturday06/29/2019
    21:47
  88. 96.
    Regin in Yandex? Golang is out and busy. So is the ShadowGate crew. The ICO wants an explanation from the Metropolitan Police. Trackers in news sites. Phishing those who seek “Verification.”06/28/2019
    24:36
  89. 97.
    Washington and Tehran confront one another in cyberspace. Dominion National investigates data incident. Facebook on info ops (and identity). Labor market notes. Skids on skids.06/27/2019
    20:29
  90. 98.
    Militia said to be target of US cyberattack. Myanmar shuts down networks. Spam campaign. Supply chain issues for Huawei gear. Election security. Recovering from ransomware by paying up?06/26/2019
    20:11
  91. 99.
    Operation Soft Cell targets mobile networks. DC and Tehran trade barbs. Critical infrastructure concerns. Maryland’s Cyber Defense Initiative.06/25/2019
    20:34
  92. 100.
    Notes on a reported US cyberattack against Iran. A look at “Secondary Infektion.” And some cases of cyber stalking.06/24/2019
    19:10
  93. 101.
    Middleboxes may be meddling with TLS connections — Research Saturday06/22/2019
    21:49
  94. 102.
    US-Iranian tensions find expression in cyberspace as Refined Kitten returns. Facebook tries friction against abuse. Cryptominers in the wild. Lead generation for cyber criminals.06/21/2019
    24:57
  95. 103.
    Turla hijacks OilRig infrastructure. Bouncing Golf is no game. CISA panel recommends supply chain security reforms. AMCA driven toward bankruptcy by data breach. Florida town pays ransom.06/20/2019
    19:59
  96. 104.
    BlueKeep, again. Facebook’s cryptocurrency play. Updates on alleged or suspected electrical grid hacks. Catphishing and spying. Compromised social media accounts.06/19/2019
    19:51
  97. 105.
    Power grids, accidents, the challenge of forensics, and the nature of deterrence. BlueKeep considerations. Third- and fourth-party risks.06/18/2019
    20:07
  98. 106.
    Cyber deterrence? What grid failure looks like (and it needn’t come from a cyberattack). EU complains of Russian info ops. Twitter takes down inauthentic accounts.06/17/2019
    20:17
  99. 107.
    Apps on third-party Android store carry unwelcome code — Research Saturday06/15/2019
    12:17
  100. 108.
    Xenotime is now interested in the power grid. Vulnerable Exim servers under attack. Mr. Assange goes to court. Credential-stuffing attacks on gamers. And that Ms Katie Jones? Not a real person.06/14/2019
    24:49
  101. 109.
    Telegram recovers from DDoS. Fishwrap campaign breaks old news. Ransomware hits ACSO plants. Congress considers hacking back, again. That ol’ devil limbic system.06/13/2019
    20:17
  102. 110.
    Shifting techniques in cybercrime. Miscreants take note: “the aperture” will henceforth be wider for US Cyber Command and offensive ops. What Radiohead did.06/12/2019
    20:31
  103. 111.
    Russia’s sovereign Internet. Huawei updates. CBP discloses exposure of images collected at a border crossing. Gmail features used for social engineering. M&A notes. Top bugs found by bounty hunters.06/11/2019
    20:17
  104. 112.
    An espionage campaign succeeds without zero-days. Spam serves up old Office exploit. Disinformation makes it into YouTube. The Huawei Affair. Raytheon to be acquired.06/10/2019
    17:06
  105. 113.
    Xwo scans for default credentials and exposed web services — Research Saturday06/08/2019
    14:42
  106. 114.
    Recruiting spies at university? GoldBrute botnet and RDP vulnerabilities. MuddyWater update. RIG delivers Buran. Achilles claims to sell access. NRC’s IG reports on cyber. Antitrust for Big Tech.06/07/2019
    25:42
  107. 115.
    BlueKeep proofs-of-concept. BeiTaAd plug-in is a serious Android pest. Cyber espionage against the EU’s Moscow embassy. Influence operations. A motive for GPS spoofing?06/06/2019
    19:48
  108. 116.
    AMCA breach extends to LabCorp. Still no EternalBlue in Baltimore ransomware attack. Frankenstein malware. Real hacking isn’t like the movies. Huawei’s no-spy deal. US Data Strategy. Patch BlueKeep.06/05/2019
    20:31
  109. 117.
    Iranian brute-forcing tool leaked. Third-party data breach touches medical testing company. Ransomware news and updates. An antitrust look at Silicon Valley?06/04/2019
    19:55
  110. 118.
    Recovery from network congestion. GandCrab to close. BlackSquid drops XMRig. BlueKeep patching lags. Crypto for criminals trial. Antitrust investigation of Google. “Persistence of Chaos” sold.06/03/2019
    20:45
  111. 119.
    Blockchain bandits plunder weak wallets — Research Saturday06/01/2019
    19:11
  112. 120.
    Malicious misdirection. Found on the subway. A summary of file exposure. Turla’s back, and as clever as ever. ICRC proposes rules of cyberwar. Baltimore ransomware update.05/31/2019
    25:41
  113. 121.
    Malicious misdirection. Found on the subway. A summary of file exposure. Turla’s back, and as clever as ever. ICRC proposes rules of cyberwar. Baltimore ransomware update.05/30/2019
    20:20
  114. 122.
    Special Counsel Mueller speaks about his investigation of Russian influence in the 2016 US presidential campaign. Iranian coordinated inauthenticity. BlueKeep, Pegasus updates.05/29/2019
    20:55
  115. 123.
    Sensitive mortgage documents left exposed online. Someone’s scanning for BlueKeep RDP issues. Huawei updates. The case of Baltimore City’s ransomware.05/28/2019
    15:18
  116. 124.
    A fresh look at GOSSIPGIRL and the Supra Threat Actors — Research Saturday05/25/2019
    29:26
  117. 125.
    Stone Panda update. A new strain of Mirai. Bogus cryptocurrency apps are trending in Google Play. Mr. Assange is charged under the Espionage Act. Info ops. Law firms as phishbait.05/24/2019
    25:17
  118. 126.
    NATO and UK to Russia: hands off elections and infrastructure. More trouble for Huawei, and maybe for others. Notes from the Cyber Investing Summit. Equifax downgraded over 2017 breach. Is it art?05/23/2019
    20:30
  119. 127.
    Fancy Bear fingered, again. Warnings for travelers. Political parties get a cybersecurity grade. Updates on US restrictions on Chinese companies.05/22/2019
    19:39
  120. 128.
    BlackWater snoops through the Middle East. TeamViewer hacked. Android app behaving badly. A misconfigured database with scraped Instagram data. Ransomware notes. Huawei updates.05/21/2019
    18:01
  121. 129.
    Huawei agonistes. Hacktivism is way down. New EU sanctions regime. Facebook goes after more coordinated inauthenticity. Salesforce still fixing its fix. OGuser hacked.05/20/2019
    20:03
  122. 130.
    Elfin APT group targets Middle East energy sector — Research Saturday05/18/2019
    15:18
  123. 131.
    Slack closes a vulnerability. Email tracking in a court martial. Restrictions on doing business with Huawei come into place. A case of responsible disclosure.05/17/2019
    25:27
  124. 132.
    US Executive Order aimed at China, and Huawei. Hunting backdoors in Dutch networks. Spyware proliferation. Cipher stunting. Titan key spoofing. Meaconing warning. Exposed PII in Russia.05/16/2019
    20:37
  125. 133.
    Sharing espionage tools and infrastructure. Speculative execution flaws found in Intel chips. A big Patch Tuesday. CrowdStrike’s IPO. WhatsApp exploitation. Cyber Solarium. Ransomware in Baltimore.05/15/2019
    18:03
  126. 134.
    Russians hacked two Florida counties. Fxmsp targets named. WhatsApp patches spyware-enabling flaws. Breach costs. Cisco patches routers. Endless Mayfly’s endless hogwash.05/14/2019
    20:35
  127. 135.
    Security companies allegedly hacked by Fxmsp remain unidentified. SharePoint bug exploited in the wild. G7 preps major cyber exercise. Anthem hack motive? Amnesty takes NSO Group to court.05/13/2019
    16:07
  128. 136.
    Steganography enables sophisticated OceanLotus payloads — Research Saturday05/11/2019
    17:30
  129. 137.
    Breaches at AV companies? Pyongyang’s ElectricFish. Symantec’s CEO steps down. Calls to break up Facebook and regulate the pieces. US Federal indictments for leaks and breaches. Verizon DBIR reviewed.05/10/2019
    24:46
  130. 138.
    Someone is after Tehran’s hackers. GitLab misconfiguration. AI’s attack potential. Amazon pursues hackers who defrauded sellers. DeepDotWeb indictments. Evil Clippy. Lunch hacks in San Mateo.05/09/2019
    18:57
  131. 139.
    Turla’s new backdoor. Verizon’s 2019 Data Breach Investigations Report. Bad actors seek to influence the EU. US CYBERCOM preps for 2020. Baltimore’s ransomware. Monolingual content moderation.05/08/2019
    20:23
  132. 140.
    Reverse engineering Equation Group attack tools (and putting them to bad use). Hacking, jamming, and airstrikes. Taking down coordinated inauthenticity. How big is the dark web?05/07/2019
    20:32
  133. 141.
    Supply chain hacking campaign looks like espionage. Airstrikes versus hackers. FTC versus Facebook. Notes from the Global Cyber Innovation Summit. What’s up with MegaCortex.05/06/2019
    20:47
  134. 142.
    Sea Turtle state-sponsored DNS hijacking — Research Saturday05/04/2019
    23:32
  135. 143.
    Utility hack update. Surveillance tool proliferation. Exploit black market. Novel ransomware, old distro channel. Notes from the Global Cyber Innovation Summit.05/03/2019
    25:33
  136. 144.
    Wipro update. Office 365 attacks. The "Smart Content Store" is bad mojo. Russian Internet sovereignty. Global Cyber Innovation Summit notes.05/02/2019
    17:13
  137. 145.
    US Energy Department alludes to March cyber incident. BND 19-02 is out. Facebook likes privacy. Assange gets a short nickel.05/01/2019
    20:16
  138. 146.
    Telnet may not be the backdoor you’re looking for. Large PII database left exposed by parties unknown. DHS has a Critical Functions List. ISIS inspiration is back.04/30/2019
    20:05
  139. 147.
    IoT devices exposed in peer-to-peer software vulnerability. Car hacking claims. More warnings of possible violence in Sri Lanka. Curating app stores for security. eScooter’s “voices” hacked.04/29/2019
    15:10
  140. 148.
    Deep Learning threatens 3D medical imaging integrity — Research Saturday04/27/2019
    21:09
  141. 149.
    Sri Lanka bombing investigation updates. Cryptojacking targets enterprises in East Asia. Oracle web server zero-day. The criminal-to-criminal credential-stuffing market. Who talked about Huawei in UK?04/26/2019
    24:41
  142. 150.
    Pledging allegiance to ISIS, and then going forth to kill. Adware in Google Play. Context-aware phishbait. Facebook and the FTC. Server crash or exit scam?04/25/2019
    20:49
  143. 151.
    Sri Lanka bombing investigation update. Christchurch call. ShadowHammer moves upstream. Carbanak in VirusTotal after all. Spoofing banks. Bots vs. Mueller Report. ASD’s best practices.04/24/2019
    20:48
  144. 152.
    ISIS claims responsibility for Sri Lanka massacre. Spearphishing embassies in Europe. How the Blockchain Bandit probably did it. Mexican embassy doxed.04/23/2019
    20:06
  145. 153.
    Sri Lanka’s social media clamp-down, and investigation of Easter massacres. CIA said to have details on Huawei’s relationship with China’s security services. Marcus Hutchins pleads guilty.04/22/2019
    16:05
  146. 154.
    Undetectable vote manipulation in SwissPost e-voting system — Research Saturday04/20/2019
    25:59
  147. 155.
    Observations on the Mueller Report. Doxing Iranian intelligence. Insecure messaging. Old Excel macros. Wipro hack and gift cards.04/19/2019
    24:50
  148. 156.
    Mueller Report is out. Sea Turtle DNS-manipulation campaign. Over-privileged and under-honest apps kicked out of Google Play. Facebook has another privacy incident. Fraud and destruction.04/18/2019
    20:53
  149. 157.
    Spearphishing from “Luhansk.” Pro-Assange hacktivism. Another undercover private eye? Pirated Game of Thrones episodes carry malware.04/17/2019
    19:58
  150. 158.
    Fraud will follow fire, alas. Wipro compromise. DDoS in Ecuador. Brazil’s hacker underground. Selling a keylogger. Facebook and data. EU copyright law. Huawei’s prospects. Fact-checkin’, fer real.04/16/2019
    19:47
  151. 159.
    ISIS inspiration in exile. Facebook’s Sunday outage. A Microsoft IE bug, and a web-mail breach. Issues with VPNs. Last minute tax scams. Oculus Easter eggs.04/15/2019
    15:33
  152. 160.
    The ghost and the mole; Eric O'Neill's Gray Day — Special Edition04/14/2019
    37:47
  153. 161.
    Establishing software root of trust unconditionally — Research Saturday04/13/2019
    22:28
  154. 162.
    Mr. Assange’s courthouse future(s). Dragonblood Wi-Fi vulnerabilities. Tax fraud and identity theft dark web souks.04/12/2019
    24:29
  155. 163.
    Julian Assange is out of the embassy and in custody. Pyongyang’s HOPLIGHT. Operations SneakyPastes. Incident response planning blues. High school jam.04/11/2019
    20:08
  156. 164.
    The Triton actor seems to be back. Project TajMahal is after diplomatic secrets. California’s motor-voter program and a DMV hack.04/10/2019
    17:55
  157. 165.
    GossipGirl, the supra threat actor. LockerGoga’s destructive functionality. More hacking allegations out of Caracas. Revolutionary Guard now a designated terrorist group. Creepy crime.04/09/2019
    20:48
  158. 166.
    US DHS Secretary Nielsen resigns. Credential stuffing campaigns. Cryptojacking disrupts a business. A duty of care, online. Tax season scams.04/08/2019
    15:43
  159. 167.
    Lessons learned from Ukraine elections — Research Saturday04/06/2019
    23:13
  160. 168.
    Crooks use Facebook, too. Congress asks FEMA for an explanation. Card skimmers in Mexico.04/05/2019
    20:48
  161. 169.
    Keeping Winnti out of the goods while keeping an eye on them. GlitchPOS malware. What do apps want? Third-party Facebook data exposure. Digital hygiene. A scareware scam.04/04/2019
    20:34
  162. 170.
    For OceanLotus, a picture is worth a thousand words (or at least a few lines of loader code). Georgia Tech breached. Mounties raid offices associated with Orcus RAT.04/03/2019
    20:44
  163. 171.
    Ransomware deletes dupes. Exodus scandal grows in Italy. Election reports from Ukraine and Israel.04/02/2019
    20:26
  164. 172.
    Patch Magento soon. Toyota hacked again. Exodus spyware hits app stores. Moscow seeks to corral VPN providers. Facebook wants regulation. Swatting sentence. Phishing tackle in Nigeria.04/01/2019
    18:05
  165. 173.
    Bonus Episode: The grugq illuminates influence operations03/31/2019
    34:44
  166. 174.
    Alarming vulnerabilities in automotive security systems — Research Saturday03/30/2019
    18:41
  167. 175.
    Russian information operations, and lessons on election security from the Near Abroad. Magneto proof-of-concept exploit. Huawei, security, and bugs. Training AI. Labor market news.03/29/2019
    24:40
  168. 176.
    Gustuff is out and after Android devices. Microsoft takes down Phosphorus. Elfin is working for Tehran. Russian cyber troops come to help Venezuela’s Chavistas. Guilty plea expected in Martin case.03/28/2019
    19:57
  169. 177.
    State cyber-espionage. Influence operations and coordinated inauthenticity. Add Lucky Elephant to the menagerie. ASUS supply chain updates. Notes on Norsk Hydro’s recovery. Reactions to the Mueller Report.03/27/2019
    20:46
  170. 178.
    More on ASUS supply chain backdoor. FEMA data mishandling. LockerGoga ransomware. Mueller report responses.03/26/2019
    20:20
  171. 179.
    Mueller finds no evidence of Russia collusion. ISIS no longer holds any ground. LockerGoga hits chemical plants. FEMA fumbles PII. Cyber 9/12. PewDiePie versus T-Series.03/25/2019
    19:32
  172. 180.
    Ryuk ransomware relationship revelations — Research Saturday03/23/2019
    21:38
  173. 181.
    Finland’s data protection authority investigates suspicious smartphone activity. GitHub repos are leaking keys. Cardiac devices can be hacked.03/22/2019
    23:27
  174. 182.
    Russian APTs target EU governments. FIN7 is back. Google and Facebook scammed.03/21/2019
    19:35
  175. 183.
    Norsk Hydro recovers from LockerGoga infection. Cyber conflict, cyber deterrence, and an economic case for security. EU out of compliance with GDPR? Big Tech in court. Thoughts on courtship.03/20/2019
    19:54
  176. 184.
    LockerGoga hits Norse Hydro. Mirai botnet malware gets an update. The DHS is concerned about cybersecurity.03/19/2019
    18:56
  177. 185.
    Online content and terrorism. Huawei’s shifting strategy. Venezuela’s grid failure is explicable by corruption and incompetence--no hacking or sabotage required. Gnostiplayers are back. AI and evil.03/18/2019
    16:23
  178. 186.
    ThinkPHP exploit from Asia-Pacific region goes global — Research Saturday03/16/2019
    11:42
  179. 187.
    Terror, announced and celebrated online. JavaScript sniffer afflicts e-commerce sites. Cryptojacking in the cloud. Perspectives on regulation, thoughts on a pervasive IoT. China’s IP protection law.03/15/2019
    21:54
  180. 188.
    Indonesian election security. Watering hole in Pakistani passport site. RAT hunting. “Intelligence brute-forcing.” Just-patched zero-day exploited. PoS DGA attack. Operation Sheep. BND advises “nein” to Huawei.03/14/2019
    20:11
  181. 189.
    Election security and influence operations. Hacking the Fleet. Undersea cable competition. 5G worries. Calls to rein in Big Tech. UN report outlines North Korean cyber crime (there’s a lot of it).03/13/2019
    20:22
  182. 190.
    Venezuela power blackout updates. Social media and social control. Trojanized games. Free decryptor out for ransomware strain. Ads on Facebook. A look at 30 years of the web.03/12/2019
    20:10
  183. 191.
    Allegations and information operations. Iridium group may have compromised Citrix. Sino-American trade and security conflicts continue. Fashions in trolling.03/11/2019
    16:53
  184. 192.
    Job-seeker exposes banking network to Lazurus Group — Research Saturday03/09/2019
    22:10
  185. 193.
    Chinese influence campaigns. Egyptian spear phishing. Hundreds of million email records exposed.03/08/2019
    22:57
  186. 194.
    Scope of APT33 attacks revealed. GandCrab criminals shift tactics. Slub malware uses Slack.03/07/2019
    20:54
  187. 195.
    5G worries. Whitefly vs. SingHealth. Speculative execution bug.03/06/2019
    20:10
  188. 196.
    India hacks back. Rob Joyce discusses cyber conflict. Chinese hackers look for maritime technologies. Google reveals a macOS vulnerability.03/05/2019
    19:47
  189. 197.
    Operation Sharpshooter. Canada begins extradition process. Huawei will sue the US. Facebook’s global lobbying practices revealed. Visitor management systems are vulnerable.03/04/2019
    15:21
  190. 198.
    Fake Fortnite app scams infect gamers — Research Saturday03/02/2019
    15:16
  191. 199.
    Qbot spreads. Bug hunting makes a millionaire. US Cyber Command shows what “persistent engagement” looks like. Huawei agonistes. There’s no Momo, really.03/01/2019
    23:06
  192. 200.
    Third-parties can misconfigure, too. Coinhive goes out of business. Intel decides 5G project with Chinese partner is too hard. Bronze Union. Clearing Facebook data. Proper disposal of lawful intercept tools.02/28/2019
    20:49

Listen to The CyberWire now.

Listen to The CyberWire in full in the Spotify app