Research Saturday

By CyberWire Inc.

Every Saturday, we sit down with cybersecurity researchers to talk shop about the latest threats, vulnerabilities, and technical discoveries.

  1. 1.
    When big ransomware goes away, where should affiliates go?
    18:02
  2. 2.
    Groove Gang making a name for themselves.
    18:33
  3. 3.
    Taking a closer look at UNC1151.
    15:15
  4. 4.
    IoT security and the need for randomness.
    30:04
  5. 5.
    Vulnerabilities in the public cloud.
    20:04
  6. 6.
    An IoT educational exercise reveals a far-reaching vulnerability.
    20:56
  7. 7.
    A Google Chrome update that just didn't feel right.
    17:33
  8. 8.
    Like a computer network but for physical objects.
    21:22
  1. 9.
    Joker malware family: not a joke for Google Play.
    16:01
  2. 10.
    Exploring vulnerabilities of off-the-shelf software.
    14:03
  3. 11.
    You can add new features, just secure the old stuff first.
    28:53
  4. 12.
    SideCopy malware campaigns expand and evolve.
    17:50
  5. 13.
    China's influence grows through Digital Silk Road Initiative.
    18:12
  6. 14.
    Free malware with cracked software.
    14:04
  7. 15.
    Enabling connectivity enables exposures.
    18:23
  8. 16.
    Dealing illicit goods on encrypted chat apps.
    18:56
  9. 17.
    Malware in pirated Windows installation files.
    12:40
  10. 18.
    Exhibiting advanced APT-like behavior.
    20:23
  11. 19.
    Primitive Bear spearphishes for Ukrainian entities.
    13:19
  12. 20.
    Taking a look behind the Science of Security.
    22:15
  13. 21.
    Bad building blocks: a new and unusual phishing campaign.
    18:02
  14. 22.
    EtterSilent: a popular, versatile maldoc builder.
    18:30
  15. 23.
    Leveraging COVID-19 themes for malicious purposes.
    22:40
  16. 24.
    Jack Voltaic: critical infrastructure resiliency project, not a person.
    26:37
  17. 25.
    SUPERNOVA activity and its possible connection to SPIRAL threat group.
    18:01
  18. 26.
    A snapshot of the ransomware threat landscape.
    21:31
  19. 27.
    Bulletproof hosting (BPH) and how it powers cybercrime.
    15:25
  20. 28.
    Social engineering: MINEBRIDGE RAT embedded to look like job résumés.
    15:05
  21. 29.
    Strategic titles point to something more than a commodity campaign.
    20:34
  22. 30.
    Ezuri: Regenerating a different kind of target.
    17:04
  23. 31.
    How are we doing in the industrial sector?
    19:43
  24. 32.
    BendyBear: difficult to detect and downloader of malicious payloads.
    13:39
  25. 33.
    Keeping data confidential with fully homomorphic encryption.
    21:32
  26. 34.
    Diving deep into North Korea's APT37 tool kit.
    16:14
  27. 35.
    Shining a light on China's cyber underground.
    21:49
  28. 36.
    Attackers (ab)using Google Chrome.
    17:20
  29. 37.
    Using the human body as a wire-like communication channel.
    17:52
  30. 38.
    "Follow the money" the cybersecurity way.
    25:51
  31. 39.
    The Kimsuky group from North Korea expands spyware, malware and infrastructure.
    15:18
  32. 40.
    Trickbot may be down, but can we count it out?
    17:43
  33. 41.
    Manufacturing sector is increasingly a target for adversaries.
    22:26
  34. 42.
    Emotet reemerges and becomes one of most prolific threat groups out there.
    22:31
  35. 43.
    Encore: Unpacking the Malvertising Ecosystem. [Research Saturday]
    26:24
  36. 44.
    Encore: Seedworm digs Middle East intelligence. [Research Saturday]
    16:54
  37. 45.
    Advertising Software Development Kit (SDK): serving up more than just in-app ads and logging sensitive data.
    23:00
  38. 46.
    Following DOJ indictment, a look back on NotPetya and Olympic Destroyer research.
    30:41
  39. 47.
    SSL-based threats remain prevalent and are becoming increasingly sophisticated.
    13:45
  40. 48.
    Encore: Using global events as lures for malicious activity.
    19:43
  41. 49.
    Misconfigured identity and access management (IAM) is much more widespread.
    17:34
  42. 50.
    That first CVE was a fun find, for sure.
    25:25

Listen to Research Saturday now.

Listen to Research Saturday in full in the Spotify app