CyberWire 公開
[search 0]
もっと

Download the App!

show episodes
 
Loading …
show series
 
The Zero Trust security model asserts that organizations should not trust anything within its perimeters and instead must inspect every traffic and verify anything connecting to its systems before granting access. While Zero Trust is generating a lot of buzz in the cyber world, it’s often hard to determine the implications of this security model. I…
 
Technical account manager Dominique West takes us on her career journey from engineering to cybersecurity. Even though her undergraduate degree was in information systems, Dominique did not learn about cybersecurity until she personally experienced credit card fraud. She had a range of positions from working the help desk in an art museum to vulner…
 
Guest LTC Erica Mitchell from Army Cyber Institute joins us to talk about their infrastructure resiliency research project called Jack Voltaic. The Army Cyber Institute’s (ACI’s) Jack Voltaic (JV) project enables the institute to study incident response gaps alongside assembled partners to identify interdependencies among critical infrastructure an…
 
DarkSide says it’s feeling the heat and is going out of business, but some of its affiliates are still out and active, for now at least. A popular hackers’ forum says it will no longer accept ransomware ads. The Bash Loader supply chain compromise afflicts another known victim. Colonial Pipeline resumes delivery of fuel. Irresponsible disclosure of…
 
The US Executive Order on Improving the Nation’s Cybersecurity is out. Colonial Pipeline partially resumed delivery of fuel yesterday evening, as its preparation for and response to the cyberattack it sustained receive scrutiny. The DarkSide’s extortion of the US pipeline company seems likely to prompt regulatory revision. DarkSide operators say th…
 
FireEye provides an overview of the DarkSide ransomware-as-a-service operation. Forcepoint suggests a connection between DarkSide and other ransomware gangs, notably REvil. Colonial Pipeline continues its recovery efforts from the cyber attack it sustained. As ransomware grows more common, CISA offers advice on how to prepare defenses. A new Androi…
 
Updates on the DarkSide ransomware attack on Colonial Pipeline. Other ransomware strains, including Avaddon and Babuk are out, and dangerous. Guidelines on 5G threat vectors. Lemon Duck cryptojackers are looking for vulnerable Exchange Server instances. A bogus, malicious Chrome app is circulating by smishing. Ben Yelin examines an online facial re…
 
Colonial Pipeline shuts down some systems after a ransomware attack, disrupting refined petroleum product delivery in the Eastern US. We’ll check in with Sergio Caltagirone from Dragos for his analysis. Other ransomware attacks hit city and Tribal governments. Joint UK-US alert on SVR tactics issued, and the SVR may have changed its methods accordi…
 
Good security gets out of the way of users while getting in the way of adversaries. Passwords fail on both accounts. Users feel the pain of adhering to complex password policies. Adversaries simply copy, break, or brute-force their way in. Why, then, have we spent decades with passwords as the primary factor for authentication?From the very first t…
 
VP of Global Solutions Architecture at eSentire Tia Hopkins shares her career journey and talks about its beginnings in engineering and pivots into cybersecurity leadership. Tia shares how she liked to take things apart when she was young, including the brand new computer her mother bought her and how she was fascinated by all the pieces of it spre…
 
Guest Mike McLellan from Secureworks joins us to share his team's insights about SUPERNOVA and threat group attribution. Similarities between the SUPERNOVA activity and a previous compromise of the network suggest that SPIRAL was responsible for both intrusions and reveal information about the threat group. In late 2020, Secureworks® Counter Threat…
 
CISA outlines the FiveHands ransomware campaign. Circumstantial evidence suggests that some cybergangs are either controlled by or are doing contract work for Russian intelligence services. US Federal agencies turn their attention to software supply chain security. Scripps Health continues its recovery from cyberattack. Insecure home routers in the…
 
Some possible insight into what a Chinese cyberespionage unit is up to. Hackathons, from Beijing to Washington (the one sponsored by Beijing developed an iPhone zero-day used against China’s Uyghurs). Panda Stealer is after crypto wallets. Microsoft's Kevin Magee reflects on lessons learned in the last year. Our own Rick Howard speaks with Todd Nei…
 
Belgium sustains a DDoS attack that knocks parliamentary sessions offline. New malware strains identified in phishing campaign. Threat actors look for ways of working around multi-factor authentication and open authentication. COVID-19 scams continue online, and attract law enforcement attention. Joe Carrigan describes a compromised password manage…
 
Pulse Secure patches its VPN, and CISA for one thinks you ought to apply those fixes. Apple has also patched two zero-days in its Webkit engine. Scripps Health recovers from what’s said to be a ransomware attack. Researchers describe Genesis, a criminal market for digital fingerprints. Ben Yelin described a grand jury subpoena for Signal user data.…
 
Possible data exposure at the Philippines’ Office of the Solicitor General. In the US, FISA surveillance targets dropped during 2020’s pandemic. The Babuk gang says it’s giving up encryption to concentrate on doxing. A new version of the Buer loader is out in the wild. Rick Howard looks at security in the energy sector. Betsy Carmelite from Booz Al…
 
CEO and co-founder of SafeGuard Cyber Jim Zufoletti shares his journey starting out as an intrepreneur and transformation into a serial entrepreneur in cybersecurity. Jim shares how he got his feet wet working for others as an intrepreneur and catching the entrepreneurial bug in the mid-90s. He has co-founded a number of companies starting with Fre…
 
Guest Jen Miller-Osborn from Palo Alto Networks' Unit 42 joins Dave to discuss their 2021 Unit 42 Ransomware Threat Report, which highlights a surge in ransomware demands based on a global analysis of the threat landscape in 2020. To evaluate the current state of the ransomware threat landscape, the Unit 42 threat intelligence team and the Crypsis …
 
The US Government expands its investigation into Pulse Secure VPN compromises. Microsoft discloses its discovery of BadAlloc IoT and OT vulnerabilities. Someone’s distributing Purple Lambert spyware. Chinese intelligence services seem to be backdooring the Russian defense sector. Financially motivated criminals are exploiting SonicWall VPN vulnerab…
 
An API bug may have exposed credit ratings. A study offers advice for the new anti-ransomware task forces emerging in the US and elsewhere. Israelis warned to keep their cyber-guard up on Quds Day next week. Russia says it would spot any US cyberattack before it hit. The US Congress considers establishing surge cyber response capacity. Dinah Davis …
 
Ghostwriter is back, and has moved its “chaos troops” against fresh targets in Poland and Germany. The Naikon APT has a new secondary backdoor. FluBot, temporarily inhibited by police raids, is back, and expanding its infection of Android devices across Europe. Microsoft is rethinking how much, and with whom, it wants to share vulnerability informa…
 
FBI, CISA, detail SVR cyber activities. Nine US Combatant Commands see declassification as an important tool in information warfare. A convergence of OPSEC and privacy? Apple fixes a significant Gatekeeper bypass flaw. Babuk ransomware hits DC police. A new twist in credential harvesting. Ben Yelin considers the FTCs stance on racially biased algor…
 
Zoom prankers deceive European members of parliament with a deepfake video call. A password manager is compromised. Europol took a good whack at Emotet yesterday, removing the botnet’s malware from infected machines. US response to the Holiday Bear campaign receives cautious good reviews. A cyberattack interferes with cancer treatments. Caleb Barlo…
 
Senior security researcher from Secureworks Marcelle Lee shares her career journey into cybersecurity and how she helps solve hard problems in her daily work. Marcelle came into cybersecurity not through any traditional path. She describes her route from a different field and starting in cyber at her local community college through a grant program.…
 
Proliferation of data continues to outstrip our ability to manage and secure data. The gap is growing and alarming,especially given the explosion of non-traditional smart devices generating, storing, and sharing information. As edge computing grows, more devices are generating and transmitting data than there are human beings walking the planet. Hi…
 
Loading …

クイックリファレンスガイド

Google login Twitter login Classic login