CyberWire Daily

2656 Episodes

1. Strategic titles point to something more than a commodity campaign. [Research Saturday]

   Published: 4/10/2021
2. A new Lazarus backdoor. Malvertising for a bogus Clubhouse app. Cryptojacking the academy. When is a cartel not a cartel? Strategic competition between the US and China. Choking Twitter.

   Published: 4/9/2021
3. Cring ransomware hits manufacturing plants. Distance learning difficulties. Hafnium’s patient approach to vulnerable Exchange Servers. The Entity List grows. 5G security standards.

   Published: 4/8/2021
4. A Chinese cyberespionage campaign is active against Vietnamese targets. The European Commission acknowledges cyberattacks are under investigation. Data scraping. Bogus apps. Molerats are dudes.

   Published: 4/7/2021
5. Watering holes, from Kiev to Canada. File transfer blues. What’s up in the criminal-to-criminal market. And an update on the old Facebook breach.

   Published: 4/6/2021
6. An old Facebook database handed over to skids (and it’s a big database). APTs look for vulnerable FortiOS instances. Cryptojacking in GitHub infrastructure. Risk and water utilities.

   Published: 4/5/2021
7. Greg Bell: Answer the question of "why?" [Open Source] [Career Notes]

   Published: 4/4/2021
8. Ezuri: Regenerating a different kind of target. [Research Saturday]

   Published: 4/3/2021
9. Goblin Panda sighting? The attempt on Ubiquiti. More universities feel the effects of the Accellion compromise. National Supply Chain Integrity Awareness Month. Down-market phishing.

   Published: 4/2/2021
10. Holiday Bear’s tricks. Phishing for security experts. Industrial cyberespionage. Human error and failure to patch. EO on breach disclosure discussed. Malware found in game cheat codes.

    Published: 4/1/2021
11. Cyberespionage and influence operations. Reading the US State Department’s mail. Risk management and strategic complacency. Volumetric attacks. Keeping suspect hardware out.

    Published: 3/31/2021
12. US considers how to settle accounts with Holiday Bear. International norms in cyberspace. Ransomware continues to surge against vulnerable Exchange Servers, and other criminal trends.

    Published: 3/30/2021
13. Cyberespionage in Germany. Australian network knocked off the air by a cyberattack. PHP shuts backdoor. Apple fixes a browser bug. FatFace pays up. Criminal charges: espionage and fraud.

    Published: 3/29/2021
14. Teresa Shea: The challenge of adapting new technologies. [Intelligence] [Career Notes]

    Published: 3/28/2021
15. How are we doing in the industrial sector? [Research Saturday]

    Published: 3/27/2021
16. Carding Mafia hacked by other criminals. Gangland extortion. Section 230 reform. Director NSA talks about cyber defense, especially foreign attacks staged domestically. Propaganda. Hacktivism.

    Published: 3/26/2021
17. Mamba ransomware’s evolution. Facebook acts against Evil Eye. Huawei is invited into OIC-CERT. Slack Connect gets poor security and privacy reviews. An excursus on fleeceware.

    Published: 3/25/2021
18. Trends in phishbait. Ransomware exploits vulnerable Exchange Servers. Purple Fox develops worm capabilities. Attacks on industrial production. Third-party risk. What’s on your mind, crooks?

    Published: 3/24/2021
19. Bonus Recorded Future Podcast: Correlating the COVID-19 Opportunist Money Trail

    Published: 3/24/2021
20. Updates on the state of Microsoft Exchange Server vulnerability, patching, and exploitation. Third-party breaches affect Shell and AFCEA. TikTok’s privacy. A manga site goes down.

    Published: 3/23/2021