3271 Episodes

  1. More on that Solorigate threat actor, especially its non-SolarWinds activity. Chimera’s new target list. Executive Order on reducing IaaS exploitation. The case of the stolen laptop.

    Published: 1/20/2021

  2. EMA emails altered before release in apparent disinformation effort. Vishing rising. Another backdoor found in SolarWinds supply chain campaign. An arrest and a stolen laptop.

    Published: 1/19/2021

  3. Encore: You will pay for that one way or another. [Caveat]

    Published: 1/18/2021

  4. Ann Johnson: Trying to make the world safer. [Business Development] [Career Notes]

    Published: 1/17/2021

  5. Manufacturing sector is increasingly a target for adversaries. [Research Saturday]

    Published: 1/16/2021

  6. Charming Kitten’s smishing and phishing. Solorigate updates. Supply chain attacks and the convergence of espionage and crime. Greed-bait. Ring patches bug. Best practices from NSA, CISA.

    Published: 1/15/2021

  7. SideWinder and South Asian cyberespionage. Project Zero and motivation to patch. CISA’s advice for cloud security. Classiscam in the criminal-to-criminal market. SolarLeaks misdirection?

    Published: 1/14/2021

  8. Looking for that threat actor “likely based in Russia.” SolarLeaks and a probably bogus offer of stolen files. Notes on Patch Tuesday.

    Published: 1/13/2021

  9. Cyberespionage campaign hits Colombia. New malware found in the SolarWinds incident. Mimecast certificates compromised. Ubiquiti tells users to reset passwords. Two wins for the good guys.

    Published: 1/12/2021

  10. More (ambiguous) evidence for attribution of Solorigate. CISA expands incident response advice. Inspiration, investigation, and deplatforming: notes from the Capitol Hill riot.

    Published: 1/11/2021

  11. Tom Gorup: Fail fast and fail forward. [Operations] [Career Notes]

    Published: 1/10/2021

  12. Emotet reemerges and becomes one of most prolific threat groups out there. [Research Saturday]

    Published: 1/9/2021

  13. The Solorigate cyberespionage campaign and sensitive corporate data. The cybersecurity implications of physical access during the Capitol Hill riot. Ransomware’s successful business model.

    Published: 1/8/2021

  14. CISA updates its alerts and directives concerning Solorigate as the investigation expands. Rioting, social media, and cybersecurity.

    Published: 1/7/2021

  15. Who worked through SolarWinds? An APT “likely Russian in origin,” says the US. Rattling backdoors, rifling cryptowallets, and asking victims if they’re ensured. No bail for Mr. Assange.

    Published: 1/6/2021

  16. It’s not Kates and Vals over Ford Island, but it’s not just a tourist under diplomatic cover taking pictures of Battleship Row, either. Another APT side hustle? To delist or not to delist.

    Published: 1/5/2021

  17. Threat actors were able to see Microsoft source code repositories. Zyxel closes a backdoor. Kawasaki discloses data exposure. Slack’s troubles. Julian Assange escapes extradition to the US.

    Published: 1/4/2021

  18. Ellen Sundra: Actions speak louder than words. [Engineering] [Career Notes]

    Published: 1/3/2021

  19. Encore: Unpacking the Malvertising Ecosystem. [Research Saturday]

    Published: 1/2/2021

  20. Andy Greenberg on the Sandworm Indictments. [Interview Selects]

    Published: 1/1/2021

87 / 164

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.