1,999本のエピソード

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

CyberWire Daily CyberWire, Inc.

    • テクノロジー
    • 4.2 • 5件の評価

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

    DDoS threat to Lithuania continues. Hacktivists hit Iranian steel mill. Bumblebee loader takes C2C markteshare. CISA adds Known Exploited Vulnerabilities. Music piracy. Where do spies go?

    DDoS threat to Lithuania continues. Hacktivists hit Iranian steel mill. Bumblebee loader takes C2C markteshare. CISA adds Known Exploited Vulnerabilities. Music piracy. Where do spies go?

    Distributed denial-of-service attacks against Lithuania. Dark Crystal RAT described. Iranian steel mill suspends production due to cyberattack. Bumblebee rising. CISA adds to its Known Exploited Vulnerabilities Catalog. Music pirate sites brought down by US and Brazilian authorities. Joe Carrigan looks at Apple’s private access tokens. Mister Security Answer Person John Pescatore drops some sboms. And where do Russian intelligence officers go after they’ve been PNGed?

    For links to all of today's stories check out our CyberWire daily news briefing:
    https://thecyberwire.com/newsletters/daily-briefing/11/123

    Selected reading.
    Lithuania targeted by massive Russian cyberattack over transit blockade (Newsweek)
    Russia's Killnet hacker group says it attacked Lithuania (Reuters)
    Killnet, Kaliningrad, and Lithuania’s Transport Standoff With Russia (Flashpoint)
    Ukraine Targeted by Dark Crystal RAT (DCRat) | FortiGuard Labs (Fortinet Blog)
    Cyberattack Forces Iran Steel Company to Halt Production (SecurityWeek)
    Iran’s steel industry halted by cyberattack (Jerusalem Post)
    Bumblebee: New Loader Rapidly Assuming Central Position in Cyber-crime Ecosystem (Broadcom Software Blogs)
    CISA Adds Eight Known Exploited Vulnerabilities to Catalog (CISA) 
    US, Brazil seize 272 websites used to illegally download music (BleepingComputer) 
    Swiss intel service: Watch out for redeployed Russian spies (AP News)

    • 29分
    Notes from the cyber phases of the hybrid war against Ukraine. Conti retires its brand, and LockBit 2.0 is now tops in ransomware. Extortion skips the encryption. Cyber exercise in the financial sector.

    Notes from the cyber phases of the hybrid war against Ukraine. Conti retires its brand, and LockBit 2.0 is now tops in ransomware. Extortion skips the encryption. Cyber exercise in the financial sector.

    Lithuania sustains a major DDoS attack. Lessons from NotPetya. Conti's brand appears to have gone into hiding. Online extortion now tends to skip the ransomware proper. Josh Ray from Accenture on how social engineering is evolving for underground threat actors. Rick Howard looks at Chaos Engineering. US financial institutions conduct a coordinated cybersecurity exercise.

    For links to all of today's stories check out our CyberWire daily news briefing:
    https://thecyberwire.com/newsletters/daily-briefing/11/122

    Selected reading.
    Russia's Killnet hacker group says it attacked Lithuania (Reuters)
    The hacker group KillNet has published an ultimatum to the Lithuanian authorities (TDPel Media) 
    5 years after NotPetya: Lessons learned (CSO Online) 
    The cyber security impact of Operation Russia by Anonymous (ComputerWeekly)
    Conti ransomware finally shuts down data leak, negotiation sites (BleepingComputer)
    The Conti Enterprise: ransomware gang that published data belonging to 850 companies (Group-IB)
    Fake copyright infringement emails install LockBit ransomware (BleepingComputer)
    NCC Group Monthly Threat Pulse – May 2022 (NCC Group)
    We're now truly in the era of ransomware as pure extortion without the encryption (Register)
    Wall Street Banks Quietly Test Cyber Defenses at Treasury’s Direction (Bloomberg)

    • 25分
    Richard Melick: Finding the right pattern to solve the problem. [Threat reporting] [Career Notes]

    Richard Melick: Finding the right pattern to solve the problem. [Threat reporting] [Career Notes]

    Richard Melick, Director of Threat Reporting for Zimperium, talks about his journey, from working in the military to moving up to the big screens. He shares that he's been in the business of solving unique cybersecurity problems for so long that he has found his own path that works very well for him. He says, "if I go to a unique problem and try to solve it, I find that I'm solving it the same way that I would've solved it five years ago, because I found my pattern." Richard reflects on his time working in the industry, from moving away from the military and into different roles over the years. He notes that giving credit where credit is due, to those who deserve it, is how you keep the audience engaged as a storyteller. We thank Richard for sharing his story.

    • 9分
    Lazarus Targets Chemical Sector With 'Dream Job.' [Research Saturday]

    Lazarus Targets Chemical Sector With 'Dream Job.' [Research Saturday]

    Alan Neville, a Threat Intelligence Analyst from Symantec Broadcom, joins Dave to discuss their research "Lazarus Targets Chemical Sector." Symantec has observed the North Korea-linked threat group known as Lazarus conducting an espionage campaign targeting organizations operating within the chemical sector.
    The campaign appears to be a continuation of the group's activity called Operation Dream Job, which Symantec first came across in August of 2020. The research states "evidence includes file hashes, file names, and tools that were observed in previous Dream Job campaigns."
    The research can be found here:
    Lazarus Targets Chemical Sector

    • 22分
    Lithuania warns of DDoS. Some limited Russian success in cyber phases of its hybrid war. Spyware infestations in Italy and Kazakstan. Tabletop exercises. Ransomware as misdirection

    Lithuania warns of DDoS. Some limited Russian success in cyber phases of its hybrid war. Spyware infestations in Italy and Kazakstan. Tabletop exercises. Ransomware as misdirection

    Lithuania's NKSC warns of increased DDoS threat. Limited Russian success in the cyber phases of its hybrid war. Another warning of spyware in use against targets in Italy and Kazakhstan. Hey, critical infrastructure operators: CISA’s got tabletop exercises for you. Kevin Magee from Microsoft has advice for recent grads. A look back the year since Colonial Pipeline with Padraic O'Reilly of CyberSaint. And sometimes ransomware is just a spy’s way of saying, “nothing up my sleeve…”

    For links to all of today's stories check out our CyberWire daily news briefing:
    https://thecyberwire.com/newsletters/daily-briefing/11/121

    Selected reading.
    Lithuania warns of rise in DDoS attacks against government sites (BleepingComputer) 
    Defending Ukraine: Early Lessons from the Cyber War (Microsoft) 
    Why think tanks are such juicy targets for cyberspies (The Record by Recorded Future)
    The war in Ukraine is showing the limits of cyberattacks (Tech Monitor)
    Spyware vendor targets users in Italy and Kazakhstan (Google Threat Analysis Group)
    BRONZE STARLIGHT Ransomware Operations Use HUI Loader (SecureWorks)
    CISA Tabletop Exercises Packages (CTEP) (CISA)
    CISA Tabletop Exercise Package (CTEP) Workshop (Government Technology)

    • 29分
    Reviewing Russian cyber campaigns in the war against Ukraine. Ukraine's IT Army is a complex phenomenon. Take ICEFALL seriously. CISA has updated its cloud security guidance.

    Reviewing Russian cyber campaigns in the war against Ukraine. Ukraine's IT Army is a complex phenomenon. Take ICEFALL seriously. CISA has updated its cloud security guidance.

    Reviewing Russian cyber campaigns in the war against Ukraine, and the complexity of Ukraine's IT Army. ICEFALL advice and reactions. Carole Theriault looks at Hollywood’s relationship with VPNs. Podcast partner Robert M. Lee from Dragos provides a rundown on Pipedream. And CISA updates its Cloud Security Technical Reference Architecture.

    For links to all of today's stories check out our CyberWire daily news briefing:
    https://thecyberwire.com/newsletters/daily-briefing/11/120

    Selected reading.
    [Blog] Defending Ukraine: Early Lessons from the Cyber War (Microsoft On the Issues)
    [Report] Defending Ukraine: Early Lessons from the Cyber War (Microsoft)
    Russian cyber spies attack Ukraine's allies, Microsoft says (Reuters) 
    Research questions potentially dangerous implications of Ukraine's IT Army (CyberScoop)
    The IT Army of Ukraine Structure, Tasking, and Ecosystem (Center for Security Studies) 
    CISA Releases Security Advisories Related to OT:ICEFALL (Insecure by Design) Report (CISA)
    Industry Reactions to 'OT:Icefall' Vulnerabilities Found in ICS Products (SecurityWeek) 
    Cloud Security Technical Reference Architecture (CISA)

    • 29分

カスタマーレビュー

4.2/5
5件の評価

5件の評価

テクノロジーのトップPodcast

ゆるコンピュータ科学ラジオ
伊藤穰一
backspace.fm
Off Topic
Tatsuhiko Miyagawa
ワンボタンの声制作委員会

その他のおすすめ

CyberWire Inc.
ITWC
CISO Series
Cybereason
Johannes B. Ullrich
The Record by Recorded Future