1,999 episodes

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

CyberWire Daily CyberWire, Inc.

    • Technology
    • 4.8 • 850 Ratings

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

    Anna Belak: Acquiring skills to make you into a unicorn. [Thought Leadership] [Career Notes]

    Anna Belak: Acquiring skills to make you into a unicorn. [Thought Leadership] [Career Notes]

    Anna Belak, Director of Thought Leadership at Sysdig, shares her story from physics to cyber. Anna explains how she went into college with the thinking of getting a physics degree and then for her PhD decided to switch to material science and engineering. Both were not something she enjoyed and ultimately decided to go into cyber. She shares some advice on how you should never limit yourself to your degree, as well as always learning new skills and honing in on skills you already have. She say's by doing these things it will make you into a unicorn, meaning if you are good at one thing and teach yourself to be good at something else, you will become that much more valuable. Anna hopes she makes an impact with the people she works with, she hopes they will want to work with her even long after she leaves a company. We thank Anna for sharing her story.

    • 9 min
    Iran-linked Lyceum Group adds a new weapon to its arsenal. [Research Saturday]

    Iran-linked Lyceum Group adds a new weapon to its arsenal. [Research Saturday]

    Deepen Desai from Zscaler's ThreatLabz joins Dave to discuss how APTs, like Lyceum Group, create tactics and malware to carry out attacks against their targets. The Lyceum group has been active since 2017 and is a state-sponsored Iranian APT group. This group targets Middle Eastern organizations most notably in the energy and telecommunication sectors, and they rely heavily on .NET based malwares.
    Zscaler said in their research they "recently observed a new campaign where the Lyceum Group was utilizing a newly developed and customized .NET based malware targeting the Middle East by copying the underlying code from an open source tool." They go on to give an analysis explaining why the .NET based DNS backdoor is causing problems.
    The research can be found here:
    Lyceum .NET DNS Backdoor

    • 16 min
    CyberFront Z's failed influence operation. Iranian operators target Albanian government networks. CISA issues two ICS security advisories. CISA and ACSC issue a joint advisory on top malware strains.

    CyberFront Z's failed influence operation. Iranian operators target Albanian government networks. CISA issues two ICS security advisories. CISA and ACSC issue a joint advisory on top malware strains.

    CyberFront Z's failed influence operation. Iranian operators target Albanian government networks. CISA issues two ICS security advisories. Andy Robbins of SpecterOps to discuss Attack Paths in Azure. Denis O'Shea of Mobile Mentor talking on the intersection of endpoint security and employee experience. CISA and ACSC issue a joint advisory on top malware strains.

    or links to all of today's stories check out our CyberWire daily news briefing:
    https://thecyberwire.com/newsletters/daily-briefing/11/150

    Selected reading.
    Quarterly Adversarial Threat Report (Meta)
    Meta took down Russian troll farm that supported country’s invasion of Ukraine (The Hill)
    Russia's Infamous Troll Farm Is Back -- and Sh*tting the Bed (Rolling Stone) 
    Meta’s threat report highlights clumsy attempt to manipulate Ukraine discourse (TechCrunch) 
    Likely Iranian Threat Actor Conducts Politically Motivated Disruptive Activity Against Albanian Government Organizations (Mandiant) 
    CISA Alert AA22-216A – 2021 top malware strains. (The CyberWire)
    2021 Top Malware Strains (CISA)
    Digi ConnectPort X2D (CISA)
    Cisco Releases Security Updates for RV Series Routers (CISA)

    • 29 min
    Ukraine claims to have taken down a massive Russian bot farm. Were Russian cyber operations premature? Report: Emergency Alert System vulnerable to hijacking. And more crypto looting.

    Ukraine claims to have taken down a massive Russian bot farm. Were Russian cyber operations premature? Report: Emergency Alert System vulnerable to hijacking. And more crypto looting.

    Ukraine claims to have taken down a massive Russian bot farm. Russian cyber operations may have been premature. A report says Emergency Alert Systems might be vulnerable to hijacking. The Mirai botnet may have a descendant. Adam Flatley from Redacted with a look back at NotPetya. Ryan Windham from Imperva takes on Bad Bots. Attacks on a cryptocurrency exchange attempt to bypass 2FA. Solana cryptocurrency wallets looted.

    For links to all of today's stories check out our CyberWire daily news briefing:
    https://thecyberwire.com/newsletters/daily-briefing/11/149

    Selected reading.
    Ukraine takes down 1,000,000 bots used for disinformation (BleepingComputer)
    Did Russia mess up its cyberwar with Ukraine before it even invaded? (Washington Post) 
    So RapperBot, What Ya Bruting For? (Fortinet Blog)
    Gaming Respawned (Akamai)
    Coinbase Attacks Bypass 2FA (Pixm Anti-Phishing)
    Thousands of Solana wallets drained in multimillion-dollar exploit (TechCrunch)
    Thousands of Solana Wallets Hacked in Crypto Cyberattack (Wall Street Journal) 
    Solana, USDC Drained From Wallets in Attack (Decrypt) 
    Ongoing solana attack targets thousands of crypto wallets, costing users more than $5 million so far (CNBC) 
    Solana and Slope Confirm Wallet Security Breach (Crypto Briefing)
    How Hackers Target Bridges Between Blockchains for Crypto Heists (Wall Street Journal)

    • 27 min
    CISA Alert AA22-216A – 2021 top malware strains. [CISA Alerts]

    CISA Alert AA22-216A – 2021 top malware strains. [CISA Alerts]

    This joint Cybersecurity Advisory was coauthored by CISA and the Australian Cyber Security Centre, or ACSC. This advisory provides details on the top malware strains observed in 2021.
    AA22-216A Alert, Technical Details, and Mitigations
    For alerts on malicious and criminal cyber activity, see the FBI Internet Crime Complaint Center webpage.
    For more information and resources on protecting against and responding to ransomware, refer to StopRansomware.gov, a centralized, U.S. Government webpage providing ransomware resources and alerts.
    The ACSC recommends organizations implement eight essential mitigation strategies from the ACSC’s Strategies to Mitigate Cyber Security Incidents as a cybersecurity baseline. These strategies, known as the “Essential Eight,” make it much harder for adversaries to compromise systems.
    Refer to the ACSC’s practical guides on how to protect yourself against ransomware attacks and what to do if you are held at ransom at cyber.gov.au.
    All organizations should report incidents and anomalous activity to CISA’s 24/7 Operations Center at central@cisa.dhs.gov or (888) 282-0870 and to the FBI via your local FBI field office or the FBI’s 24/7 CyWatch at (855) 292-3937 or CyWatch@fbi.gov.

    • 3 min
    Tories delay leadership vote over security concerns. Cyber phases of Russia’s hybrid war. CHinese patriotic hacktivism vs. Taiwan. Malware designed to abuse trust. Putting a price on your privacy.

    Tories delay leadership vote over security concerns. Cyber phases of Russia’s hybrid war. CHinese patriotic hacktivism vs. Taiwan. Malware designed to abuse trust. Putting a price on your privacy.

    Tories delay a leadership vote over security concerns. A summary of the cyber phases of the hybrid war. Cyberattacks affect three official sites in Taiwan. Malware designed to abuse trust. Gunter Ollmann of Devo to discuss how Cybercriminals are Winning the AI Race. Renuka Nadkarni of Aryaka explains enterprises can recession proof security architecture. Plus, putting a price on your privacy.

    For links to all of today's stories check out our CyberWire daily news briefing:
    https://thecyberwire.com/newsletters/daily-briefing/11/148

    Selected reading.
    Tory leadership vote delayed after GCHQ hacking alert (The Telegraph) 
    Nozomi Networks Labs Report: Wipers and IoT Botnets Dominate the Threat Landscape – Manufacturing and Energy at Highest Risk (Nozomi Networks) 
    Those Pelosi-inspired cyberattacks in Taiwan probably weren't all they were cracked up to be (Washington Post)
    Increase in Chinese "Hacktivism" Attacks (SANS Internet Storm Center)
    Cyberattacks crashed several Taiwanese government websites hours before Pelosi’s visit. (New York Times)
    Taiwan presidential office website hit by cyberattack ahead of Pelosi visit (POLITICO) 
    Taiwanese government sites disrupted by hackers ahead of Pelosi trip (The Record by Recorded Future)
    Deception at a scale (VirusTotal)
    The Price Cybercriminals Charge for Stolen Data (SpiderLabs Blog)

    • 30 min

Customer Reviews

4.8 out of 5
850 Ratings

850 Ratings

ASobering ,

Such a wealth of knowledge! 🧠

This is one of the most entertaining and insightful podcasts that I have ever come across! Dave does such a great job of sharing his wisdom and I love how he leads meaningful conversations with guests who bring so much experience to the table. Every episode is simply jam-packed with timely and relevant news and information so it’s always an enjoyable listen. Highly recommend checking this show out - you won’t be disappointed!

jdtangney ,

Come back, Dave!

These cyberwire podcasts used to be great, but this new cadre of readers are not. They don’t seem to understand the words coming out of their own mouths. Listeners have to reassemble the words and mentally play it back with Dave’s voice to understand the nuance — and humor. These new readers are little better than Siri.
Come back, Dave Bittner, all is forgiven!

[REDACTED] USER ,

Stop reporting on non cybersecurity news.

STOP reporting on non cybersecurity news. Cyberwire not Newswire!

If I wanted to listen to news unrelated to cybersecurity, I’d listen to mainstream media…

Stick to what people tune into for.

Maybe cut show length if you’re having to make up nonsense to fill the show.

Otherwise, A good daily 30 min podcast about cybers Good podcast content. Some interviews are great.

Top Podcasts In Technology

Lex Fridman
Jason Calacanis
NPR
Jack Rhysider
Gregg Phillips
Jason Calacanis

You Might Also Like

CyberWire Inc.
ITWC
CISO Series
Cybereason
Johannes B. Ullrich
Graham Cluley, Carole Theriault