1,632 episodes

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

The CyberWire Daily CyberWire, Inc.

    • Technology
    • 4.8 • 793 Ratings

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

    Jack Voltaic: Army Cyber Institute's critical infrastructure resiliency project, not a person. [Research Saturday]

    Jack Voltaic: Army Cyber Institute's critical infrastructure resiliency project, not a person. [Research Saturday]

    Guest LTC Erica Mitchell from Army Cyber Institute joins us to talk about their infrastructure resiliency research project called Jack Voltaic. The Army Cyber Institute’s (ACI’s) Jack Voltaic (JV) project enables the institute to study incident response gaps alongside assembled partners to identify interdependencies among critical infrastructure and provide recommendations. JV provides an innovative, bottom‐up approach to critical infrastructure resilience in two unique ways. Whereas most federal efforts to improve resiliency focus on regional or multistate emergency response, JV focuses on cities and municipalities where critical infrastructure and populations are most heavily populated. Furthermore, JV deviates from other cybersecurity and national preparedness exercises in that it builds around areas of interest nominated by the participants. Although JV events include national-level capabilities and resources, they are conceptually driven by the concerns of the cities and their infrastructure partners. Through this approach, the ACI, the Army, and the Department of Defense (DoD) are able to harvest insights about potential roles, dependencies, partners, and support requests, while cities are able to discover potential capability gaps and expand their critical infrastructure information-sharing networks before a potential disaster strikes.
    Research links:

    Jack Voltaic Cyber Research Project

    Jack Voltaic 3.0 Cyber Research Report Executive Summary

    Ransomware hoods and their enablers may be feeling some heat. Supply chain compromise and third-party risk. Colonial Pipeline resumes deliveries (but paid ransom to no avail).

    Ransomware hoods and their enablers may be feeling some heat. Supply chain compromise and third-party risk. Colonial Pipeline resumes deliveries (but paid ransom to no avail).

    DarkSide says it’s feeling the heat and is going out of business, but some of its affiliates are still out and active, for now at least. A popular hackers’ forum says it will no longer accept ransomware ads. The Bash Loader supply chain compromise afflicts another known victim. Colonial Pipeline resumes delivery of fuel. Irresponsible disclosure of vulnerabilities hands attackers a big advantage. Carole Theriault looks at NFTs. Joe Carrigan wonders about the return on your ransomware payment investment. And there’s a lot of Amazon-themed vishing going on out there.
    For links to all of today's stories check out our CyberWire daily news brief:
    https://www.thecyberwire.com/newsletters/daily-briefing/10/93

    The US Executive Order on cybersecurity is out. Colonial Pipeline, its security and response under scrutiny, resumes deliveries. Verizon’s DBIR is out.

    The US Executive Order on cybersecurity is out. Colonial Pipeline, its security and response under scrutiny, resumes deliveries. Verizon’s DBIR is out.

    The US Executive Order on Improving the Nation’s Cybersecurity is out. Colonial Pipeline partially resumed delivery of fuel yesterday evening, as its preparation for and response to the cyberattack it sustained receive scrutiny. The DarkSide’s extortion of the US pipeline company seems likely to prompt regulatory revision. DarkSide operators say they’ve gotten busy against other targets. Our own Rick Howard speaks with Aaron Sant-Miller, Chief Scientist at BAH, on developments in artificial intelligence. And Verizon’s Database Investigations Report is out. I check in with Verizon’s Chris Novak for highlights from the DBIR.
    For links to all of today's stories check out our CyberWire daily news brief:
    https://www.thecyberwire.com/newsletters/daily-briefing/10/92

    The security industry looks at DarkSide ransomware. CISA offers advice on defense and recovery. A new banking Trojan is out. Deprecated protocols remain in use. A quick look at Patch Tuesday.

    The security industry looks at DarkSide ransomware. CISA offers advice on defense and recovery. A new banking Trojan is out. Deprecated protocols remain in use. A quick look at Patch Tuesday.

    FireEye provides an overview of the DarkSide ransomware-as-a-service operation. Forcepoint suggests a connection between DarkSide and other ransomware gangs, notably REvil. Colonial Pipeline continues its recovery efforts from the cyber attack it sustained. As ransomware grows more common, CISA offers advice on how to prepare defenses. A new Android banking Trojan is in circulation. Cecelia Marinier from RSA on the RSAC Innovation Sandbox. Bret Arsenault from Microsoft previews his new Microsoft CISO podcast. And yesterday, of course, was Patch Tuesday.
    For links to all of today's stories check out our CyberWire daily news brief:
    https://www.thecyberwire.com/newsletters/daily-briefing/10/91

    Ransomware: DarkSide, Avaddon, and Baduk. 5G threat vectors. Crytpojacking unpatched Exchange Servers. Bogus Chrome app. An espionage trial approaches sentencing.

    Ransomware: DarkSide, Avaddon, and Baduk. 5G threat vectors. Crytpojacking unpatched Exchange Servers. Bogus Chrome app. An espionage trial approaches sentencing.

    Updates on the DarkSide ransomware attack on Colonial Pipeline. Other ransomware strains, including Avaddon and Babuk are out, and dangerous. Guidelines on 5G threat vectors. Lemon Duck cryptojackers are looking for vulnerable Exchange Server instances. A bogus, malicious Chrome app is circulating by smishing. Ben Yelin examines an online facial recognition platform. Our guest is Mathieu Gorge of VigiTrust on the privacy risks of video and audio recordings. And an update on an espionage trial.
    For links to all of today's stories check out our CyberWire daily news brief:
    https://www.thecyberwire.com/newsletters/daily-briefing/10/90

    Ransomware disrupts pipeline operations in the Eastern US. Other ransomware attacks reported by US municipal and Tribal governments. UK-US advisory on SVR TTPs. SolarWinds update.

    Ransomware disrupts pipeline operations in the Eastern US. Other ransomware attacks reported by US municipal and Tribal governments. UK-US advisory on SVR TTPs. SolarWinds update.

    Colonial Pipeline shuts down some systems after a ransomware attack, disrupting refined petroleum product delivery in the Eastern US. We’ll check in with Sergio Caltagirone from Dragos for his analysis. Other ransomware attacks hit city and Tribal governments. Joint UK-US alert on SVR tactics issued, and the SVR may have changed its methods accordingly. SolarWinds revised downward its estimate of the number of customers affected by its compromise. Rick Howard previews his CSO Perspectives podcasts on risk metrics. Four guilty pleas in “bulletproof hosting” RICO case.
    For links to all of today's stories check out our CyberWire daily news brief:
    https://www.thecyberwire.com/newsletters/daily-briefing/10/89

Customer Reviews

4.8 out of 5
793 Ratings

793 Ratings

chasememan ,

Listen and learn

Amazing security podcast. Thank you!

jimmytoolongsmith53 ,

Best security podcast

This is among the best security podcasts out there, a great daily listen that doesn’t take too much time and you receive important information

Jason Allnutt ,

The easiest and most enjoyable way to get your cybersecurity news

I have been a subscriber to the daily Cyberwire for over a year now and it never disappoints. Each episodes is enjoyable and succinct; providing just enough information to keep me informed and not bore me. Dave’s chemistry with his usual guests are makes for easy, never awkward, listening. The daily newsletters is also a great way to follow up with particularly interesting segments of the show. I highly recommend you give it a shot as well as some of the other shows offered from the cyberwire. Have a great day!

Top Podcasts In Technology

Listeners Also Subscribed To