CyberWire Daily

3271 Episodes

1. Operations TradeSecret and Cloudhopper attributed to APT10. Third party risks. Lazarus Group update. US investigation of Russian influence operations and US surveillance allegations proceeds.

   Published: 6/04/2017
2. Operation Cloudhopper. Chrysaor spyware. Microsoft to upgrade Office security. Notes from SeaAirSpace. High school hacking.

   Published: 5/04/2017
3. Pegasus version now affects Android. UK on alert for ISIS infrastructure cyberattack. DPRK tied, again, to Bangladesh Bank heist. Fancy Bear and Turla updates. Samsung Tizen 0-day. Tax season security. 

   Published: 4/04/2017
4. WikiLeaks dumps alleged CIA obfuscation code. Attribution skeptics speculate about Russian ops (or the lack thereof). ISIS information operations manual revealed. RATs in the wild.

   Published: 3/04/2017
5. Fancy Bear's phishing expeditions. Cryptowars and privacy regs in the EU. Is that really you, Dr. Niebuhr? 

   Published: 31/03/2017
6. Apple patched this week—how are your systems? Lastpass working on a patch for an undescribed bug (said to be complex). What IT staff actually work on. And a long talk about emerging Administration cyber policy.

   Published: 30/03/2017
7. Hybrid warfare objectives and tactics. Physical threats, lost and found. Vulnerability and threat recap.

   Published: 29/03/2017
8. Updates on Cozy Bear and Shamoon tradecraft. Crypto wars flare in the UK. FBI warns of attacks against FTP servers. Typosquatting, scareware, and other problems.

   Published: 28/03/2017
9. Lone wolves howl to each other over WhatsApp? Industry yawns at WikiLeaks zero-days. How online gamers cheat. America's JobLink breach update. Ukrainian artillery hack notes. April 7 deadlines.

   Published: 27/03/2017
10. WikiLeaks' Vault 7 "Dark Matter" docs. Information operations, Russian style and ISIS style. Job database exposed. 

    Published: 24/03/2017
11. Newly disclosed threats and vulnerabilities, mostly criminal. Catphishing peer review. The US may indict North Korea for the Bangladesh Bank heist.  

    Published: 23/03/2017
12. Laptop restrictions are for physical, not cyber reasons. Necurs is back, pumping and dumping. MajikPOS notes.

    Published: 22/03/2017
13. Extortion claims. Election influence operations seem likely to continue. A Russian bank claims it's being framed by DNS spoofing. "Cyber Pearl Harbor" fears may be a distraction.

    Published: 21/03/2017
14. Careless criminals, Cisco mitigations, and Vault 7 disclosure conditions. A look at the Atlantic Council's Cyber 9/12. Cabin fever and malware infections. Kirk ransomware.

    Published: 20/03/2017
15. Cyberspace and "Cold War Two." Who's leaking to WikiLeaks? Wishbone breached—warn the kids. Crimeware-as-a-service. The Active Cyber Defense Certainty Act.

    Published: 17/03/2017
16. Lazarus Group is back. Dun & Bradstreet loses data; so does ABTA. Patriotic cyber rioting or state influence operations. US indicts four in the Yahoo! breach.

    Published: 16/03/2017
17. Influence ops, third-party apps with an appetite for permissions, and criminal competition. Google purges malicious apps from the Play Store. Advice for whistleblowers. Farewell to Becky Bace.

    Published: 15/03/2017
18. Canadian government sites recover from the Apache Struts vulnerability. FireEye's M-Trends report is out, calling out greater sophistication in financial cybercrime. USAF accidentally exposes SF86s. Vault 7 update.

    Published: 14/03/2017
19. Vault 7 updates—observers speculate about an inside leaker. Pre-loaded Android malware raises supply chain concerns. Ransomware in Japan. Convincing Chrome-spoofing malware. GCHQ warns UK parties to expect Russian influence operations.

    Published: 13/03/2017
20. WikiLeaks, responsible disclosure, and insider threats. Playstation credentials rumored to have been compromised. Apache Struts bug being actively exploited. DPRK missile cyber security. A look at West African cybergangs.

    Published: 10/03/2017