1,999 episodes

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

CyberWire Daily CyberWire, Inc.

    • Technology
    • 4.8 • 5 Ratings

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

    Old malware returns in a new way. [Research Saturday]

    Old malware returns in a new way. [Research Saturday]

    Jeremy Kennelly and Sulian Lebegue from Mandiant sit down with Dave to discuss their research "From RM3 to LDR4: URSNIF Leaves Banking Fraud Behind? One of the oldest and most successful banking fraud malwares, URSNIF, which caused an estimated “tens of millions of dollars in losses”, has been discovered by researchers to have been re-tooled into a generic backdoor, dubbed “LDR4”.
    This new varient was first observed in June 2022. Mandiant researchers believe that the same threat actors who operated the RM3 variant of URSNIF are likely behind LDR4. They say "given the success and sophistication RM3 previously had, LDR4 could be a significantly dangerous variant—capable of distributing ransomware—that should be watched closely."
    The research can be found here:
    From RM3 to LDR4: URSNIF Leaves Banking Fraud Behind

    • 28 min
    Cuba ransomware pulls in $60 million. CISA releases three ICS advisories. Google announces new support for Ukraine. DDoSing the Vatican. Google supports Ukrainian startups in wartime.

    Cuba ransomware pulls in $60 million. CISA releases three ICS advisories. Google announces new support for Ukraine. DDoSing the Vatican. Google supports Ukrainian startups in wartime.

    Cuba ransomware pulls in $60 million. CISA releases three ICS advisories. DDoSing the Vatican. Andrea Little Limbago from Interos on the implications of Albania cutting off diplomatic ties with Iran. Our space correspondent Maria Varmazis speaks with Brandon Bailey about Space Attack Research and Tactic Analysis matrix. And how Google supports Ukrainian startups in wartime.

    For links to all of today's stories check out our CyberWire daily news briefing:
    https://thecyberwire.com/newsletters/daily-briefing/11/230

    Selected reading.
    Alert (AA22-335A) #StopRansomware: Cuba Ransomware (CISA)
    Novel News on Cuba Ransomware: Greetings From Tropical Scorpius (Palo Alto Networks Unit 42)
    New ways we're supporting Ukraine (Google)
    25 new startup recipients of the Ukraine Support Fund (Google)
    Vatican shuts down its website amid hacking attempts (Cybernews)

    • 30 min
    Cyberespionage, cybercrime, and patriotic hacktivism. The Heliconia framework described. Cyber risk for the telecom and healthcare sectors. Notes on the hybrid war. Predictions for 2023.

    Cyberespionage, cybercrime, and patriotic hacktivism. The Heliconia framework described. Cyber risk for the telecom and healthcare sectors. Notes on the hybrid war. Predictions for 2023.

    A new backdoor, courtesy of the DPRK. The Medibank breach is all over but the shouting (or, all over but the suing and the arresting). Risks and opportunities in telecom’s shift to cloud. Cyber risk in healthcare. An assessment of Russian cyber warfare. Robert M. Lee from Dragos assesses the growing value of the ICS security market. Our guest is Cecilia Seiden of TransUnion to discuss their 2022 Consumer Holiday Shopping Report. And it’s December, which means…predictions.

    For links to all of today's stories check out our CyberWire daily news briefing:
    https://thecyberwire.com/newsletters/daily-briefing/11/229

    Selected reading.
    Who’s swimming in South Korean waters? Meet ScarCruft’s Dolphin (ESET)
    Medibank hackers announce ‘case closed’ and dump huge data file on dark web (the Guardian) 
    New details on commercial spyware vendor Variston (Google)
    Risks and opportunities in telecom’s shift to cloud. (CyberWire)
    Moody’s discusses cyber risk in healthcare. (CyberWire)
    'Do something:' Ukraine works to heal soldiers' mental scars (AP NEWS)
    Reformed Russian Cybercriminal Warns That Hatred Spreads Hacktivism (Wall Street Journal)
    Cybersecurity predictions for 2023. (CyberWire)

    • 34 min
    LockBit 3.0 and Punisher ransomware described. Leave that USB right in the parking lot where you found it. Killnet’s woofing. Lilac Wolverine’s big new BEC. And World Cup scams.

    LockBit 3.0 and Punisher ransomware described. Leave that USB right in the parking lot where you found it. Killnet’s woofing. Lilac Wolverine’s big new BEC. And World Cup scams.

    Has LockBit 3.0 been reverse engineered? A COVID lure contains a Punisher hook. A Chinese cyberespionage campaign uses compromised USB drives. Lilac Wolverine exploits personal connections for BEC. Killnet claims to have counted coup against the White House. Tim Starks from the Washington Post has the FCC’s Huawei restrictions and ponders what congress might get done before the year end. Our guest is Tom Eston from Bishop Fox with a look Inside the Minds & Methods of Modern Adversaries. And, of course, scams, hacks, and other badness surrounding the World Cup.

    For links to all of today's stories check out our CyberWire daily news briefing:
    https://thecyberwire.com/newsletters/daily-briefing/11/228

    Selected reading.
    LockBit 3.0 ‘Black’ attacks and leaks reveal wormable capabilities and tooling (Sophos News)
    Punisher Ransomware Spreading Through Fake COVID Site (Cyble)
    Always Another Secret: Lifting the Haze on China-nexus Espionage in Southeast Asia (Mandiant)
    BEC Group Compromises Personal Accounts and Pulls Heartstrings to Launch Mass Gift Card Attacks (Abnormal Security)
    Killnet Claims Attacks Against Starlink, Whitehouse.gov, and United Kingdom Websites (Trustwave)
    Scammers on the pitch: Group-IB identifies online threats to fans at FIFA World Cup 2022 in Qatar (Group-IB)

    • 30 min
    DDoS as a holiday-season threat to e-commerce. TikTok challenge spreads malware. Meta's GDPR fine. US Cyber Command describes support for Ukraine's cyber defense.

    DDoS as a holiday-season threat to e-commerce. TikTok challenge spreads malware. Meta's GDPR fine. US Cyber Command describes support for Ukraine's cyber defense.

    DDoS as a holiday-season threat to e-commerce. A TikTok challenge spreads malware. Meta's GDPR fine. Mr. Security Answer Person John Pescatore has thoughts on phishing resistant MFA. Joe Carrigan describes Intel’s latest efforts to thwart deepfakes. And US Cyber Command describes support for Ukraine's cyber defense.

    For links to all of today's stories check out our CyberWire daily news briefing:
    https://thecyberwire.com/newsletters/daily-briefing/11/227

    Selected reading.
    Holiday DDoS Cyberattacks Can Hurt E-Commerce, Lack Legal Remedy (Bloomberg Law)
    TikTok ‘Invisible Body’ challenge exploited to push malware (BleepingComputer) 
    $275M Fine for Meta After Facebook Data Scrape (Dark Reading) 
    Before the Invasion: Hunt Forward Operations in Ukraine (U.S. Cyber Command)

    • 29 min
    Keeping pentesting tools out of criminal hands. Updates from an intensified cyber phase in Russia’s hybrid war. Fars reports sustaining a cyber attack. The most common password remains “password.”

    Keeping pentesting tools out of criminal hands. Updates from an intensified cyber phase in Russia’s hybrid war. Fars reports sustaining a cyber attack. The most common password remains “password.”

    Nighthawk’s at the diner (but maybe not on the crooks’ menu). Internet service in Ukraine and Moldova is interrupted by strikes against Ukraine's power grid. Sandworm renews ransomware activity against Ukrainian targets. Russian cyber-reconnaissance seen at a Netherlands LNG terminal. European Parliament votes to declare Russia a terrorist state (and Russia responds with cyberattacks and terroristic threats). Carole Theriault reports on where these kids today are getting their news. Malek Ben Salem from Accenture on digital identity in Web 3.0. And, hey, the new list of most commonly used passwords looks...depressingly familiar.

    For links to all of today's stories check out our CyberWire daily news briefing:
    https://thecyberwire.com/newsletters/daily-briefing/11/226

    Selected reading.
    Sec firm MDSec slams Proofpoint for post on pen-testing framework (iTWire) 
    Nighthawk: With Great Power Comes Great Responsibility - MDSec 
    Cyberattack Hits Iran's Fars News Agency (RadioFreeEurope/RadioLiberty)
    Iran’s Fars news agency is hit by cyberattacks, blames Israel (Times of Israel) 
    Ukraine and Moldova suffer internet disruptions after Russian missile strikes (The Record by Recorded Future)
    New ransomware attacks in Ukraine linked to Russian Sandworm hackers (BleepingComputer)
    Russian hackers targeting Dutch gas terminal: report (NL Times) 
    Russia labelled state sponsor of terrorism as missile strikes leave Ukraine without power (The Telegraph)
    Killnet Group Claims Responsibility for European Parliament Cyber Attack (Digit)
    European Parliament hit by 'sophisticated' cyberattack (Deutsche Welle)
    European Parliament website suffers 'sophisticated' cyber attack after Russia terrorism vote (Computing)
    Hackers Temporarily Take Down European Parliament Website (Wall Street Journal)
    Guess the most common password. Hint: We just told you (Register)

    • 34 min

Customer Reviews

4.8 out of 5
5 Ratings

5 Ratings

Top Podcasts In Technology

Lex Fridman
Jason Calacanis
Cal Newport
The New York Times
Independent.ie Podcasts
Jack Rhysider

You Might Also Like

CyberWire Inc.
ITWC
CISO Series
Johannes B. Ullrich
Cybereason
Graham Cluley & Carole Theriault