CyberWire Daily

Historian and Curator at the International Spy Museum. Dr. Andrew Hammond, shares how he came to share the history of espionage and intelligence as a career. Starting out in the Royal Air Force when 9/11 happened, Andrew found himself trying to understand what was going on in the world. Studying history and international relations gave him some perspective and led him on his career path which included an introduction to museum industry at the 9/11 Museum. After a stint in academia in the UK, Andrew found his way back to the US and eventually ended up at the International Spy Museum in Washington, DC. He said one of the "greatest parts of the job being able to engage with the artifacts" and share their stories. We thank Andrew for sharing his story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices

Merry Christmas and Happy Holidays from the CyberWire and our friends! Enjoy our rendition of the 12 Days of Malware created by Dave Bittner and performed by Dave and friends: Rachel Tobac, Jayson Street, Ron Eddings & Chris Cochran, Ray [Redacted], Dinah Davis, Camille Stewart, Rick Howard, Michelle Dennedy, Jack Rhysider, Johannes Ullrich, and Charity Wright. Ba dum bum bum. Sing along if you are game! Check out our video for the full effect!The 12 Days of Malware lyricsOn the first day of Christmas, my malware gave to me:A keylogger logging my keys.On the second day of Christmas, my malware gave to me:2 Trojan Apps...And a keylogger logging my keys.On the third day of Christmas, my malware gave to me:3 Web shells...2 Trojan Apps...And a keylogger logging my keys.On the fourth day of Christmas, my malware gave to me:4 Crypto scams...3 Web shells...2 Trojan Apps...And a keylogger logging my keys.On the fifth day of Christmas, my malware gave to me:5 Zero Days!4 Crypto scams...3 Web shells...2 Trojan Apps...And a keylogger logging my keys.On the sixth day of Christmas, my malware gave to me:6 Passwords spraying...5 Zero Days!4 Crypto scams...3 Web shells...2 Trojan Apps...And a keylogger logging my keys.On the seventh day of Christmas, my malware gave to me:7 Scripts a scraping...6 Passwords spraying...5 Zero Days!4 Crypto scams...3 Web shells...2 Trojan Apps...And a keylogger logging my keys.On the eighth day of Christmas, my malware gave to me:8 Worms a wiping...7 Scripts a scraping...6 Passwords spraying...5 Zero Days!4 Crypto scams...3 Web shells...2 Trojan Apps...And a keylogger logging my keys.On the ninth day of Christmas, my malware gave to me:9 Rootkits rooting...8 Worms a wiping...7 Scripts a scraping...6 Passwords spraying...5 Zero Days!4 Crypto scams...3 Web shells...2 Trojan Apps...And a keylogger logging my keys.On the tenth day of Christmas, my malware gave to me:10 Darknet markets...9 Rootkits rooting...8 Worms a wiping...7 Scripts a scraping...6 Passwords spraying...5 Zero Days! (Bah-dum-dum-dum!)4 Crypto scams...3 Web shells...2 Trojan Apps...And a keylogger logging my keys.On the eleventh day of Christmas, my malware gave to me:11 Phishers phishing...10 Darknet markets...9 Rootkits rooting...8 Worms a wiping...7 Scripts a scraping...6 Passwords spraying...5 Zero Days! (Bah-dum-dum-dum!)4 Crypto scams...3 Web shells...2 Trojan Apps...And a keylogger logging my keys.On the twelfth day of Christmas, my malware gave to me:12 Hackers hacking...11 Phishers phishing...10 Darknet markets...9 Rootkits rooting...8 Worms a wiping...7 Scripts a scraping...6 Passwords spraying...5 Zero Days!4 Crypto scams...3 Web shells...2 Trojan Apps...And a keylogger logging my keys. Learn more about your ad choices. Visit megaphone.fm/adchoices

Enjoy a peek into CyberWire Pro's Research Briefing as the team is off taking our long winter's nap. This is the spoken edition of our weekly Research Briefing, focused on threats, vulnerabilities, and consequences, as they’re played out in cyberspace. This week's headlines: US Commission on International Religious Freedom reportedly hacked. Sophistication of NSO exploit on par with nation-state tooling. Conti ransomware actors exploit Log4Shell. Like what you hear? Consider subscribing to CyberWire Pro for $99/year. Learn more. Learn more about your ad choices. Visit megaphone.fm/adchoices

During our winter break, our team thought you might like to try a sample of a CyberWire Pro podcast called Interview Selects. These podcasts are a series of extended interviews, exclusives, and a curated selection of our most engaging and informative interviews over the years, featuring cyber security professionals, journalists, authors and industry insiders. On this episode, the interview originally aired as a shortened version on the CyberWire Daily Podcast. In this extended interview, Dave Bittner speaks with Hatem Naguib, new CEO of Barracuda Networks, to discuss his views on how cybersecurity trends have drastically changed over the past year, including the rise of ransomware. Like what you hear? Consider subscribing to CyberWire Pro for $99/year. Learn more. Learn more about your ad choices. Visit megaphone.fm/adchoices

An update of where things stand with respect to the Log4j vulnerabilities, and a reminder that there are other matters to attend to as well. RSAC postpones its annual security shindig to June, hoping to avoid the COVID. A German court awards pain-and-suffering damages for a data breach. Carole Theriault looks at hiring challenges in cyber. Robert M. Lee from Dragos with insights from his own entrepreneurial journey. And a new start-up seeks to take lemons and make them into lemonade.For links to all of today's stories check out our CyberWire daily news briefing:https://www.thecyberwire.com/newsletters/daily-briefing/10/245 Learn more about your ad choices. Visit megaphone.fm/adchoices

More criminals exploit vulnerabilities in Log4j. The Five Eyes issue a joint advisory on Log4j-related vulnerabilities, as other government organizations look into defending themselves against Log4shell. Ransomware updates. Russo-Ukrainian tensions rise, as does the likelihood of Russian cyberattacks against its neighbor. Uganda and NSO Group’s troubles. CISA issues six ICS advisories. Malek Ben Salem explains synthetic voices. Our guest is Dr. David Lanc from Ionburst on embracing Data Out protection. And some advice on how to be the family help desk and CISO during the holiday season.For links to all of today's stories check out our CyberWire daily news briefing:https://www.thecyberwire.com/newsletters/daily-briefing/10/244 Learn more about your ad choices. Visit megaphone.fm/adchoices

Belgium’s Ministry of Defense comes under attack via Log4j vulnerabilities. A cellular handover, man-in-the-middle exploit is described by researchers. The FBI says an APT group is exploiting unpatched Zoho ManageEngine Desktop Central servers. The US charges five Russian nationals with a range of cybercrimes. Coin-miners in China feel some heat. Ben Yelin describes a Meta lawsuit targeting anonymous phishers. Our guest Todd Carroll of CybelAngel explains the shifting tactics of “troll farms”. And, Grinchbots aside, CISA and the FBI offer holiday greetings and advice.For links to all of today's stories check out our CyberWire daily news briefing:https://www.thecyberwire.com/newsletters/daily-briefing/10/243 Learn more about your ad choices. Visit megaphone.fm/adchoices

Updates on Log4j vulnerabilities: new exploitation, new mitigations, new risk assessments, some good advice from the NCSC, and from Betsy Carmelite and Mike Saxton, analysts at Booz Allen Hamilton. Kronos interruptions continue into the holiday season. NCA shares compromised passwords with Have I Been Pwned. A power grid security exercise in Ukraine, AWS outage last week put down to congestion. Hack-A-Sat promises more transparency. Tis the season for charity scams, as Carole Theriault reports. And the SEC wants financial services companies to use proper channels, not, say, WhatsApp and personal email.For links to all of today's stories check out our CyberWire daily news briefing:https://www.thecyberwire.com/newsletters/daily-briefing/10/242 Learn more about your ad choices. Visit megaphone.fm/adchoices

Chief Executive Officer and Founder of TAG Cyber, Ed Amoroso, shares how he learned on the job and grew his career. In his words, Ed "went from my dad having an ARPANET connection and I'm learning Pascal, to Bell Labs, to CISO, to business, to quitting, to starting something new. And now I'm riding a new exponential up and it's a hell of a ride." Hear from Ed how he sees security as a side dish that you'll progress into naturally once you've paid your dues and mastered a skill like networking, software or databases. We thank Ed for sharing his story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices

Guests Sagi Tzadik and Nir Ohfeld of cloud security company Wiz join Dave to discuss their research "ChaosDB: How we hacked thousands of Azure customers’ databases." Nearly everything we do online these days runs through applications and databases in the cloud. While leaky storage buckets get a lot of attention, database exposure is the bigger risk for most companies because each one can contain millions or even billions of sensitive records. Every CISO’s nightmare is someone getting their access keys and exfiltrating gigabytes of data in one fell swoop.Database exposures have become alarmingly common in recent years as more companies move to the cloud, and the culprit is usually a misconfiguration in the customer’s environment. In this case, customers were not at fault.The research can be found here: ChaosDB: How we hacked thousands of Azure customers’ databases ChaosDB: How to discover your vulnerable Azure Cosmos DBs and protect them Learn more about your ad choices. Visit megaphone.fm/adchoices