CyberWire Daily

ARCHER goes offline after a security incident. Scammers smish victims with bogus contact-tracing messages. Ramsay malware goes after air-gapped systems. Ako ransomware now places a surcharge on deletion of stolen data. Google boots creepware apps with the help of the CreepRank algorithm. Johannes Ullrich explains that when it comes to malicious binaries bypassing anti-malware filters, size matters. Our guest is Pat Craven, Director of the Center for Cyber Safety and Education on the security social media apps. And kooky 5G conspiracists go after cell towers in the US. For links to all of today's stories check out our CyberWire daily news brief: https://thecyberwire.com/newsletters/daily-briefing/9/93 Learn more about your ad choices. Visit megaphone.fm/adchoices

Ransomware continues to steal personal information. Notes on Patch Tuesday--and please, by all means patch. The FBI says it’s investigating cyberespionage directed against COVID-19 researchers (and US officials see direct data corruption in espionage). And the AI doesn’t really know what to make of us any more. Joe Carrigan from JHU ISI on Twitter’s response to 5G related Coronavirus conspiracy theories, our guest is Chris Cochran from Netflix on the importance of personal health and safety.For links to all of today's stories check out our CyberWire daily news brief:https://thecyberwire.com/newsletters/daily-briefing/9/93 Learn more about your ad choices. Visit megaphone.fm/adchoices

Unattributed cyberattacks in an Iranian port prompt speculation that a broader cyberwar in the Middle East may be in the offing. CISA releases malware analysis reports on North Korea’s Hidden Cobra. Astaroth malware grows more evasive (and it was already pretty good at hiding). Texas courts sustain a ransomware attack. COVID-19 espionage warnings are on the way. Twitter’s misinformation warning system. Ben Yelin describes a Fourth Amendment case on automated license plate reader (ALPR) databases. Our guest is Brian Dye from Corelight on dealing with encrypted traffic without compromising privacy. And taking down Plandemic’s trailer.For links to all of today's stories check out our CyberWire daily news brief:https://thecyberwire.com/newsletters/daily-briefing/9/92 Learn more about your ad choices. Visit megaphone.fm/adchoices

A cyberattack with kinetic effect. Shiny Hunters post more stolen wares online. Thunderspy and evil maids. Some developing background to the US bulk power state-of-emergency Executive Order. Contact tracing apps: reliability, privacy, security, familiarity, and rates of adoption all raise questions. The economic consequences of the pandemic emergency. Caleb Barlow from CynergisTek on Alan Brunacini’s concept of an Incident Action Plan, our guest is James Yeager from CrowdStrike on their Global Threat Report. And the reappearance of the yellow press in social media.For links to all of today's stories check out our CyberWire daily news brief:https://thecyberwire.com/issues/issues2020/May/CyberWire_2020_05_11.html Learn more about your ad choices. Visit megaphone.fm/adchoices

Multiple media reports have indicated that the United States’ (U.S.) 2020 general election could be targeted by foreign and domestic actors after the successful cyber and misinformation attacks during the 2016 general election. The responsibility of secure and ethical online campaigning has become a central issue in the 2020 election. In some cases, it has become part of candidate platforms.Joining us in this week's Research Saturday is Paul Gagliardi from Security Scorecard, discussing their recent report detailing the cybersecurity of the 2020 Presidential race. The research can be found here: 2020 Democratic Presidential Candidates Get Smart to Cybersecurity Report Learn more about your ad choices. Visit megaphone.fm/adchoices

Naikon has returned from four years in the shadows to snoop around the shores of the South China Sea. Tencent trains censorship algorithms on WeChat. Snake ransomware is back, making its way through the healthcare sector. Seeing Charming Kitten's pawprints in World Health Organization networks. Voting security during (or even after) a pandemic. Malek Ben Salem from Accenture on their Technology Vision report, our guest is Thomas Rid from Johns Hopkins University on his book, Active Measures. And unemployed workers are offered gigs as money mules. For links to all of today's stories check out our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/May/CyberWire_2020_05_08.html Learn more about your ad choices. Visit megaphone.fm/adchoices

A new Monero miner is out and about. Hidden Cobra is pushing a RAT through a Trojanized two-factor authentication app. The rise and fall of a botnet. Markets, criminal and legitimate, react to the pandemic. Ransomware hits Taiwan. Remcos is resurgent. Michael Sechrist from BAH on where things are headed with ransomware, our guest is Rachael Stockton from LastPass on their Psychology of Passwords report. And, despite what you saw on Twitter when you were “doing your own research,” 5G does not cause COVID-19, and telecom repair crews are not agents of the Illuminati.For links to all of today's stories check out our CyberWire daily news brief:https://thecyberwire.com/issues/issues2020/May/CyberWire_2020_05_07.html Learn more about your ad choices. Visit megaphone.fm/adchoices

Facebook reports on the coordinated inauthenticity it took down in April. Investigations into COVID-19’s origins continue, as does medical espionage. Contact tracing’s challenges. Joe Carrigan from JHU ISI on recent flaws in antivirus products, our guests are Laura Deimling and Courtney Wandeloski from Down To Staff on interviewing tips for employees and hiring managers. And European police take down the BlackInfinity credential traffickers. For links to all of today's stories check out our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/May/CyberWire_2020_05_06.html Learn more about your ad choices. Visit megaphone.fm/adchoices

A pretty Fancy Bear hunt in Germany. A new IoT botnet surfaces. Cryptojackers exploit a Salt bug. Bribing an insider as a way to get personal data. The UK’s NCSC and the US CISA issue a joint warning about campaigns directed against institutions working on a response to COVID-19. Britain’s contact tracing app starts its trial on the Isle of Wight. Ben Yelin from UMD CHHS on AI inventions and their pending patents, our guest is Matt Glenn from Illumio on why companies should break up with their firewalls. And don’t get puppy scammed--you’re looking for wags in all the wrong places. For links to all of today's stories check out our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/May/CyberWire_2020_05_05.html Learn more about your ad choices. Visit megaphone.fm/adchoices

A US Executive Order on Securing the United States Bulk-Power System declares a state of emergency in electricity generation and distribution. China’s disinformation about COVID-19 may have begun in the earliest stages of the pandemic. Someone’s hacking for information on British biomedical research. Xiaomi seems very interested in users of its phones. Andrea Little Limbago on global privacy trends, our guest is Mathew Newfield from Unisys with insights on cybersecurity breaches. And the Love Bug’s creator is found. For links to all of today's stories check out our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/May/CyberWire_2020_05_04.html Learn more about your ad choices. Visit megaphone.fm/adchoices