CyberWire Daily

More coronavirus phishing expeditions. Don’t let idleness or desperation lead you into a money-mule scam. How do behavioral expectations change during periods of remote work? The Health and Human Services incident appears to be just that. NIST has some advice for video-conferencing and virtual meetings. And an exhortation to return to the Blitz spirit. Joe Carrigan from JHU ISI on limitations of two-factor authenticator mobile apps, guest is Johnnie Konstantas from Oracle on cloud misconfigurations and shared responsibility in the public cloud. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/March/CyberWire_2020_03_18.html Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices

The cyberattack on the US Department of Health and Human Services seems now to have been a minor incident. Disinformation about COVID-19 and measures to contain the pandemic continues to serve as both phishbait and disruption. And US prosecutors move to stop prosecution of a Russian influence shop fingered by the Mueller investigation. Ben Yelin from UMD CHHS on HHS issuing health data rules, guest is Kevin Mitnick from KnowBe4 on the state of cybersecurity from the RSAC 2020 floor.  For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/March/CyberWire_2020_03_17.html Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices

COVID-19’s effects on cyberspace: disinformation, espionage, data theft, fraud, and extortion. Also far greater remote working. David Dufour from Webroot on their 2020 Threat Report, guest is Simone Petrella from CyberVista on cybersecurity skills. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/March/CyberWire_2020_03_16.html Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices

As websites and apps more widely adopt TLS (Transport Layer Security) and communicate over HTTPS connections, unencrypted traffic may draw even more attention, since it’s easier for analysts and security tools to identify malicious communication patterns in those plain HTTP sessions. Malware authors know this, and they’ve made it a priority to adopt TLS and thereby obfuscate the contents of malicious communication.Joining us on this week's Research Saturday is Chester Wisniewski from SophosLabs discussing their research on the subject. The research can be found here: Nearly a quarter of malware now communicates using TLS Learn more about your ad choices. Visit megaphone.fm/adchoices

COVID-19 significantly increased remote working, and the pandemic is now a favorite lure in the phishing tackle of both intelligence services and criminal gangs. Russian trolling has been off-shored, setting up shop in Ghana and Nigeria for running influence operations against the US. Microsoft issues an out-of-band patch. Reporters Without Borders publishes its list of “digital predators.” And the Senate doesn’t renew US domestic surveillance authorities. Thomas Etheridge from Crowdstrike on the impact of ransomware, guest is Josiah Dykstra from NSA on Cloud Vulnerabilities from an NSA viewpoint. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/March/CyberWire_2020_03_13.html Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices

Turla’s back, this time with watering holes in compromised Armenian websites. Data exposures are reported in the Netherlands and the United States. China accuses Taiwan of waging cyberwarfare in an attempt to disrupt Beijing’s management of the coronavirus epidemic. The US and the EU separately undertake efforts to suppress COVID-19 disinformation. And the ins-and-outs of teleworking. Mike Benjamin from CenturyLink with Emotet updates, guest is Tom Pendergast from MediaPRO on their State of Privacy and Security Awareness Report. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/March/CyberWire_2020_03_12.html Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices

The Cyberspace Solarium has released its report, as promised, and they wish to make your flesh creep. Coronavirus scams and phishbait amount to what some are calling an “infodemic.” Some notes on Patch Tuesday, and, finally, some words on the actual coronavirus epidemic. Joe Carrigan from JHU ISI on FBI recovering stolen funds, guest is Josh Mayfield from RiskIQ on his 2020 predictions. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/March/CyberWire_2020_03_11.html Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices

Google removes from the Play store an app nominally designed to track COVID-19 infections. An EU power distribution consortium says its business systems were hacked. An assessment of Cablegate has been declassified. Ex-CIA employee Schulte’s trial for disclosing classified information ends in a hung jury. The alleged proprietor of a criminal market is arrested. Crooks hack rival crooks. More US primaries are held today. And a case of identity theft in North Carolina. Ben Yelin from UMD CHHS with updates on ClearView AI, guest is Kathleen Kuczma from Recorded Future on 2019 Top Vulnerabilities List. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/March/CyberWire_2020_03_10.html Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices

Coronavirus misinformation, coronavirus online scams, and coronavirus disinformation. Ransomware hits a steel plant, local government, and a defense contractor. And how criminals’ desire for glory betrays them in social media. Zulfikar Ramzan from RSA Security with three product updates, guest is Robert Waitman from Cisco on their Annual Data Privacy Benchmark study. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/March/CyberWire_2020_03_09.html Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices

Why do some developers and development teams write more secure code than others? Software is written by people, either alone or in teams. Ultimately secure code development depends on the actions and decisions taken by the people who develop the code. Understanding the human factors that influence the introduction of software vulnerabilities, and acting on that knowledge, is a definitive way to shift security to the left. On this Research Saturday, our conversation with Anita D’Amico from CodeDX on which developers and teams are more likely to write vulnerable software.The research can be found here: Which Developers and Teams Are More Likely to Write Vulnerable Software? Learn more about your ad choices. Visit megaphone.fm/adchoices