CyberWire Daily

Some of our favorite and most trusted IoT devices help make us feel secure in our homes. From garage door openers to the locks on our front doors, we trust these devices to recognize and alert us when people are entering our home. It should come as no surprise that these too are subject to attack. Steve Povolny is head of advanced research at McAfee; we discuss a pair of research projects they recently published involving popular IoT devices. The research can be found here:McAfee Advanced Threat Research demo McLear NFC RingMcAfee Advanced Threat Research Demo Chamberlain MyQ Learn more about your ad choices. Visit megaphone.fm/adchoices

Hacks and rumors of hacks surrounding US-Iranian tension. Ukrainian authorities are looking into the Burisma hack, and they’d like FBI assistance. The FBI quietly warns that two US cities were hacked by a foreign service. The New York Fed has thoughts on how a cyberattack could cascade into a run on banks. Arrests and a site takedown in the WeLeakInfo case. And a quick look at the chum being dangled in front of prospective phishing victims these days. Emily Wilson from Terbium Labs on synthetic identity detection. Guest is Eric Haseltine, author of The Spy in Moscow Station. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_17.html Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices

Proof-of-concept exploits for the CryptoAPI vulnerability Microsoft patched this week have been released. CISA warns the chemical industry to look to its security during this period of what the agency calls “heightened geopolitical tension.” Families of deployed US soldiers receive threats via social media. Someone’s been phishing in Turtle Bay. More fleeceware turns up in the Play Store. And Moscow heaps scorn on anyone who thinks they hacked Burisma. Craig Williams from Cisco Talos on how adversaries take advantage of politics. Guest is Ron Hayman from AVANT on how companies might leverage Trusted Advisors to proactively prepare their security response. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_16.html Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices

NSA gives Microsoft a heads-up about a Windows vulnerability, and CISA is right behind them with instructions for Federal civilian agencies and advice for everyone else. Norway’s Consumer Council finds that dating apps are “out of control” with the way they share data. Ransomware goes all-in for doxing. The US pushes the UK on Huawei as Washington prepares further restrictions on the Chinese companies. And think twice before you book that alt-coin conference in Pyongyang. Johannes Ullrich from SANS Technology on malicious AutoCAD files. Guest is Chris Duvall from Chertoff Group with an overview of the current state of ransomware.  For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_15.html Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices

NSA discloses a vulnerability to Microsoft so it can be patched quickly. Intrusion Truth describes thirteen front companies for China’s APT40--they’re interested in offensive cyber capabilities. Area 1 reports that Russia’s GRU conducted a focused phishing campaign against Urkraine’s Burisma Group, the energy company that figured prominently in the House’s resolution to impeach US President Trump. And the US Justice Department moves for access to encrypted communications. Joe Carrigan from JHU ISI on the security issues of Android bloatware. Guest is Haiyan Song from Splunk with 2020 predictions. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_14.html Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices

The FBI reiterates prudent, consensus warnings about a heightened probability of cyberattacks from Iran, but so far nothing beyond credential-spraying battlespace preparation has come to notice. The US Congress mulls the definition of “act of war” in cyberspace. Taiwan’s president is re-elected amid signs that Chinese influence operations backfired on Beijing. The Maze gang doxes a victim. SIM swapping enters a new phase. And the FBI promises the FISA Court it will do better. Ben Yelin from UMD CHHS on a Washington Post story about college campuses gathering location data on their students. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_13.html Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices

Multiple e-commerce and financial organizations around the world are targeted by cybercriminals attempting to bypass or disable their security mechanisms, in some cases by using tools that imitate the activities of legitimate users. Linken Sphere, an anti-detection browser, is one of the most popular tools of this kind at the moment.Staffan Truvé is the CTO and Co-Founder of Recorded Future, he joins us to discuss their new report on the browser. The research can be found here:Profiling the Linken Sphere Anti-Detection Browser Learn more about your ad choices. Visit megaphone.fm/adchoices

Amid indications that both Iran and the US would prefer to back away from open war, concerns about Iranian power grid battlespace preparation remain high. Recent website defacements, however, increasingly look more like the work of young hacktivists than a campaign run by Tehran. Phones delivered under the FCC’s Lifeliine Assistance program may come with malware preinstalled. And we’ll take Cybersecurity for six hundred, Alex. Tom Etheridge from Crowdstrike on having a board of directors’ playbook. Guest is Curtis Simpson from Armis on CISO burnout. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_10.html Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices

As kinetic combat abates in Iraq, warnings of cyber threats increase. US intelligence agencies warn of heightened likelihood of Iranian cyber operations. These may be more serious than the low-grade website defacements and Twitter impersonations so far observed. One operation, “Dustman” has hit Bahrain, and it looks like an Iranian wiper. And some notes on the Lazarus Group, and a quick look at information ops across the Taiwan Strait. Emily Wilson from Terbium Labs with details from their recent report, “How Fraud Stole Christmas.” Guest is Karl Sigler from Trustwave in the risks of using Windows 7. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_09.html Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices

Iran took some missile shots at two US air bases in Iraq last night, and President Trump barked back in a late morning press conference, but actually both sides seem inclined to move toward de-escalation. No major Iranian cyberattacks have developed, despite some low-grade skid vandalism of indifferently defended sites, but CISA’s warnings seem generally to be taken seriously. And the Cyber Solarium gave a preview of its recommendations for a US national cyber strategy. Caleb Barlow from CynergisTek with insights on potential cyber attacks from Iran. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_08.html Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices