CyberWire Daily

A look back at Black Hat and Def Con, with notes on technology and public policy. Participants urge people to contribute their expertise to policymakers. Power failures in the UK at the end of last week are largely resolved, and authorities say they’ve ruled out cyberattack as a possible cause. Russia puts Google on notice that it had better moderate YouTube content to put an end to what Moscow considers incitement to unrest. And China says reports of criminal activity are bunkum. Joe Carrigan from JHU ISI with thoughts on corporate password policies. Guest is Ralph Russo from Tulane University on how schools like Tulane are shaping their programs to meet the needs of business and government. Learn more about your ad choices. Visit megaphone.fm/adchoices

Researchers at Cisco's Talos Unit recently published research exploring the tactics, technics and procedures of the global malvertising ecosystem. Craig Williams is head of Talos Outreach at Cisco, and he guides us through the life cycle of malicious online ads, along with tips for protecting yourself and your organization.The research can be found here:  https://blog.talosintelligence.com/2019/07/malvertising-deepdive.html Learn more about your ad choices. Visit megaphone.fm/adchoices

Are voting machines too connected for comfort? Airliner firmware security is in dispute. Attribution, deterrence, and the problem of an adversary who doesn’t have much to lose. Monitoring social media for signs of violent extremism. Broadcom will buy Symantec’s enterprise business for $10.7 billion. Amazon’s Ring and the police. A CISA update on VxWorks vulnerabilities. And human second-guessing of AI presents some surprising privacy issues.  Justin Harvey from Accenture with his insights from the Black Hat show floor. Guest is Tim Tully from Splunk on the AI race between the US and China. Learn more about your ad choices. Visit megaphone.fm/adchoices

Tensions in the Gulf are accompanied by an increase in cyber optempo. A warning about vulnerable airliner avionics. Phishing is moving to the cloud, and so is ransomware. Android’s August patches address important Wi-Fi issues. An EU court decision clarifies data responsibilities. The US bans contractors from dealing with five Chinese companies. Bogus Equifax settlement sites are established for fraud. Our guests are both offering insights and observations from this year’s Black Hat conference. Matt Aldridge is from Webroot and Bob Huber is CSO at Tenable. Learn more about your ad choices. Visit megaphone.fm/adchoices

A new speculative execution processor flaw is addressed with software mitigations. LokiBot gets more persistent, and it adopts steganography for better obfuscation. The cyber-spies of APT41 seem to be doing some moonlighting. An accused criminal who bribed telco workers to unlock phones is in custody. Scammers are exploiting the tragedies in El Paso and Dayton. And a call at Black Hat for the security sector to bring in some safety engineers. Ben Yelin from UMD CHHS on Virginia updating legislation to address Deep Fakes. Guest is James Plouffe from MobileIron on the challenges of authentication and the legacy of passwords.   Learn more about your ad choices. Visit megaphone.fm/adchoices

Fancy Bear is back, and maybe in your office printer. El Machete, a cyber espionage group active at least since 2014, is currently working against the Venezuelan military. A UN report allegedly offers a look at what Mr. Kim is doing with the money his hackers raked in. MegaCortex ransomware shows growing automation. Another unsecured AWS S3 bucket is found. A bank stores some PINs in a log file. Vigilante smishing. And when popping off becomes arguably criminal. Craig Williams from Cisco Talos with updates on Sea Turtle. Guest is Chris Roberts from Attivo Networks with a preview of his Black Hat keynote, A Hacker’s Perspective, Where Do We Go From Here? For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/August/CyberWire_2019_08_06.html  Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices

A Mexican publisher is hit with an extortion demand. Ransomware increasingly carries a destructive, wiper component: Germany is dealing with a virulent strain right now. Apple and Amazon, after the bad optics of reports that they’re farming out Siri and Alexa recordings to human contractors for quality control, are both modifying their approaches to training the assistants. And investigators sort through mass shooters’ digital trails. Joe Carrigan from JHU ISI on the VXWorks operating system vulnerabilities. Guest is Eli Sugarman from the Hewlett Foundation on their efforts to reimagine cybersecurity visuals. Learn more about your ad choices. Visit megaphone.fm/adchoices

Researchers at Reversing Labs have been tracking malware hidden in software package manager repositories, and it's use as a supply chain attack vector. Robert Perica is a principal engineer at Reversing Labs, and he joins us to share their findings. The research can be found here: https://blog.reversinglabs.com/blog/suppy-chain-malware-detecting-malware-in-package-manager-repositories Learn more about your ad choices. Visit megaphone.fm/adchoices

LookBack malware used in spearphishing campaigns against US utilities. Phishing Bellingcat. Facebook takes down two campaigns of coordinated inauthenticity that had been active in the Middle East and North Africa. The growing problem of online card skimming. The FTC’s investigation of Facebook centers on acquisitions. The Fed visits Amazon. And followers of a YouTube streamer treat the homeless as punchlines in a big practical joke. Prof. Awais Rashid from University of Bristol on the ability to “smell” security issues in software. Guest is Matt Howard from Sonotype on their State of the Software Supply Chain report. Learn more about your ad choices. Visit megaphone.fm/adchoices

Investigators pursue the possibility that the alleged Capital One hacker might have hit other companies’ data. An exposed ElastiSearch database, now secured, was found at Honda Motors. Data from beauty retailer Sephora are found on the dark web. Defenders are urged to think of themselves as in a poker game with the opposition. Phishing remains the biggest threat to financial services. And what vacation spots attract the eyes of bots? Emily Wilson from Terbium Labs with more details from their recent fraud and international crime report. Guest is Giovanni Vigna from Lastline with thoughts on the upcoming Black Hat conference. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/August/CyberWire_2019_08_01.html  Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices