CyberWire Daily

In today’s podcast, we hear that two potential cyberattacks now look like glitches. Gray Energy and Zebrocy look as if they’re close enough to be, if not the same threat actor, at least first cousins. The US Army pushes significant cyber capability to a tactical level. Venezuela’s crisis may provide the next occasion for Russian information operations. How Bellingcat exposes info operations. Special Counsel Mueller secures the indictment and arrest of Roger Stone. And leave the Nest alone. Dr. Charles Clancy from the Hume Center at VA Tech on confusing marketing claims from AT&T with regard to 5G cellular technology. Guest is P. W. Singer, author of the book LikeWar, the Weaponization of Social Media. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/January/CyberWire_2019_01_25.html   Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices

In today’s podcast, we hear that the US House would like some more information from DHS about what prompted its emergency directive about DNS hijacking. More skepticism about Huawei from various governments. A British think tank has been hacked—observers think Russia’s GRU is good for it, but Russia says no, hey, it was Anonymous, and they did a good job. Exposed database leaves financial information out for the taking. Creeps take over a family’s Nest. Ben Yelin from UMD CHHS with a 4th amendment  personal privacy case out of Alaska. Guest is Kathleen Smith from CybersecJobs.com and ClearedJobs.net on the career benefits of volunteering. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/January/CyberWire_2019_01_24.html   Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices

In today’s podcast, we hear that Emergency Directive 19-01 has told US Federal civilian agencies to take steps to stop an ongoing DNS-hijacking campaign. The US National Intelligence Strategy is out, and it prominently features cyber as a “topical mission objective.” France says that war has begun in cyberspace, and that the enemy should be en garde. British barristers scramble to restore secure email. A metals firm sustains an attack on business systems. And some clown cuts Australian telecoms cables. Justin Harvey from Accenture on blocking incoming threats. Guest is Tom Huckle from Crucial on closing the skills gap. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/January/CyberWire_2019_01_23.html   Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices

In today’s podcast, we hear that the WordPress Multilingual Plugin was compromised by a disgruntled ex-employee. Stealthy DDoS might escape notice. Anubis droppers wait for the phone to move before executing. EU works against influence in its May elections. France fines Google for lack of transparency under GDPR. Facebook may face FTC action. And more emerges on the curious case of the American/Canadian/Irish/British citizen arrested in Moscow for spying.  Johannes Ullrich from SANS and the ISC Stormcast podcast on gift card scams. Carole Theriault speaks with guest Maria Varmazis about Fortnite vulnerabilities. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/January/CyberWire_2019_01_22.html   Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices

Researchers from Netscout's ASERT team have been making use of honeypots to gather information on rapidly evolving IoT botnets that take advantage of default usernames and passwords to gain access and take control of unprotected devices.Matt Bing is a security research analyst with Netscout, and he guides us through their findings.The original research can be found here:https://asert.arbornetworks.com/dipping-into-the-honeypot/ Learn more about your ad choices. Visit megaphone.fm/adchoices

In today’s podcast we hear that Collection #1 is big but not the end-of-the-world. Still, be on the lookout for credential stuffing attacks. Rocke cryptojacker can disable some cloud security services. Beware of Telegram bots. Facebook shuts down a few hundred inauthentic Russian pages, and Sputnik shows up as either a free-speech paladin or another troll farm—take your pick. Epic Games closes a vulnerability that exposed data of Fortnite players. Malek Ben Salem from Accenture Labs on power grid vulnerabilities to botnets. Guest is former U.S. Secretary of Homeland Security Michael Chertoff discussing his book Exploding Data. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/January/CyberWire_2019_01_18.html   Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices

In today’s podcast, we hear that South Korea’s Defense Ministry has disclosed a cyber espionage incident. Fancy Bear sticks to its old tricks with Lojax. The US Justice Department is rumored not to be done with Huawei—this time an IP theft beef is believed to be coming. A big database exposure case in Oklahoma. And an update on yesterday's bogus Washington Post edition: it was a prank by the Yes Men. Mike Benjamin from Century Link with an update on the Mylobot botnet. Guest is Angie White from Iovation on PSD2, the payment services directive update. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/January/CyberWire_2019_01_17.html   Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices

In today’s podcast, we hear that the SEC and the Department of Justice are going after EDGAR hackers for securities fraud. Flashpoint sees the Lazarus Group in an attack on Chile’s Redbanc. Recorded Future shares notes on Iran’s Ashiyane Forum. Crytpomix ransomware is being distributed by fraudulent charitable appeals. Organized gangs are using Fortnite in-game currency for money laundering. A slickly done bogus edition of the Washington Post was being handed out in DC this morning. Ben Yelin from UMD CHHS on a recent ruling regarding 5th amendment protections for biometrics. Guest is Kevin O’Brien from GreatHorn on techniques to improve email security. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/January/CyberWire_2019_01_16.html   Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices

In today’s podcast, we hear that a bug hunter has found and responsibly disclosed issues in web hosts. Compromising Passenger Name Records in airline reservations. Business email compromise seems on the rise, and it’s also growing a bit more interactive. A Facebook executive is swatted, and absolutely nobody should dismiss this sort of thing as a joke. China would like everyone to stop saying bad stuff about Huawei, but the Polish government seems unconvinced that there’s nothing to see here. Rick Howard from Palo Alto Networks, revisiting the notion of a cyber moon shot. Carole Theriault reports on a hack of the Australian emergency warning system. She speaks with Paul Baccas from Proofpoint. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/January/CyberWire_2019_01_15.html   Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices

In today’s podcast, we hear that Huawei has fired the sales manager arrested for espionage in Poland, and says that if he was spying, he was freelancing. Ryuk ransomware now looks more like a criminal than a state-sponsored operation. And its “big-game hunting” has pulled in almost four million dollars since August. Access control system zero-days found. And a lawsuit is likely to set some precedents concerning what counts as cyberwar. Joe Carrigan from JHU ISI on updated NIST password guidelines. Guest is Vijaya Kaza from Lookout on the shifting role of privacy in infosec. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/January/CyberWire_2019_01_14.html   Support our show Learn more about your ad choices. Visit megaphone.fm/adchoices