CyberWire Daily

In today's podcast we hear that the US Intelligence Community warns of Russian threats, again. A criminal spearphishing campaign hits Russian industrial companies. A cryptojacking wave is installing CoinHive in MicroTik routers. Speakers at the Billington Automotive CyberSecuirty Summit stress collaboration, design for security, and the convergence of cyber and safety. Autonomy and connectivity make these imperative for the next generation of vehicles. Municipalities hit by malware feel the pain.  Ben Yelin from UMD CHHS on a NYT story on records being seized from a reporter. Guest is David Spark, cohost of the CISO Security Vendor Relationship podcast.   For links to all of today's stories check out our CyberWire daily news brief: https://thecyberwire.com/issues/issues2018/August/CyberWire_2018_08_03.html   Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear that Cisco plans to buy Duo Security. Dragos warns of the RASPITE adversary actor. Russia's Sandworm group is phishing people connected with a Swiss chemical forensics lab. How influence operations can be a no-lose proposition. A cryptojacking campaign is discovered and stopped. Malspam is using gifs to carry a keylogger payload. And Facebook CSO Alex Stamos has fixed a date for his departure for Stanford. Robert M. Lee from Dragos with thoughts on categorizing threat actors. Guest is Wendi Whitmore from IBM with their 2018 Cost of a Data Breach study.  For links to all of today's stories check out our CyberWire daily news brief: https://thecyberwire.com/issues/issues2018/August/CyberWire_2018_08_02.html Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear that a Swiss chemical agent forensic lab has seen Sandworm phishing attempts. Facebook kicks thirty-one "inauthentic" accounts from its platform: they seem to have been engaged in influence operations, possibly Russian. Attribution remains difficult. NSO Group's Pegasus spyware found in Amnesty International phone. SamSam ransomware exacts a high cost. Yale realizes it was breached about ten years ago. Google allegedly prepares a censor-engine for Chinese web searchers.  Craig Williams from Cisco’s Talos unit, describing his team and the work they do. Guest is Thomas Hofmann from Flashpoint on ransomware and online extortion.  For links to all of today's stories check out out Cyberwire daily news brief: https://thecyberwire.com/issues/issues2018/August/CyberWire_2018_08_01.html Learn more about your ad choices. Visit megaphone.fm/adchoices

In this CyberWire special edition, we take a look at data-centric security, focusing on the security of the data itself, rather than the surrounding networks, application or servers.  To help us on our journey of understanding we’ve lined up a number of industry experts. Ellison Anne Williams is CEO of Enveil, a company that’s developed cutting edge encryption techniques. Adam Nichols is principle of software security at Grimm, a cybersecurity engineering and consulting firm. Mark Forrest is CEO of Cryptshare, maker of secure electronic communication technologies for the exchange of business sensitive information. And John Prisco is CEO at QuantumXchange, a provider of what they claim is unbreakable quantum-safe encryption. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear more warnings about Russian cyber operators in the North American power grid. The US Department of Homeland Security announces formation of a National Risk Management Center. Cosco's preparation may have rendered the shipper more resilient to the cyberattack it sustained. Congress worries over election hacking and deep fakes. Electronic warfare is back. An alt-coin platform is hacked, a carder goes to jail, an alleged sim-swapper is arrested, and coaches behave badly.  Johannes Ullrich from SANS and the ISC Stormcast podcast on TLS 1.3 implementation. Guest is Mark Orlando from Raytheon on critical infrastructure security.  For links to all of today's stories check out our CyberWire daily news brief: https://thecyberwire.com/issues/issues2018/July/CyberWire_2018_07_31.html Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about NetSpectre, a new speculative execution proof-of-concept. Australia's Electoral Commission says there were no signs of hacking recent by-elections. US states remain concerned about election hacking. Missouri Senator McCaskill confirms that Fancy Bear made an unsuccessful attempt to access her staff's network. Russian threats to power grids. Industrial espionage continues to go after corporate IP. And news you can use about JPay (we know: you're asking for a friend). Jonathan Katz from UMD on the timeline for practical quantum computers.  For links to all of these stories check out our CyberWire daily news brief: https://thecyberwire.com/issues/issues2018/July/CyberWire_2018_07_30.html Learn more about your ad choices. Visit megaphone.fm/adchoices

Researchers at Defiant recently analyzed a malware family they named "BabaYaga," which has the curious behavior of clearing out other malware and keeping infected sites up to date.Brad Hass is a senior security analyst at Defiant, and he guides us through their findings.The research can be found here: https://www.wordfence.com/blog/2018/06/babayaga-wordpress-malware/ Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we learn that Fancy Bear is said to be snuffling around at least one US Senatorial office. The US National Security Council meets to consider Russian election interference. Notes on Chinese and Iranian cyberespionage. New malware loaders are offered on the black market. Smart home hubs are shown to be hackable. Tenable enjoys a good IPO. A burglar in Silicon Valley didn't say, your money or your life, but rather, dude I'm outta data—can I have your WiFi password? Dr. Charles Clancy from VA Tech on the security aspects of digital vs analog RF spectrum. Guest is Lisa Beegle from Akamai with info from their State of Internet Security report.  For link to all of today's stories check out the CyberWire daily news brief: https://thecyberwire.com/issues/issues2018/July/CyberWire_2018_07_27.html Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear that LifeLock gets locked down—probably no harm done, maybe. US-CERT warns of active campaigns against ERP applications. Ad blockers may be doubling as spyware. A new RAT gnaws away at corporate HR departments. Underminer shows that exploit kits aren't obsolete after all. NSA gets a bad report from its IG. Congress worries over Russian infrastructure reconnaissance and influence operations. Iran's OilRig and Leafminer remain active regional threats. Joe Carrigan from JHU ISI on infosec pros reusing passwords. Guest is Jessica Ortega from SiteLock, discussing how having social media icons on your website increases the odds of falling victim to attacks.   For links to stories in today's podcast check out our CyberWire daily news brief: https://thecyberwire.com/issues/issues2018/July/CyberWire_2018_07_26.html Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear that Leafminer is infesting networks in the Middle East. Red Alert, Kronos, Mirai, and Gafgyt make their reappearance in new forms. Shipping firm Cosco is dealing with a cyberattack. US officials raise warnings about Russian threats to the power grid and elections. Congress considers cyber retaliation. A dispute over cyber insurance coverage lands the insured and the insurer in court. Awais Rashid from Bristol University on IoT and OT convergence. Guest is Jason Morgan from Wiretap on their Human Behavior Risk Analysis Report.  For links to all of today's stories check out our CyberWire daily news brief: https://thecyberwire.com/issues/issues2018/July/CyberWire_2018_07_25.html Learn more about your ad choices. Visit megaphone.fm/adchoices