CyberWire Daily

In today's podcast we hear that Mexican banks may have sustained unauthorized funds transfers. Presidents Trump and Xi seem willing to toss a lifeline to drowning ZTE. Some researchers report an uptick in Iranian cyber operations. Russia's premier troll farm bought Facebook and Instagram ads targeting American teenaged girls. Apple, Facebook, and Twitter tighten their grip on apps connecting to their stores or services. Police cell-tracking receives scrutiny. And Anonymous is back. Justin Harvey from Accenture with his thoughts on whether the U.S. pulling out of the Iran nuclear deal will lead to more cyber attacks from Iran.  Learn more about your ad choices. Visit megaphone.fm/adchoices

Bobby Filar is a Principal Data Scientist at Endgame, and coauthor of the research paper, The Malicious Use of Artificial Intelligence: Forecasting, Prevention, and Mitigation. The report surveys the landscape of potential security threats from malicious uses of AI, and proposes ways to better forecast, prevent, and mitigate these threats. Bobby Filar joins us to discuss the paper, and his views on the evolving role of AI in cybersecurity. The Malicious Use of Artificial Intelligence: Forecasting, Prevention, and Mitigation Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear that vigilantes have visited ZooPark, and the lights go out—voluntarily—on some Georgia hacktivists. Treasure Hunter source code posted to a criminal forum. Malicious Chrome extensions and malicious Android photo-editing apps. GrandCrab ransomware served by compromised legitimate sites. Russian influence ops. Concerns about a resumption of Iranian hacking. Ex-CIA officer charged with espionage. Hobby hacker indicted on Federal charges. FCC hits a robo-caller with a record fine. Jonathan Katz from UMD on why cryptography is more challenging than many software engineers think. Guest is Cyrus Farivar, author of the book Habeas Data, Privacy vs. the Rise of Surveillance Tech.  Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear that US withdrawal from the Iranian nuclear deal is widely taken as heralding a new round of cyber conflict. Cyberattacks on critical infrastructure are seen as an asymmetric way of war. The ALLANITE threat group is observed successfully reconnoitering US and UK electrical power grids. Jack-in-the-Box does nasty things with images. Signal's self-deleting messages don't, or at least they don't always. And US sanctions may be putting ZTE out of business. Robert M. Lee from Dragos on the sliding scale of cyber security. Guest is Jonathan Matkowsky from RiskIQ with concerns over ICANNs pending interim policy changes on the WHOIS database in response to GDPR.   Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear about Hide-and-Seek, a hard to flush botnet. A phishing technique takes advantage of an email client's rendering of HTML. Facebook death threats in 2015 are said to have been the work of Fancy Bear, dressed up as the Cyber Caliphate. Nigeria's Yahoo boys are busier than ever. DHS wonders what it will take to get US Federal contractors to get rid of Kaspersky. Crooks turn from Tor to Telegram. Patch Tuesday notes. And Georgia's governor vetoes a controversial cybersecurity bill. Joe Carrigan from JHU ISI on a pilot program from Delaware on mobile drivers licenses. Guest is Phillip Dunkelberger from Nok Nok Labs on authentication usability, standardization, and security issues.  Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear that hacktivist lightning is flashing across the Aegean, hitting Greek and Turkish TV stations. Process Doppelgänging is observed in ransomware circulating in the wild. Unstructured data could expose enterprises to GDPR regulatory risk. So might transitive data sharing. Big US companies are ready to follow GDPR standards in North America as well as Europe. Older Lantech industrial servers appear vulnerable to remote code execution. Vandals hit security cameras in Japan. And teachers, don't necessarily leave those kids alone, but maybe that cultist is actually an infosec enthusiast. Emily Wilson from Terbium Labs on third party data showing up on the dark web. Guest is Chris Dollase from Mimecast on the role of the threat researcher.   Learn more about your ad choices. Visit megaphone.fm/adchoices

Just before the RSA conference this year, we spoke with a pair of industry experts for their take on the year so far, and what they expect to see in the coming months. In this CyberWire Special Edition, we hear from Craig Williams, Director of Talos Outreach at Cisco, and later in the show from Jon Rooney, Vice President of Product marketing at Splunk. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear that Chinese intelligence services have been seen beneath the Winnti Umbrella. North Korea's off-shoring of cyber operations. ZooPark Android spyware is now in its fourth generation, and still active in the Middle East and North Africa. Vulnerabilities in Dasan GPON routers are exploited in the wild. Russian Twitterbots are suspected of tweeting death threats in the UK. David Dufour from Webroot on anti-malware testing procedures. And how do you solve a problem like GDPR?  Learn more about your ad choices. Visit megaphone.fm/adchoices

Kevin Epstein is Vice President of Proofpoint's Threat Operations Center. We’re discussing two bits of research with him today. The first is about BlackTDS, a traffic distribution tool for sale in dark web markets. A little later in the show, he’ll tell us about ThreadKit, a document exploit builder.  Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear that they're hoping in Australia that backup tapes made it to the shredder, and didn't fall off the truck. Equifax's board of directors gets reelected. Are China's espionage services preparing the battlespace for a supply chain attack. New Spectre-like vulnerabilities are found in Intel chips. Google and Amazon clamp down on domain fronting, and anti-censorship advocates are unhappy. Here Kitty…we have Monero for you. And a change of command at NSA and US Cyber Command. Johannes Ullrich from SANS and the Internet Stormcast podcast, reviewing the history of hardware flaws. Guest is Philip Tully from ZeroFox with a recap of a talk he gave at RSA on AI.  Learn more about your ad choices. Visit megaphone.fm/adchoices