CyberWire Daily

Researchers with Arbor Networks ASERT team have been tracking a malware campaign targeting commercial manufacturing, and have uncovered various samples dating back to at least 2016.Richard Hummel is Threat Intelligence Manager for Arbor Networks' ASERT Team, and he takes us through what they've discovered. https://www.arbornetworks.com/blog/asert/innaput-actors-utilize-remote-access-trojan-since-2016-presumably-targeting-victim-files/ Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we take look back at RSA as the big security conference wraps up. Tension between Russia and the West continues to manifest itself in apparent staging attacks and information operations. ISIS in its diaspora returns to recruiting and inspiration. A business email compromise campaign afflicts the maritime shipping sector. Atlanta still struggles to recover from SamSam rasomware. Sanctions drive Huawei from the US market; ZTE may soon follow. David Dufour from Webroot, with thoughts on the conference. Guest is CyberWire editor John Petrik, with thoughts on a cyber Geneva convention.  Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we have some RSA notes: an industry-led cyber Geneva Convention, threats and deterrence, and addressing a labor shortage. New Zealand joins Australia, the UK, and the US in warning that someone's exploiting vulnerable routers. Moscow demands to see the evidence that this someone is Russia. Trustjacking afflicts iOS users. Stresspaint Trojan is out in the wild, posing as an innocent app. Another exposed AWS bucket is found. Rick Howard from Palo Alto on the notion of a "cyber moon shot." Guest is Malcolm Harkins from Cylance on why it's unacceptable to adopt the attitude that bad guys getting in is inevitable.  Learn more about your ad choices. Visit megaphone.fm/adchoices

Reconnaissance and staging in cyberspace, with Five Eye warnings to Russia. Privacy class action suit complains of Facebook facial recognition. Australia joins the ranks of ZTE sceptics. Cyberwarfare discussed at RSA: retaliation, deterrence, renunciation, and a private sector push for international norms. Attention tax procrastinators: the IRS says it was hit by a glitch, and not hacked. Zulfikar Ramzan from RSA with thoughts on the conference. Guest is Kevin McNamee from Nokia, discussing threat intelligence and mobile device ransomware.  Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear that Western governments attribute a large-scale campaign against poorly secured connected devices to Russia. Battlespace preparation is suspected. No new US sanctions against Russia, yet, but the matter remains under consideration. ZTE falls under the same cloud as Huawei. Desert Scorpion spyware ejected from Google Play. And there's a winner in RSA's Innovation Sandbox: BigID took away the prize. Justin Harvey from Accenture, joined by the head of Accenture's Cyber Defense team, Ryan LaSalle, discussing their 2018 State of Cyber Resilience report. Guest is Jason Brvenik from NSS labs on their Advanced Endpoint Protection (AEP) Group Test.  Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we note that RSA has opened with ten rising stars in its annual Innovation Sandbox. US, British, and French coordinated strikes against Syrian chemical warfare targets prompt Russian information ops and warnings from Britain that the UK will retaliate against any cyberattacks against infrastructure. Charges are filed against an alleged Reveton ransomware money launderer. Emily Wilson from Terbium Labs with tips for conference-goers. Guest is Paul Martini from iBoss with thoughts on growing cyber security companies in a crowded marketplace.   Learn more about your ad choices. Visit megaphone.fm/adchoices

Researchers at Cylance recently uncovered the malicious use of a core router in a campaign aimed at critical infrastructure around the world. Kevin Levelli is Director of Threat Intelligence at Cylance, and he takes us through what they've discovered.  Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear that, while the operators behind Operation Parliament pretend to be nothing but a bunch of skids, they're anything but. EITest gets taken down. Facebook this week faced questions about privacy and ideological bias. Most observers think these questions were largely ducked. Estonia's Annual Report on security is worth reading no matter where you live. And an accused swatter seems to have learned nothing from his experience. Dr. Charles Clancy from the Hume Center at VA Tech, discussing LTE network vulnerabilities. Guest is Dinah Davis from CodeLikeaGirl.io and Arctic Wolf Networks, discussing diversity at tech conferences.  Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear that Facebook's CEO Mark Zuckerberg has finished testifying on Capitol Hill, denying that Facebook sells data or that it knew what those people at Cambridge were up to with the data they obtained. Supply chain cyber threats to satellites. North Korean destructive malware may be back. Early bird code injection. GCHQ takes on ISIS in cyberspace. Germany attributes 2017 network intrusions to Russia. International body confirms British official accounts of the Salisbury nerve agent attacks. Chris Poulin from BAH on self driving car tech that monitors the driver’s gaze to make sure they are paying attention to the road. Guest is Oren Falkowitz from Area 1 Security, looking at the Atlanta ransomware incident.  Learn more about your ad choices. Visit megaphone.fm/adchoices

Today we're following all things Facebook—it's four o'clock: do you know where your data are? We're betting no. Neither side of the aisle seems content with the answers Mr. Zuckerberg gave to the Senate panel. He's speaking before a House panel today. Patch Tuesday notes. Cyber tensions continue to rise as kinetic and chemical tensions rise between Russia and the West. Justin Harvey from Accenture, discussing cyber hygiene blind spots. Guest is Nahuel Sanchez from Onapsis on vulnerable password recovery systems.  Learn more about your ad choices. Visit megaphone.fm/adchoices