CyberWire Daily

In this edition of the CyberWire Research Saturday, we'll take a look at a more recent intrusion PwC has uncovered, named KeyBoy and highly likely a China-based threat actor. It uses compromised Word documents to gain access.Bart Parys is a lead researcher in PwC's cyber threat intelligence team, responsible for tracking cyber threat actors, their latest toolsets and methodologies.  https://www.pwc.co.uk/issues/cyber-security-data-privacy/research/the-keyboys-are-back-in-town.html Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear some updates on the Triton ICS malware campaign. North Korea amplifies its denials of responsibility for WannaCry. Cryptocurrency markets undergo a strong correction. "Blockchain" remains a word to conjure with. Citing a potential risk to national security, Lithuania's government bans Kaspersky software. ESET thinks Fancy Bear is growing more cunning and evasive. Chris Poulin from BAH on the transition to self driving cars, and the problem with selling fear and uncertainty. Guest is Kim DeCarlis from Gigamon on marketing cyber security. And how does Siri handle various linguistic challenges?  Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we suggest a new year's resolution all organizations should make: resolve to configure your cloud services for privacy and security. Another cryptocurrency exchange gets hacked, this one by DNS hijacking. North Korea finally says it had nothing to do with WannaCry, but few are convinced. The Lazarus Group continues to be a prime suspect in cryptocurrency theft. Section 702 nears sunset. Wassenaar seems to have become friendlier to researchers.  David DuFour from Webroot on quantum computing and AI. Guest is Joseph Carson from Thycotic on stolen passwords on the black market. And Kaspersky Lab wants redress in court.  Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we talk about what the Five Eyes see. Implications of North Korean responsibility for WannaCry. Defense and deterrence go with naming and shaming. The Lazarus Group looks to cryptocurrency theft to redress North Korean financial shortfalls. Copperfield cyber espionage campaign in the Middle East. GDPR approaches, and organizations look to get their data houses in order (and buy insurance). Justin Harvey from Accenture on choosing threat intelligence. Guest is Stan Engelbrecht from D3 Security on the vulnerabilities in public transportation. And what to do if your child gets a phone from Santa.  Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear that the Five Eyes look at WannaCry and officially see Pyongyang. New US National Security Strategy emphasizes economic power and cybersecurity (and names the adversaries). Hex Men are no super heroes. More Bitcoin theft bankrupts an alt-currency exchange. Android Monero miner can basically melt your phone, it's working so hard. Users leave Lexmark printers open to the Internet. AnubisSpy peeks at Arabic-speaking Android users. Joe Carrigan from JHU on holiday IoT devices. Guest is Chris Webber from SafeBreach, reviewing the third edition of their Hacker’s Playbook. And guess the two worst passwords of 2017.  Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear how the Zealot campaign uses ShadowBrokers' exploits to install a Monero miner on victim systems. Bitfinex suffers another DDoS attack as Bitcoin valuations remain high. Triton attack on industrial safety systems shows the risk of mixing control with safety. Exposed database of California voters investigated. Thales will buy Gemalto. Johannes Ullrich from SANS and the Internet Storm Center podcast, on scammers profiteering from natural disasters. And suffering from social media hangover? Try a little hair of the dog that bit you (say social media vendors).  Learn more about your ad choices. Visit megaphone.fm/adchoices

Online underground markets thrive across the globe, with the Middle East and North Africa being no exception. Researchers at Trend Micro recently too a look inside these digital souks, and while much of what they discovered matches similar online marketplaces, there are unique cultural elements that set these regional trading posts apart.Jon Clay is a cyber security expert from Trend Micro, and he takes us through their research paper, "Digital Souks: A Glimpse into the Middle East and North African Underground." Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear that Ethiopia's government has shut down the country's Internet during a period of unrest. TRITON ICS malware update. The FCC moves away from net neutrality. UK warnings about cable vulnerabilities. When a keylogger isn’t a keylogger. Security companies patch some products. Pyongyang likes Bitcoin. More on the NiceHash Bitcoin caper. Emily Wilson from Terbium Labs on breach fatigue. Colleen Huber from MediaPro on their 2017 State of Privacy and Security Awareness Report.  And, stick 'em up: your Ether or your life.  Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear that Anonymous has called for action against US and Israeli government sites. FireEye reports a significant attack against an industrial plant, possibly involving nation-state reconnaissance. A lot of Internet traffic was briefly rerouted through Russia yesterday, possibly deliberately, for unclear reasons. TV troubles. Dale Drew from CenturyLink on measuring against standards and certs. Torsten Mayer from FICO on using AI to help protect nonprofits online.  And if toys are getting too connected, consider a puppy—very interactive.  Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear a reminder about yesterday's Patch Tuesday. Classic Android games are serving malware. Crytpocurrency speculative fever continues to rise. More unwelcome miners are pulling Monero out of streaming video services. Ransomware extortionists are finding Bitcoin prices sometimes rise too fast for comfort. False hit-man spam. A Russian hacking defendant, in Russia, says Putin made him do it. Robert M. Lee from Dragos on the security of the water supply. Guest is Evan Dornbush from point3 security on the disconnect between employers and educational institutions. Guilty pleas in the Mirai case.  Learn more about your ad choices. Visit megaphone.fm/adchoices