CyberWire Daily

In today's podcast, we hear about more misconfigured S3 buckets (these in Australia). Kaspersky Lab protests its innocence as it releases a study of Equation Group leaks. Notes from the world of crime: dual-purpose Trojans, fake-news-as-a-service, and how the cops are keeping the robbers hopping. Some thoughts on Hidden Cobra, and what it means for ICS operators in particular. More positive notices for the VEP. Chris Poulin from BAH on AI ethical conundrums with self-driving cars. Jeremy Wittkop from InteliSecure on the trouble with Social Security Numbers. And Amazon Key may unlock more than one would like.   Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we get an update on the US Vulnerabilities Equities Process, which now promises more transparency, accountability, and stakeholder representation in handling zero-days. A look at China's equivalent…doesn't. Worries about North Korean hacking. Mole hunting at Fort Meade. BlueBorne bugs in home assistants. More malware in Google Play. David DuFour from Webroot on the importance of communication with the board of directors. Roy Katmor from Ensilo on attacks using social engineering. And how to get around that pesky voice recognition software.  Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear that the DHS and FBI have warned that two North Korean malware campaigns are active in the wild. IoT vulnerabilities are disclosed. :Smartphones ship with apparently inadvertent backdoors. Patch Tuesday was a big one, this month. Russian trolls took both sides in the Brexit vote. A pro-tip from the squints: a screenshot from a video game isn't, you know, actually gun-camera footage. Ben Yelin from UMD CHHS on the possible expiration of section 702 of the FISA act. Orion Hindawi, CEO of Tanium, with insights gathered from their annual Converge conference. And North Korean shortwave gets hacked to play Eighties rock.  Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear that Spain sees foreign influence operations in Catalonia. IBM's X-Force warns of a new banking Trojan. There may be a mole hunt going on in NSA—and somewhere the Shadow Brokers are smiling. Anti-virus companies fix the AVGater vulnerability. Firefox and Google both commit to security upgrades. Johannes Ullrich from SANS Technology Institute and the ISC Stormcast podcast on the challenges of random number generation. Steve McGregory from Ixia on the challenges of dealing with the virtually infinite computing power and bandwidth of cloud computing. Tenable urges people to avoid breaches through good hygiene, and Carbon Black wishes we'd stop calling attackers "hackers."  Thanks for listening to the CyberWire. One of the ways you can support what we do is by visiting our sponsors. We read Recorded Future’s free intel daily, you might find it valuable, too. Cylance is revolutionizing cybersecurity with products and services that proactively prevent, rather than reactively detect the execution of advanced persistent threats and malware. Learn more at cylance.com. Dragos is leading a webinar on November 21st that will help enable industrial control system (#ICS) security teams to defend their environments appropriately. Check it out at thecyberwire.com/dragos. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear how Vault 8 has succeeded Vault 7 among WikiLeaks dumps (but it's still all CIA all the time from Mr. Assange and company). GCHQ expresses concerns about Kaspersky anti-virus products. Media reports suggest that NSA is in the middle of a big mole hunt. Equifax begins to tally up the costs of its breach. The US Intelligence Community reiterates its conclusion that dog bites man, or rather, that Russia wants to work mischief with the United States. ISIS defaces school websites. Bin Laden fils [feess] takes up his late father's mantle online. Some notes on South Korea's domestic influence investigations. A look back at the SINET showcase. Rick Howard from Palo Alto networks discussing “vendor in depth” and “best of breed” strategies.  Thanks for listening to the CyberWire. One of the ways you can support what we do is by visiting our sponsors. We read Recorded Future’s free intel daily, you might find it valuable, too. Cylance is revolutionizing cybersecurity with products and services that proactively prevent, rather than reactively detect the execution of advanced persistent threats and malware. Learn more at cylance.com. Dragos is leading a webinar on November 21st that will help enable industrial control system (#ICS) security teams to defend their environments appropriately. Check it out at thecyberwire.com/dragos. Podcast sponsor 1-Recorded Future: http://goo.gl/wphZ1z Podcast sponsor 2- Cylance: https://goo.gl/fHR65L Friday sponsor- Dragos: https://goo.gl/nqR2yq Learn more about your ad choices. Visit megaphone.fm/adchoices

Dr. Adrian Nish is head of cyber threat intelligence at BAE Systems. His team has been tracking a new cyber-enabled bank heist in Asia. Some of the tools used are reminiscent of the Bangladesh Bank attack from February 2016.The full report can be found here. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear that there's no honor among thieves, or botnet herders, either. Reaper still seems quiet. Macro-less malware is a problem, Microsoft warns. Researchers show you can hack an airliner's avionics. The maritime shipping sector worries that Maerk's experience with NotPetya isn't just a one-off. Ether—the cryptocurrency—is disappearing into the aether (at least this once). Justin Harvey from Accenture on the importance of not failing the basics. Guest is David Barzilai from Karamba Security on the security of embedded systems in automated cars. And we congratulate this year's SINET 16.  Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear some industry news today, briefly, before we get to the cloak-and-keyboard stuff. Fancy Bear has some new dance steps. OceanLotus and Sowbug, threat actors, not plants or insects, as you might be forgiven for thinking, snoop on ASEAN and Latin America, respectively. Notes on international law and the future of cyberwar from CyCon. Joe Carrigan from JHU on the difficulties in reporting vulnerabilities. Robert Rodriguez from SINET on the trends he sees from the companies winning the SINET 16. And Appleby insists the Paradise Papers were not an inside job.  Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear more on the Paradise Papers, where the optics are looking more Inferno than Paradiso. Off-year elections in the US are on today amid general concerns about, well, somebody doing something to them. Trollhunting sometimes brings down the wrong targets. Notes on the future of cyber conflict from CyCon 2017. The Internet's co-inventor says it's time to hold coders accountable for buggy software. Emily Wilson from Terbium Labs with thoughts from a conference in the Netherlands. Wesley Simpson from (ISC)2 making the case that security is a people problem. And Facebook will keep your naughty selfies off the Internet. Really—just upload them to the right place.  Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about the Paradise Papers, a trove of documents obtained from a Bermuda law firm thatcontain details not only about wealthy tax avoiders, but about investments as well. Kaspersky says that its antivirus software did, after all, copy files that weren't viruses. (But they were still bad files.) US Senate Majority Leader McConnell says tech companies should help the US retaliate against nation-states' cyberattacks. Dale Drew from CenturyLink with a call for introspection when considering cyber defenses.  Learn more about your ad choices. Visit megaphone.fm/adchoices