CyberWire Daily - Transcripts
The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
A new backdoor, courtesy of the DPRK. The Medibank breach is all over but the shouting (or, all over but the suing and the arresting). Risks and opportunities in telecom’s shift to cloud. Cyber risk in healthcare. An assessment of Russian cyber warfare. Robert M. Lee from Dragos assesses the growing value of the ICS security market. Our guest is Cecilia Seiden of TransUnion to discuss their 2022 Consumer Holiday Shopping Report. And it’s December, which means…predictions. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/229 Selected reading. Who’s swimming in South Korean waters? Meet ScarCruft’s Dolphin (ESET) Medibank hackers announce ‘case closed’ and dump huge data file on dark web (the Guardian) New details on commercial spyware vendor Variston (Google) Risks and opportunities in telecom’s shift to cloud. (CyberWire) Moody’s discusses cyber risk in healthcare. (CyberWire) 'Do something:' Ukraine works to heal soldiers' mental scars (AP NEWS) Reformed Russian Cybercriminal Warns That Hatred Spreads Hacktivism (Wall Street Journal) Cybersecurity predictions for 2023. (CyberWire)
Has LockBit 3.0 been reverse engineered? A COVID lure contains a Punisher hook. A Chinese cyberespionage campaign uses compromised USB drives. Lilac Wolverine exploits personal connections for BEC. Killnet claims to have counted coup against the White House. Tim Starks from the Washington Post has the FCC’s Huawei restrictions and ponders what congress might get done before the year end. Our guest is Tom Eston from Bishop Fox with a look Inside the Minds & Methods of Modern Adversaries. And, of course, scams, hacks, and other badness surrounding the World Cup. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/228 Selected reading. LockBit 3.0 ‘Black’ attacks and leaks reveal wormable capabilities and tooling (Sophos News) Punisher Ransomware Spreading Through Fake COVID Site (Cyble) Always Another Secret: Lifting the Haze on China-nexus Espionage in Southeast Asia (Mandiant) BEC Group Compromises Personal Accounts and Pulls Heartstrings to Launch Mass Gift Card Attacks (Abnormal Security) Killnet Claims Attacks Against Starlink, Whitehouse.gov, and United Kingdom Websites (Trustwave) Scammers on the pitch: Group-IB identifies online threats to fans at FIFA World Cup 2022 in Qatar (Group-IB)
DDoS as a holiday-season threat to e-commerce. A TikTok challenge spreads malware. Meta's GDPR fine. Mr. Security Answer Person John Pescatore has thoughts on phishing resistant MFA. Joe Carrigan describes Intel’s latest efforts to thwart deepfakes. And US Cyber Command describes support for Ukraine's cyber defense. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/227 Selected reading. Holiday DDoS Cyberattacks Can Hurt E-Commerce, Lack Legal Remedy (Bloomberg Law) TikTok ‘Invisible Body’ challenge exploited to push malware (BleepingComputer) $275M Fine for Meta After Facebook Data Scrape (Dark Reading) Before the Invasion: Hunt Forward Operations in Ukraine (U.S. Cyber Command)
Nighthawk’s at the diner (but maybe not on the crooks’ menu). Internet service in Ukraine and Moldova is interrupted by strikes against Ukraine's power grid. Sandworm renews ransomware activity against Ukrainian targets. Russian cyber-reconnaissance seen at a Netherlands LNG terminal. European Parliament votes to declare Russia a terrorist state (and Russia responds with cyberattacks and terroristic threats). Carole Theriault reports on where these kids today are getting their news. Malek Ben Salem from Accenture on digital identity in Web 3.0. And, hey, the new list of most commonly used passwords looks...depressingly familiar. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/226 Selected reading. Sec firm MDSec slams Proofpoint for post on pen-testing framework (iTWire) Nighthawk: With Great Power Comes Great Responsibility - MDSec Cyberattack Hits Iran's Fars News Agency (RadioFreeEurope/RadioLiberty) Iran’s Fars news agency is hit by cyberattacks, blames Israel (Times of Israel) Ukraine and Moldova suffer internet disruptions after Russian missile strikes (The Record by Recorded Future) New ransomware attacks in Ukraine linked to Russian Sandworm hackers (BleepingComputer) Russian hackers targeting Dutch gas terminal: report (NL Times) Russia labelled state sponsor of terrorism as missile strikes leave Ukraine without power (The Telegraph) Killnet Group Claims Responsibility for European Parliament Cyber Attack (Digit) European Parliament hit by 'sophisticated' cyberattack (Deutsche Welle) European Parliament website suffers 'sophisticated' cyber attack after Russia terrorism vote (Computing) Hackers Temporarily Take Down European Parliament Website (Wall Street Journal) Guess the most common password. Hint: We just told you (Register)
Laura Whitt-Winyard, CISO from Malwarebytes, sits down to share her story, beginning with a desire to be a pediatric oncologist that she later discovered was not the path for her. Laura was bouncing around from job to job until she bought her first computer, and a light bulb went off in her head. She set out to make it her goal to learn about this new, interesting field and grow within it. Now as a successful CISO, she wants to make the world more secure and goes from company to company to complete her goal. She considers herself a servant leader whose goal is the greater good. She compares her role to football, explaining that she is not the quarterback, but the center for the team. She believes she is the center that paves the path for the quarterbacks on her team to reduce the noise, to give the quarterback all the tools that they need to do their jobs and do their jobs well. We thank Laura for sharing her story.
Alon Zahavi from CyberArk, joins Dave Bittner on this episode to discuss CyberArk's work in conjunction with Patch Tuesday. CyberArk published about how Docker inadvertently created a new vulnerability and what happens when it's exploited. CyberArk's research concluded that an attacker may execute files with capabilities or setuid files in order to escalate its privileges up to root level. CyberArk found the new vuln in some of Microsoft’s Docker images, caused by misuse of Linux capabilities, a powerful additional layer of security that gives admins the ability to assign capabilities and privileges to processes and files in the Linux system The research can be found here: How Docker Made Me More Capable and the Host Less Secure