Each week the CyberWire’s Hacking Humans podcast looks behind the social engineering scams, phishing schemes, and criminal exploits that make headlines and take a heavy toll on organizations around the world. We talk to social engineering experts, security pros, cognitive scientists, and those practiced in the arts of deception (perhaps even a magician or two). We also hear from people targeted by social engineering attacks and learn from their experiences. Trust us: check out the first episode and subscribe today. The second episode will arrive Thursday. (Thanks to KnowBe4, our sponsors for season 1.)
DPRK's Covellite quiet (in the US). Cryptocurrency hacks. Lawyers easy marks? Apple updates for user privacy. Chinese spying.
Covellite, the North Korean Internet-of-things hacking group, seems to have grown quiet with respect to American targets during the runup up to the June 12th Kim-Trump summit. Covellite, tracked by Dragos, is said to share considerable infrastructure and malicious code with the Lazarus Group (a.k.a. Hidden Cobra).
NATO members (the US in particular) find themselves relearning Cold War lessons about Russian electronic warfare capabilities.
Russian authorities are said to share Western concerns over the increasing rate of criminal attacks on cryptocurrencies.
The New York Law Journal, in a look at trends in social engineering, concludes that law firms are surprisingly easy marks.
Anyone attending World Cup events this summer should be aware of the significant risk Wi-Fi hotspots present.
Apple's latest round of updates are regarded as markedly friendly to user privacy. MacOS Mojave and iOS 12 both include features designed to block "secret trackers," and a feature being tested for iOS 12, USB Restricted Mode, is designed to impede Cellebrite's unlocking tools the FBI and others have used. The Safari browser also has new features designed to impede ad-trackers.
As the US Congress considers legislation designed to restrict Chinese intelligence collection, and the FBI warns that Chinese espionage is a "whole-of-nation" problem, the US Justice Department has charged former US Army warrant officer and DIA civilian employee Ron Rockwell Hansen with fifteen counts related to spying for China, including attempting to gather or deliver national defense information to aid a foreign government and acting as an unregistered foreign agent.
Today's issue includes events affecting Australia, Belgium, China, European Union, France, Germany, Israel, Democratic Peoples Republic of Korea, NATO/OTAN, Poland, Romania, Russia, and United States.
Insider threat incidents come with a hefty price tag, according to the “2018 Cost of Insider Threats: Global Organizations” report released by independent research group, The Ponemon Institute. Make sure that you understand the full context (and cost) of these threats by downloading the full report. Get your copy today.