The CyberWire Daily Podcast is our look at what's happening in cyberspace. It provides a clear and concise summary of the news and offers commentary from industry experts as well as our Academic and Research Partners. We publish each weekday afternoon (in time for US East Coast drive-time.)
The CyberWire Daily Podcast for 08.16.17
New draft of NIST SP 800-53 is out. Brute-force attack against Holyrood email accounts. Equation Group leaks remain dangerous. "Mr. Smith" remains at large. Trickbot uses unusually convincing counterfeit sites. PowerPoint malware vectors may be part of a criminal test. NetSarang urges swift patching of a backdoor in its software. Extremist inspiration persists. And some guy in Nigeria with more moxie than skills is behind a big business email compromise campaign.
In today's podcast, we hear about a new draft of NIST SP 800-53. There's been an attempt to brute-force email credentials in Scotland's Parliament. Fancy Bear's romp through high-end hotel Wi-Fi suggests the Equation Group leaks will be with us for some time. "Mr. Smith" remains at large, and still wants to be paid. Trickbot uses unusually convincing counterfeit sites. PowerPoint malware vectors may be part of a criminal test. NetSarang urges swift patching of a backdoor in its software. Extremist inspiration persists. Ben Yelin from UMD CHHS on privacy concerns with robot vacuum cleaners. Guest is Jeff Pederson from Kroll Ontrack, a data recovery firm, with tips on data recovery. And some guy in Nigeria with more moxie than skills is behind a big business email compromise campaign.
Artificial Intelligence & Machine Learning. This technology is popping up in everywhere in cybersecurity. Aside from sounding cutting-edge, what does it mean? What value does it add? Find out exactly how cool AI and machine learning are, and how small nuances in how each is used can make a big difference from E8, at e8security.com.
Delta Risk LLC, a Chertoff Group company, provides managed security services and risk management consulting to clients worldwide. Founded in 2007, Delta Risk offers expert knowledge around technical security, policy and governance, and infrastructure protection to help organizations improve their cyber security operational capability and protect business operations. Learn more at deltarisk.com.
Black Hat 2017 – Research and Investment: A CyberWire Special Edition
Black Hat 2017 has wrapped up, and by all accounts it was another successful conference, with an active trade show floor, exciting keynotes and engaging, informative educational sessions on a variety of topics. There was business being done, with hopeful entrepreneurs and investors alike looking to identify the next big thing in cyber security. In this CyberWire special edition, we’ve rounded up a handful of presenters and one investor for a taste of Black Hat, to help give you a sense of the event.
Patrick Wardle is Chief Security Researcher at Synack, and creator of objective-see, an online site where he publishes the personal tools he’s created to help protect Mac OS computers. He’ll be telling us about his research on the FruitFly malware recently discovered on Mac OS.
Hyrum Anderson is technical director of data science at Endgame, he will discuss research he released on stage at Black Hat showing the pros and cons of using machine learning from both a defender and attacker perspective.
Zack Allen, Manager of Threat Operations, and Chaim Sanders, Security Lead, of ZeroFOX will be speaking about their Black Hat presentation on finding regressions in web application firewall (WAF) deployments.
And we’ll wrap it up with some insights from Alberto Yepez, founder and managing director of Trident Cybersecurity, on the investment environment and the changes he’s seen in the market in the last year.
Cylance is revolutionizing cybersecurity with products and services that proactively prevent, rather than reactively detect the execution of advanced persistent threats and malware. Learn more at cylance.com