CyberWire Daily
Recent Episodes
Playing doctor with cyberattacks.
A North Korean hacking group targets healthcare, energy and finance. Leaked Leidos documents surface on the dark web. A Middle Eastern financial institution suffered a record-breaking DDoS attack. The latest tally on the fallout from the Crowdstrike outage. A cybersecurity audit of HHS reveals significant cloud security gaps. Docker patches a critical vulnerability for the second time. Google announced enhanced protections for Chrome users. In our latest Threat Vector segment, David Moulton speaks with Sama Manchanda, a Consultant at Unit 42, to explore the evolving landscape of social engineering attacks. If you’re heading to Paris for the Summer Olympics, smile for the AI cameras.
TranscriptStargazer Goblin hosts malicious code repositories on GitHub. Crowdstrike blames buggy validations checks for last week’s major incident. The Breachforums database reveals threat actor OPSEC. Windows Hello for Business (WHfB) was found vulnerable to downgrade attacks. A medical center in the U.S. Virgin Islands is hit with ransomware. Interisle analyzes the phishing landscape. The FTC orders eight companies to explain algorithmic pricing. Meta cracks down on the Nigerian Yahoo Boys. A fake IT worker gets caught in the act. My conversation with Nic Fillingham and Wendy Zenone, co-hosts of Microsoft Security's "The Bluehat Podcast.” Researchers wonder if proving you’re human proves profitable for Google.
TranscriptUK law enforcement relieves DigitalStress. Congress summons Crowdstrike’s CEO to testify. FrostyGoop malware turned off the heat in Ukraine. EvilVideo is a zero-day exploit for Telegram. Daggerfly targets Hong Kong pro-democracy activists. Google has abandoned its plan to eliminate third-party cookies. The FCC settles with Tracfone Wireless over privacy and cybersecurity lapses. Wiz says no to Google and heads toward an IPO. N2K’s Brandon Karpf speaks with guest Justin Fanelli, Acting CTO of the US Navy, about streamlining the fleet’s innovation process. Target’s in-store AI misses the mark.
TranscriptCrowdStrike and Microsoft battle blue screens across the globe.
Mitigation continues on the global CrowdStrike outage. UK police arrest a suspected member of Scattered Spider. A scathing report from DHS says CISA ignored a directive to cut ties with a faulty contractor. Huntress finds SocGholish distributing AsyncRAT. Ransomware takes down the largest trial court in the U.S. A US regulator finds many major banks inadequately manage cyber risk. CISA adds three critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Australian police forces combat SMS phishing attacks. Our guest Chris Grove, Director of Cybersecurity Strategy at Nozomi Networks, shares insights on the challenges of protecting the upcoming Summer Olympics. Rick Howard looks at Cyber Threat Intelligence. Appreciating the value of internships.
TranscriptA Crowdstrike update takes down IT systems worldwide. A U.S. District Court judge dismissed most charges against SolarWinds. Sophos examines the ransomware threat to the energy sector. European web hosting companies suspend Doppelgänger propaganda. An Australian digital prescription services provider confirms a ransomware attack affecting nearly 13 million. A pair of Lockbit operators plead guilty. N2K’s CSO Rick Howard speaks with AWS’ CISO Chris Betz about strong security cultures and AI. A look inside the world’s largest live-fire cyber-defense exercise.
Transcript
