The methods and mechanisms we use to understand and protect ourselves from the dangers lurking in cyberspace come from the exacting, often painstaking investigations of researchers all over the world. Each Saturday, we’ll talk to those dissecting the malware that’s disrupting business or stealing our personal information, identifying the vulnerabilities in our electronic and human cyber defenses, ferreting out the hidden surveillance features in the products we buy, and hunting down the threats to our increasingly interconnected world. We’ll also hear from researchers in industry and academia working to solve the hard problems of security in a rapidly evolving technological landscape, all while society grapples with the challenge of balancing security and privacy.
Research Saturday Episode List
Establishing international norms in cyberspace.
Joseph Nye is former dean of the Harvard Kennedy School of Government. He served as Chair of the National Intelligence Council, and as Assistant Secretary of Defense for International Security Affairs under President Clinton. He serves as a Commissioner for the Global Commission on Internet Governance, and is the author of over a dozen books, including, “Soft Power: The means to success in work politics,” and “The future of power.”
Election protection — Research Saturday
Symantec technical director Vikram Thakur returns to share his team's look at threat groups APT 28 and APT 29, the influence they had on the 2016 election, and how the cyber security industry has responded in preparation for the 2018 midterms.
Faxploitation — Research Saturday
Researchers at security firm Check Point Software Technologies explored the possibility of exploiting old, complex fax protocols to gain access to modern multifunction office printers, and then pivot to connected networks. Yaniv Balmas is head of security research at Check Point, and he joins us to share what he and his colleague Eyal Itkin discovered.
Stormy weather in the Office 365 cloud. — Research Saturday
Security firm Lastline recently took a close look at threats to the Office 365 cloud environment, taking advantage of the insights they gain protecting their clients. Andy Norton is director of threat intelligence at Lastline, and he joins us to describe their findings.
Driving GPS manipulation — Research Saturday
Researchers at Virginia Tech investigate possible ways to manipulate GPS signals and send drivers to specific locations without their knowledge. Gang Wang is Assistant Professor of Computer Science at Virginia Tech, and he joins us to share his team's findings.
Cryptojacking criminal capers continue — Research Saturday
Researchers at Palo Alto Networks' Unit 42 have been tracking the rise of cryptocurrency mining operations run by criminal groups around the world. Ryan Olson is V.P. of threat intelligence at Palo Alto Networks, and he joins us to share what they've learned.
Sophisticated FIN7 criminal group hits payment card data — Research Saturday.
Researchers at security firm FireEye have been tracking malicious actors they call FIN7, a group which targets payment card data in the hospitality industry and elsewhere. They make use of targeted phishing campaigns, telephone vishing and even a convincing front company to do their deeds.
ICS honeypots attract sophisticated snoops. — Research Saturday
Researchers at security firm Cybereason recently set up online honeypots to attract adversaries interested in industrial control system environments. It didn't take long for sophisticated attackers to sniff out the virtual honey and start snuffling around. Ross Rustici is senior director of intelligence services at Cybereason, and he joins us to share what they learned.
Android device eavesdropping investigation. — Research Saturday
A team of researchers from Northeastern University and UC Santa Barbara examined over 17,000 Android apps, and revealed a number of alarming privacy risks. Elleen Pan and Christo Wilson were members of the research team, and they join us to share what they found.
Leafminer espionage digs the Middle East. — Research Saturday
Researchers at Symantec recently published their findings on an active attack group named Leafminer that's targeting government organizations and businesses in the Middle East region. Vikram Thakur is a technical director at Symantec, and he joins us to share what they've found.
ATM hacks on the rise. — Research Saturday
Threat researcher Marcelle Lee from LookingGlass Cyber Solutions joins us to share her research on the growing threat of ATM hacks in the U.S.
Cyber espionage coming from Chinese University. — Research Saturday
Threat intelligence firm Recorded Future recently published research describing espionage activities originating from servers at a major Chinese university, coinciding with international economic development efforts. Winnona DeSombre and Sanil Chohan are authors of the report, Chinese Cyberespionage Originating from Tsinghua University Infrastructure, along with their colleague Justin Grosfelt.
Stealthy ad fraud campaign evades detection. — Research Saturday
Researchers at Bitdefender have been tracking a bit of complex rootkit malware called Zacinlo that they suspect has been operating virtually undetected for over six years. Bogdan Botezatu is a senior cyber security analyst with Bitdefender, and he describes what they've found.
Thrip espionage group lives off the land. — Research Saturday
Researchers at Symantec have been tracking a wide-ranging espionage operation that's targeting satellite, telecom and defense companies. Jon DiMaggio is a senior cyber intelligence analyst at Symantec, and he takes us through what they've discovered.
Cortana voice assistant lets you in. — Research Saturday
Researchers at McAfee recently discovered code execution vulnerabilities in the default settings of the Cortana voice-activated digital assistant in Windows 10 systems. Steve Povolny is head of advanced threat research at McAfee and he shares their findings.
BabaYaga strangely symbiotic Wordpress malware — Research Saturday
Researchers at Defiant recently analyzed a malware family they named "BabaYaga," which has the curious behavior of clearing out other malware and keeping infected sites up to date. Brad Hass is a senior security analyst at Defiant, and he guides us through their findings.
Measuring the spearphishing threat — Research Saturday
Researchers Gang Wang and Hang Hu from Virginia Tech recently conducted an end-to-end measurement on 35 popular email providers and examining user reactions to spoofing through a real-world spoofing/phishing test. Gang Wang joins us to share the sobering results. End-to-End Measurements of Email Spoofing Attacks
A new approach to mission critical systems — Research Saturday
Andy Bochman is senior grid strategist for Idaho National Lab’s National and Homeland Security directorate. Today we’re discussing the research the INL has been doing, developing new approaches to protecting mission critical systems.
No Distribute Scanners help sell malware — Research Saturday
Sellers of malware on Dark Web forums often use No Distribute malware scanning tools to help verify the effectiveness of their wares, while preventing legitimate virus scanning tools from adding the malware to their database. Daniel Hatheway is a Senior Security Analyst at Recorded Future, and he takes us through their recently published research, Uncover Unseen Malware Samples with No Distribute Scanners.
VPNFilter malware could brick devices worldwide — Research Saturday
Researchers from Cisco Talos continue to track malware they've named VPNFilter, a multi-stage infection with multiple capabilities, targeting consumer-grade routers. Craig Williams is head of Cisco Talos Outreach, and he joins us with the details.