UK will propose law to ban ransom payments for critical infrastructure entities. EPA outlines enforcement measures to protect water utilities against cyberattacks. Rockwell advises customers to disconnect ICS devices from the internet. Senator Vance asks CISA for information on Volt Typhoon. Guest Kimberly Graham of Dragos joins Dave to discuss regulatory co ... Show More
Oct 2018
Influence operations, da. Direct hacking? Maybe nyet. Chalubo botnet borrows old tricks. Financial sector alert in Mexico. Airline breach disclosed. Lawsuits over privacy. ICS Security notes.
In today's podcast, we hear that the US Department of Homeland Security sees lower-than-expected rates of Russian election system probing even as Russian information operations continue. Sophos warns of the emergence of the Linux-based "Chalubo" botnet. Mexico's Central Bank rais ... Show More
20m 12s
Jun 2023
A Joint Advisory on LockBit. AI chatbots: the grammarians of tomorrow. KillNet makes a deal with the Devil (Sec). The private-sector’s piece in the hybrid war puzzle.
The Five Eyes, alongside a couple of allies, issue a LockBit advisory. AI aids in proofreading phishing attacks. Anonymous Sudan mounts nuisance-level DDoS attacks against US companies. France alleges a disinformation campaign conducted by Russian actors. KillNet says it's partne ... Show More
22m 46s
Jan 2020
PupyRAT is back. So is the Konni Group. Twitter storm over claims that MBS hacked Jeff Bezos. Anti-disinformaiton laws considered. Canada is ready to impose costs on cyber attackers.
PupyRAT was found in a European energy organization: it may be associated with Iranian threat actors. Another threat actor, the Konni Group, was active against a US government agency last year. Saudi Arabia maintains it had nothing to do with hacking Jeff Bezos’s phone. The EU an ... Show More
21 m
Dec 2022
Cyberespionage, privateering, hacktivism and influence operations, in Ukraine, Russia, the Middle East, and elsewhere. Criminals need quality control, too. A new entry in CISA’s KEV Catalog.
A Chinese cyberespionage campaign is believed to be active in the Middle East. Poor quality control turns ransomware into a wiper, and a typo crashes a cryptojacker. A large DDoS attack is reported to have hit a Russian state-owned bank. Privateers compromise Western infrastructu ... Show More
28m 30s
Dec 2018
US Defense Department and UK’s MI6 aren’t buying Russian honey over cyber operations. Iranian influence operations. Marriott breach fallout. Court upholds Kaspersky ban. Ransom and sanctions.
In today’s podcast, we hear that senior US and UK officials have harsh words for Russian actions in cyberspace even as President Putin undertakes a charm offensive at the G20 meetings. (In fairness to the US and UK officials, it’s a pretty dour charm offensive.) Iran ups its infl ... Show More
16m 8s
May 2022
A new loader variant for wiper campaigns. Sanctions, hacktivism, and disinformation. Conti’s toxic branding. Happy birthday, US Cyber Command.
There’s a new loader identified in wiper campaigns. President Putin complains of sanctions and cyberattacks, and vows to increase Russia's cybersecurity. Coordinated inauthenticity at scale. Killnet crows large over Italian operations. Conti's dissolution doesn't mean its operato ... Show More
23m 25s
Apr 2019
Sri Lanka bombing investigation updates. Cryptojacking targets enterprises in East Asia. Oracle web server zero-day. The criminal-to-criminal credential-stuffing market. Who talked about Huawei in UK?
Investigation of the Easter massacres in Sri Lanka continues. For all the concern about online inspiration, some of the coordination seems to have been face-to-face. Symantec describes a cryptojacking campaign, Beapy, that propagates using EternalBlue. An Oracle web server zero-d ... Show More
26m 45s