CyberWire Daily

In today's podcast, we hear about how OAuth abuse rushed a worm around Google Docs, and how the good guys swiftly contained the attack. Bondnet discovered mining cryptocurrency. The Blackmoon financial malware gets an upgrade. Carbanak is still out there, trickier than ever. No-phishing season at Gannett. India's national biometric ID system runs into security and legal trouble. Rick Howard from Palo Alto Networks previews the Cyber Canon awards ceremony. Andrew Chanin describes the upcoming Cyber Investing Summit. And reflections on passwords yesterday, today, and tomorrow, both here on earth and in a galaxy far, far away. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear that Shamoon's Trojan servant seems to have got a new comms channel. Sabre discloses possible breach: hospitality and travel sectors affected. Some more things to worry about: ultrasonic beaconing, SIM card fraud, VPN privilege escalation, and another bad app in the PlayStore. (But you can fix all these.) Governments look to social media restrictions to control hate speech and fake news. (Social media providers look to human curation and the blockchain for help.) Level 3's Dale Drew describes the evolution they're seeing in botnets. Tripwire's Craig Young shares his research on hacking smart TVs. Cyberespionage and influence updates, from Washington to Seoul. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear that Trojanized USB sticks are out in the wild. So are phishing emails complete with backdoors and spyware payloads. Intel reports (and mitigates) a major firmware vulnerability in Core processors. The DarkOverlord and third-party risk. ShadowWali backdoors afflict Japanese enterprises. The LizardSquad may be back, but you still shouldn't listen to them, still less pay them protection. Neustar looks at DDoS trends. Ben Yelin from the UMD Center for Health and Homeland Security explains tractor hacking. Nehemiah Security's Paul Farrell thinks we need to mind the security basics. And do info ops heighten the contradictions? Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear how the NSA is revising its interpretation of Section 702 collection, to the general approval of privacy advocates. WikiLeaks drops another alleged tool from Vault7—this one looks like garden-variety data-loss-prevention beaconing. The UK and France are on alert for influence operations, and the US Congress takes testimony on such marketing-in-battledress. South and Southwest Asian governments move to block or censor social media. Prof. Awais Rashid from Lancaster University describes some of the risks of the cloud. The DarkOverlord returns, extorting TV and movie content owners over shows stolen from a third-party post-production company. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear that researchers have named the hitherto unnamed country that attempted to hack Israeli targets. Other researchers conclude Shamoon is still under the same management. Roles and missions dispute among Israeli security organizations. Peter Galvin from Thales takes a look at data security in the US Federal sector. VA Tech's Dr. Charles Clancy explains the pros and cons of 5G mobile technology. Financial malware vector startles phishing victims into clicking. Vigilante botnets are not helping the IoT. Countermessaging is still not as easy as it looks. And there's a lot of thinly sourced hope about hacking North Korean missiles. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about the bear tracks analysts are seeing in Macron's campaign for France's presidency. (They're also appearing in German political parties' think tanks.) Cyber gangs continue to pore over ShadowBrokers' leaks. Verizon and Samsung threat reports see ransomware and nation-state espionage as the trending issues. Amid debate over cyber authorities, Israel says it detected and stopped a major attack. Palo Alto Networks' Rick Howard outlines a new white paper on credential theft. Ellison Anne Williams from Enveil describes their innovation in encryption. Adware infests online markets through spam and Trojanized apps. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we follow the story of Fancy Bear (a.k.a. Pawn Storm, a.k.a. APT28) and France's elections. Why clever phishing continues to succeed, and what's up with 0Auth abuse. Information operations distinguished from simple "hacking." Another point-of-sale compromise suggests identity management issues. The University of Maryland's Jonathan Katz explains a JSON encryption vulnerability. Stan Black from Citrix explains the pros and cons of the IoT. And can hackers really blow up a submarine by driving their car fast and furiously? You be the judge. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear that Fancy Bear has as expected been spotted snuffling around the French Presidential election. Denmark and Bulgaria also report bearish activity. Sino-US pressure on North Korea may foreshadow an uptick in the cyber op-tempo. Power failures prompt worries about the grid's fragility. Milkydoor's Trojanized Android apps pose a BYOD threat to businesses. Webroot is fixing its AV misunderstanding with Windows. Alleged Kelihos botnet master indicted. Webroot's David Dufour discusses IoT supply chain challenges. Eric Burger describes the 2017 Borderless Cyber conference. And another Ashley Madison extortion caper surfaces. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear that cyberattack worries mount with international tensions over North Korea. France's first-round presidential elections conclude with two outsiders headed for the finals. WikiLeaks' and ShadowBrokers' leaks find their way into the criminal wild. US shows renewed interest in prosecuting WikiLeaks' Assange. Locky ransomware is back from the dead. SMSVova spyware kicked out of the PlayStore. More Canadian pharma spam. Emily Wilson from Terbium labs describes the unintended consequences of "spectacle" attacks. Seleznev gets 27 years for carding. And notes on some less-than-fully-successful criminals. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear that cyber gangs are busily at work reverse-engineering the last ShadowBrokers' document dump. But the Russian ones at least are probably getting some state help. Insider threats and mole hunts. BrickerBot's author plays a dangerous vigilante game—operating technology may be particularly at risk. Hollywood's best depictions of hacking. Ben Yelin describes a weaponized animated GIF. Carson Sweet from CloudPassage on government requests that providers turn over emails and lagging legislation. And there are forty-three million dollars in a Nigerian apartment. No, really—forty-three million in cash. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear about snakes in the PlayStore's walled garden (one of them with a helpful flashlight, and another one with a plumber's cap and a mustache, which must look pretty odd on a serpent). A look at how cyber gangs communicate—they do it a lot like the rest of us. Source code distribution and the jokers who make annoying use of it. More troubling reports about an IPO-ready unicorn. The Johns Hopkins University’s Joe Carrigan explains limitations of fingerprint scanners. Amit Rahav from Secret Double Octopus describes innovations in authentication. Plus, what information do your products collect about you? And how do you know what the vendors are doing with it? Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear about a new vigilante in the IoT—Hajime—and learn that the security industry doesn't think much of vigilantes. Observers pore over the most recent ShadowBrokers' files and don't like what they see, even though most of the more dangerous exploits have been patched. Still no word on how the ShadowBrokers got their wares, or where WikiLeaks got the contents of Vault 7. BankBot is back in the PlayStore with Trojanized video apps. Attackers are seen using pixel-tracking for target recon. AsTech’s Greg Reber outlines cyber M&A due diligence. Lancaster University’s Awais Rashid describes their effort to assemble a cyber security body of knowledge. And Oracle issues a very big patch. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about a newish ransomware strain, Karmen, hitting the low-end ransomware-as-a-service market. Homograph vulnerability proof-of-concept revealed. Jihadist infosec service advises good cyber hygiene for terrorists post-Vault 7. The ShadowBrokers try to drag a red herring—actually a bad frog—across their tracks. Hopeful speculation continues that the US hacked North Korea's missile test last weekend. Hajime malware is competing with MIrai for bots, although to what end is unclear. Dr. Charles Clancy from VA Tech’s Hume Center contrasts Vault-7 vs. the Shadowbrokers. Bill Anderson from OptioLabs outlines battlefield mobile device security. And you're not going to get rich by using security cameras to mine Bitcoin. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about a big missile fizzle on Pyongyang's Day of the Sun yesterday—there's hopeful but a priori speculation of a cyber op against North Korea's nuclear strike R&D program. Friday's ShadowBrokers' leaks suggest financial service, industrial IoT vulnerabilities. Syrian regime calls hoax on nerve gas attack claims (informed observers are unconvinced). How ISIS recruits women for martyrdom operations. Ransomware update. Medical device makers might learn from mobile device makers. Rick Howard from Palo Alto Networks ponders the first principle of automotive security. And clouds gather over a security unicorn. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear that the ShadowBrokers are fed up with all of you peoples. The Callisto Group spearphised the UK's Foreign Office last year. The US DCI calls out WikiLeaks as a hostile intelligence service. Lawful intercept shops alleged to be willing to deal with pariah regimes. University of Maryland’s Jonathan Katz discusses Google’s unfulfilled promise of end-to-end encryption in gmail. Ajit Sancheti from Preempt Security explains the tension between security and human nature. NATO insiders would like to see the Atlantic Alliance weaponized memes. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear about how Ewind adware infests cloned apps in the Android ecosystem. Influence operations rise to prominence amid increased Russian and Islamist activity against Western targets. Accused Russian traitor makes jailhouse denunciation of Russia's coziness with cyber organized crime. Finspy found distributed via Word zero-day. And suppose you're doing a nickel in Ossining or San Q (not that you would be). Webroot’s David Dufour warns of tax-season phishing. Fred Wilmot from PacketSled explains the convergence of OT, IT and IoT. And, how do you stay connected in the big house? Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we discuss April's Patch Tuesday, with news and tasks for Windows, Adobe, and SAP admins. Cyber threats to healthcare include ransomware, breaches, and device hacking. NATO and non-NATO partners establish an information operations center in Helsinki to contest Russian influence in cyberspace. Analysts continue to pick over the latest from the ShadowBrokers. Emily Wilson from Terbium Labs describes the Dark Web ecosystem. And WikiLeaks Vault 7 seems to out cyber operators as fans of Star Trek, anime, and Ape Escape. No surprises there, eh? Learn more about your ad choices. Visit megaphone.fm/adchoices

The 2017 Women in Cybersecurity conference was held in Tucson Arizona, and the CyberWire was on hand to cover the event. We spoke with a variety of cyber security professionals, at different stages of their careers. We covered some of their career journeys and professional insights on our daily podcast, and in this special edition learn why a women in cybersecurity conference is more important than ever, what they wish they knew when they were starting out, as well as some advice for the men in the industry. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about how a Word zero-day is spreading the Dridex banking Trojan. Amazon third-party sellers bitten by reused passwords. IBM catches Mirai mining Bitcoins. Symantec discerns Longhorn tools in WikiLeaks' Vault 7. Tensions over Syria's civil war seem to be behind the Shadow Brokers' return. ISIS is now attempting to recruit women to the Caliphate. Germany considers a cyber first-use doctrine. Crypto wars flare in Europe as French Presidential candidate Macron takes a strong anti-encryption line. The University of Maryland Center for Health and Homeland Security’s Ben Yelin weighs in on the FCC’s rollback of ISP privacy rules. Dario Forte from DF Labs cautions against AI hype. A Penn State professor takes the 2017 Gödel Prize for his work on differential privacy. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear that US strikes against Syrian targets and harsh words for Assad are followed by apparent Russian information operations as bilateral tensions mount. Both WikiLeaks and the Shadow Brokers resurfaced late last week. A light Patch Tuesday is foreseen, but observers expect a fix for a Microsoft Office zero-day being actively exploited. Okta files its anticipated IPO. Dallas emergency sirens were hacked early Saturday. The Johns Hopkins University’s Joe Carrigan discusses upcoming updates to the Waze GPS app. Kathleen Smith from cybersecjobs.com and clearedjobs.net joins us from the Women in Cybersecurity Conference. Spanish police collar the alleged "spam king." Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about how Operation TradeSecret collected intelligence on US trade policy during the run-up to the Sino-American summit at Mar a Lago. BrickerBot is out, a PDoS campaign that looks like nasty vigilante work, so close your Telnet ports and change your IoT device default passwords. The Amnesia campaign is after unpatched DVRs. Sathurbot exploits unpatched WordPress instances and infects Torrent users. Lancaster University’s Awais Rashid has concerns over IoT devices limited interfaces. Endgame’s Andrea Little Limbago shares her story from the Women in Cybersecurity Conference. Surveillance and influence operations allegations in the last US Presidential campaign have their counterparts in the current French one. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear about Operation TradeSecret, which joins Operation Cloudhopper: both appear to be facets of a Chinese cyberespionage campaign. 20,000 loan applications are exposed by a third-party IT vendor. North Korea's Lazarus Group still has banks in its crosshairs. A study shows that mobile users are in a complicated relationship with their apps. US Congressional hearings into Russian influence operations and allegations of US surveillance continue. IBM’s Wendi Whitmore joins us from the 2017 Women in Cybersecurity Conference. Palo Alto Networks’ Rick Howard describes the cloud paradigm shift. And tomorrow is OpIsrael; Israeli enterprises say they're prepared. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about how Operation Cloudhopper gets to its espionage targets via their cloud and managed service providers. Details are out on the Android version of the Pegasus spyware. Microsoft will upgrade Office security. Notes on the annual SeaAirSpace expo, including an excursus on cyber Marines. Cisco’s Chief Privacy Officer Michelle Dennedy joins us from the Women in Cybersecurity Conference. Dale Drew from Level 3 describes the security ecosystem disruption. And what is going on in Bedford County, Pennsylvania, a place where the laws of physics may not apply? Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear that Pegasus is now in the Android ecosystem. British authorities warn of possible ISIS cyberattacks on infrastructure. Russia investigates the St. Petersburg metro bombing. New evidence connects North Korea with the Lazarus group. Fancy Bear continues to romp unabated, and Turla seems to have remained quietly active for about twenty years. Zero-days reported for Samsung's Tizen. Our coverage of the Women in Cybersecurity Conference continues, featuring a conversation with Endgame malware researcher Amanda Rousseau. Virgina Tech’s Hume Center’s Dr. Charles Clancy describes telephony DDOS. Apple issues an emergency iOS patch. Industry notes, and tax season security advice. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear that WikiLeaks has dumped what it claims are CIA source code files. The leak seems to aim at raising suspicion that attacks attributed to foreign governments are in fact false-flag operations. The International Association of Athletics Federations says it was hacked by Fancy Bear. Two new RATs—remote access Trojans—are discovered in the wild. ISIS takes some cyber hits, and an investigator outlines the group's information operations manual. At the annual Women in Cyber Security Conference we catch up with US Naval Academy Midshipmen Svetla Walsh and Deja Baker. David Dufour from Webroot reviews their latest threat report. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about how Fancy Bear left tracks in Bitly, and Fancy Bear did an awful lot of phishing going back to March 2015. Experts take a look at Russian espionage and influence operations, and they draw some disturbing conclusions. The EU seems ready to go anti-encryption—how that will work with the EU's regulatory emphasis on privacy is anyone's guess. The University of Maryland's Jonathan Katz explains the recent Z-Coin crypto-currency bug. Bob Ackerman from Allegis Captical and DataTribe offers insights on the investment environment for cyber. And no, that's not a famous theologian tweeting: it's the head G-Man. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about Apple's patches issued this week—how are your systems? Lastpass is working on a patch for an undescribed bug (said to be a complicated one). What IT staff actually work on. Politico's Eric Geller discusses emerging Trump Administration cyber policy. Emily Wilson from Terbium Labs outlines the data breach timeline. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we pass on what we've heard at ITSEF about Russian hybrid warfare: it aims, experts say, at redressing the loss of the Cold War. Microsoft Internet Information Services (IIS) 6.0 found vulnerable to a buffer overflow attack. Cerber ransomware evolves to evade detection. Bugs found in Siemens ICS products. VMWare patches vulnerabilities. Laptops with sensitive information lost in Hong Kong and New York. Joe Carrigan from the Johns Hopkins University Information Security Institute reviews a teddy bear who can’t keep a secret. Peak10’s David Kidd outlines compliance advantages of the cloud. Malicious USB sticks strewn around a Canadian university campus. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear how Cozy Bear slips through with domain fronting. Shamoon's infection methods are revealed. The crypto wars flare over not-so-lone wolves, but there are some genuine lone wolves out there as well. Medical and dental practices warned against attacks on FTP servers. A networked sterilizer is, well, digitally unhygienic. Docs dot com search functionality temporarily disabled. Remember, if you want to reach the G-men, it's FBI dot GOV, not dot com. The UMD Center for Health and Homeland Security's Ben Yelin examines a case where a defendant's expertise is being held against him. Brian Brunetti from Route1 warns about VPN insecurity. Scareware hits iOS users. And a Brooklyn prosecutor gets bad advice from the old heart. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear that British police think ISIS not-so-lone wolves may have been howling over WhatsApp. WikiLeaks still disgruntled over its disclosure offer's cool reception. March-Madness is also phishing season. How and why online gamers cheat. GiftGhostBot drains gift-card balances. States mull next steps after the America's JobLink breach. CrowdStrike walks back some claims in its Ukrainian artillery hacking report, but insists the hack was real, and that signs point to Fancy Bear. Lancaster University's Awais Rashid warns of the use of open source intel in social engineering. Wall Street Journal tech reporter Sarah Needleman explains the esports cheating arms race. April 7 marks two deadlines for cyber actions; observers hope for two fizzles. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear assessments of WikiLeaks' latest Vault 7 files—compromised supply chain or damp squib? NATO worries about Russian information operations. ISIS continues to push jihadist inspiration online, claiming the London killer as one of the Caliphate's soldiers. Facile attribution can mislead, as seen in a surprising arrest. Comments on America's Joblink Alliance breach. Acalvio's Chris Roberts wonders if AI and Machine Learning are all they're cracked up to be. Palo Alto Networks' Rick Howard has an update on the Cyber Threat Alliance. And Estonian experience suggests to the world that President Putin is a proud spirit who cannot endure to be mocked. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we offer a rundown of recently announced threats and vulnerabilities in stores and documents: Play Store, App Store, and MS Office. Some crooks move to the cloud. GoDaddy buys Sucuri. The US is rumored to be preparing a North Korean indictment for the Bangladesh Bank heist. Social media look for bad bots. Level 3's Dale Drew describes botnet evolution. LookingGlass' Eric Olson explains FaceBook Marketplace security. And some dodgy scientific journals seem to use catphish for peer review. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear that laptop flight restrictions spread as security services continue to grapple with ISIS inspiration operations. The Necurs botnet returns, but now it's swapped pump-and-dump scams with penny stocks for its usual ransomware payloads. MajikPOS is active in the North American wild. Joe Carrigan from the Johns Hopkins University Information Security Institute reviews lessons learned from the Cloudbleed event. Philip Susmann describes Norwich University's DECIDE cyber simulation platform. And the Bangladesh Bank hack looks like it may have been a North Korean job. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about the claim that "the Turkish Crime Family" is holding iPhones hostage. WikiLeaks grumbles that it has few takers for its Vault 7 bugs. Germany raises its state of cyber alert, pre-election. The US expects more Russian cyber and influence operations. A Russian bank says it was framed (and maybe it was). UMD's Jonathan Katz provides technical details on the recent SHA-1 collision. Mandiant's Ronald Bushar gives us highlights from their M-Trends report. Fears of a "cyber Pearl Harbor" may distract from real ICS risks. And no, Martians haven't landed in New Jersey. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we ask whether careless cyber criminals working for the FSB blew the gaffe on the Yahoo! hack. WikiLeaks offers to share Vault 7 vulnerabilities with vendors, but it wants something in return. A look at the Atlantic Council's recently concluded Cyber 9/12 competition. Does cabin fever increase the risk of being hacked? Enigma Software saw things during last week's unseasonable US weather that suggests it might. We welcome David Dufour from Webroot to the show as our newest industry partner. And Kirk ransomware is ready to beam into your enterprise. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about observers who look around and think they may be seeing Cold War Two in cyberspace. (But this is no bipolar conflict.) Investigation into Vault 7 continues as people wonder where WikiLeaks gets its leaks. The quiz app Wishbone has been breached—take it as a teachable moment with the children. Fileless malware gets quieter as researchers get close to the cyber gang. A cloud-based keylogger is getting ready to take black market share. Palo Alto Networks' Rick Howard describes a capture-the-flag collaboration. Futurist Brian David Johnson explains Threatcasting. The proposed Active Cyber Defense Certainty Act. And what we're seeing at a policy competition. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear about the return of the the Lazarus Group (or maybe it never really left). A Dun & Bradstreet database is compromised—more than thirty-three million are said to be affected. British travel association ABTA suffers a breach. Notes on identity theft. Netherlands voter information sites hit with DDoS—Turkish hacktivists (or government operators) suspected. The University of Maryland's Center for Health and Homeland Security's Markus Rauschecker describes the increasingly important role of cyber lawyers in M&A activity. Digital Guardian's Tim Bandos has methods for protecting against state sponsored actors and hacktivists. The US indicts four in the Yahoo! breach—two of them have FSB connections. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we look as influence operations in the UK and in Europe: the former emanate from Russia, the latter from Turkey. Third-party social media apps increase your attack surface. Petya ransomware is stolen and improved by rival crooks. Google purges bad apps from the Play Store. Patch Tuesday notes. A convicted leaker offers some unexpected wisdom for prospective whistleblowers. Lawyers can't figure out the GDPR. US said ready to indict four for the Yahoo! breaches. Emily Wilson from Terbium Labs discusses the effects of high profile breaches on Dark Web markets. Justin Harvey from Accenture Security wonder if private sector attribution is dead. And we bid a respectful farewell to Becky Bace, one of our industry's thought leaders. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about how the Apache Struts bug has bitten in Canada. FireEye sees financial cybercrime approaching state espionage exploits in sophistication. The US Air Force leaves sensitive personal information exposed in a backup database. Investigation into WikiLeaks' Vault 7 continues. Okta files for its IPO. Ben Yelin from the UMD Center for Health and Homeland Security reviews a mobile device privacy bill. Adam Thomas from Deloitte outlines their latest cyber insurance report. And today is Patch Tuesday. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we review some speculation about Vault 7 that holds the leaker was an insider. (But there's no specific insider named, yet—the investigation is still in its early stages.) Supply chain security issues are raised by both Vault 7 leaks and discovery of pre-loaded malware in some Android devices. Bitcoin won't get its own ETF, yet. Japanese companies willingness to "pay to make it go away" is seen playing into the hands of ransomware extortionists. Dr. Charles Clancy from Virginia Tech's Hume Center surveys the end-to-end encryption debate. Novetta's Dr. Corey Petty previews his upcoming Etherium smart contracts presentation. GCHQ warns Britain's political parties to expect Russian influence operations in the general election. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, WikiLeaks offers to enter the responsible disclosure game, but be warned: there are legal problems should you accept classified information. Some AV companies tout their reviews in Vault 7. Speculation about how CIA hacking notes leaked turns to an insider threat. HackRead warns that Playstation credentials may have been compromised. The Apache Struts vulnerability is being exploited in the wild. Observers cast doubt on reports the US successfully hacked North Korean missile launches. Joe Carrigan from the Johns Hopkins University Information Security Institute weighs in on SHA-1. Comodo's Kenneth Geers share insights from their 2016 Global Report. Trend Micro and Interpol take a look at the West African cybercrime scene. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we follow the Vault 7 story and the false flags that really aren't there. A call for more stress-testing of software. RAND reports on the market for zero-days. The Near Abroad warns the US that it would like to see more American soft power deployed in their part of the world. Jonathan Katz from the University of Maryland praises Google's Project Wycheproof. VMWare's Tom Corn provides his take on the promise of secure cloud environments. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we talk over the latest news, rumors, gossip, and common sense surrounding WikiLeaks and its Vault 7 dump of hacking tools and other spy stuff. And wait a minute—do angels really weep? After all, they're supposed to be pure intelligence. But you came here for the hacking, not the angelology, and there's a lot of stuff dancing around in Vault 7. Research Scientist Jim Walter from Cylance weighs in with his take. Some people even see dancing Bears, but we think they're seeing things. Dale Drew from Level 3 Communications tracks changes they’re seeing in DDoS attacks. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear about how StoneDrill maybe succeeding Shamoon—it's more evasive and at least as destructive. Malwarebytes advises sticking to Google Play to avoid a new Trojan. Russian hackers—apparently mobsters who've copped some of Cozy Bear's MO—are blackmailing US progressive political groups. The University of Maryland Center for Health and Homeland Security's Ben Yelin explains Amazon Alexa's role in a murder case. Neill Feather from SiteLock describes a Wordpress vulnerability. Congress considers a bill to allow companies to hack back. WikiLeaks' Vault Seven seems mostly unsurprising. Washington wiretapping allegations prompt recriminations. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this CyberWire 2017 RSA Conference special edition, we wrap up our show coverage with insights from experts, about the trends they’re seeing, the products they’re pitching, and where they think we, as an industry, need to go. Guests include: Mark Dufresne, Director, Threat Research and Adversary Prevention, Endgame https://www.linkedin.com/in/mark-dufresne-b3275610a/ James Lyne, Global Head of Security Research, Sophos https://www.linkedin.com/in/jameslyne/ Emily Mossburg, Principal, Cyber Risk Services Leadership Team, Deloitte & Touche https://www.linkedin.com/in/emilymossburg/ Mark Nunnikhoven, Vice President, Cloud Research, Trend Micro https://www.linkedin.com/in/marknca/ Levi Gundert, Vice President of Intelligence and Strategy, Recorded Future https://www.linkedin.com/in/levigundert/ Carl Leonard, Principal Security Analyst, Forcepoint https://www.linkedin.com/in/carl-leonard-5486405/ Evan Blair, Founder, ZeroFOX https://www.linkedin.com/in/evanblair/ Gabby Nizri, Founder and CEO, Ayehu Software Technologies https://www.linkedin.com/in/gabbynizri/ Jason Porter, Vice President Security Solutions, AT&T https://www.linkedin.com/in/jason-porter-4a604757/ Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about warnings from Cisco's Talos unit and others concerning DNSMessenger, a dangerous and evasive RAT. DDoS hits Luxembourg government sites and remains a threat to businesses. The US is said to be running a cyber campaign against North Korea's ballistic missile program. The US Defense Science Board releases its report on cyber-deterrence. Rick Howard from Palo Alto Networks explores the history of security orchestration. Mutual recriminations over allegations of election-season campaign surveillance swirl in the US. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we review some encouraging news about Android apps, Cloudbleed, and Slack's swift bug patching. Amazon finds a typo at the root of Wednesday's internet outages. Symantec opens a venture arm. Yahoo! breach post mortems continue. Decryption tools for Dharma ransomware are out. Prospects look dim, again, for Wassenaar. China calls for the demilitarization of cyberspace. Terbium's Emily Wilson surveys the Dark Web scene during tax season. MasterCard's Melanie Gluck takes us behind the scenes of credit card security. And the security sector bids farewell to Howard Schmidt—leader, advisor, and mentor. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear about how a criminal gang is deploying sophisticated malware against remote banking system customers. Business email compromise continues to appear in the wild—be good to your proofreaders, CEOs. Telegram being used by phone scammers. FCC privacy and caller-ID blocking regulations debated. Vulnerable WordPress plug-in found. Markus Rauschecker from the University of Maryland Center for Health and Homeland Security reviews the privacy implications of Smart Cities. Tony Guada from ThinAir explains the weaponization of data. And life sure was a lot easier before toys became part of the IoT. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear that yesterday's Internet outages were due to errors in Amazon's S3 servers. Dridex has evolved to become more evasive. The Necurs botnet acquires a DDoS capability. Web cache deception attack technique is described. Austrian authorities think they have a suspect in the attempted cyberattack on Vienna's airport. Palo Alto buys LightCyber. Companies continue to grapple with GDPR compliance. Uncertainty about US policy direction expected to drive an increase in foreign cyber espionage. The University of Maryland's Jonathan Katz reviews encryption types. Jon Gross from Cylance explains Snake Wine. Congress thinks about casus belli in cyberspace. And in the IoT, people are worried about everything from Terminators to Teddy bears. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we learn that the BND may have been listening to the BBC, but not in a good way. Cylance reports on Snake Wine, a curiously familiar vintage sniffed in Japanese networks. Singapore's military sustains a phishing campaign without sustaining apparent damage. Google discloses more unpatched Microsoft vulnerabilities, these in IE and Edge browsers. Criminals claim to have exploited Cloudbleed, but the jury's still out. Joe Carrigan from the Johns Hopkins University's Information Security Institute helps us understand Cloudbleed. Steven Grossman from Bay Dynamics reviews New York State's newly enacted cyber regulations. And watch your language around those networked stuffed animals. Learn more about your ad choices. Visit megaphone.fm/adchoices