CyberWire Daily

At the 2017 RSA conference, artificial intelligence and machine learning were on just about everyone’s list of hot topics. Countless companies are offering AI and ML solutions, with many of them claiming “game changer” status. In this CyberWire special edition, we gather a group of experts to help sort through the hype, try to agree on some definitions, demystify the technology, and make the business case for artificial intelligence. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear how Cloudflare suffered from Cloudbleed. The bug's now swatted, but it will take a lot of people some time to clear up their passwords. Spora ransomware's customer service gives lousy service. TrumpLocker ransomware's just VenusLocker poaching some brand equity. Pen testers say they can break into most networks in under twelve hours. FBI asked again how it gained access to the San Bernardino jihadist's iPhone. Update on the Moscow treason trials. The University of Maryland Center for Health and Homeland Security's Ben Yelin describes some unintended consequences from a Trump executive order. Headed to Coachella? Hang onto your passwords. Learn more about your ad choices. Visit megaphone.fm/adchoices

SHA-1 is broken, for real. Grizzly Steppe threat actors seem to have a lot in common with the Carbanak gang. Bitcoin exchange hit by DDoS. Linux patches an old vulnerability. Reuters says Symantec was in talks to buy FireEye, but the companies backed away from a deal. An arrest in the Deutsche Telekom hack. Dr. Charles Clancy from Virginia Tech's Hume Center explores the designation of election systems as critical infrastructure. Jason Porter from AT&T decribes the newly formed IoT Cybersecurity Alliance. And what the vulnerability researchers found when they looked at connected cars. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about how Patcher ransomware is infesting Macs. Locky, Cryptowall, and Cerber are also still out and about in the wild. NSA seems likely to continue its Vulnerabilities Equities Process. Industry reactions to New York State's coming cybersecurity regulations for financial institutions. A look back at RSA discussions of cyber warfare. Further developments in the study of BugDrop malware. Terbium Labs' Emily Wilson examines the way novel exploits becomes part of the standard tool kit. And TruSTAR looks at Grizzly Steppe and has some thoughts on the difficulties of attribution. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear from Paris that Moscow's not welcome in upcoming French elections. A new version of Mirai is out, spreading through Windows systems. Researchers warn of FTP protocol injection vulnerabilities in Python and Java. A new JavaScript exploit may affect Internet Explorer. New York State's new financial sector cyber regulations take effect next Wednesday. The Johns Hopkins University's Joe Carrigan reviews privacy tools from the EFF. Mark Dufresne from Endgame explains Fileless Attacks. A quick glance back at RSA, and some analysts' thoughts on why Verizon still wants Yahoo!'s assets. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear that analysts are predicting a surge in North Korean hacking after China embargoes coal. ViperRAT catphishes the IDF. Magic Hound and Shamoon both use malicious macros to infect victim systems. TASS says no one really knows who hacked OSCE. Sputnik teases with a WikiLeaks tease. RSA Security's Zulfikar Ramzan offers insights from the conference. UMD Center for Health and Homeland Security's Markus Rauschecker explains how Airbnb might be affecting some foundational elements of the internet. Google shames Microsoft over patching. NIST has cyber advice for power utilities. Some RSA notes, and My Friend Cayla gets the boot from Berlin. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we talk about hybrid warfare, with disinformation, cyber espionage, and spyware infestations—we also hear calls for norms of cyber conflict. BugDrop is active in Ukraine, and researchers see some cut-and-paste oddness slip from Fancy Bear's paws. A new X-Agent variant is out: this one infects Macs. Ransomware thumbs its nose at security products. A look at RSA trends as the conference closes. A converation with City of San Diego CISO and author Gary Hayslip. Rick Howard from Palo Alto Networks on a new addition to the Cyber Canon that's all about DevOps. And where do we get one of those "Has no purchase authority" T-shirts? Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, in addition to notes from RSA, we hear some fresh accusations of Russian government hacking from Ukraine. Threat actors adapt. ASLR bypass exploit demonstrated. Yahoo!'s acquisition by Verizon appears likely to be deeply discounted. From RSA, notes on coming industry consolidation. Dale Drew from Level 3 Communications offers a strategy for choosing security vendors. James Lyne from Sophos provides his take of the RSA conference from the show floor. An update on the Popr-D3 Android malware. How they name the bears. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we consider the difficulty of distinguishing nation-state hacks from criminal capers. It's not always clear, and sometimes it's a distinction without a difference. But in any case, many call for international norms of cyber conflict. Waterholes and catphish. Ben Yelin reviews President Obama's security legacy. Steve Grobman from Intel Security on the challenges of changing course. RSA is at its midpoint; we offer some of what we're hearing on the floor about false alarms, where to draw the perimeter, and concerns about the Internet-of-things. Learn more about your ad choices. Visit megaphone.fm/adchoices

Researchers look into a wave of attacks on financial institutions. Microsoft calls for Geneva Convention for cyberspace. We take a look at phishing. The RSA conference is underway, and we’ve got news from the innovation sandbox, and venture capitalists. Trevor Hawthorn from Wombat Security shares insights from their State of the Phish report. Emily Wilson from Terbium Labs outlines nationalism on the dark web. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, Hamas appears to have improved its cyber attack capabilities. Egypt is believed to be ramping up Internet surveillance. ISIS sympathizers are being targeted with Android malware delivered over Telegram. The US increasingly integrates cyber into kinetic military operations. Russia is suspected of hacking the Italian Foreign Ministry. Malek Ben Salem from Accenture Technology Labs describes privacy techniques for data mining. And, of course, we begin our coverage of RSA in in San Francisco with a look at the annual Innovation Sandbox. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear about patching: the good, the bad, and the ugly. But mostly the good. Dridex is back. Brussels airport hacker turns out to be a literal script-kiddie, with the emphasis on the "kiddie." Moscow treason trials shut down Russian cooperation with Western law enforcement. Robert Lord from Protenus returns to share their Breach Barometer Report results. Ben Yelin from the University of Maryland Center for Health and Homeland Security revisits the Playpen case. Industry notes, a look ahead to RSA, and some Valentine's Day advice. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we review some updates on the Martin NSA-contractor case. Fileless malware hits banks worldwide. DDoS tools undergo refinement. Researchers take a look at ransomware developments. It's been an active week for the cyber sector in mergers, acquisitions, and venture funding. There's a new industry consortium for IoT security, and an autonomous vehicle consortium issues a manifesto for cooperation. Conga CISO Travis Howe shared his thoughts on privacy. The Johns Hopkins University's Joe Carrigan provides tips on third party DNS. And we suggest some good alternatives to doing random stuff. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear that ISIS-affiliated hackers deface UK National Health Service sites with propaganda. Turkish Islamists DDoS Austria's parliament. Poorly crafted, but troubling, Mac malware seems linked to Iran. Criminals follow the money into the cloud. Salient buys Triple I, Malwarebytes picks up Saferbytes, and Sophos buys Invincea. Pala Alto Networks' Rick Howard walks us through the adversary playbok. The author and purveyor of the Dendroid RAT gets probation. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about brokerages in Taiwan being extorted with threats of DDoS. Polish banks compromised in watering hole campaign. Criminals turn from JavaScript to less obviously suspicious kinds of files. Cyber vigilantes poke at unsecured printers and dark web hosting. China ratchets up its efforts to control its Internet. The US shares classified intelligence on Russian influence operations with European allies, and works on its own information operations capability. Dale Drew from Level 3 Communications takes note of the increase in ransomware. Rami Essaid from Distil Networks describes efforts to combat ticket scalping bots. And a former NSA contractor will probably face espionage charges related to the ShadowBrokers. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about how criminal markets offer ransomware-as-a-service under the guise of education. The UK's NHS and Licking County Ohio deal with separate ransomware attacks. The Slammer worm tried a comeback after fourteen years—so patch those known vulnerabilities. Crooks scammed slot machines, possibly by defeating their pseudo-random number generation. Norway tracks Fancy Bear. Russia says FSB officers charged with treason gave info to the Americans, but not necessarily the CIA. Markus Rauschecker outlines proposed changes to the email privacy act. GCHQ says security companies are peddling "witchcraft." Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear reports that Cellebrite forensic tools have been dumped online. The IRS warns that W-2 fraud is being combined with business email compromise. Cisco router vulnerabilities are under discussion. A Windows zero-day can produce the blue screen of death. Recent surveys prompt a review of enterprise security spending priorities: the perimeter is down, the endpoint is up, and network visibility is everywhere. Russia's treason trial proceeds. The US sends a good-cop/bad-cop message, or maybe just a mixed message, in cyber. Accenture Technology's Malek Ben Salem discusses embedded device security. Author Frederick Lane on his latest book, Cybertraps for Expecting Moms and Dads. And is Hogwarts in Buckinghamshire, or the Monongahela Valley? Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about how criminals are recruiting company insiders, and how the black market trades insider information for illicit speculation. Cisco studies the costs and causes of data breaches, and the security industry offers reactions. Jonathan Katz from the University of Maryland describes searchable encryption. Vadim Vladimirskiy from Nerdio explains IT as a Service. The Internet seems to serve, again, as an R&D resource for threat actors. This time it's ISIS and commercial drones, but there's a lot out there for sale and trade. Learn more about your ad choices. Visit megaphone.fm/adchoices

Bear prints in the Czech foreign ministry. Tinker, tailor, soldier, hacker in Moscow, with a side of Humpty Dumpty. Gamer forum data breaches go undetected for seventeen months. Credential reuse (and the limitations of human memory) are seen as a big threat to security. An IBM study throws up its hands over the state of healthcare cyber security. Trustwave's Chris Schueler reviews their latest report on resource limitations. Emily Wilson from Terbium Labs tracks the increased use of doxing. And Phineas Phisher, depending on whom you believe, is either under arrest or still at large. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we review some ransomware developments: the good, the bad, and the ugly. Netgear routers and the mom-and-pop dilemma. Breaking Android pattern locks. Facebook has a novel approach to password recovery. Keysight will buy Ixia, and IBM's acquisition of Agile 3 Solutions gets positive analyst reviews. Australia's Data61 innovation shop wants to go all-in for cyber. ISIS makes hay of US immigration policy, but the group shows signs of cracks. Ben Yelin from the University of Maryland Center for Health and Homeland Securty revisits the CoinBase vs IRS case. Ian Cowger from RiskIQ explains malvertising. And remember Shaltai-Boltai. Learn more about your ad choices. Visit megaphone.fm/adchoices

WWhat are you expecting in 2017 when it comes to cyber security? There are sure to be attacks like we saw last year, ransomware and botnets, IoT vulnerabilities we just didn’t see coming. And what about all of those unfilled jobs? Can automation help fill the gap? Is the board room finally going to give cyber the attention it deserves? How will president Trump affect cyber policy? Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we discuss some updates on the Russian treason arrests, with side suspicions being cast in the direction of underworld in-fighting. A principal victim of Shamoon 2 reports its recovery. IoT threats and the risk of always-on, always-listening devices. French security officials warn that cyber jihad could enlist cyber mercenaries. Cisco patches its telepresence software. Joe Carrigan from Johns Hopkins stops by to discuss always-listening IoT devices. And don’t worry: no one really got locked into their room at that posh Alpine resort. (Worry about other stuff.) Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear that LeakedSource is down, maybe for good. DoubleFlag seems to be selling bogus data on the black market. (And where, we ask, is the Ripper review? If you can't trust a criminal, who can you trust these days? Sad.) Fancy Bear is back—actually, she never really left—now snuffling at British and German networks. Saudi Arabia remains on Shamoon alert. The Dridex banking Trojan has reappeared, in an improved version. Dale Drew from Level 3 Communications shares findings on the Asia Pacific region. Vince Crisler from Dark Cubed puts Grizzly Steppe in perspective. And tech support scammers get scammed—don't try this at home. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, Dark Web trading post AlphaBay looks buggy, and leaky. Some not-so-bad news on ransomware (and bravo to those Gateway City librarians). Risk Based Security's 2016 breach report says the USA is number one (but not in a good way). Sweden's armed forces recover from a cyberattack by unnamed parties. Saudi Arabia remains on high-alert for fresh infestations of Shamoon. Dan Larson from CrowdStrike weighs in on ransomware evolution. Markus Rauschecker from the University of Maryland Center for Health and Homeland Security highlights a Dept. of Commerce report on the IoT. And the Russian treason case may be closer to what would look like a corruption case under Western eyes. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear about Russia's arrest of a Kaspersky Lab threat researcher (charges are said to be unrelated to Kaspersky). Charger ransomware is detected and ejected from the Play Store. Mobile users are urged to watch their apps—too many snakes are still getting into the walled gardens. RATs evolve and return to the wild. Shamoon 2 expands its target set. A database vigilante may be out there. Awais Rashid joins us from Lancaster University to share thoughts on IoT devices in healthcare. Michael Lipinski from Securonix wonders if state actors have become a convenient excue. Cyber fraud rises in the United Kingdom—it's safer for the crooks than stickups. M&A and venture funding news. And that Verizon-Yahoo! deal remains up in the air. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we discuss a report from Symantec that Shamoon may be connected to Greenbug. Google is purging HummingWhale malware from the Play Store. Apple issues a major set of patches across its product line. CIA has a new director; GCHQ's still looking for one. Yahoo!'s deal with Verizon will be delayed until April at least. Other industry M&A and venture funding news is more upbeat. Lloyds Bank is said to have been targeted with cyber extortion. Ben Gurion University's Yisroel Mirsky describes vulnerabilities with 3D printers. And there's no honor among thieves—if you don't believe us, ask the thieves. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we discuss some fake tweets from hijacked news accounts around the time of the US Presidential transition—OurMine seems to have some at least tangential involvement. BankBot Android Trojan evolves, and Skyfin will quietly buy stuff you don't want from the Google Play Store. Sage 2.0 ransomware distributed by repurposed spam. Ill-named Dharma ransomware hits Indian pony site. Lloyds Bank disclosed DDoS attacks. Cryptographer Matthew Green describes Google new open source Key Transparency project. Jonathan Katz from the University of Maryland explains multivariate encryption. The SEC looks at Yahoo!'s breach disclosure record. And the FBI is taking an interest in the gentleman Krebs fingered as Mirai's master. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about how the Carbank cyber gang is getting trickier and more ambitious. In other cybercrime news, ransomware takes off after more databases. There's a new ransomware-as-a-service offering in the black market. Emily Wilson from Terbium Labs addresses perceptions of terrorists on the dark web. Simone Petrella from CyberVista provides her perspective on cyber security workforce issues. A new strain of Android ransomware hits Russian-speaking users. Locky's back, but in a feeble sort of way. Cybercriminals lock files at a cancer service not-for-profit. Russian policy wonks seem to suggest that we're not at the point in history where 2016 yielded to 2017. Instead—calling all Cold Warriors—1948 just ticked over into 1949. Learn more about your ad choices. Visit megaphone.fm/adchoices

France prepares for election hacking. Ukrenergo [yook-REN-air-go] acknowledges its electrical service was hacked. Malwarebytes reports on Fruitfly, malware swarming about biomedical research facilities. Krebs believes he's found the author of Mirai. Anonymous says it's going to dox US President-elect Trump. Ben Yelin reviews your rights to privacy at the border. Nir Giller from CyberX addresses the false sense of security when it comes to ICS. And the RSA Conference announces the finalists in the Innovation Sandbox. Learn more about your ad choices. Visit megaphone.fm/adchoices

Carbanak is back, and in the cloud. GhostAdmin quietly assembles a few good bots. Malware writers troll security researchers on VirusTotal. Oracle issues a big patch; Apple is said to be preparing a smaller one. M&A activity is in the news. Australia investigates fallout from the Yahoo! breaches. Experts warn European election officials and politicians to be on the lookout for Bears. Rick Howard from Palo Alto Networks seeks a unified theory of security. David Bianco from Sqrrl offers advice on threat hunting. And US President Obama issues some pardons and commutations—General Cartwright and Private Manning are on the list. Not so Mr. Snowden. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear warnings that electrical utilities should regard hacks of Ukraine's power grid as a wake-up call (the squirrel threat notwithstanding). Various nations work to shore up their defenses against Russian government hacking and influence operations. Russia protests its innocence, but there are some reliable reports of Fancy Bear sightings in Norway. Cyber criminals are back, except for those behind Locky ransomware, who seem to still be on holiday break. New approaches to ransomware and phishing. Dale Drew from Level 3 Communications tell us about the BGP Flowspec. And a loyalty program at the Golden Arches may be proving problematic. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we get updates on grid hacking in Ukraine and the case of the EyePyramid spyware in Italy. Smartphone forensics shop Cellebrite suffers a data breach. WhatsApp appears to have an encryption issue, but most observers think it's not really a backdoor. WordPress gets eight patches. ENISA issues recommended best practices for securing connected cars. A US Justice Department IG will look into the FBI's investigation of classified information handling in the Clinton State Department. President Obama expands NSA's authority to share raw SIGINT with other intelligence agencies. The Johns Hopkins University's Joe Carrigan reminds us to protect our mobile phone numbers. Stanford Cyber Initiative Executive Director Allison Berke shares that organization's mission. Guccifer 2.0 wants to clear a few things up, and the ShadowBrokers say "bye-bye," or maybe "do svidaniya." Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about the arrest of an Italian brother and sister for an EyePyramid spyware crime spree that may have been in progress since 2010. Ukraine confirms that Kiev's power grid was hacked last month, and the Ukrainian government tries to tide over some influence operations of its own. Policy wonks talk information operations and some realize that such ops aren't new. The peace sign hack joins the Gummibear hack as a challenge to biometric authentication. Yisroel Mirsky from Ben Gurion University explains new research using databases of exploits and vulnerabilities. Quick industry notes. And Hamas goes catphishing. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we learn that Shamoon is back, and still a nasty piece of work. Ukraine's grid was hacked again last month, probably by the same people who did it at the end of 2015. A new strain of ransomware offers a tiered extortion model (and unfortunately pretty solid encryption). France and Britain prepare for Russian election hacking. Awais Rashid from Lancaster University outlines the human factors in cyber security. Limor Kessem from IBM Security discusses their recently released ransomware study.The debate over influence operations flares again in the US. And China still finds Pokemon threatening. Learn more about your ad choices. Visit megaphone.fm/adchoices

California says a nation-state was behind the Anthem hack. The ShadowBrokers hold a yard sale (we'd pass on the malware, but if they had a nice blender out we'd consider it). WikiLeaks says it's interested in relationships, not doxing. The US FDA confirms vulnerabilities in cardiac devices. Hello Kitty gets breached. Yahoo! will become Altaba, and get new leadership. Germany and the UK study ways of increasing cyber capability. The University of Maryland's Jonathan Katz reviews emerging encryption types. Uri Sternfeld from Cybereason explains their free ransomware prevention tool, RansomFree. Russia complains it's the subject of a witch hunt. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear about the report on Russian election hacking and influence operations the US Director of National Intelligence released Friday. Election hacking? Not really, but influence operations? You bet. Robert M. Lee from Dragos Security weighs in on the report. European authorities worry about Russia inserting itself into 2017 elections. Law, and order, torts and Twitter. Emily Wilson from Terbium Labs describes the role of law enforcement on the Dark Web. And a note on she-who-must-not-be-named (our listeners in San Diego will know exactly whom we mean—heck, it's Alexa). Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about a worldwide spearphishing attack against industries in 50 countries. Ransomware is already proving as much of a problem as predicted: exposed data bases are hijacked in a turf-war among extortion gangs, and KillDisk has now appeared in ransomware kits. Investment analysts wonder if Verizon's bid for Yahoo!'s core assets will go through. Ben Yelin from the University of Maryland Center for Health and Homeland Security discusses the IRS demanding info on some bitcoin users. FireEye's Tony Cole reviews their latest report on what to expect in 2017. The US Intelligence Community tells the Senate that, yes indeed, the Russians were hacking during the election. A full report is promised for next week. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear about how indiscriminate indicators of compromise spawn fake news about a Vermont grid hack. Meanwhile, the Mounties cautiously, tentatively, investigate some odd potential IOCs at an Ontario utility. A hacker claims he pwned the FBI, but it looks like a hoax. A quick rundown of exploits currently romping in the wild—many of them involve ransomware. Rick Howard from Palo Alto describes Security Orchestration. Marika Chauvin from Threat Connect shares research on Hacktivists vs Faketivists. And yes, your thumbprint will authenticate you to your phone even if you've dozed off, Mom. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about how some hacktivists are again turning to defacement, which they claim to be doing as a public service to raise security awareness. Recorded Future takes a close look at ransomware's likely course in 2017. ISIS exposes itself online. Attribution controversies: the Vermont hack-that-wasn't, tactical hacks in eastern Ukraine, and the FBI-NCCIC Joint Analysis Report. Malek Ben Salem from Accenture Technology Labs describes how Deep Learning may be applied to cyber security. And would you hug Skynet, if it looked like Teddy Ruxpin? Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we follow the way in which the Vermont utility hacking story fizzled. We also hear more serious grounds for concern about electrical grid security continue from Joe Weiss of Applied Control Solutions. Observers are disappointed by the Grizzly Steppe Joint Analysis Report—its evidence strikes many as mighty circumstantial. US-Russian cyber strategies and cyber diplomacy. Anonymous greets the Bilderbergers. ISIS claims responsibility for recent massacres as part of its online inspiration. Level 3 Communications' Dale Drew provides his take on the coming year. German police believe they've stopped a Saarland bomb plot. Learn more about your ad choices. Visit megaphone.fm/adchoices

Our podcast team is taking a break this week for the holidays. We’re revisiting some of our favorite interviews from 2016. Daniel Ennis is former director of the NSA Threat Operations Center, or NTOC, and is currently executive director of the University of Maryland Global Initiative on Cyber. We spoke with Daniel Ennis back in July. Learn more about your ad choices. Visit megaphone.fm/adchoices

Every day there seems to be a new security product on the market, with many of them claiming they provide something that you simply can’t live without. Companies appear and disappear, and businesses are faced with difficult, confusing, and often expensive choices. In this CyberWire special edition, we explore how businesses are navigating the process of choosing products and technologies in a crowded marketplace. We talk to some key stakeholders to find out what drives their purchasing decisions, and what they wished their vendors knew before they came knocking on their doors. Learn more about your ad choices. Visit megaphone.fm/adchoices

Our podcast team is taking a break this week for the holidays. We’re revisiting some of our favorite interviews from 2016. Tom Coale is an attorney with the law firm Talkin and Oh, in Maryland, where one of his specialties is representing people who have been denied security clearances. Previously, Mr. Coale was Department Counsel for the Department of Defense, representing the government in security clearance due process hearings. We spoke to Tom Coale back in July. Learn more about your ad choices. Visit megaphone.fm/adchoices

Our podcast team is taking a break this week for the holidays. We’re revisiting some of our favorite interviews from 2016. Tom Wingfield is Professor of Cyberspace law at the National Defense University, and one of the authors of the Tallin manual, an academic study of how international law applies to cyber conflicts and cyber warfare. We interviewed Tom Wingfield back in October, on location at the 2016 ASUA meeting in Washington DC. Learn more about your ad choices. Visit megaphone.fm/adchoices

Our podcast team is taking a break this week for the holidays. We’re revisiting some of our favorite interviews from 2016. Back in May, we spoke with author and historian Abby Smith Rumsey about her latest book, “When We Are No More: How digital memory shapes our future.” The book explores human memory from pre-history to the present, from pictures painted on cave walls to the present, with all the world’s knowledge available in an instant on our mobile devices. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear more about how Fancy Bear has gone to war. Russia denies meddling with US elections. US retaliation for influence operations is still under consideration—some speculate that when it comes, it may be loud. Siemens patches its widely used HVAC controller. Post mortems on the Yahoo! breach continue (and draw attention to cybersecurity EFTs). FBI Special Agent Keith Mularski describes the takedown of the Avalanche botnet. Awais Rashid from Lancaster University on data exfiltration by APTs. And NIST releases its guide to cyber incident response and recovery. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about ISIS attempts to inspire Christmas attacks. Ukraine is on the receiving end of Russian tactical cyber operations, and yes, it's Fancy Bear. Analysts mull the possibility of a Russo-American détente emerging from cyber conflict. Mirai continues to rope maverick devices into its bot-herd. Virginia Tech's Hume Center's Dr. Charles Clancy explains mobile device encryption. Adnan Amjad from Deloitte describes creative ways of finding IT talent. And WordPress and Tumblr receive criminal attention. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about Ukraine's investigation of Saturday's power outages around Kiev—speculation says it was either a demonstration or misdirection. German police track terrorists' spoor online. Pakistani hackers hit Google's Bangladesh domain, possibly for the lulz. (Speaking of the lulz, OurMine is back and messing with Twitter accounts.) Panasonic and IOActive disagree over reports of airline vulnerabilities. Verizon mulls its Yahoo! acquisition plans, post-breach. NIST is looking for some post-quantum standards. Google's Project Wycheproof gets good early reviews. Joe Carrigan from the Johns Hopkins University Information Security Institute discusses the utility of burner email addresses. Sam McLane from Arctic Wolf reviews your incident response plan. Wassenaar renegotiation goes on hold. And the ShadowBrokers offer a low, low price, for Equation Group code, if you act now. (But we say "pass.") Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we discuss another possible cyber incident that hit Ukraine's power grid last Saturday. Flashpoint looks at the ShadowBrokers' alleged Equation Group code and sees a rogue insider behind the leak. WordPress sites are receiving a lot of brute-forcing attempts. New spam and other attack techniques are evading volumetric detection. Mirai is sniffing for new IoT bots, and Dave Larson from Corero Network Security tells us what to expect in 2017. Jonathan Katz from the University of Maryland outlines advances in fully homomorphic encryption. Russian crooks skim ad revenue with the Methbot scam. Wassenaar cyber arms control remains controversial. And informed speculation suggests the ShadowBrokers and Bocephus Cleetus are—da—effectively, the same people. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about how the ShadowBrokers are stocking their discount rack with Equation Group bargains. Yahoo's data breach attracts regulatory, investor, and due diligence scrutiny. Yahoo's stolen data is also being offered for sale on the dark web. Multiple other data breaches come to light, and skids hit online games with DDoS attacks. Ben-Gurion University's Yisroel Mirsky describes vulnerabilities of the US 911 system. US investigation of Russian election influence operations continues, and the US says it's planning some sort of retaliation. Learn more about your ad choices. Visit megaphone.fm/adchoices