CyberWire Daily

In today's podcast, we learn that Guccifer 2.0 is back, but that few are buying what he, she, or they are selling. Experts continue to warn of Russian information operations directed against the perceived legitimacy of US elections. International norms of cyber conflict. IoT-based DDoS concerns rise with wide distribution of MIrai source code. Flashpoint finds Floki Bot for sale in the underground. Emily Wilson from Terbium Labs explains the difference between the deep and dark webs. Tallinn Manual coauthor Thomas Wingfield discusses developing norms in cyber conflict. More trouble for Yahoo!. M&A news. And a dating site is breached in New Zealand. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear about cyber conflict and its place in the international order, including especially its place in Russian-American relations. The implications of the Mirai botnet and the release of its source code. Kaspersky breaks the MarsJoke crypto ransomware. Russia indicates a crackdown on cybercrime (maybe). Ben Yelin from UMD CHHS explains changes the FBI wants to Rule 41. Igor Volovich from ROMAD Cyber Systems thinks is time to think beyond malware signature matching. Industry notes, and, from the black market, the Shadow Brokers still haven't found their ideal buyers. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about Homeland Security's warnings that state election systems are being probed by potential attackers. Newsweek speculates that a brief DDoS attack it sustained was election-related (they also suspect the Russians—no bear named yet). Mirai source code used in large KrebsOnSecurity DDoS published in a hacker forum. The University of Maryland's Jonathan Katz explains why asymmetric encryption is so attractive for ransomware. DressCode malware found in 3000 Trojanized apps. SEC may investigate Yahoo! breach. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about how IoT botnets bring scunion across the Internet, and why security cameras are attractive to bot rustlers. InfoArmor's explanation of the Yahoo! breach gains traction among observers. Europol warns that ransomware is on the rise. Zerodium raises its iOS 10 remote jailbreak bounty to a cool million and a half. US states continue to grapple with election hacking. Markus Rauschecker outlines some new cyber regulations proposed in New York. Dr. Eli David from Deep Instinct explains deep learning. And the Tofsee botnet is chumming for the lonely—click with caution. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear predictions that terabit-per-second DDoS attacks may be on their way toward becoming the new normal. We consider the real threat that lies in the IoT. (A hint: security cameras are to the Internet what squirrels are to the power grid.) More concerns about election hacking surface in the US. Dr. Charles Clancy from Virgnia Tech's Hume Center explains software defined networking. Netsparker's Ferruh Mavituna shares advice on securing content delivery networks. InfoArmor looks into the Yahoo! breach and finds more crooks than spies. But the crooks may be fencing data to the spies. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about alleged Russian hacking and information operations, and US investigations of the same. The Russian goal is thought to be the undermining of US elections' credibility. DDoS has come to the IoT. Yahoo! security receives some harsh scrutiny. TheDarkOverlord is back, and extorting investment bankers. Kathleen Smith from ClearedJobs.net returns for more conversation about retaining employees. Malek Ben Salem from Accenture Labs explains research in semantic technology for analytics. And how much does a bear weigh, anyway? (We're thinking it would be a European Brown Bear, right, Fancy?) Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we follow developments in the Yahoo! breach. Fancy Bear is back, and distributing a Mac Trojan to aerospace companies. Investigation of the Shadow Brokers' leak suggests inadvertent exposure, not hackers or moles. A new variant of Virlock ransomware is out in the wild. The US Justice Department warns of IoT threats. A Hamburg magistrate finds Facebook in violation of German privacy law. And we hear from Johns Hopkins' Joe Carrigan on how to be your parents' CISO, and from ClearedJobs Kathleen Smith about the cyber labor market. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we follow the latest on the Yahoo! breach. British sources say GCHQ stopped a Russian attack on last year's UK general election. A White House staffer's email is hacked. KrebsOnSecurity is back, but many see a lesson in the dangers of IoT botnets and democratized censorship. Researchers describe iOS and Android vulnerabilities. The FBI releases more documents from its State Department email investigation. Yisroel Mirsky from Ben-Gurion University discusses security risks of Android touch loggers. Switzerland votes for more surveillance, and US states reassure voters that the election won't be hacked. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, Yahoo!'s really bad breach. We hear about Raum, a malicious tool the Black Team is offering in select criminal markets on a pay-per-install basis. In industry news, we learn that Vista Equity Partners is taking Infoblox private. Webroot is acquiring CyberFlow Analytics, Oracle has bought Palerra, and Elastic has acquired Prelert. White Ops closes a $20 million Series B round. Emily Wilson from Terbium Labs explains the importance of reputation on the Dark Web. RedOwl's Brian White outlines insider threats. A new third-party risk management coalition forms. NATO-themed phishbait hooked German politicians. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear more on the recent hacking of German political parties. Russia reorganizes its security services—apparently the KGB is back in everything but name. KrebsOnSecurity sustains a record-breaking DDoS attack. Yahoo! discloses a record breaking data breach. Ben Yelin from the University of Maryland Center for Health and Homeland Security weighs in on a possible Snowden pardon. Steve Durbin tells us what organizations like the ISF have to offer. Ransomware may be meeting data manipulation. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about Russian hackers turning their attention to German political targets as well as politicians in the US. The son-of-Shadow-Brokers vulnerability Cisco discovered is being exploited in the wild. New strains of ransomware are out—Mamba is as dangerous to networks as its namesake is to human tissue. The Air Force Association is taking up cyber in its annual meetings. The Internet-of-moving things handles disclosures. Matthew Green from Johns Hopkins University's Information Security Institute discuses the downsides of crypto backdoors. University of Maryland's Jonathan Katz talks about new security standards adopted by Google. And North Korea parts the curtain in front of its domains. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear about how the FBI is seeking to impose costs on Fancy Bear and Cozy Bear. Election hacking fears remain, despite DHS reassurances, and industry sources warn of privacy risks within campaign databases. Investigation continues into the ISIS-claimed weekend attacks. Cisco patches a firewall vulnerability related to a Shadow Brokers' exploit. Dr. Charles Clancy from Virginia Tech's Hume Center weighs in on the Muddy Waters Capital / St. Jude Medical legal battle. Casey Ellis from Bugcrowd explains how they crowdsource application testing. M&A activity, and another warning to beware of chat bots. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we offer updates on the weekend's attacks against US targets in Minnesota, New York, and New Jersey. So far the cyber dimension is limited to ISIS cheerleading and claiming credit online, but the investigations are still in their early stages. Fancy Bear doxes more athletes from the WADA networks. Fancy's also still interested in US elections, and experts point out that releasing genuine emails could be battlespace preparation for online disinformation operations. In industry news, Oracle buy Palerra, and major tech companies form a Vendor Security Alliance. Malek Ben Salem from Accenture Labs outlines some frameworks they've been developing for the industrial IoT. Reactions to the prospect of a Snowden pardon, and an insider gives his take on Snowden, the movie. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about VIPs everywhere rushing to delete their emails before Fancy Bear gets her paws into them. Opinion leaders rumble about the Cyber War having picked up where the Cold War left off. Election security concerns may prompt US Senate hearings. British companies take a look at operations in the Baltimore-Washington area. Other industry notes include VC rounds, M&A activity, a new automotive cyber security venture, and the announcement of 2016's SINET 16. Dale Drew from Level 3 Communications offers tips on protecting medical data. We speak with IBM's Shelley Westman about encouraging more women to join the industry. And the US House doesn't think too much of a Snowden pardon. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we get an increasingly familiar update: Fancy Bear is dancing and prancing through poorly protected networks, and she doesn't seem to care who knows it. More politically motivated hacking out of Russia prompts US promises of investigation and costs to be imposed. Failures in digital hygiene continue to be exploited. SCADA hacks worry the electrical grid. Joe Carrigan from the Johns Hopkins University Information Security Institute offers tips for safe device sharing. SentinelOne's Tim Strazzere describes an Android vulnerability his research uncovered. And some good news: NIST has released a new cyber self-assessment tool, and they'd like you to give it a spin. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we discuss the posting of more documents swiped from the US Democratic Party, which most consider the work of Russia's Fancy Bear. US officials continue to worry about election hacking. "Periscope skimming" is a new ATM hack. The US government mulls the reorganization of its cyber agencies. Raj Gopalakrishna, Chief Software Architect at Acalvio, provides his insights on machine learning. Ben Yelin from UMD CHHS explains some newly released revelations about Stingray surveillance devices. The new Snowden biopic hits movie theaters. Learn more about your ad choices. Visit megaphone.fm/adchoices

It's Patch Tuesday, and time to apply the latest fixes from Redmond. Symantec's August Security Report is out. Middlemen make it tough to track exploit sales. GovRAT continues to afflict networks in the wild. Lessons from private key exposure. Russia says the international order isn't the same thing as the American order. The US and the UK conclude a cyber cooperation agreement. More bogus apps for Pokemon-GO. We welcome Emily Wilson from Terbium Labs to the show, and Tony Dabhura from Johns Hopkins University's Information Security Institute tells about their upcoming conference for senior executives. And could people soon be asked to stand and remove their hats for "City Escape?" Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we wrap up our coverage of last week's Intelligence and National Security Summit, discussing some of the issues surrounding cyber conflict among nation-states and terrorist organizations. Unresolved issues of cyber deterrence and where it should fit into the spectrum of conflict. Goals of election hacking and other influence operations, from propaganda through lobbying through bribery. Ransomware trends and credential breaches. Yisroel Mirsky from Ben Gurion University discusses air gap security. And sometimes your enemies are an even better recommendation than your friends. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we look at the ways in which election hacking have driven increased tension between Russia and the US. (And Wikileaks says it plans to release more election-related documents, before the US elections.) GovRAT 2.0 is out in the wild. Congress reports out its investigation of the OPM hack, and we get insider perspective from Cylance's Malcolm Harkins. Intel sells its security unit (which will go back to its old McAfee name). Markus Rauschecker from UMD CHHS discusses a proposal to check social media accounts at the border. And the FBI arrests two it says are the Crackas-with-Attitude. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we explore ongoing concerns about Russian attempts to influence US elections. The US Congress has harsh words for OPM in their data breach report. Google has a plan for countering ISIS messaging online. Ransomware may prove self-limiting for criminals, and St. Jude Medical sues Muddy Waters Capital and MedSec. We hear about next-generation SOCs from Siemplify's Amos Stern, and University of Maryland's Jonathan Katz explains a vulnerability in homomorphic encryption. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear about cyber risks and cyber talks at the G20 summit. China may be looking to the Russian model in the Near Abroad as it thinks about its next steps in the South China Sea. The current state of Russian-American relations in cyberspace—they're dominated by election hacking and information operations. The risks of shared cryptographic keys. An Android Trojan evolves. Industry notes—contracts, patches, acquisitions, and lawsuits. John Leiseboer from Quintessence Labs outlines cryptographic and key management standards. Gabby Nizry from Ayehu explains the benefits of automation. And EXTRABACON is still a problem. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about some Pokémon-themed Linux rootkits. An evolved Linux Trojan is herding I0T botnets. Social media monitoring leads to convictions of jihadist plotters in Australia and the UK. Pegasus spyware and NSO Group's pricelist. Election hacking on four continents. Are the Shadow Brokers engaged in intelligence or influence operations? (In any case, no one's really bidding on the Equation Group code the Brokers say they're auctioning.) The FBI releases information on its investigation into former Secretary of State Clinton's email. Accenture Labs' Malek Ben Salem describes frameworks for Industrial IoT. And for a while it looked like cyber high noon at the G20 talks. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we discuss Apple's patches against the Trident zero-days, and review what the press is saying about the cyber arms market. Policy wonks and politicians speak in favor of cyber offense, and militaries speak up for nuance. Election hacks continue, this time in Hong Kong. How companies and governments adjust to a difficult cyber labor market, with insights from Level 3's Dale Drew. Gene Stevens from ProtectWise explains the contribution of interface design to security. Responsible disclosure, stock shorting, and the importance of cooperation between vendors and researchers. A quick look at the week in the security industry. More old breaches show its's a bad idea to reuse passwords. And Guccifer gets four years. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear about a successful business email compromise caper, and some more SWIFT fraud. Vanya the RIPPER is on the lam from Thai police. iMessaging issues surface. Cerber ransomware is being spread by Word documents. Adobe's hot fix swats a Cold Fusion bug. Rowhammer attacks are shown to be a real possibility. Election hacking and influence operations. Centrify's Corey Williams weighs in on the Sage Software data breach, and Jonathan Katz from the University of Maryland explains an iMessage vulnerability. And a tip: if you look good for your mugshot, you won't be tempted to Facebook a more flattering one to the authorities. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we follow the story of alleged Russian hacking of US think tanks and election databases (allegations Russia dismisses as American provocation). US Federal and state officials think about securing November's vote. Mississippi organizes a new public-private cyber security coalition. SWIFT discloses new money transfer fraud attempts. New ransomware strains are out in the wild, and a Trojan is impersonating Google Chrome. Dr. Jim Kent from Nuix shares his thoughts on insider threats, and we welcome Yisroel Mirsky from Ben-Gurion University, our newest Academic and Research Partner. And, producers, rethink your B-roll: we take a look at the best stock picture of a hacker yet. Learn more about your ad choices. Visit megaphone.fm/adchoices

Whether your bootstrapping your business on your own, borrowing from friends and family or going for your Series A venture capital round, raising money is something most business owners have to deal with, sooner or later. We spoke with experienced business leaders in cyber security to find out what they did to fund their companies, lessons they learned, and what advice they’d give. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we follow concerns about US election hacking brought on by an FBI warning that someone (the Russians, IC and industry sources say) has hacked into Illinois and Arizona voter databases. Lawful intercept vendors receive more scrutiny in the wake of the Trident iPhone zero-day revelations. Analysts raise concerns about data manipulation in both elections and criminal investigations. St. Jude Medical disputes allegations that its pacemakers are hackable, and the security sector does some ethical introspection about disclosure. The IoT is beginning to exploited in DDoS campaigns. Malicious EMV cards are implicated in Thailand's ATM skimming crime wave. University of Maryland CHHS' Ben Yelin weighs in on the legal issues surrounding the Muddy Waters Capital story, and Security Mentor's Dan Lohrmann explains sophisticated attacks on the C-Suite. And Angry Birds join Pokémon on various enterprise blacklists. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we update the story on SCADA malware in Iran—Iran now thinks it didn't cause petrochemical industry fires. France, India, and Australia investigate theft of submarine design data. Citizen Labs' investigation of iOS spyware renews debate over cyber arms control. The Shadow Brokers haven't yet got their half-billion dollars, but their leaks chill US-Russian relations and prompt both election fears and concerns over zero-day disclosure. The US prepares to revise its anti-ISIS social media operations. Security firm MedSec discloses alleged St. Jude medical device vulnerabilities to a hedge fund, seeking to profit from short-selling. Markus Rauschecker from the University of Maryland Center for Health and Homeland Security gives us the details on PPD 41 from the White House. Fishing and hunting license databases exposed. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about a spyware case connected to Pegasus, a tool that can jailbreak an iPhone (they say) with a single click. Apple issues an out-of-band patch for the three iOS zero-days Pegasus exploits. Shadow Brokers leaks remain under investigation. Phishlabs and TrapX release anti-ransomware tools. Ramnit and Dreambot are after bank accounts (and Dreambot spreads over Tor). NIST has a de-identification standard out for comment. AT&T's Bindu Sundaresan looks at academic networks as students head back to school. Johns Hopkins' Joe Carrigan discusses option for safely backing up your photos. Industry news includes some interesting short-selling. And Russia isn't feeling the love in cyberspace. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we look at ways in which terrorist incidents have motivated France and Germany to seek ways of compelling encrypted messaging apps to open traffic to inspection. In the UK such incidents have also prompted a harsh Parliamentary report on social media companies' efforts to combat radicalization. Shadow Brokers leaked exploits continue to appear in the wild. Investigation continues, but observers begin to see the incident as part of a general attack on US official credibility. Assange promises more leaks of Clinton material. Ransomware appears in India and Vietnam. A new Android banking Trojan uses Twitter for command-and-control. Dale Drew from Level 3 Communications shares tips on setting up a SOC, and Ralph Cita explains how they make free training available at Cybrary. And Ashley Madison gets bad reports in three of the Five Eyes. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear about Russian hackers going after New York Times reporters (the FBI is investigating). Exploits in the Shadow Brokers' teaser are "test-driven" in the wild. Some of them may affect Huawei products. The Goznym banking Trojan moves from Poland to Germany. British universities are targeted by ransomware. Researchers give victims of Wildfire ransomware some relief in the form of a decryptor. Gaming sites come under attack. We've all heard of the cloud, but Accenture's Malek Ben Salem tells about the coming fog. There's a new push to restrict encryption in the EU. And a fourth-grade steely-eyed missileman arises in Texas. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we discuss the Shadow Brokers' leaks, reviewing ongoing speculation and speaking with some experts who offer insight into the matter: Jason Healey, the principal investigator in Columbia University's study of NSA zero-day disclosure policy, and RedSeal's CEO and CTO discuss firewall security and vulnerability. Juniper joins Cisco and Fortinet in confirming that Shadow Brokers' zero-days affect its products. IoT encryption R&D updates. Security start-ups attract more investment. And some thoughts on what not to say to your VC. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we continue to follow the Shadow Brokers, and we take a quick look into the shadowy world of hybrid warfare. No fresh leaks in this incident, but someone seems to be using seized Silk Road Bitcoin wallets to bid on leaked files. Election hacking worries persist, and concerns about secret ballots appear. Some users want a general strike against Tor. Point-of-sale malware and what to do about it. Industry notes. A new Wassenaar round will revisit cyber arms control next month. John Leiseboer from QuintessenseLabs addresses data redundancy and replication, and Michael Marriott from Digital Shadows tells us about the shady deer.io online market. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about emails flooding dot gov in-boxes. A re-tooled version of Locky ransomware is out in the wild. As we look back at the week, the big news surrounds the Shadow Brokers' data dump and implausible auction—they seem to have some genuine NSA goods. The brokers themselves are thought to be either Russian spies or rogue insiders, or some mix of both. Worries about US election hacking rise. More companies are concerned about insider threats. The University of Maryland's Jonathan Katz explains how to reverse engineer encryption, and Chris Fogle from Delta Risk tells us how board members can prepare for cyber challenges. And, yes, there's another Pokémon-GO hack. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear more about the Shadow Brokers, who are confirmed to have dropped some genuine zero-days. Most observers now think there was a compromise at NSA; some suspect Russian intelligence services. North Korea is again scrutinized for SWIFT fraud. Operation Ghoul targets industrial intellectual property in thirty countries. We see continued industry churn (including some layoffs as well as M&A rumors). CrowdStrike's Adam Meyers tells us about the Boson Spider gang, and Ben Yelin from the University of Maryland Center for Health and Homeland Security weighs in on the Shadow Brokers. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we follow the continuing story of the Shadow Brokers and their claims of having got their hands on Equation Group attack code (as bizarre as their story is, a lot of informed observers think the code they've posted is the real deal). Many see the Shadow Brokers incident as an escalation of a cyber cold war between Russia and the United States. More banking Trojan activity in South America. DNSSEC is exploited in DDoS attacks, and Cerber is still number one in the ransomware-as-a-service market (where Shark is a dodgy upstart). Kensington's Rob Humphrey shares the results of their recently security survey, and Johns Hopkins University's Joe Carrigan weighs in on securing your devices in the real world. And yes, more Pokémon stuff. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we learn about claims made by hackers calling themselves "the Shadow Brokers." They say they've pwned the Equation Group, and obtained NSA attack code which they're now selling for one million Bitcoin. Guccifer 2.0 gets a lot more polished and even leakier. A bogus QuadRooter patch is serving malware in Google's Play Store. Fidelis tells us about Vawtrak's evolution. Someone's watching the Veracrypt audit. Iran looks into possible cyber causes of oil-and-gas facility fires. Fake Pokémon installers have trainers choosing ransomware. No more Pokéstops allowed in Germany's Flughafen. Vikram Sharma from Quintessence Labs outlines the challenges and opportunities of combining cutting edge science with market realities. Hardik Modi from Fidelis Cybersecurity expains changes they're tracking in the Vawtrak banking trojan. And British lawyers get a license to hunt hackers. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we learn that Russian hackers went after Republicans as well as Democrats. An anti-doping whistleblower's account is illegally compromised. ISIS turns to online inspiration to recover jihadist mindshare. The MICROS point-of-sale system hack appears to underlie widespread credit card compromises. Secure Boot's "golden key" exposure is seen as a warning against backdoors. Security industry M &A and IPO notes. Level 3 Communications' Dale Drew tells us about machine-to-machine learning, and how it may improve security. And for some reason researchers develop a proof-of-concept for a DDoS-based cryptocurrency. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we learn that the US Intelligence Community discovered the DNC hack sometime last year—much earlier than its public disclosure this Spring. We hear about threats to critical infrastructure, and we follow developments in the cyber criminal markets—ransomware's getting mighty picky, if you ask us. We hear about ISIS's appeal to disaffected petty criminals. The Olympics see both cybercrime and patriotic hacktivism. Quintessence Labs' John Leiseboer discusses redundancy and replication of data, and we interview Robert M. Lee from Dragos Security about ICS SCADA security, and preparing for cyber security jobs. And, of course, we hear more about how Pokémon-GO is driving security people quite nuts. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we hear about cyber and information operations in Eastern Europe that look disturbingly like battlespace preparation. The FBI finds that the scope of the Democratic Party hacks is much greater than initially believed. The Bureau seems ready to ask for more authority to unlock devices, but opponents point to Microsoft's inadvertent leak of Secure Boot keys as an object lesson in why that's a bad idea. USENIX proofs-of-concept include Linux and car-hacking exploits. Samsung Pay is criticized as vulnerable to token skimming. Senior Law Analyst Ben Yelin outlines the FBI's request to expand the reach of National Security Letters. Deputy Director Rick Lipsey explains the mission of the ISAO Standards Organization. New ransomware features disappearing extortion emails. And how do you solve a problem like Pokémon-GO? Learn more about your ad choices. Visit megaphone.fm/adchoices

In today’s podcast we follow developments in nation-state hacking, from Hainan to Tehran. Australia’s online census is taken offline—the Bureau of Statistics cries DDoS, but observers aren’t so sure. A new strain of ransomware under development in the underworld skips encryption and goes straight for deletion. Issues with Oracle’s MICROS point-of-sale systems may be the root cause of recent store and hotel breaches. Google says, thanks Check Point, we appreciate it, but most of QuadRooter has already been mitigated (they’re working on the rest of it). Joe Carrigan from Johns Hopkins University warns us about side-loading Android apps, and Leemon Baird from Swirld describes a new trust-based peer to peer software platform. And we note that yesterday was Patch Tuesday. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today’s podcast we look at an APT group that’s been active since 2011. We hear about the Quadrooter Android vulnerability. We take a look back at Black Hat, and look for some sensible perspective on cyber risk. We also read some discussion of the differences between espionage, crime, and warfare. The US Marshalls will auction SilkRoad’s forfeited Bitcoin later this month. Dr. Charles Clancy from Virginia Tech's Hume Center tell us what to expect from 5G cellular technology. And yes, there’s more Pokémon-themed malware in the Play Store. Learn more about your ad choices. Visit megaphone.fm/adchoices

The 2016 Black Hat conference is in the books, and we wrap up our coverage with more insights from industry leaders on what trends they’re seeing, and where they think the industry is headed. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today’s podcast we hear about Bifinex’s recovery from its recent heist and the possibly temporary haircut its depositors got. We also follow the related Ethereum hard fork. News on Olympic hacks and risks of hacking from Booz Allen Hamilton's Brad Medairy and Grey Burkhart. Trustwave reports home smart thermostat bugs. Checkpoint discloses Qualcomm Android Quadrooter firmware vulnerabilities. More signs that Fancy Bear was prancing through the DNC. A look back at Black Hat, and notes on DARPA’s AI capture-the-flag challenge. Jonathan Katz explains the Etherium fork. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today’s podcast we look at Black Hat and draw some consensus advice for start-ups. Cyber espionage rises around the South China Sea. Apparent Russian hacking continues to worry election officials and voters in the US. The HEIST exploit is demonstrated. ISIS jockeys with al Qaeda, Boko Haram factions for jihad leadership. Brazil works on cybercrime as the Olympics open tonight. Apple announces a bug bounty. Cyber companies are said to be preparing layoffs. Accenture Technology Labs' Malek Ben Salem explains software based networking. Galina Datskovsky from Vaporstream outlines the security concerns with voice activated devices. And companies work to keep Pokemon out of places they shouldn’t go. Learn more about your ad choices. Visit megaphone.fm/adchoices

The 2016 Black Hat conference is underway in Las Vegas this week, and in this special report from the show floor we’ll hear from industry leaders about industry trends, and from venture capital funders about what they need to see before saying yes, and why it’s harder to get startup funding than it used to be. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today’s podcast, we get some updates from Black Hat. DNC hacks raise questions about US voting security, and Democratic Senators call for hearings on Donald Trump’s request that Russia find the 30,000 emails deleted from Hillary Clinton’s State-Department-era homebrew server. China seems to be probing Philippine networks in conjunction with the dispute over territorial waters in the South China SeaMore signs that Telegram is leaky. Updates on ISIS and its competitors’ information operations. The Gozi banking Trojan is headed for US targets. Bitfinex is looted of tens of millions in Bitcoin. The Real Deal criminal market’s boss is missing. Vikram Sharma from Quintessence Labs shares lessons learned about entrepreneurial course correction. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today’s podcast we follow the latest fallout from the DNC hacks (Russia’s still the prime suspect). Fears of election hacking rise in the US. Government electronic surveillance rises worldwide, driven in part by increasing fear of jihadist terrorism. ISIS unit “Emni” is said to have broad responsibility for recruiting and organizing terror cells. Android security upgrades from Johns Hopkins University expert Joe Carrigan. TripWire's Dwayne Melancon explains spearphishing. A quick look over at Black Hat USA. And some observers think Pokemon-GO is a mind control tool. (We don’t, except insofar as any popular mania amounts to mind-control.) Learn more about your ad choices. Visit megaphone.fm/adchoices

In today’s podcast we give a short update on Black Hat before turning to developments in Syria and Iran. Tension between the US and Russia mounts over alleged Russian hacks of US political campaign networks and more recently alleged US spyware operations in Russian enterprises. ISIS wishes to disrupt the Olympics, and cybercriminals are seeking to profit from the Rio Games. Adware uses steganography, and INTERPOL takes down a Nigerian online scam. Ben Yelin explains a recent court ruling in Microsoft's favor that deals with offshore data privacy, and Sameer Dixit from Spirent outlines emerging threats patterns. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today’s podcast we hear about Russian reports of an APT active against military, scientific, defense, and government networks. US investigations into the hacks of the DNC, DCCC, and Clinton campaign continue, with suspicion still directed at Russia. ISIS calls online for an extension of jihad to Russia. The SpyNote Android Trojan is out in the criminal underground. Researchers report vulnerabilities associated with WhatsApp and SwiftKey. And we share some security advice from Level 3's Dale Drew for those attending Black Hat. Learn more about your ad choices. Visit megaphone.fm/adchoices