CyberWire Daily

In today's podcast, we learn that the LinkedIn breach is the same old one from 2012, only now two orders of magnitude larger than thought. ESET describes a cyber surveillance campaign, Operation Groundbait, in Ukraine's Donbas region. Phineas Phisher hacks on behalf of Kurdish anti-capitalists. The SEC warns of cyber risks to the financial sector. Cisco reports better than expected results (thanks in part to its security business). Ben Yelin from the University of Maryland Center for Health and Homeland Security wonders if a case involving locked hard drive may go to the Supreme Court. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we discuss a breaking story about what's potentially a very large breach at LinkedIn. Banks' interactions with SWIFT (not SWIFT itself, necessarily) concern observers. Malware and scareware appear in the Play Store. China interrogates Apple, Cisco, and Microsoft about security. We hear about ways in which participants in black markets evolve to function more like legitimate enterprises. University of Maryland professor Jonathan Katz unlocks the secrets of cracking ransomware, and Zimperium's John Michelsen says it's time to be proactive with the defense of our mobile devices. Learn more about your ad choices. Visit megaphone.fm/adchoices

Today we discuss some exploits running loose in the wild. GSA's 18F unit cleans up its Slack implementation and shares its lessons learned from a potential breach. Older Android devices are susceptible to an Accessibility exploit. A million-device clickfraud botnet drains advertising budgets. A new cyber espionage campaign prefers quality to quantity. SWIFT gets security advices. ISIS shifts recruiting focus to Central Asia. Cyber tensions rise between the US and China. Dale Drew from Level 3 shares the perspective of a backbone provider, and Yong-Gon Chon wonder if company's don't overreact to breaches. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we discuss Germany's attribution of an ongoing cyber espionage campaign: it's Russia, says the BfV. Bank attacks continue, both related to, and unrelated to, the SWIFT funds transfer system (and some seem criminal, some hacktivist in motivation). Russia says it plans to close about 4000 sites for trafficking in extremist ideology and drugs. Markets look forward to the next cyber security bellwether stock to report. And John Leiseboer from Quintessence Labs explains random number generation. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast, we look back at the week just ending and see new attempts on banking systems. Some involve SWIFT; others involve Anonymous, and some have to do with the FDIC. And what about those fingerprints? Markus Rauschecker from the Center for Health and Homeland Security examines the increased scrutiny the FTC and FCC are putting on mobile device providers. And we interview Dr. Emma Garrison-Alexander about her leadership positions with NSA, TSA and UMUC. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we discuss a warning from US-CERT and Onapsis against some old but active SAP vulnerabilities. Pawn Storm is back, and active against German political targets. DDoS-for-hire is proving lucrative, as is ransomware. Joe Carrigan from Johns Hopkins University Information Security Institute explains what you should do when you get suspicious-looking email. IBM speaks with us about their cyber security plans for their Watson AI. Learn more about your ad choices. Visit megaphone.fm/adchoices

We run through some of the high points of May's Patch Tuesday. We get updates on Viking Horde Android malware and Bucbi ransomware. Venture capital seeks out IoT security investments as Pwnie Express and Bayshore Networks attract funding. Quintessence Labs' Dr. Vikram Sharma explains emerging quantum technologies. And IBM will train Watson to deal with cyber security issues. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear about the Panama Papers database. We also discuss updates concerning the Bangladesh Bank heist investigation. New ad-fraud malware, Viking Horde, shows up in the Google Play Store. In ransomware news, CryptXXX is no longer so easily decrypted, Bucbi exploits RDP vulnerabilities, and Triumfant shares what they've learned about Locky. We also talk to Accenture's Malek Ben Salem about big data security frameworks. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we follow the progress of anti-banking DDoS hacktivism Operation Icarus. The Panama Papers are released in the form of a searchable database. Some apparently big compromises look a bit recycled. Victims' willingness to pay keeps the ransomware black market primed. Investor disappointment depresses security company valuations. We talk with the University of Maryland's Ben Yelin about how law lags technological advance, and GCHQ says don't be too quick to change passwords. Learn more about your ad choices. Visit megaphone.fm/adchoices

Today we hear about what's going on with proof-of-concept exploits. Ransomware continued its run this week, but DDoS shouldn't be forgotten, either--it's good for both business interruption and misdirection. Thoughts on those 270 million email credentials. A couple of big security companies post Q1 results, and Adrian Turner, CEO of Australia's Data 61, explains the future of that nation's domestic cyber sector. Dale Drew from Level 3 Communications shares the news of a new DDoS technique. The LAPD succeeds in cracking an iPhone 5s. And where in the world is Satoshi Nakamoto? Learn more about your ad choices. Visit megaphone.fm/adchoices

Today we consider various ways of hiding attack campaigns: noisily or quietly, what the approaches have in common is highly selective targeting. Anonymous proceeds with Operation Icarus (against "the global banking cartel"). We observe World Password Day with advice from AT&T's Johannes Jaskolski and Johns Hopkins' Joe Carrigan. Plus, we take a quick look at how one script kiddie values his stolen data. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we look at studies of how ISIS actually operates online. Apparently they do so much the way crooks do—by abusing legitimate services. But when it comes to encryption, the jihadists seem to be rolling their own. Ransomware updates and warnings—the FBI reminds victims not to pay. The group that hit the Qatar National Bank may be preparing release of another bank's information. Infrastructure companies invest to shore up cyber defenses. We hear from the University of Maryland's Jonathan Katz on digital signatures, and we talk with the Denim Group's John Dickson about power grid security. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we look quickly at the current state of the cyber war between the US and ISIS. Anonymous is out to punish banks with DDoS for "crimes against humanity," and criminals continue to hone their ransomware game. The US security clearance system seems set to move toward FICO-like scoring. Joe Carrigan from Johns Hopkins University explains why medical records are so valuable on the cyber black market. Bob Hansmann from Forcepoint returns for more findings from their 2016 threat report. And Satoshi Nakamoto seems as airborne as ever. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcastwe hear some encouraging examples of responsible disclosure.Ransomware is still out and about. IBM seems to see a futurein blockchain technology. Bob Hansmann from Forcepoint shares highlights from their threatreport. Ben Yelin tracks the Snowdenremedies. And Craig Wright again claims he's Bitcoin'sSatoshi Nakamoto—the BBC and the Economist seem readyto take him at his word. Learn more about your ad choices. Visit megaphone.fm/adchoices

Today we hear about potential backdoors (or maybe PUPs). Cash-stealing malware reported in Google Play. Third-party developers leave their credentials lying around GitHub. Triumfant watches Locky morph—five times a day. Dale Drew from Level 3 talks about point-of-sale risks. Verizon tells us all about their Data Breach Report. The Panama Papers may soon be released in full. Investors worry about the cyber sector, but some see healthy adjustment. And US Cyber Command works to make the "L" in ISIL stand for "loser." Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Podcast, we hear about ISIS attempts at inspiration online—their technical capabilities are low, but they continue to hit information ops hard. A Bavarian nuclear plant finds a malware infestation—spooky, but apparently without effect. Observers expect more hacks like the one on the Bangladesh Bank, and the Platinum threat group looks state-sponsored. The security industry may be showing signs of consolidation. . The University of Maryland's Markus Rauschecker explains why law firms are attractive hacking targets, and Todd O'Boyle from Percipient Networks urges us to listen to our malware. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Podcast, we hear reports of success in the cyber war against ISIS. Inquiry into the Bangladesh Bank hack continues; the threat actors behind it may have additional capers in the works. Android malware flourishes, and so does a vigorous underground extortion market. The FBI says it doesn't know what vulnerability was exploited to open the San Bernardino iPhone, and that it doesn't want a hacking arms race with criminals and terrorists. Ferruh Matvituna from Netsparker shares some wisdom on app security, and Jonathan Katz from the University of Maryland explains program obfuscation. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we hear more about possible other instances of fraudulent messaging in the SWIFT financial transfer network. We discuss an active Android ransomware campaign that appears to be using old Hacking Team exploits. US DNI Clapper thinks the acceleration of encryption, post-Snowden, really hasn't been a very good thing, and calls for a balance between privacy and security. The US continues to ramp up its cyber offensive against ISIS. Joe Carrigan from the Johns Hopkins Information Security Institute tells the tale of a scammer strung along. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Daily Podcast we discuss reports that the Bangladesh Bank hackers succeeded in getting into, and manipulating, some SWIFT client software. The outlines of the US cyber campaign against ISIS grow clearer. Updates on how the US Department of Justice is getting into iPhones. We take a look at the disappointing—to many analysts—SecureWorks IPO and what it means for VCs and cyber unicorns. Plus, CyberWire Editor John Petrik reports on last week's SINET ITSEF conference. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Daily Podcast we hear about Mexican and Philippine authorities’ investigations into voting database compromises. Ransomware continues to circulate, and we learn something about the increased sophistication of phishing. Point-of-sale crooks race against US EMV adoption. We take a look at the SecureWorks IPO and the long interest in some leading security stocks. Joseph Opacki from PhishLabs explains the growing sophistication of phishing schemes, and Benjamin Yelin from the University of Maryland Center for Health and Homeland Security tells us about mobile security and Stingrays. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Daily Podcast we hear about CryptXXX—recently discovered ransomware—and about old, familiar Dorkbot. The US Congress continues to mull legislation that would mandate decryption, and the banking and tech sectors don’t care at all for what they see in those pending bills. Australia announces its cyber security strategy, and says that its national capabilities definitely include offensive ones. Jason Lewis from LookingGlass warns us about third party network access, and Dale Drew from Level 3 Communications emphasizes the importance of collaboration. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Daily Podcast we gain perspective on post-Brussels ISIS-inspired hacktivism. Developers should take care using Xcode command line development tools. The Thanatos Trojan is discovered in, and booted from, a hosting service. Analysts draws some familiar lessons from last year’s Hacking Team breach. And plaintiffs may think twice about suing Ashley Madison for alleged catphishes. Plus, Jonathan Katz from the Maryland Cybersecurity Center shares his team's research into searchable encryption. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Daily Podcast we hear about the latest wave of ISIS-sympathizer cyber attacks—they’re again low-level defacements of poorly defended targets. Chris Morgan from IKANOW provides tips on quantifying cyber risk. A new strain of ransomware is identified, but it seems connected to some long-familiar criminal actors. Microsoft and Apple both continue to resist US Government requests for data and assistance in criminal investigations. Markus Rauschecker reviews the Compliance with Court Orders Act of 2016. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Daily Podcast we follow up with corrections to last week’s reports of Russian attacks on Sweden’s air traffic control system. The US and Russia hold talks on reducing tensions in cyberspace. The US cyber offensive against ISIS picks up its pace. Older JBoss servers are at risk of ransomware. Some M&A news in the cyber sector. And there are fresh accounts of how the Hacking Team was hacked last year. Plus, Joe Carrigan from the Johns Hopkins University Information Security Institute warns us not to trust that free airport WiFi. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Daily Podcast we discuss the international response to ISIS, and the terror group's latest info ops. We cover the news from cyber gangland (and bid Paunch farewell as he enters a Russian prison) including malware developments and the latest criminal approaches to making their infrastructure resilient. We learn some things about competitions as a way of building the rising cyber labor force from Raytheon's Jack Harrington, and we hear about the challenges of cloud data security from University of Maryland's Jonathan Katz. It seems privacy is in tension not only with security, but with transparency as well. And we talk about what the metaphorical hat you wear says about you (you hacker, you). Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Daily Podcast we discuss ISIS info ops and the cyber war the US is waging against the terrorist group. Ransomware phishing now show signs of knowing its targets' physical addresses. Patch Tuesday also saw updates from Cisco and Google. Cyber sector IPO rumors and declarations of intent. A Department of Justice lawyer, speaking for himself, thinks the debate over offshore accounts should inform thinking on the debate over privacy and security. Plus, Dale Drew from Level 3 Communications explains the importance of having a threat research lab. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Daily Podcast we continue our follow-up on the Panama Papers' investigation. Ransomware, DDoS, and malvertising continue their win, place, and show finishes in the criminal sweeps. Patch Tuesday addresses Badlock and other vulnerabilities. Some M&A news in the cyber sector. And the FBI may not have used Cellebrite's services to unlock the San Bernardino jihadi's iPhone after all. Plus, Johns Hopkins' Information Security Institute's Joe Carrigan warns us about phony calls claiming to be Microsoft tech support. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Daily Podcast we follow up on the Panama Papers' investigation, and, like everyone else, wait for the expected shoes to drop. BAE warns that Qbot has become more aware, more evasive, and harder to block. Cisco's Talos predicts the disturbing rise of "crytpoworms." The US Federal CIO warns of the risks inherent in legacy systems. Guy Guzner from FireGlass helps us sort out the Panama Papers speculation, and Markus Rauschecker wonders if the FBI will have better luck convincing Apple to unlock another iPhone. And we take a trip down memory lane with the unlamented legacy code represented by Clippy. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Daily Podcast we follow up on the Panama Papers' fallout. Leaker "John Doe" remains unidentified, and the scandal is roiling politics in Ukraine. Some observers think the Russian Financial Monitoring Service is behind the leaks. Dridex evolves into new lines of cyber crime. Juniper patches a suspect random number generator. GCHQ is said to have helped publishers stop the new Harry Potter book from leaking. And CyberWire editor John Petrik reviews an interesting price list from Dell SecureWorks. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Daily Podcast we report on the results of yesterday's #OpIsrael—basically a fizzle, but a fizzle with the usual disturbing implications. Pirrit adware moves to OS X. Ransomware remains a low-risk, high-payoff cyber caper. We take a look at some industry news: good, bad, and middling. We talk to the University of Maryland's Jonathan Katz about fully homomorphic encryption, and we discuss Japan's cyber security landscape with William Saito, special advisor to the prime minister of Japan. Learn more about your ad choices. Visit megaphone.fm/adchoices

The people we spoke to at 2016's Women in Cybersecurity Conference had a remarkable diversity of career and academic backgrounds, as well as life experiences. Many themes emerged from our conversations, including the importance of mentorship, willingness to try new things and take risks, and the importance of flexibility and communications skills. They also dispelled some myths, including the notion that you need to have a technical background for a career in cyber security. We sat down with a range of women, from students to industry leaders, for candid conversations about their personal journeys, their experiences as women in a male dominated field, and their advice to women considering a career in cybersecurity. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Daily Podcast we catch up on the latest reports of the recent MedStar ransomware infestation. Mobile security company SkyCure share the results of their recent report on vulnerabilities in the medical field. DDoS also remains a problem. The FTC and IRS warn of socially engineered scams. The Panama Papers continue to name a lot of celebrities, but no new political leaders. Hacking Team loses its export license. We talk to the Johns Hopkins University's Joe Carrigan and get his expert reflections on last week's Women in CyberSecurity conference. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Daily Podcast we find out more about how the Panama Papers leaked, and what their consequences are likely to be. A malicious SEO campaign hits vulnerable Joomla and WordPress installations. Ransomware gets personal. Dr. Web finds a Trojan in 104 Android apps. We discuss the Billington CyberSecurity International Summit. US policymakers mull the status of Cyber Command. We talk to the University of Maryland's Ben Yelin about ransomware and HIPPA. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Daily Podcast we hear about the spreading Panama Papers tax evasion (or avoidance, or wealth hiding) scandal. US State Department databases may have unpatched vulnerabilities, and PII of Turkish citizens is posted online. We talk to SCADAFence about securing the manufacturing Internet-of-things, and Markus Rauschecker from the University of Maryland Center for Health and Homeland Security tells us about how legal standards are established in cases involving cyber security. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Daily Podcast we hear about MedStar's recovery from ransomware, and a joint US-Canadian warning about the general threat of ransomware. A new strain of ransomware offers victim-friendly QR codes for easy mobile payment of ransom. The "Panama Papers," leaked by a whistle-blower, seem to offer some pretty spectacular stories of international governmental corruption. We talk to Accenture's Malek Ben Salem about securing the Internet-of-things. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this podcast, we look back at a week of ransomware. The FBI succeeds in unlocking the San Bernardino jihadist's iPhone without Apple's help (and Apple like the rest of us would like very much to know why). Policymakers consider their alternatives in cyber conflict, and they run from lawfare to warfare. Tay's briefly let out of her room, but quickly sent back (and that's no April Fooling). Plus Backchannel's Steven Levy on repeating the cryptowars, and Ben Yelin on the challenges of establishing legal standing against the NSA. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Daily Podcast we hear about some of the other current threats—while ransomware is very much in the news, we'd do well to remember the problems of denial-of-service and business email compromise. The US continues to work toward "operationalizing" deterrence in the cyber domain. We talk to the Johns Hopkins University's Joe Carrigan about how you can secure your new computer. And CNBC appears to have been too participatory in a story about password hacking. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Daily Podcast we hear about the ongoing story of the MedStar Health hack, which anonymous sources say was ransomware. The incident remains under investigation. We hear about ransomware's evolution. Big Law finds itself in the crosshairs of a Russian (or Ukrainian?) cyber gang. The Justice Department hints at more litigation over decryption. We talk to the University of Maryland's Markus Rauschecker about the NIST Framework, and we finish our conversation with Zimperium about their successful experience integrating their mobile security solution with a big telecom's services. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Daily Podcast we hear about yesterday's apparent hack of MedStar Health—possibly ransomware, but that's still unconfirmed. FireEye warns that legacy point-of-sale systems are under increasing attack. Kaspersky says Turla spyware is using satellite connections to work around C2 server takedowns. The FBI says its succeeded in cracking that jihadi's iPhone. We talk to Accenture's Malek Ben Salem on healthcare cyber security, and we hear from Zimperium about their successful experience integrating their mobile security solution with a big telecom's services. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Daily Podcast we talk about how "Google-dorking" may have helped the Rye dam hackers find a vulnerable system. If you're pushing propaganda, why the Dark Web probably isn't for you. Symantec finds stolen SHA-2 certs in malware. Trustwave finds XSS flaw; Zen Cart patches same. Carbon Black identifies PowerWare, a new ransomware variant. We talk to Bufferzone about hospitals and ransomware, and the University of Maryland's Jonathan Katz explains why random numbers matter. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Daily Podcast we talk about ISIS info operations and the difficulties of developing actionable intelligence about the group's cells. The US indicts seven Iranians for the Rye dam hack and DDoS against financial institutions. Walled garden app stores still have security issues. Verizon Enterprise Solutions and the E-Council suffer security issues, respectively a data breach and Angler redirection. More ransomware news, and developments in the Apple-FBI standoff. We talk with MorphoTrust about security in filing state tax returns. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Daily Podcast we discuss why ISIS inspiration seems to obviate the need for command-and-control. The US indicts seven Iranians for the Rye dam hack and DDoS against financial institutions. Concerns about the security of water utilities grow. ESET finds some new malware delivered by USB drive. We talk with the University of Maryland's Ben Yelin about rights to privacy in cyberspace. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Daily Podcast we discuss the developing investigation into ISIS inspiration and control of the Brussels attacks, and what's now know about November's Paris shootings. Ransomware may be developing the ability to spread through networks. The insurance and cyber security sectors are working toward a common understanding of risk, and we talk with Accenture's Malek Ben Salem about processing and protecting unstructured data. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's Daily Podcast we discuss what's known so far about ISIS inspiration or control of the Brussels attacks. Some precautions users can take against ransomware are recommended. The US Department of Justice has told the presiding Magistrate the FBI no longer needs Apple's help to open the San Bernardino iPhone, and we talk with the Johns Hopkins University's Joe Carrigan about the technical pros and cons of each side's case. Finally, we say farewell to Andy Grove, long of Intel, who died yesterday at the age of 79. Learn more about your ad choices. Visit megaphone.fm/adchoices

Baltic elves versus Russian trolls. Pakistan considers its cyber strategy. Investigation continues into the Bangladesh Bank hack. More hackers are interested in going after OS kernels. Apple and the Department of Justice are poised for this week's hearings. And the University of Maryland's Markus Rauschecker tells us what it means to "hack the Pentagon." Learn more about your ad choices. Visit megaphone.fm/adchoices

More on Buhtrap and its sophisticated spearphishing of Russian banks. There are more reasons (as if they were needed) not to jailbreak your iPhones and iPads. Also, stay away from "adult" apps on your Android. And we hear from the University of Maryland's Ben Yelin, who brings us up to date on the lingering fallout of the Snowden leaks. Learn more about your ad choices. Visit megaphone.fm/adchoices

Daily: Spies & crooks, together again. Artful spearphishers will eventually learn to proofread. Malek Ben Salem from Accenture Labs explains how decoy apps are helping secure mobile devices. Learn more about your ad choices. Visit megaphone.fm/adchoices

Crypto wars updates. Iran vs. US in cyberspace. Big Angler malvertising campaign. CyberWire editor John Petrik joins us to discuss the expected indictment of Iranian hackers by the US government. Chris Webber from Centrify shares tips for multi-factor authentication. Learn more about your ad choices. Visit megaphone.fm/adchoices

Daily: Naming & shaming Iran's hackers? Palo Alto spots "Digital Quartermaster." Team Apple bigger than Team DoJ. Plus, Jonathan Katz from the Maryland Cyber Security Center responds to Richard Clarke's NPR interview. Are claims of NSA's capabilities grounded in reality? Learn more about your ad choices. Visit megaphone.fm/adchoices

Daily: ISIS security breaches threaten narrative. Cyber industry issues. Updates on the crypto wars. Plus, Joe Carrigan from Johns Hopkins University's Information Security Institute shares an overview of Phishing scams. Learn more about your ad choices. Visit megaphone.fm/adchoices