Sri Lanka bombing investigation updates. Cryptojacking targets enterprises in East Asia. Oracle web server zero-day. The criminal-to-criminal credential-stuffing market. Who talked about Huawei in UK?
Sri Lanka bombing investigation updates. Cryptojacking targets enterprises in East Asia. Oracle web server zero-day. The criminal-to-criminal credential-stuffing market. Who talked about Huawei in UK?
CyberWire Daily · N2K Networks
Audio is streamed directly from the publisher (pdst.fm) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Investigation of the Easter massacres in Sri Lanka continues. For all the concern about online inspiration, some of the coordination seems to have been face-to-face. Symantec describes a cryptojacking campaign, Beapy, that propagates using EternalBlue. An Oracle web server zero-day is reported. Recorded Future describes the commodified black market for credential-stuffing. And there’s a cabinet dust-up in the UK over a leak about the government’s plans for Huawei. Johannes Ullrich from SANS and the ISC Stormcast podcast on the increase in DHCP client vulnerabilities he’s been tracking. Guest is Anura Fernando from UL on the technological and regulatory challenges of medical devices and wearables.
For links to all of today's stories check our our CyberWire daily news brief:
https://thecyberwire.com/issues/issues2019/April/CyberWire_2019_04_26.html
Learn more about your ad choices. Visit megaphone.fm/adchoices