show episodes
 
Encore seasons of the popular CyberWire Pro podcast hosted by Chief Analyst, Rick Howard. Join Rick and the Hash Table experts as they discuss the ideas, strategies and technologies that senior cybersecurity executives wrestle with on a daily basis. For the latest seasons ad-free along with essays, transcripts, and bonus content, sign up for CyberWire Pro.
 
C
Caveat

1
Caveat

CyberWire, Inc.

Unsubscribe
Unsubscribe
Weekly
 
Join us for thought provoking conversations on surveillance, digital privacy, and cybersecurity law and policy in the information age. Each week, hosts Dave Bittner and Ben Yelin break down the headlines, legal cases, and policy battles that matter most.
 
8
8th Layer Insights

1
8th Layer Insights

Perry Carpenter | CyberWire Inc.

Unsubscribe
Unsubscribe
Monthly
 
Get ready for a deep dive into what cybersecurity professionals often refer to as the "8th Layer" of security: HUMANS. Welcome to 8th Layer Insights (8Li). This podcast is a multidisciplinary exploration into how the complexities of human nature affect security and risk. Author, security researcher, and behavior science enthusiast Perry Carpenter taps experts for their insights and illumination. Topics include cybersecurity, psychology, behavior science, communication, leadership, and more.
 
TOP SECRET Personal Attention, SpyCast Listeners Known to be the podcast real spies listen to -(STOP)- eavesdrop on conversations with high level sources from around the world -(STOP)- spychiefs molehunters defectors covert operators analysts cyberwarriors technologists debriefed by SPY Historian Hammond -(STOP)- stories secrets tradecraft and technology discussed -(STOP)- museum confirmed to have greatest collection of artifacts on the subject anywhere in the world -(STOP)- podcast rumored ...
 
Loading …
show series
 
A new Chinese cyberespionage group is described. Cobalt Strike implants are observed hitting unpatched VMware Horizon servers. Ukraine attributes last week’s cyberattacks to Russia (with some possibility of Belarusian involvement as well). Microsoft doesn’t offer attribution, but it suggests that the incidents were more destructive than ransomware …
 
Enjoy a peek into CyberWire Pro's Privacy Briefing as the team is off taking our long winter's nap. This is the spoken edition of our daily Privacy Briefing, focused on incidents, techniques, tips, compliance, rights, and trends. This episode's headlines: Data exposures: first responders, police-citizen interactions, childrens' PII, and hikers' inf…
 
Enjoy a peek into CyberWire Pro's Research Briefing as the team is off taking our long winter's nap. This is the spoken edition of our weekly Research Briefing, focused on threats, vulnerabilities, and consequences, as they’re played out in cyberspace. This week's headlines: US Commission on International Religious Freedom reportedly hacked. Sophis…
 
Merry Christmas and Happy Holidays from the CyberWire and our friends! Enjoy our rendition of the 12 Days of Malware created by Dave Bittner and performed by Dave and friends: Rachel Tobac, Jayson Street, Ron Eddings & Chris Cochran, Ray [Redacted], Dinah Davis, Camille Stewart, Rick Howard, Michelle Dennedy, Jack Rhysider, Johannes Ullrich, and Ch…
 
This was the most popular episode of 2020. Apparently, people are interested in the views of former GCHQ Director, Joint Intelligence Committee Chair, and first UK Security and Intelligence Coordinator on, well - how spies think. I am sure David – now a Visiting Professor at Kings College, London – has a few thoughts on the subject. Hear Andrew deb…
 
Rick explains the network defender evolution from defense-in-depth in the 1990s, to intrusion kill chains in 2010, to too many security tools and SOAR in 2015, and finally to devsecops somewhere in our future. Resources: “Cybersecurity First Principles: DevSecOps.” by Rick Howard, CSO Perspectives, The CyberWire, 8 June 2020. “FAQ,” RSA Conference,…
 
Rick explains the network defender evolution from defense-in-depth in the 1990s, to intrusion kill chains in 2010, to too many security tools and SOAR in 2015, and finally to devsecops somewhere in our future. Resources: “Cybersecurity First Principles: DevSecOps.” by Rick Howard, CSO Perspectives, The CyberWire, 8 June 2020. “FAQ,” RSA Conference,…
 
Social engineer and CEO of Hekate, Marina Ciavatta, shares her story of how people think her job is a la Mission Impossible coming from the ceiling with a rope and stealing stuff in the dead of the night. Marina does physical pentesting. Starting with an unused degree in journalism, Marina turned her talent for writing into a job as a content produ…
 
Social engineer and CEO of Hekate, Marina Ciavatta, shares her story of how people think her job is a la Mission Impossible coming from the ceiling with a rope and stealing stuff in the dead of the night. Marina does physical pentesting. Starting with an unused degree in journalism, Marina turned her talent for writing into a job as a content produ…
 
This episode features guest Alissa Knight, former hacker and partner at Knight Ink, along with Karl Mattson, CISO from Noname Security, discussing findings on severe API vulnerabilities in U.S. banking applications research that was conducted by Alissa and funded by Noname Security. The research, “Scorched Earth: Hacking Bank APIs,” unveils a numbe…
 
This episode features guest Alissa Knight, former hacker and partner at Knight Ink, along with Karl Mattson, CISO from Noname Security, discussing findings on severe API vulnerabilities in U.S. banking applications research that was conducted by Alissa and funded by Noname Security. The research, “Scorched Earth: Hacking Bank APIs,” unveils a numbe…
 
A large-scale cyberattack against Ukrainian websites looks like an influence operation, and Russian intelligence services are the prime suspects. The FSB raids REvil. The White House Open Source Software Security Summit looks toward software bills of materials. MuddyWater exploits Log4shell. The DPRK is working to steal cryptocurrency. Caleb Barlow…
 
A White House government-industry summit today addresses open-source software security. The US officially makes its second attribution of the week to a nation-state: it calls out Iran as the operator of the MuddyWater threat group. Israel arrests five on charges related to spying for Iran (they’re thought to have been recruited through catphishing)…
 
Guest Chris Hart, partner and co-chair of Foley Hoag's Privacy & Data Security Practice, joins Dave to discuss ransomware and cyber insurance, Ben talks about the role that attorneys play in the aftermath of cybersecurity incidents, and Dvae shares calls to amend the constitution. While this show covers legal topics, and Ben is a lawyer, the views …
 
Guest Tom Tovar, CEO and Co-Creator of AppDome, joins Dave and Joe to discuss the results of a recent consumer survey, Dave's story is based on a tweet where the user's child's middle school had some unintended consequences of a phishing scam training, Joe has two stories: one on QR code scammers on parking kiosks, and one about a book publishing p…
 
The US issues an alert over the prospect of Russian cyberattacks, and the EU begins a series of stress tests, both in apparent response to concerns over the prospect of a Russian attack on Ukraine. NIST updates its guidance on Engineering Trustworthy Secure Systems. NIght Sky ransomware exploits Log4shell. Phishing afflicts a hotel chain. Carole Th…
 
Log4shell as an instance of a more general software supply chain issue. An APT apparently mistakenly infects itself with its own RAT. A new backdoor, SysJoker, is in use in the wild. A warning on commercial surveillance software. A leak investigation continues in Denmark. Joe Carrigan explains bogus QR codes. Our guest is Casey Allen of Concentric …
 
Alexis Albion – star of our 500th episode anniversary special – is a very good friend of the current Undersecretary for Arms Control & International Security, Bonnie Jenkins. Way back when, they were both on the 9/11 Commission Report – while Alexis’ focus was on the CIA and counterterrorism before the attacks, Bonnie’s was on the DOD and counterte…
 
Let's face it. Most of us have a love/hate relationship with technology and technological advances. We dream about the new thing... but when it arrives, we are usually a little disappointed. Many of us also lament the constant erosion of privacy, the changes in social norms, and more. And, little-by-little, we allow those aspects of new technology …
 
CISA describes progress toward remediating Log4shell. Other open-source libraries are found to have similar issues, in one case problems deliberately introduced by the developer. Concerns are expressed over undersea cable security. FIN7’s BadUSB campaign. Security questions about another Chinese-made phone. Our guest is Bob Maley from Black Kite on…
 
Two members of the CyberWire’s hash table of experts: Bob Turner: University of Wisconsin at Madison CISO Roselle Safran: KeyCaliber’s CEO & Founder discuss security concerns around containers and serverless functions. Resources: “Cybersecurity first principles: intrusion kill chains,” By Rick Howard, CSO Perspectives, the Cyberwire, 26 May 2020. “…
 
Senior Vice President and Executive in Residence with Rapid7 and Chairman for Cyversity, Julian Waits, grew up in the era of the Justice League and Superman and it shaped his career. Julian always wanted to do something where he could find a way to help society to basically help others. Starting out as a Baptist minister with aspirations of being a…
 
Senior Vice President and Executive in Residence with Rapid7 and Chairman for Cyversity, Julian Waits, grew up in the era of the Justice League and Superman and it shaped his career. Julian always wanted to do something where he could find a way to help society to basically help others. Starting out as a Baptist minister with aspirations of being a…
 
Guest Rob Boyce, Accenture's Global Lead for Cyber Incident Response and Transformation Services, joins Dave to discuss their research "Karakurt rises from its lair." Accenture Security has identified a new threat group, the self-proclaimed Karakurt Hacking Team, that has impacted over 40 victims across multiple geographies. The threat group is fin…
 
Loading …

Quick Reference Guide

Copyright 2022 | Sitemap | Privacy Policy | Terms of Service
Google login Twitter login Classic login