Symantec Cyber Security Brief Podcast

In this week’s Cyber Security Brief, Dick O’Brien is joined by Candid Wueest and Brigid O’Gorman to discuss the biggest infosec stories of the week. This week we discuss Fancy Bear’s campaign against at least 16 anti-doping and sporting organizations, yet another ransomware attack on Johannesburg, and the malware that was turning the Discord client into an info-stealing backdoor. Also this week, the security researcher who discovered they could hack other people’s pet feeders, and the man who still has access to the connected car he rented – and returned – several months ago.

In this week's Cyber Security Brief, Dick O'Brien and Candid Wueest discuss some of the biggest cyber security stories of the past week. Topics this week include a second supply chain attack attempt aimed at compromising CCleaner, how Amazon Alexa and Google Home devices can be used to spy on their owners using malicious third-party applications, problems for Samsung and Google arising from issues with biometric authentication on their mobile devices, and how a Chinese cyber-espionage group has been targeting SQL servers.

In this week’s Cyber Security Brief, Dick O’Brien is joined by Candid Wueest and Brigid O’Gorman to discuss the biggest cyber security stories of the week. In the mix this week, a zero-day in the Windows version of iTunes and iCloud, ATM malware, the Sudo vulnerability, and how it has been proved that you can insert spy chips into firewalls. Also, the stalker in Japan who used reflections in photos to track down his victim, and finally, the price paid for people’s private information on the deep and dark web.

In this week’s Cyber Security Brief, Dick O’Brien is joined by Candid Wueest and Brigid O’Gorman to discuss some of the biggest cyber security stories of the last week. Topics on the agenda include: controversy over Apple allowing a police-tracking app to be carried on its App Store in Hong Kong, a ruling from the European Court of Justice that could have big implications for social media platforms, new technology that claims it can identify people through walls from their gait using just Wi-Fi receivers, and a whole lot of data breaches. Also, Candid tells us about the it-sa: IT Security Expo and Congress, which he is attending and presenting at in Nuremberg, Germany, this week.

In this week’s Cyber Security Brief, Dick O’Brien, Candid Wueest and Brigid O’Gorman discuss the high cost of ransomware, and the emergence of disinformation-as-a-service on underground markets. We also chat about researchers finding a way to steal data from encrypted PDFs, and the bulletproof hosting service housed in a former NATO bunker in Germany that was recently shut down by police. Finally, we discuss the issue of deepfake videos, the problems they could present, and the steps Google and others are taking to tackle them.

We’re back! The Cyber Security Brief returns for season 2. In our first episode, Dick O’Brien is joined by Brigid O’Gorman and Gavin O’Gorman (no relation) to discuss our recent research into Tortoiseshell, an APT group we recently discovered using both custom and off-the-shelf malware to target IT providers in Saudi Arabia in what appear to be supply chain attacks with the end goal of compromising the IT providers’ customers. We also discuss the recently revealed vulnerability in vBulletin, the release of iOS 13, a ransomware attack on a healthcare facility in Wyoming, and Facebook suspending thousands of apps from its platform.

In this week’s Cyber Security Brief, it’s episode 52, and the last one before we take a short summer break – we will be back with you in August, with more essential stories and trends from the world of cyber security. This week, we discuss the Cloud Security Threat Report that was recently released by Symantec, reports that APT10 compromised the networks of at least 10 telecoms companies, and the unusual circumstances that led to the arrest of a member of the Anonymous Belgium hacking group. Also, how a bug allowed the past owners of Nest cameras to spy on current owners, even after a factory reset. Finally, as the value of Bitcoin surges again, we have two cryptocurrency-related stories as two brothers are arrested in relation to the massive Bitfinex hack that occurred in 2016, and a new coinminer is emulating Linux to target both Windows and Mac systems. Don’t forget, while we are off air, we will still be posting blogs and tweets, so make sure to follow us on Twitter (@ThreatIntel), and to read our blogs at https://www.symantec.com/blogs/threat-intelligence and on Medium at https://medium.com/threat-intel.

In this week’s Cyber Security Brief podcast, we discuss the drama that ensued when Samsung tweeted about scanning their smart TVs for malware, a city in Canada lost CA$500,000 to a BEC scam, and three universities in the U.S. revealed in the same week that they were hit by data breaches. Also, we discuss new research just published by Symantec into the Waterbug/Turla group, and two different Android threats that were in the news this week.

On this week’s Cyber Security Brief, it's episode 50! We discuss the EU’s bug bounty program, bad password security practice, and why “secure” websites are becomingly increasingly untrustworthy. We also chat about the start-up that hacked its own customers’ cryptocurrency wallets – in order to safeguard their funds, a further update on the RDP vulnerability we’ve discussed previously, and how the Spanish soccer league La Liga was misusing its mobile app. Finally, the story of how Radiohead called the bluff of a ransomware criminal.

On this week’s Cyber Security Brief, we chat about our report looking into the Internet Research Agency's disinformation campaign targeting the 2016 US presidential election. We also talk about the apparent retirement of the operators behind GandCrab, and red faces in both the New Zealand government and the Dutch Data Protection Authority.

On this week’s Cyber Security Brief podcast, Candid Wueest and Dick O’Brien discuss Transport for London’s plans to start collecting data about the customers using its Wi-Fi, and what that might mean for people’s privacy. Also, the ongoing repercussions of the ransomware attack that hit the U.S. city of Baltimore, including revelations about the use of the EternalBlue tool by the attackers, plus an update on activity surrounding the BlueKeep RDP vulnerability that was patched by Microsoft a few weeks ago. Also this week, the teen who appeared in court in Australia charged with hacking Apple, and the latest Bitcoin scams doing the rounds online.

In this week’s Cyber Security Brief podcast, we discuss the government employee who was charged with using his work IT systems to mine cryptocurrency, how Google is scanning your emails to collect information about your purchases, and the proof of concept exploits that have been created for the BlueKeep bug. We also chat about ransomware “recovery” services that are just paying the ransom, the dismantling of the GozNym network, and how Intel CPUs have been impacted by new MDS side-channel attacks.

In this week’s Cyber Security Brief podcast, we mark the one-year anniversary of the introduction of the General Data Protection Regulation – more commonly known as GDPR. To mark the introduction of GDPR, Brigid O’Gorman talks to Zoltan Precsenyi, Symantec’s director of GDPR strategy. We discuss the impact of the introduction of GDPR on companies and members of the public, whether or not the regulation is fulfilling its stated purpose, and the new data protection and privacy challenges that are likely to face companies in the future.

On this week’s Cyber Security Brief podcast, we discuss our newly-released research into the Buckeye espionage group, and its use of Equation group tools prior to the Shadow Brokers leak. Dick O’Brien is joined by Symantec analyst Sylvester Segura to discuss the findings and to share more details about Symantec’s investigation into this activity. Also this week, we chat about the growing threat of targeted ransomware, and look at what the UK government is planning to do to improve the security of IoT devices.

On this week’s Cyber Security Brief podcast, we discuss our recently published research into the Beapy cryptojacking worm, which is using the EternalBlue exploit to spread, and is primarily impacting enterprises in China. We also talk about data breaches, the dangers your set-top box might pose, why some GPS apps need to upgrade their security, and what the Emotet criminals are up to now.