The latest in fraud, social engineering, security, identity, and privacy
In the latest edition of the On the Wire podcast, Dennis Fisher talks with Ronnie Tokazowski of Flashpoint about his research into business email compromise campaigns, especially a new one that originated in West Africa. The new campaign uses rigged PDF files that come from trusted senders to push victims to malicious sites, starting a…
In the latest edition of the On the Wire podcast, Dennis Fisher talks with Ronnie Tokazowski of Flashpoint about his research into business email compromise campaigns, especially a new one that originated in West Africa. The new campaign uses rigged PDF files that come from trusted senders to push victims to malicious sites, starting a…
Dennis Fisher speaks with Mike Mimoso of Threatpost about the arrest of security researcher Marcus Hutchins in connection with the Kronos banking trojan, the effect that the incident could have on the cooperation between researchers and law enforcement, and what else may come out of the AlphaBay dark wen market takedown. Music by Chris Gonsalves and…
Dennis Fisher speaks with Mike Mimoso of Threatpost about the arrest of security researcher Marcus Hutchins in connection with the Kronos banking trojan, the effect that the incident could have on the cooperation between researchers and law enforcement, and what else may come out of the AlphaBay dark wen market takedown. Music by Chris Gonsalves and…
Black Hat 2017 was an adventure, as it always is, and to help make sense of it all, Dennis Fisher sat down with friends from across the security community for a long conversation. The discussion with Robert Hansen, Jessy Irwin, Jennifer Leggio of Flashpoint, Mike Mimoso of Threatpost, Patrick Gray of Risky Business, and Fahmida…
Black Hat 2017 was an adventure, as it always is, and to help make sense of it all, Dennis Fisher sat down with friends from across the security community for a long conversation. The discussion with Robert Hansen, Jessy Irwin, Jennifer Leggio of Flashpoint, Mike Mimoso of Threatpost, Patrick Gray of Risky Business, and Fahmida…
The takedown of the AlphaBay and Hansa dark web marketplaces by law enforcement last week marked a shift in the way that the authorities approach these operations. Dennis Fisher sat down with Ronnie Tokazowski of Flashpoint to talk about the new tactics law enforcement is using to go after these markets and how the security community is…
The takedown of the AlphaBay and Hansa dark web marketplaces by law enforcement last week marked a shift in the way that the authorities approach these operations. Dennis Fisher sat down with Ronnie Tokazowski of Flashpoint to talk about the new tactics law enforcement is using to go after these markets and how the security community is…
Malware for the macOS platform is still unusual enough that new variants often draw detailed analysis from researchers, especially when they seem to have unusual capabilities. That’s the case with Fruitfly, which first emerged earlier this year and was seen targeting medical research facilities. Recently, a new variant popped up and it appears to have…
To prepare for Black Hat and DEF CON this week, we turned to our old friend Katie Moussouris of Luta Security, to talk about the changes in the conferences over the years and how the culture has evolved. We also talked about the current discussion in the security community about vulnerability sales and bug collisions…
Dennis Fisher talks with Mike Mimoso of Threatpost about the Shadowbrokers’ subscription service, who might actually pay for it, what the reaction in Washington is, and what else might be lurking in the group’s cache of stolen tools. Then they discuss the OneLogin breach and its potential fallout as well as the active-defense bill that’s…
One of our most popular guests, Jessy Irwin, returns to the podcast to discuss the WannaCry ransomware outbreak, usable security, user education, safaris, and why we can’t past the idea of pointing fingers whenever something goes wrong. Music by Chris Gonsalves and Ken Montigny
A team of researchers from the University of California at Santa Barbara and Georgia Tech this week published detailed research on a set of weaknesses and vulnerabilities in Android that can allow an attacker to use a malicious app to completely control the UI of a device. The Cloak & Dagger attacks, as they’re called,…
The WannaCry ransomware campaign has had a remarkable effect on the Internet as a whole and the security community specifically. It has shown users just how vulnerable many of the world’s computers are, and it also has reminded experts of the lessons they learned during the heyday of Internet worms such as Code Red and Slammer.…