CyberWire Daily

3094 Episoder

1. Two-step supply-chain attack. Plugging leaks, in both Mother Russia and the Land of the Free and the Home of the Brave. Belarus remains a player in the cyber war.

   Udgivet: 20.4.2023
2. CISA Alert AA23-108A – APT28 exploits known vulnerability to carry out reconnaissance and deploy malware on Cisco routers.

   Udgivet: 20.4.2023
3. Play ransomware's new tools. A look at what the GRU’s been up to. US Air Force opens investigation into alleged leaker's Air National Guard wing. KillNet’s new hacker course: “Dark School.”

   Udgivet: 19.4.2023
4. A Symposium, a wet dress, a new fund, and it’s only Monday. [T-Minus Space Daily]

   Udgivet: 19.4.2023
5. Iranian threat actor exploits N-day vulnerabilities. Subdomain hijacking vulnerabilities. The Discord Papers. An update on Russia’s NTC Vulkan. And weather reports, not a Periodic Table.

   Udgivet: 18.4.2023
6. Developments in the Discord Papers, including notes on influencers and why they seek influence. Tax season scams. KillNet’s selling, but is anyone buying?

   Udgivet: 17.4.2023
7. Jack Chapman: Shielding against the bad guys. [Threat Intelligence] [Career Notes]

   Udgivet: 16.4.2023
8. New Dero cryptojacking operation concentrates on locating Kubernetes. [Research Saturday]

   Udgivet: 15.4.2023
9. "Read the Manual" and the ransomware-as-a-service market. Bitter APT against energy companies. Cozy Bear sighting. Hacktivist auxiliaries hit Canadian targets. Aan arrest in the Discord Papers case.

   Udgivet: 14.4.2023
10. Transparent Tribe seems to want people’s lab notes, and other stories of cyberespionage. The FBI warns of juicejacking. And the Discord leaker seems to have been a 20-something influencer.

    Udgivet: 13.4.2023
11. Patch Tuesday notes. Cyber mercenaries described. Voice security and fraud. CISA’s update to its Zero Trust Maturity Model. Updates on Russia’s hybrid war against Ukraine.

    Udgivet: 12.4.2023
12. IAM trends. RagnarLocker as a critical infrastructure threat. AI hype as phishbait. Updates on the hybrid war: leaks and hacks.

    Udgivet: 11.4.2023
13. A look at Iran’s MERCURY APT. Updates on Russia's hybrid war, including some apparent leaks and some apparent doxing. And notes on cloud security trends.

    Udgivet: 10.4.2023
14. Karen Worstell: Keep your feet planted. [Strategy] [Career Notes]

    Udgivet: 9.4.2023
15. A dark side to LLMs. [Research Saturday]

    Udgivet: 8.4.2023
16. Stopping Cobalt Strike abuse. Leaks are mingled with disinformation. Google offers advice for board members. Securing cars and their garages. CISA releases ICS advisories.

    Udgivet: 7.4.2023
17. New phishing techniques. Arrests in the Genesis Market case. APT43’s Archipelago. Disinformation at the UN, and drop-shipping for Mother Russia.

    Udgivet: 6.4.2023
18. Genesis Market taken down. Proxyjackers exploit Log4j. Fast-encrypting Rorschach ransomware. More Killnet DDoS. Patch Zimbra now. Soft power and Russia’s hybrid war.

    Udgivet: 5.4.2023
19. Cyber appeasement? Western Digital discloses cyberattack. Rilide malware is in active use. Mantis has new mandibles. Challenges of threat hunting. Small, medium, and large criminal enterprises.

    Udgivet: 4.4.2023
20. "Cylance" ransomware (no relation to Cylance). Update on the 3CX incident. The FSB's arrest of Evan Gershkovich. Ukrainian hacktivist social engineering in the hybrid war.

    Udgivet: 3.4.2023