CyberWire Daily

2656 Episodo

1. Britain’s Labour Party sustains a “data incident.” CERT-FR describes a new affiliate gang, Lockean. US, Russian intelligence chiefs discuss cybersecurity. Gas is flowing in Iran again. Start-ups honor

   Publicado: 4/11/2021
2. Ransomware gangs talk about retiring, and about deception. High-level Russo-American talks. US sanctions four spyware vendors. CISA tells US agencies to patch known, exploited vulnerbalities.

   Publicado: 3/11/2021
3. Trojan Source--a threat to the software supply chain. Ransomware goes to influence operations school. Triple extortion? Criminal target selection.

   Publicado: 2/11/2021
4. Iranian officials blame the US and Israel for gas station cyber sabotage. A new direction for NSO? Cyber extortion, Minecraft phishing, and sugar daddies looking for sugar babies (sez they).

   Publicado: 1/11/2021
5. Jadee Hanson: Cybersecurity is a team effort. [CISO] [Career Notes]

   Publicado: 31/10/2021
6. Malware sometimes changes its behavior. [Research Saturday]

   Publicado: 30/10/2021
7. Iranian-Israeli cyber tensions rise. Decaf ransomware described. Philippine government phshbait. Unemployment due to cyberattack. Europol’s latest collars. Facebook rebrands as “Meta.”

   Publicado: 29/10/2021
8. The Malware Mash!

   Publicado: 29/10/2021
9. Hacktivists or intelligence services in Iran? BOLO NIkolay K. Renouncing Conti, and all its empty promises. SEO poisoning. US cyber strategic intent.

   Publicado: 28/10/2021
10. Coups and comms blackouts. Fuel sale sabotage in Iran. Wslink described. Operation Dark HunTor takes down a contraband market. FTC looks into Facebook. LockBit speaks.

    Publicado: 27/10/2021
11. Ransomware and privateering, counteroffense and deterrence. The US State Department will reestablish its cyber office. And looking forward to Halloween.

    Publicado: 26/10/2021
12. SolarMarket malware carried in some WordPress sites. Russian privateers don’t much like REvil’s takedown. The SVR in the supply chain. Malicious Squid Games app. Scary social media.

    Publicado: 25/10/2021
13. Mark Nunnikhoven: Providing clarity about security. [Cloud strategy] [Career Notes]

    Publicado: 24/10/2021
14. When big ransomware goes away, where should affiliates go? [Research Saturday]

    Publicado: 23/10/2021
15. Counting coup against REvil (and other gangs are taking note). Export controls and dual use. A timing bug will surface this weekend.

    Publicado: 22/10/2021
16. Evil Corp identified as the threat actor behind ransomware attacks on Sinclair and Olympus. Privateering. Fin7’s front company. Sentencing in a bulletproof hosting case.

    Publicado: 21/10/2021
17. Cyberespionage campaign looks a lot like SIGINT collection. Magnitude gets more capable. VPN exploits solicited. Ransomware trends. Seven years for UPMC hacker. Plenty of Candy Corn coming.

    Publicado: 20/10/2021
18. TA505’s recent activity. Advice on defending organizations from BlackMatter. CISA RFI seeks EDR information. REvil’s halting attempts to return. Sinclair’s incident response.

    Publicado: 19/10/2021
19. A US broadcaster sustains a ransomware attack. North Korean catphis expelled from Twitter. REvil’s Tor sites are hijacked. Hacking back. Prosecution and responsible disclosure?

    Publicado: 18/10/2021
20. Ell Marquez: It's okay to be new. [Linux] [Career Notes]

    Publicado: 17/10/2021