CyberWire Daily

3271 Episodo

1. Update: VMware ESXi exploitations. Super Bowl cyber risks. Scalping bots. The curious case of the Moscow billboards.

   Publicado: 7/2/2023
2. Unpatched VMware ESXi instances attacked. Okatpus is back. Update on LockBit’s ransomware attack on ION. Charlie Hebdo hack attributed to Iran.

   Publicado: 6/2/2023
3. Yasmin Abdi: Find your community. [Security Engineer] [Career Notes]

   Publicado: 5/2/2023
4. “Shift Left”: A case for threat-informed pentesting. [CyberWire-X]

   Publicado: 5/2/2023
5. Can ransomware turn machines against us? [Research Saturday]

   Publicado: 4/2/2023
6. Cyberespionage, and ransomware as misdirection. A new Python-based supply chain attack. Traffic on the Static Expressway. KillNet continues to plague hospitals. And Telegram may be compromised.

   Publicado: 3/2/2023
7. Cisco fixes vulnerabilities in ICS appliances. NIST’s anti-phishing guidelines. OneNote exploitation. HeadCrab malware. Recent actions by Russian threat actors. Trends in state-directed cyber ops.

   Publicado: 2/2/2023
8. How the C2C market sustains ransomware gangs. In Russia’s war, intelligence services deploy wipers, and hacktivist auxiliaries handle the DDoS. And a look into other corners of the cyber underworld.

   Publicado: 1/2/2023
9. The cybercriminal labor market and the campaigns it’s supporting. Russia’s Killnet is running DDoS attacks against US hospitals, but Russia says, hey, it’s the real victim here.

   Publicado: 31/1/2023
10. Criminal evolutions, disgruntled insiders, and gangsta wannabes. New wiper attacks hit Ukrainian targets, with less effect than the first rounds early last year. And support your local hacktivist?

    Publicado: 30/1/2023
11. Charlie Moore: Pilot to head honcho in cyber. [Cyber Command] [Career Notes[

    Publicado: 29/1/2023
12. Interview with the AI, part one. [Special Editions]

    Publicado: 29/1/2023
13. Flagging firmware vulnerabilities. [Research Saturday]

    Publicado: 28/1/2023
14. An update on the Hive ransomware takedown. More DDoS from Killnet. Advisories from CISA, and an addition to the Known Exploited Vulnerabilties Catalog.

    Publicado: 27/1/2023
15. Remote monitoring and management tools abused. Russian and Iranian cyberespionage reported. The world according to the CIO. And if volume is your secret, maybe look for a better secret.

    Publicado: 26/1/2023
16. CISA Alert AA23-025A – Protecting against malicious use of remote monitoring and management software. [CISA Cybersecurity Alerts]

    Publicado: 26/1/2023
17. TA444 and crypto theft on behalf of the Dear Successor. CryptoAPI spoofing vulnerability described. New Python-based malware campaign. User headspace. Tanks vs. hacktivists.

    Publicado: 25/1/2023
18. Cyber Marketing Con 2022: From the horse’s mouth: CISO Q&A on solving the cyber marketer’s dilemma. [Special Editions]

    Publicado: 25/1/2023
19. Disentangling cybercrime from cyberespionage. A threat to the IoT supply chain. What do you do with the hacktivists when they stop being hacktivists? A retired FBI Special Agent is indicted.

    Publicado: 24/1/2023
20. Contractor error behind FAA outage. OneNote malspam. Vastflux ad campaign disrupted. Ukraine moves closer to CCDCOE membership. Alerts for gamblers and gamers.

    Publicado: 23/1/2023