CyberWire Daily

2656 Episodo

1. The FSB warns Russian businesses to up their security game--the Americans are coming. SonicWall’s investigation of a possible cyberattack. DIA and commercial data brokers. OPC issues. Robota.

   Publicado: 25/1/2021
2. Ben Yelin: A detour could be a sliding door moment. [Policy] [Career Notes]

   Publicado: 24/1/2021
3. Trickbot may be down, but can we count it out? [Research Saturday]

   Publicado: 23/1/2021
4. Implications of Solorigate’s circumspection. RBNZ cleans data sources. Gamarue in student laptops. Dodgy apps. Ransom DDoS surges. Securing the President’s Peloton.

   Publicado: 22/1/2021
5. Solorigate’s stealthy, careful operators. LuckyBoy malvertising. BEC as reconnaissance? Remote work and leaky sites. And good riddance to the Joker’s Stash.

   Publicado: 21/1/2021
6. More on that Solorigate threat actor, especially its non-SolarWinds activity. Chimera’s new target list. Executive Order on reducing IaaS exploitation. The case of the stolen laptop.

   Publicado: 20/1/2021
7. EMA emails altered before release in apparent disinformation effort. Vishing rising. Another backdoor found in SolarWinds supply chain campaign. An arrest and a stolen laptop.

   Publicado: 19/1/2021
8. Encore: You will pay for that one way or another. [Caveat]

   Publicado: 18/1/2021
9. Ann Johnson: Trying to make the world safer. [Business Development] [Career Notes]

   Publicado: 17/1/2021
10. Manufacturing sector is increasingly a target for adversaries. [Research Saturday]

    Publicado: 16/1/2021
11. Charming Kitten’s smishing and phishing. Solorigate updates. Supply chain attacks and the convergence of espionage and crime. Greed-bait. Ring patches bug. Best practices from NSA, CISA.

    Publicado: 15/1/2021
12. SideWinder and South Asian cyberespionage. Project Zero and motivation to patch. CISA’s advice for cloud security. Classiscam in the criminal-to-criminal market. SolarLeaks misdirection?

    Publicado: 14/1/2021
13. Looking for that threat actor “likely based in Russia.” SolarLeaks and a probably bogus offer of stolen files. Notes on Patch Tuesday.

    Publicado: 13/1/2021
14. Cyberespionage campaign hits Colombia. New malware found in the SolarWinds incident. Mimecast certificates compromised. Ubiquiti tells users to reset passwords. Two wins for the good guys.

    Publicado: 12/1/2021
15. More (ambiguous) evidence for attribution of Solorigate. CISA expands incident response advice. Inspiration, investigation, and deplatforming: notes from the Capitol Hill riot.

    Publicado: 11/1/2021
16. Tom Gorup: Fail fast and fail forward. [Operations] [Career Notes]

    Publicado: 10/1/2021
17. Emotet reemerges and becomes one of most prolific threat groups out there. [Research Saturday]

    Publicado: 9/1/2021
18. The Solorigate cyberespionage campaign and sensitive corporate data. The cybersecurity implications of physical access during the Capitol Hill riot. Ransomware’s successful business model.

    Publicado: 8/1/2021
19. CISA updates its alerts and directives concerning Solorigate as the investigation expands. Rioting, social media, and cybersecurity.

    Publicado: 7/1/2021
20. Who worked through SolarWinds? An APT “likely Russian in origin,” says the US. Rattling backdoors, rifling cryptowallets, and asking victims if they’re ensured. No bail for Mr. Assange.

    Publicado: 6/1/2021