CyberWire Daily

3271 Episodo

1. Is Conti rebranding? Commercial spyware scrutinized. Notes from the cyber phases of a hybrid war. Notes on the underworld. Software supply chain attack. Canada will exclude Huawei from 5G.

   Publicado: 20/5/2022
2. CISA Alert AA22-138B – Threat actors chaining unpatched VMware vulnerabilities for full system control. [CISA Cybersecurity Alerts]

   Publicado: 20/5/2022
3. Information operations and the invasion of Ukraine. VMware patches vulnerabilities. F5 BIG-IP vulnerabilities actively exploited. TDI clarifies data incident. Robo-calling the Kremlin.

   Publicado: 19/5/2022
4. CISA Alert AA22-138A – Threat Actors Exploiting F5 BIG-IP CVE-2022-1388. [CISA Cybersecurity Alerts]

   Publicado: 19/5/2022
5. Privateering goes fully political. Compromised robots? Conti’s campaign against Costa Rica. Cyberconflict along the Nile. A reset in the cyber insurance market.

   Publicado: 18/5/2022
6. CISA Alert AA22-137A – Weak security controls and practices routinely exploited for initial access. [CISA Cybersecurity Alerts]

   Publicado: 17/5/2022
7. Russian cyber threats and NATO’s Article 5. Conti says it’s going to bring Cost Rica to its knees. BLE proof-of-concept hack. CISA warns of initial access methods. Thanos proprietor indicted.

   Publicado: 17/5/2022
8. Users advised to patch actively exploited Zyxel vulnerability. Hacktivism and influence ops in Russia’s hybrid war. Ransomware notes. Indiscriminate hacktivism? Alt-coin sanctions case will proceed.

   Publicado: 16/5/2022
9. Eric Escobar: Collaboration is key. [Pen tester] [Career Notes]

   Publicado: 15/5/2022
10. The current state of zero trust. [CyberWire-X]

    Publicado: 15/5/2022
11. Vulnerabilities in IoT devices. [Research Saturday]

    Publicado: 14/5/2022
12. War crimes in cyberspace? Iranian cyberespionage (and a possible APT side-hustle). A backdoor for Roblox. Darkweb C2C trader sentenced. eBay newsletter conspirator pleads guilty. CIA gets a CISO.

    Publicado: 13/5/2022
13. Killnet hits Italian targets. Access restored to RuTube. Hacktivism in the hybrid war. Emotet surges. NPM dependency confusion attacks were pentesting. Cybercrime and punishment.

    Publicado: 12/5/2022
14. CISA Alert AA22-131A – Protecting against cyber threats to managed service providers and their customers. [CISA Cybersecurity Alerts]

    Publicado: 12/5/2022
15. Consensus on the Viasat hack: Russia did it. Kaspersky remains under investigation. The Nerbian RAT is out. NPM dependencies exploited, but to what end? Advisories from CISA and its partners.

    Publicado: 11/5/2022
16. Notes on cyber phases of Russia’s hybrid war, including an assessment of Victory Day as an influence op. A look at C2C markets. And Spain’s spyware scandal claims an intelligence chief.

    Publicado: 10/5/2022
17. Mixer gets sanctioned. Reward offered for Conti hoods. Ag company hit with ransomware. Hacktivism and cyberattacks in Russia’s hybrid war. That apology? The Kremlin takes it back.

    Publicado: 9/5/2022
18. Amanda Fennell: There's a cyber warrior in all of us [Information] [Career Notes]

    Publicado: 8/5/2022
19. Attacking where vulnerable. [Research Saturday]

    Publicado: 7/5/2022
20. Victory Day approaches so shields up. Hackivists in the battlespace. Raspberry Robin and a USB worm. A carefully operated credential phishing campaign. Happy Mother’s Day (and stay safe online).

    Publicado: 6/5/2022