CyberWire Daily

3271 Episodo

1. Public Wi-Fi advice from NSA. South African ports recover from ransomware. Iranian rail incident was a wiper attack. Developments in the criminal-to-criminal market. Intercept vendors under scrutiny.

   Publicado: 29/7/2021
2. US ICS Cybersecurity Initiative formalized. Developments in the ransomware world. Addressing known vulnerabilities. Caucasus coinmining crackdown. A long-running IRGC catphishing campaign.

   Publicado: 28/7/2021
3. South African ports invoke force majeure over cyberattack. Documents indicate Iranian interest in control systems attacks. Dark web wanted ads. Cyber diplomacy. Lousy cafeteria food?

   Publicado: 27/7/2021
4. The source of Kaseya’s REvil key remains unknown. Cyber incident disrupts port operations at Cape Town and Durban. Updates on the Pegasus Project. And a guilty plea in a swatting case.

   Publicado: 26/7/2021
5. Ingrid Toppelberg: Knowing how to take risks will pay off. [Cybersecurity education] [Career Notes]

   Publicado: 25/7/2021
6. Is enhanced hardware security the answer to ransomware? [CyberWire-X]

   Publicado: 25/7/2021
7. Free malware with cracked software. [Research Saturday]

   Publicado: 24/7/2021
8. Cyber threats to, and around, the Olympic Games. Kaseya got a decryptor, from somewhere…. NSO says it’s not responsible for Pegasus misuse. US cyber policy toward China. Fraud Family busted.

   Publicado: 23/7/2021
9. Extortion is the motive in the Saudi Aramco incident. Updates on the Pegasus Project. Chinese cyberespionage and Beijing’s tu quoque. FIN7 resurfaces, and a post-mortem on Egregor.

   Publicado: 22/7/2021
10. Historical threats to industrial control systems inform current security practices. Ransomware privateering and side-hustling. Updates on the Pegasus Project.

    Publicado: 21/7/2021
11. APT side hustles and evidence of espionage. NSO replies to the Pegasus Project, and AWS removes NSO from its CloudFront CDM. Other data breaches and ransomware incidents.

    Publicado: 20/7/2021
12. Microsoft Exchange Server hacks officially attributed to China. Indictment in industrial espionage case. Entities List expands. Abuse of NSO Group’s Pegasus tool reported.

    Publicado: 19/7/2021
13. Peter Baumann: Adding value to data. [CEO] [Career Notes]

    Publicado: 18/7/2021
14. Enabling connectivity enables exposures. [Research Saturday]

    Publicado: 17/7/2021
15. DDoS at Russia’s MoD. Facebook disrupts Iranian catphishing operation. An intercept tool vendor’s activities are exposed. No signs of the US softening on Huawei bans.

    Publicado: 16/7/2021
16. Luminous Moth or Mustang Panda, it’s the same bad actor (probably). Updates on other cyberespionage and ransomware campaigns. Rewards for tips on cyberattacks.

    Publicado: 15/7/2021
17. Patch notes. What’s happening with REvil remains unclear, but it would be rash to count the gang out.

    Publicado: 14/7/2021
18. SolarWinds patches a zero-day. Trickbot is back. Bogus Twitter accounts, now suspended, were verified by the social medium. DarkSide hits Guess. Updates on REvil and Kaseya.

    Publicado: 13/7/2021
19. Kaseya and REvil--the state of recovery. President Biden calls President Putin to ask for action on ransomware. Cyber incident in Iran. Ukraine says its naval website was hacked. Tracking ransom.

    Publicado: 12/7/2021
20. APTs transitioning to the cloud. [CyberWire-X]

    Publicado: 11/7/2021