CyberWire Daily

3271 Episodo

1. The US Executive Order on cybersecurity is out. Colonial Pipeline, its security and response under scrutiny, resumes deliveries. Verizon’s DBIR is out.

   Publicado: 13/5/2021
2. The security industry looks at DarkSide ransomware. CISA offers advice on defense and recovery. A new banking Trojan is out. Deprecated protocols remain in use. A quick look at Patch Tuesday.

   Publicado: 12/5/2021
3. Ransomware: DarkSide, Avaddon, and Baduk. 5G threat vectors. Crytpojacking unpatched Exchange Servers. Bogus Chrome app. An espionage trial approaches sentencing.

   Publicado: 11/5/2021
4. Ransomware disrupts pipeline operations in the Eastern US. Other ransomware attacks reported by US municipal and Tribal governments. UK-US advisory on SVR TTPs. SolarWinds update.

   Publicado: 10/5/2021
5. Yatia (Tia) Hopkins: Grit and right place, right time. [Solutions Architecture] [Career Notes]

   Publicado: 9/5/2021
6. Street cred: increasing trust in passwordless authentication. [CyberWire-X]

   Publicado: 9/5/2021
7. SUPERNOVA activity and its possible connection to SPIRAL threat group. [Research Saturday]

   Publicado: 8/5/2021
8. CISA on FiveHands. Connections among cybergangs, Russian intelligence services? Software supply chain security. Scripps Health incident update. Home routers. Ryuk hits research institute.

   Publicado: 7/5/2021
9. Some possible insight into what a Chinese cyberespionage unit is up to. Hackathons, from Beijing to Washington. Panda Stealer is after crypto wallets. And Peloton deals with a leaky API.

   Publicado: 6/5/2021
10. DDoS interrupts Belgium’s parliament. New malware in the wild. Spies and crooks work around MFA, OAuth. COVID-19 scam site takedown. Online election fraud (in a homecoming queen election).

    Publicado: 5/5/2021
11. VPN vulnerability exploited for cyberespionage closed. “IT security incident” at medical system. Android banking Trojans and cryptocurrency. Cyber threats to the Tokyo Olympics.

    Publicado: 4/5/2021
12. Data exposure reported in the Philippines. FISA targets down during the pandemic. Babuk changes its focus. New variant of the Buer loader in the wild. US Justice Department reviews its cyber strategy.

    Publicado: 3/5/2021
13. Jim Zufoletti: Building your experience portfolio. [Entrepreneur] [Career Notes]

    Publicado: 2/5/2021
14. A snapshot of the ransomware threat landscape. [Research Saturday}

    Publicado: 1/5/2021
15. Investigating VPN exploits, and the crooks and spies who use them. BadAlloc afflicts OT. Notes on cyberespionage. The criminal market for deepfakes.

    Publicado: 30/4/2021
16. Buggy APIs may expose credit scores. Dealing with ransomware. Iran-Israeli tensions are up. Russia says it will always see the Americans coming. Surge cyber capacity. NSA’s advice on OT security.

    Publicado: 29/4/2021
17. More intelligence on Ghostwriter, and a convergence of hacking and influence operations. Naikon APT has a new backdoor. FluBot returns. MAPP reconsidered. Defense counsel on Cellebrite.

    Publicado: 28/4/2021
18. The FBI and CISA take a look at the SVR, and offer advice for potential targets. Openness and information warfare. OPSEC and privacy. Babuk hits DC police. Social engineering notes.

    Publicado: 27/4/2021
19. Prankers on Zoom, with convincing video. Emotet takedown. US response to SolarWinds reviewed. Cancer therapy disrupted by attack on cloud provider. Oscar phishing.

    Publicado: 26/4/2021
20. Channeling the data avalanche. [CyberWire-X]

    Publicado: 25/4/2021