CyberWire Daily

3271 Episodo

1. US report on 2020 foreign election meddling is out, and Russian and Iran are prominently mentioned in dispatches. Recovering from the Hafnium and Holiday Bear campaigns.

   Publicado: 17/3/2021
2. Cyberespionage prospects telecom companies: Operation Diànxùn. Working against exploitation of Exchange Server. And rerouting SMS messages (it cost only $16).

   Publicado: 16/3/2021
3. Looking for leaks in the Microsoft Exchange Server exploitation. International cyber conflict. Sky Global executives indicted in the US. Scammer demands £1000 pounds to go on do-not-call list.

   Publicado: 15/3/2021
4. Dinah Davis: Building your network. [R&D] [Career Notes]

   Publicado: 14/3/2021
5. SolarWinds, SUNBURST, and supply chain security. [CyberWire-X]

   Publicado: 14/3/2021
6. Keeping data confidential with fully homomorphic encryption. [Research Saturday]

   Publicado: 13/3/2021
7. Ransomware enters vulnerable Exchange Servers through the backdoor. REvil is out and active. SolarWinds and control systems. Molson Coors responds to a cyber incident.

   Publicado: 12/3/2021
8. More Exchange Server exploitation, and security advice. Updates on the SolarWinds compromise, criminal TTPs, and the Verkada hack. And news not you, but your friends might be able to use.

   Publicado: 11/3/2021
9. Patching, with special attention to Hafnium and the rest. Responding to the SolarWinds incident. Hactivists don’t like cameras. Dragnet in the Low Countries.

   Publicado: 10/3/2021
10. Dealing with Hafnium’s work against Microsoft Exchange Server and Holiday Bear’s visit to the SolarWinds supply chain. A plea for OSINT, and some wins for the cyber cops.

    Publicado: 9/3/2021
11. Exploitation of Exchange Server spreads rapidly across the globe. The US mulls its response to Russia over the SolarWinds compromise (and to China over Exchange Server hacks).

    Publicado: 8/3/2021
12. Stephen Hamilton: Getting the mission to the next level. [Military] [Career Notes]

    Publicado: 7/3/2021
13. Diving deep into North Korea's APT37 tool kit. [Research Saturday]

    Publicado: 6/3/2021
14. SUNSHUTTLE backdoor described. What the Exchange Server campaign was after. Misconfigured clouds. Airline IT service provided attacked. Criminal-on-criminal crime.

    Publicado: 5/3/2021
15. Happy Slam the Scam Day. Indian authorities continue to investigate grid incidents. CISA tells US Federal agencies to clean up Exchange bugs by noon tomorrow. Supply chain compromise.

    Publicado: 4/3/2021
16. RedEcho under investigation (amid reassurances). Stopping Operation Exchange Marauder. Containing Ursnif. Cyber proliferation. And another round in the Crypto Wars.

    Publicado: 3/3/2021
17. India investigates the possibility of cybersabotage. Walls are opaque to defenders, too. Recommendations for cyber nonproliferation. SolarWinds updates (with an SEC appearance).

    Publicado: 2/3/2021
18. “RedEcho’s”activity in India’s power grid is described. US report on Khashoggi murder declassified SolarWinds compromise inquiry updates. Ill-intentioned SEO. President’s Cup winner announced.

    Publicado: 1/3/2021
19. Aarti Borkar: Make your own choices. [Product} [Career Notes]

    Publicado: 28/2/2021
20. Shining a light on China's cyber underground. [Research Saturday]

    Publicado: 27/2/2021