CyberWire Daily

3271 Episodo

1. More on that Solorigate threat actor, especially its non-SolarWinds activity. Chimera’s new target list. Executive Order on reducing IaaS exploitation. The case of the stolen laptop.

   Publicado: 20/1/2021
2. EMA emails altered before release in apparent disinformation effort. Vishing rising. Another backdoor found in SolarWinds supply chain campaign. An arrest and a stolen laptop.

   Publicado: 19/1/2021
3. Encore: You will pay for that one way or another. [Caveat]

   Publicado: 18/1/2021
4. Ann Johnson: Trying to make the world safer. [Business Development] [Career Notes]

   Publicado: 17/1/2021
5. Manufacturing sector is increasingly a target for adversaries. [Research Saturday]

   Publicado: 16/1/2021
6. Charming Kitten’s smishing and phishing. Solorigate updates. Supply chain attacks and the convergence of espionage and crime. Greed-bait. Ring patches bug. Best practices from NSA, CISA.

   Publicado: 15/1/2021
7. SideWinder and South Asian cyberespionage. Project Zero and motivation to patch. CISA’s advice for cloud security. Classiscam in the criminal-to-criminal market. SolarLeaks misdirection?

   Publicado: 14/1/2021
8. Looking for that threat actor “likely based in Russia.” SolarLeaks and a probably bogus offer of stolen files. Notes on Patch Tuesday.

   Publicado: 13/1/2021
9. Cyberespionage campaign hits Colombia. New malware found in the SolarWinds incident. Mimecast certificates compromised. Ubiquiti tells users to reset passwords. Two wins for the good guys.

   Publicado: 12/1/2021
10. More (ambiguous) evidence for attribution of Solorigate. CISA expands incident response advice. Inspiration, investigation, and deplatforming: notes from the Capitol Hill riot.

    Publicado: 11/1/2021
11. Tom Gorup: Fail fast and fail forward. [Operations] [Career Notes]

    Publicado: 10/1/2021
12. Emotet reemerges and becomes one of most prolific threat groups out there. [Research Saturday]

    Publicado: 9/1/2021
13. The Solorigate cyberespionage campaign and sensitive corporate data. The cybersecurity implications of physical access during the Capitol Hill riot. Ransomware’s successful business model.

    Publicado: 8/1/2021
14. CISA updates its alerts and directives concerning Solorigate as the investigation expands. Rioting, social media, and cybersecurity.

    Publicado: 7/1/2021
15. Who worked through SolarWinds? An APT “likely Russian in origin,” says the US. Rattling backdoors, rifling cryptowallets, and asking victims if they’re ensured. No bail for Mr. Assange.

    Publicado: 6/1/2021
16. It’s not Kates and Vals over Ford Island, but it’s not just a tourist under diplomatic cover taking pictures of Battleship Row, either. Another APT side hustle? To delist or not to delist.

    Publicado: 5/1/2021
17. Threat actors were able to see Microsoft source code repositories. Zyxel closes a backdoor. Kawasaki discloses data exposure. Slack’s troubles. Julian Assange escapes extradition to the US.

    Publicado: 4/1/2021
18. Ellen Sundra: Actions speak louder than words. [Engineering] [Career Notes]

    Publicado: 3/1/2021
19. Encore: Unpacking the Malvertising Ecosystem. [Research Saturday]

    Publicado: 2/1/2021
20. Andy Greenberg on the Sandworm Indictments. [Interview Selects]

    Publicado: 1/1/2021