DiscoverCyberWire Daily
CyberWire Daily

CyberWire Daily

Author: CyberWire, Inc.

Subscribed: 26,318Played: 1,175,389
Share

Description

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

2322 Episodes
Reverse
Rick Howard, N2K’s CSO and the CyberWire’s Chief Analyst, and Senior Fellow, interviews Andy Greenberg, Senior Writer at WIRED, regarding his new book, “Tracers in the Dark.”
Cybersecurity interview with ChatGPT. In part one of CyberWire’s Interview with the AI, Brandon Karpf interviews ChatGPT about topics related to cybersecurity. Rick Howard joins Brandon to analyze the conversation and discuss potential use cases for the cybersecurity community. ChatGPT is a chatbot launched by OpenAI and built on top of OpenAI’s GPT-3 family of large language models. Cyber questions answered by ChatGPT in part one of the interview. What were the most significant cybersecurity incidents up through 2021? What leads you to characterize these specific events as significant? What were the specific technical vulnerabilities associated with these incidents? Who were the cyber actors involved in each of these attacks? Do you think it's valuable to attribute cyber attacks to specific actors?
At the 2022 Cyber Marketing Con, the CyberWire presented a CISO Q&A panel session on how to help cyber marketers reach CISOs and other security executives in the industry. The panel included Rick Howard, CSO of N2K Networks, Jaclyn Miller, Head of InfoSec and IT at DispatchHealth, Ted Wagner, CISO of SAP NS2, and was moderated by board director & and operating partner, Michelle Perry. Listen in as the panel discusses: What works and doesn’t work in getting a security executive’s attention. Message trust, message fatigue, and what you can do about it. Trusted information sources and how security executives use them. Positioning and messaging that is actually meaningful to decision makers. The security executive’s purchasing behavior and why skepticism is the driving force. Stay tuned until the end to hear us answer some additional bonus questions submitted by attendees.
Gootloader's evolution. Yandex source code leaked (and Yandex blames a rogue insider). New GRU wiper malware is active against Ukraine. Latvia reports cyberattacks by Gamaredon. Russia and the US trade accusations of malign cyber activity. A hacktivist auxiliary's social support system. Deepen Desai from Zscaler describes the Lilithbot malware. Rick Howard looks at chaotic simians. And wannabes can be a nuisance, too: LockBit impersonators are seen operating in northern Europe. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/19 Selected reading. Welcome to Goot Camp: Tracking the Evolution of GOOTLOADER Operations (Mandiant)  Yandex denies hack, blames source code leak on former employee (BleepingComputer)  Hackers use new SwiftSlicer wiper to destroy Windows domains (BleepingComputer)  Sandworm APT targets Ukraine with new SwiftSlicer wiper (Security Affairs)  Ukraine: Sandworm hackers hit news agency with 5 data wipers (BleepingComputer) Ukraine Links Media Center Attack to Russian Intelligence (BankInfoSecurity)  Latvia confirms phishing attack on Ministry of Defense, linking it to Russian hacking group (The Record from Recorded Future News)  Russia knows US recruits hackers, trains Ukrainian IT-army — Deputy Foreign Minister (TASS) Taking down the Hive ransomware gang. (CyberWire) US puts a $10m bounty on Hive while Russia shuts down access (Register)  Exploring Killnet’s Social Circles (Radware) Copycat Criminals mimicking Lockbit gang in northern Europe (Security Affairs)
Roya Gordon from Nozomi Networks sits down with Dave to discuss their research on "Vulnerabilities in BMC Firmware Affect OT/IoT Device Security." Researchers at Nozomi Networks has revealed that there are thirteen vulnerabilities that affect BMCs of Lanner devices based on the American Megatrends (AMI) MegaRAC SP-X. The research states "By abusing these vulnerabilities, an unauthenticated attacker may achieve Remote Code Execution (RCE) with root privileges on the BMC, completely compromising it and gaining control of the managed host." As well as mentioning what patches could be in the future to help fix these vulnerabilities. The research can be found here: Vulnerabilities in BMC Firmware Affect OT/IoT Device Security – Part 1
An update on the takedown of the Hive ransomware gang, plus insights from CrowdStrike’s Adam Meyers. If you say you’re going to unleash the Leopards, expect a noisy call from Killnet. Our guest is ExtraHop CISO Jeff Costlow talking about nation-state attackers in light of ongoing Russian military operations. CISA has released eight ICS advisories, and the agency has also added an entry to its Known Exploited Vulnerabilities Catalog. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/18 Selected reading. Cybercriminals stung as HIVE infrastructure shut down (Europol) U.S. Department of Justice Disrupts Hive Ransomware Variant (U.S. Department of Justice) Director Christopher Wray’s Remarks at Press Conference Announcing the Disruption of the Hive Ransomware Group (Federal Bureau of Investigation) Taking down the Hive ransomware gang. (CyberWire) US hacks back against Hive ransomware crew (BBC News) Cyberattacks Target Websites of German Airports, Admin (SecurityWeek)  Delta Electronics CNCSoft ScreenEditor (CISA)  Econolite EOS (CISA)  Snap One Wattbox WB-300-IP-3 (CISA)  Sierra Wireless AirLink Router with ALEOS Software (CISA). Mitsubishi Electric MELFA SD/SQ series and F-series Robot Controllers (CISA)  Rockwell Automation products using GoAhead Web Server (CISA) Landis+Gyr E850 (CISA)  Mitsubishi Electric MELSEC iQ-F, iQ-R Series (CISA)  CISA Has Added One Known Exploited Vulnerability to Catalog (CISA)
Joint advisory warns of remote monitoring and management software abuse. Iranian threat actors reported active against a range of targets. UK's NCSC warns of increased risk of Russian and Iranian social engineering attacks. A look at trends, as seen by CIOs. Carole Theriault ponders health versus privacy with former BBC guru Rory Cellan Jones. Kyle McNulty, host of the Secure Ventures podcast shares lessons from the cybersecurity startup community. And the DRAGONBRIDGE spam network is disrupted. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/17 Selected reading. CISA, NSA, and MS-ISAC Release Advisory on the Malicious Use of RMM Software (CISA) Protecting Against Malicious Use of Remote Monitoring and Management Software (CISA) CISA: Federal agencies hacked using legitimate remote desktop tools (BleepingComputer) 'Malicious' cyber attacks launched by groups connected to Iran's regime (ABC)  Abraham's Ax Likely Linked to Moses Staff (Secureworks) SEABORGIUM and TA453 continue their respective spear-phishing campaigns against targets of interest (NCSC) NCSC: Russian and Iranian hackers targeting UK politicians, journalists (Computing) State of the CIO Study 2023: CIOs cement leadership role (Foundry) U.S. says it 'hacked the hackers' to bring down ransomware gang, helping 300 victims (Reuters) Over 50,000 instances of DRAGONBRIDGE activity disrupted in 2022 (Google TAG)
How do the North Koreans get away with it? They do run their cyber ops like a creepy start-up business. A spoofing vulnerability is discovered in Windows CryptoAPI. Python-based malware is distributed via phishing. MacOS may have a reputation for threat-resistance, but users shouldn't get cocky. DevSecOps survey results show tension between innovation and security. Russian hacktivist auxiliaries hit German targets. Tim Starks from the Washington Post Cyber 202 shares insights from his interview with Senator Warner. Our guest is Keith McCammon of Red Canary to discuss cyber accessibility. And Private sector support for Ukraine's cyber defense. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/16 Selected reading. TA444: The APT Startup Aimed at Acquisition (of Your Funds) (Proofpoint) Exploiting a Critical Spoofing Vulnerability in Windows CryptoAPI (Akamai)  Securonix Security Advisory: Python-Based PY#RATION Attack Campaign Leverages Fernet Encryption and Websockets to Avoid Detection (Securonix) BlackBerry's Inaugural Quarterly Threat Intelligence Report Reveals Threat Actors Launch One Malicious Threat Every Minute (BlackBerry) Global CIO Report Reveals Growing Urgency for Observability and Security to Converge (Dynatrace) Russian 'hacktivists' briefly knock German websites offline (Reuters) How Microsoft is helping Ukraine’s cyberwar against Russia (Computerworld) CISA Releases Two Industrial Control Systems Advisories (CISA)
DragonSpark conducts "opportunistic" cyberattacks in East Asia. ProxyNotShell and OWASSRF exploit chains target Microsoft Exchange servers. The IoT supply chain is threatened by exploitation of Realtek Jungle SDK vulnerability. CISA adds an entry to its Known Exploited Vulnerabilities Catalog. A Cisco study finds organizations see positive returns from investment in privacy. What's the hacktivist's postwar future? Joe Carrigan tracks a romance scam targeting seniors. Our guest is Pete Lund of OPSWAT to discuss the security of removable media devices. And a retired G-Man is indicted on multiple charges. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/15 Selected reading. DragonSpark | Attacks Evade Detection with SparkRAT and Golang Source Code Interpretation (SentinelOne) Technical Advisory: Proxy*Hell Exploit Chains in the Wild  (Bitdefender) Realtek SDK Vulnerability Attacks Highlight IoT Supply Chain Threats (Unit 42) CISA Adds One Known Exploited Vulnerability to Catalog (CISA)   2023 Data Privacy Benchmark Study (Cicso) Hacktivism Is a Risky Career Path (WIRED) Retired FBI Executive Charged With Concealing $225,000 In Cash Received From An Outside Source (Department of Justice, U.S. Attorney’s Office, District of Columbia)  Former Special Agent In Charge Of The New York FBI Counterintelligence Division Charged With Violating U.S. Sanctions On Russia (Department of Justice, U.S. Attorney’s Office, Southern District of New York) Former Senior F.B.I. Official in New York Charged With Aiding Oligarch (New York Times)
The FAA attributes its January NOTAM outage. Malicious OneNote attachments are appearing in phishing campaigns. The Vastflux ad campaign has been disrupted. Ukraine moves toward closer cybersecurity collaboration with NATO. Rick Howard considers the best of 2022. Deepen Desai from Zscaler looks at VPN Risk. And, finally, we’re betting you want alerts for sports book customers and online gamers. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/14 Selected reading. FAA Says Contractor Unintentionally Caused Outage That Disrupted Flights (Wall Street Journal) Not a cyberattack, but an IT failure: the FAA's NOTAM outage. (CyberWire) Hackers now use Microsoft OneNote attachments to spread malware (BleepingComputer) Traffic signals: The VASTFLUX Takedown (HUMAN Security) Ukraine signs agreement to join NATO cyber defense center (The Record from Recorded Future News)  FanDuels warns of data breach after customer info stolen in vendor hack (BleepingComputer) Industry looks at the MailChimp data incident. (CyberWire) PSA: Don’t play GTA Online on PC right now (Video Games) You might not want to play GTA Online right now due to security vulnerabilities (RockPaperShotgun) Riot Games hacked, delays game patches after security breach (BleepingComputer) Riot hit by ‘social engineering attack’ that will affect patch cadence for multiple titles (Dot Esports)
Brigid O. Gorman from Symantec's Threat Hunter Team joins Dave to discuss their report "Billbug - State-sponsored Actor Targets Cert Authority and Government Agencies in Multiple Asian Countries." The team has discovered that state-sponsored actors compromised a digital certificate authority in an Asian country during a campaign in which multiple government agencies were also targeted. The research states they believe Billbug, which is a long-established advanced persistent threat (APT) group has been active since about 2009. They say "In activity documented by Symantec in 2019, we detailed how the group was using a backdoor known as Hannotog (Backdoor.Hannotog) and another backdoor known as Sagerunex (Backdoor.Sagerunex). Both these tools were also seen in this more recent activity." The research can be found here: Billbug: State-sponsored Actor Targets Cert Authority, Government Agencies in Multiple Asian Countries
Ransomware hits Costa Rican government systems, again. A Chinese threat actor deploys the BOLDMOVE backdoor against unpatched FortiOS. Credential stuffing afflicts PayPal users. T-Mobile discloses a data breach. A cyberattack hits a remote Canadian utility. The Wagner Group sponsors a hackathon. Malek Ben Salem from Accenture describes prompt injection for chatbots. Our guest is Paul Martini of iboss with insights on Zero Trust. And the FSB’s Gamaredon APT runs a hands-on Telegraph phishing campaign against Ukrainian targets. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/13 Selected reading. Bolster Your Company Defenses With Zero Trust Edge (Forrester) MICITT detecta incidente informático en el MOPT, el cual ya se encuentra contenido (MICITT) MOPT mantiene habilitados todos los servicios de manera presencial (MICITT) Costa Rica’s Ministry of Public Works and Transport crippled by ransomware attack (Record) Suspected Chinese Threat Actors Exploiting FortiOS Vulnerability (CVE-2022-42475) (Mandiant)  Attackers Crafted Custom Malware for Fortinet Zero-Day (Dark Reading) Chinese hackers used recently patched FortiOS SSL-VPN flaw as a zero-day in October (Security Affairs)  PayPal accounts breached in large-scale credential stuffing attack (BleepingComputer) PayPal Confirms Over 34,000 Customer Accounts Were Breached (EcommerceBytes) 35,000 PayPal accounts hacked, and users could've prevented it (PCWorld) Thousands Of PayPal Accounts Hacked—Is Yours One Of Them? (Forbes) Nearly 35,000 PayPal users had SSNs, tax info leaked during December cyberattack (The Record from Recorded Future News) T-Mobile Says Hacker Stole Data for 37 Million Customers (Bloomberg) T-Mobile Says Hackers Stole Data on About 37 Million Customers (Wall Street Journal) T-Mobile Says Hackers Used API to Steal Data on 37 Million Accounts (SecurityWeek) Cyberattack hits Nunavut's Qulliq Energy Corp. (CBC News)  Nunavut power utility’s servers hit by cyber attack | IT World Canada News (IT World Canada) Russian War Report: Russian hacker wanted by the FBI reportedly wins Wagner hackathon prize  (Atlantic Council) Gamaredon (Ab)uses Telegram to Target Ukrainian Organizations (Blackberry) Gamaredon Group Launches Cyberattacks Against Ukraine Using Telegram (The Hacker News)  Hitachi Energy PCU400 (CISA)  Bolster Your Company Defenses With Zero Trust Edge (iBoss)
A hostile takeover of the Solaris contraband market. Ukraine warns that Russian cyberattacks continue. An overview of 2H 2022 ICS vulnerabilities. Codespaces accounts can act as malware servers. Blank-image attacks. Campaigns leveraging HR policy themes. Dinah Davis from Arctic Wolf has tips for pros for security at home. Our guest is Gerry Gebel from Strata Identity describes a new open source standard that aims to unify cloud identity platforms. And travel-themed phishing increases. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/12 Selected reading. Friday the 13th on the Dark Web: $150 Million Russian Drug Market Solaris Hacked by Rival Market Kraken (Elliptic Connect)  Russia-linked drug marketplace Solaris hacked by its rival (The Record from Recorded Future News)  Cyber-attacks have tripled in past year, says Ukraine’s cybersecurity agency (the Guardian) Ukraine: Russians Aim to Destroy Information Infrastructure (Gov Info Security)  Ukraine says Russia is coordinating missile strikes, cyberattacks and information operations (The Record by Recorded Future) ICS Vulnerabilities and CVEs: Second Half of 2022 (SynSaber) Abusing a GitHub Codespaces Feature For Malware Delivery (Trend Micro) The Blank Image Attack (Avanan) Phishing Attacks Pose as Updated 2023 HR Policy Announcements (Abnormal Security) Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns (Bitdefender)
CISA adds to its Known Exploited Vulnerability Catalog. Attacks against industrial systems. DNV is recovering from ransomware. Chinese cyberespionage is reported against Iran. The persistence of nuisance-level hacktivism. Robert M. Lee from Dragos outlines pipeline security. Our guest is Yasmin Abdi from Snap on bringing her team up to speed with zero trust. And a side-effect of Russia's war: a drop in paycard fraud. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/11 Selected reading. Bolster Your Company Defenses With Zero Trust Edge (iBoss) CISA Adds One Known Exploited Vulnerability to Catalog (CISA) GE Digital Proficy Historian (CISA) Mitsubishi Electric MELSEC iQ-F, iQ-R Series (CISA)  Siemens SINEC INS (CISA) Contec CONPROSYS HMI System (CHS) Update A (CISA) Nozomi Networks Researchers Take a Deep Look into the ICS Threat Landscape (Nozomi Networks) A look at IoT/ICS threats. (CyberWire) DNV's fleet management software recovering from ransomware attack. (CyberWire) DNV says up to 1,000 ships affected by ransomware attack (Computing) Ransomware attack on maritime software impacts 1,000 ships (The Record from Recorded Future News) Chinese Playful Taurus Activity in Iran (Unit 42) Playful Taurus: a Chinese APT active against Iran. (CyberWire) Russian hackers allegedly tried to disrupt a Ukrainian press briefing about cyberattacks (Axios) Russia's Ukraine War Drives 62% Slump in Stolen Cards (Infosecurity Magazine) Annual Payment Fraud Intelligence Report: 2022 (Recorded Future)
A Phishing campaign impersonates DHL. Conscription and mobilization provide criminals with phishbait for Russian victims. Norton LifeLock advises customers that their accounts may have been compromised. Trends in data protection. Veracode's report on the state of software application security. Ben Yelin looks at NSO group’s attempt at state sovereignty. Ann Johnson from Afternoon Cyber Tea speaks with Microsoft’s Chris Young about the importance of the security ecosystem. And Ukraine calls for a "digital United Nations." For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/10 Selected reading. Cloud 9: Top Cloud Penetration Testing Tools (Bishop Fox) Our Top Favorite Fuzzer crowdsourcing pen testing tools (Bishop Fox) DHL Phishing Attack. Simply Delivered. (ArmorBlox)  Credential phishing campaign impersonates DHL. (CyberWire) Phishing scam invites Russian Telegram users to check ‘conscription lists’ to see if they’ll be drafted in February (Meduza) NortonLifeLock warns that hackers breached Password Manager accounts (BleepingComputer) Norton LifeLock says thousands of customer accounts breached (TechCrunch). NortonLifeLock notifies thousands of users about compromised Password Manager accounts (Computing)  Data Protection Trends Report 2023 (Veeam) Trends in data protection. (CyberWire) How Orca Found Server-Side Request Forgery (SSRF) Vulnerabilities in Four Different Azure Services (Orca Security) Orca describes four Azure vulnerabilities. (CyberWire) State Of Software Security (Veracode)  A look at the state of software security. (CyberWire) Ukraine calls for ‘Cyber United Nations’ amid Russian attacks (POLITICO)
Mohammad Kazem Hassan Nejad from WithSecure joins Dave to discuss the team’s research, “DUCKTAIL returns - Underneath the ruffled feathers.” DUCKTAIL is a financially motivated malware operation that targets individuals and businesses operating on the Facebook Ads and Business platform. The research states “The malware is designed to steal browser cookies and take advantage of authenticated Facebook sessions to steal information from the victim's Facebook account.” WithSecure has found that after a short hiatus, DUCKTAIL has returned with slight changes in their mode of operation. The research can be found here: DUCKTAIL returns: Underneath the ruffled feathers
GitHub disables NoName accounts. Russia dismisses reports of cyberespionage attempts against US National Laboratories. The Royal Mail cyber incident is now identified as ransomware attack. An update on the NOTAM issues that interfered with civil aviation. A Citrix vulnerability is exploited by ransomware group. CISA publishes its annual report. Bryan Vorndran of the FBI Cyber Division calibrates expectations with regard to the IC3. Our guest is Kayne McGladrey with insights on 2023 from the IEEE. And Positive Hack Days and the growing isolation of Russia's cyber sector. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/9 Selected reading.  Impact of Technology in 2023 and Beyond (IEEE) Ukraine at D+323: Fighting in Soledar, and industrial mobilization. (CyberWire) GitHub disables pro-Russian hacktivist DDoS pages (CyberScoop) Russia criticises Reuters story on Russian hackers targeting U.S. nuclear scientists (Reuters) Royal Mail cyber incident now identified as ransomware attack. (CyberWire) Not a cyberattack, but an IT failure. (CyberWire) The Guardian breach and news media as targets. (CyberWire) Citrix vulnerability exploited by ransomware group. (CyberWire) 2022 Year In Review (CISA) Russia’s largest hacking conference reflects isolated cyber ecosystem (Brookings)
Iranian VPN users are afflicted by Trojanized installation apps. Phishing on the static expressway. NoName057(16) hacktivist auxiliaries target NATO. Yesterday’s flight outage appears not to have been caused by a cyberattack. Royal Mail is disrupted by a "cyber incident." Carole Theriault thinks Meta needs to step up their game when blocking financial scams. Our guest is Mark Sasson from Pinpoint Search Group to discuss why cybersecurity may no longer be a candidate-driven market. And HR phishbait dangles raises, and some employees bite. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/8 Selected reading. EyeSpy - Iranian Spyware Delivered in VPN Installers (Bitdefender Labs) Phishing on the Static Expressway. (CyberWire) NoName057(16) - The Pro-Russian Hacktivist Group Targeting NATO (SentinelOne)  Not a cyberattack, but an IT failure. (CyberWire) FAA NOTAM Statement (FAA) Canadian Pilot-Alert System Reports Outage Hours After U.S. Grounding Order (Wall Street Journal) US air travel resumes but thousands of flights delayed after planes grounded - live updates (The Telegraph)  US Flights Latest: Departures Resume After FAA Lifts Ground Stop (Bloomberg) Royal Mail suffers ‘severe service disruption’ after cyber incident (Glasgow Times) Royal Mail issues major disruption warning after 'cyber incident' (Computing)  Parcels and letters stuck in limbo as Royal Mail is hit by a suspected hack (The Telegraph)  Cyber Incident Hits UK Postal Service, Halts Overseas Mail (SecurityWeek)
Patch Tuesday. CISA releases two ICS Advisories and makes some additions to its Known Exploited Vulnerabilities Catalog. Dark Pink APT is active against Asian targets. Kinsing cryptojacking targets Kubernetes instances. Ukrainian hacktivists conduct DDoS against Iranian sites. Risk exposure and a hospital's experience with ransomware. The Health3PT initiative seeks to manage 3rd-party risk. Tim Starks from the Washington Post’s Cyber 202 on cyber rising to the level of war crime. Our guest is Connie Stack, CEO of Next DLP, on the path to leadership within cyber for women. And phishing with Pokémon NFTs. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/7 Selected reading. The Daily 202 (Latest Cybersecurity 202) Microsoft Releases January 2023 Security Updates (CISA) > Adobe Releases Security Updates for Multiple Products (CISA)  Black Box KVM (CISA) Delta Electronics InfraSuite Device Master (CISA) Known Exploited Vulnerabilities Catalog (CISA) Dark Pink (Group-IB) New Dark Pink APT group targets govt and military with custom malware (BleepingComputer) Kinsing cryptojacking. (CyberWire) Ukraine at D+321: "Difficult in places." (CyberWire) Iranian websites impacted by pro-Ukraine DDoS attacks (SC Media)  Ransomware attack against SickKids said to be unusual. (CyberWire) Health3PT seeks a uniform approach to healthcare supply chain issues. (CyberWire) Breaking the glass ceiling: My journey to close the leadership gap. (CyberWire, Creating Connections) Pokémon NFTs used as malware vectors. (CyberWire)
A look back at ransomware in 2022. Lessons from Russia's war: crooks, hacktivists, and auxiliaries. Cyberattacks as war crimes. The state of SSE adoption. RSA Conference 2023 opens applications for the Launch Pad and the Innovation Sandbox. Joe Carrigan looks at online scams targeting military members. Our guest is Richard Caralli from Axio on the State of Ransomware Preparedness. And the most common known exploited vulnerabilities affecting the financial sector. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/6 Selected reading. Ransomware trends: 2022. (CyberWire) State of Ransomware Preparedness Research Study: 2022 (Axio) Kyiv argues Russian cyberattacks could be war crimes (POLITICO) Ukraine official says Russian cyberattacks on its energy network could equate to war crimes (Yahoo) Ukraine war and geopolitics fuelling cybersecurity attacks - EU agency (EU Reporter) Industry-first research from Axis Security finds 65% percent of organizations plan to adopt a Security Service Edge platform within next two years (Axis Security) RSAC Launch Pad is Back! (RSA Conference 2023) The Best in Innovation Programs Starts Here (RSA Conference 2023) Top KEVs in the U.S. Financial Services Sector (LookingGlass)
loading
Comments (25)

SHEwhoSHINES

I've been hard at it all night trying to trace how this happened but I fear I'm only gonna make the problem worse due to my inexperienced

Jul 16th
Reply

SHEwhoSHINES

any chance yell could help me

Jul 16th
Reply

Gabriel Plume

I sure hope he had a great time contributing to innocent Palestinian deaths!

Apr 18th
Reply

Vince Fitzpatrick

.k. ti. lm j . . . m.p nm w m .. p ..n n. k .u nm o

Sep 21st
Reply

Allison

Re: Ransom DDoS episode... not only did that dude mispronounce technology names (indicating lack of technical knowledge), he used the phrase “or their [law enforcement counterparts] in other civilized countries”. In saying this, he effectively implies that hackers who write in broken English are savages from uncivilized countries. The implicit racial connotations in making a statement like that are seriously offensive (equating being ‘civilized’ with speaking English well). Really surprising and disappointing.

Sep 5th
Reply

Debra Dukes

✌Deb.

Jun 13th
Reply

Debra Dukes

Great Podcast, Thank you for sharing Deb.✌

Jun 13th
Reply

Debra Dukes

Excellent Podcast and I'm shocked at this time and point we should have this covered by now.So enjoyed Deb.

Jun 13th
Reply

Debra Dukes

Awesome, Podcast Thanks so much for sharing Deb👍🏼✌

Jun 11th
Reply

Debra Dukes

Larry , Dave I really appreciate all the work and information it's about time that they finally get something done about this.Really enjoyed Deb👌✌

Jun 1st
Reply

Nathan Smith

Bollocks means balls as in testicles. It is a slang term for as you say someone talking nonsense / hogwash Just came across the podcast good stuff 👍👍

Feb 14th
Reply

elrey741

12:07: make sure you are updated to chrome 77

Nov 14th
Reply

Jef Cesar

Ahahaa! Verry well tought off!

Nov 4th
Reply

Міла Тарнопольська

it made my morning! 😊

Nov 4th
Reply (1)

Michael Ford

I have been bingeing this podcast and recommending this to everyone. especially the non tech folks since they are more target prone.

Oct 25th
Reply

s smith

I couldn't help notice how pro-israel the host is over the last few shows

May 16th
Reply

Raju Ghorai

good

Dec 17th
Reply

Tim Debisz

;D <3

Oct 31st
Reply

Argha Bhattacharya

Awesome episode. Ryan Olson spoke so well. Made things simple to understand even for someone who is new to "cryptojacking"

Oct 6th
Reply

Glen Nile

Awesome book list! I'm set for the summer.

Jun 15th
Reply (1)
Download from Google Play
Download from App Store