Hacking in Iran? The Lazarus Group hires Trickbot. Election influence ops. Cryptowars updata. Ransomware in municipal and tribal governments. Patch Tuesday notes. Do it for State.
Iran says it’s stopped a cyber attack, and that an insider was responsible for a major paycard exposure. Trickbot is now working for the Lazarus Group. Influence operations both foreign and domestic concern British voters on the eve of...
S2 Ep20 Why don’t they send ransomware on floppies anymore?
As always, we pick the top three cybersecurity stories of the week to discuss. This week we talk open-source supply chain madness, Snatch ransomware and iPhone 11 tracking concerns.
Host Anna Brading is joined by Sophos experts Mark Stockley,...
Keys to the Kingdom – BSW #155
This week, we welcome John Ramsey, Chief Information Security Officer at National Student Clearinghouse, to discuss Security in Education! In the Leadership and Communication Segment, In-depth protection is a matter of basic hygiene, 4 strategies to find time for...
SN 744: VPN-geddon Denied
This Week's StoriesMicrosoft has started forcing feature updates on people who don't want them.Bypass to continue obtaining Win7 updates created.Microsoft's Project Verona continues moving forward.Microsoft's RDP client for iOS is back.Avast / AVG in the doghouse.Making a mountain out...
ISC StormCast for Wednesday, December 11th 2019
Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+December+2019+Patch+Tuesday/25592/ https://securelist.com/windows-0-day-exploit-cve-2019-1458-used-in-operation-wizardopium/95432/Adobe Patch Tuesday https://helpx.adobe.com/security.htmlApple Security Updates
DtSR Episode 374 – Mike Daugherty Looks In the Rearview Mirror
This week, on a very special show recorded from his home studio in Atlanta, Rafal welcomes Mike Daugherty back onto the show to tell the story of his crazy journey and battle with the FTC. Highlights from this week's...
Risky Business #566 — Balkanisation, ransomware, comedy bugs close out the decade
On this week’s show Patrick and Adam discuss the week’s security news, including:
China to ditch foreign hardware, software, from government use
Huawei sues FCC
More background on Project Raven
Senate hearings into encryption
Reddit fingers...
HNN #245 – December 10, 2019
This week, How Panasonic is using internet honeypots to improve IoT device security, A new Windows 10 ransomware threat?, 'Hackable' karaoke and walkie talkie toys found by Which?, Linux Bug Opens Most VPNs to Hijacking, New Office 365 Feature...
Pensacola under cyberattack. Notes on ransomware. The US Justice Department IG report on Crossfire Hurricane. Who let the bots out?
The city of Pensacola is hit hard by an unspecified cyberattack. Ryuk ransomware decryptors may cause data loss. A new variant of Snatch ransomware evades anti-virus protection. The US Justice Department’s Inspector General has reported on the FBI’s Crossfire...
Dad Jokes – ASW #88
This week, we welcome Allan Friedman, Director of Cybersecurity Initiatives at the NTIA US Department of Commerce, to talk about the Software Bill of Materials! In the Application Security News, GitHub Seeks Security Dominance With Developers, IoT and Agile...
2019-044-Noid and Dave Dittrich discusses recent keybase woes – Part 1
Patreon donor goodness: Scott S. and Ion S. @_noid_ @davedittrich Their response: “it’s not a bug, it’s a feature” “Don’t write a blog post that will point out the issue” “You pointing out our issues makes things...
ISC StormCast for Tuesday, December 10th 2019
Another Word Maldoc https://isc.sans.edu/forums/diary/Lazy+Sunday+Maldoc+Analysis/25586/Snatch Ransomware Reboots System Into Safe Mode
Ocean Lotus versus car manufacturers. Ransomware versus dental practices. $5 million reward offered in Dridex case. Information operations and the UK’s general election.
Ocean Lotus puts down more roots in automobile manufacturing. Ransomware hits dentists’ IT providers as well as a Rhode Island town. The US is offering a reward of $5 million for information leading to the arrest or--and we stress...
Unsupervised Learning: No. 206
Vietnamese BMW APT, Defense Contractor Prep, China replacing a culture, HackerOne Cookie Snafu, Chinese Also Worried About Privacy, China Mobile Face, CDC Flu Warning, AWS Sagemaker, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly...
Weekly Update 168
YOW! Sydney / Brisbane / Melbourne; Have I Been Pwned’s 6th Birthday; Sectigo’s Phishing Cert; Crazy System-Generated Password Tweet; Sponsored by Whois XML API
https://www.troyhunt.com/weekly-update-168/
How You’re Tracked Online, New Mass Surveillance Concerns, Malicious Android App Hijack
In episode 98: A new report from the EFF details how we are tracked online by third-party corporations, more mass surveillance concerns in China and Australia, and a malicious app hijack attack on Android to be aware of.
** Show...
ISC StormCast for Monday, December 9th 2019
E-Mail Includes Entire HTML/Javascript Phishing Kit https://isc.sans.edu/forums/diary/Phishing+with+a+selfcontained+credentialsstealing+webpage/25580/Great Canon / Red
Episode 173 – Ho Ho Homeland Security
Josh Santa and Kurt talk the border nightmare Santa Clause has to deal with as he traverses the globe. Questions we explore include: Are the reindeer farm animals? Is the North Pole a farm? Is Santa an intellectual property thief? Does Krampus...
Targeting routers to hit gaming servers. — Research Saturday
Researchers at Palo Alto Networks' Unit 42 recently published research outlining attacks on home and small-business routers, taking advantage of known vulnerabilities to make the routers parts of botnets, ultimately used to attack gaming servers. Jen Miller-Osborn is the...
The Casting Couch – PSW #629
This week, we welcome Eric Brown, Senior Security Analyst at LogRhythm, to talk about the Outlook on Phishing in 2020! In our second segment, we welcome back Micah Hoffman, Principal Investigator at Spotlight Infosec, to discuss OSINT in Cyber!...
Pensacola confirms ransomware attack
Pensacola
officials confirmed that an ongoing
cyberattack that began early Saturday morning is a ransomware attack.
While the city did not release any additional details, the Pensacola News Journal said city spokeswoman Kaycee Lagarde confirmed the attack included a ransom, something that...
Trickbot Operators Now Selling Attack Tools to APT Actors
North Korea's Lazarus Group - of Sony breach and WannaCry fame - is among the first customers.
The Great $50M African IP Address Heist
A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions...
Intel Issues Fix for ‘Plundervolt’ SGX Flaw
Researchers were able to extract AES encryption key using SGX's voltage-tuning function.
How to stop spam calls right now
Spam calls drive us all crazy. Here are four ways to stop robocalls and other unsolicited phone calls.
