Tuesday, January 31, 2023
The CyberWire Podcast

Criminal evolutions, disgruntled insiders, and gangsta wannabes. New wiper attacks hit Ukrainian targets, with less effect than the first rounds early last year. And support your local hacktivist?

Gootloader's evolution. Yandex source code leaked (and Yandex blames a rogue insider). New GRU wiper malware is active against Ukraine. Latvia reports cyberattacks by Gamaredon. Russia and the US trade accusations...
Reduce Cyber Risk

RCR 107: Conduct Security Control Testing (CISSP Domain 6)

Description: Shon Gerber from CISSPCyberTraining.com provides you the information and knowledge you need to prepare and pass the CISSP Exam while providing the tools you need to enhance your cybersecurity career....
Unsuperivsed Learning Podcast

NO. 367 | Hive Ransom, Anti-Google, Software 2.0…

NO. 367 | Hive Ransom, Anti-Google, Software 2.0… The FBI infiltrated the HIVE ransomware group, stopping over $130 million in ransomware attacks Riot had the League of Legends source code stolen by a ransomware group, but they're refusing to pay the...
The Shared Security Podcast

U.S. ‘No Fly List’ Leaks, AI-Powered Phishing, Wi-Fi Used to See Humans Through Walls

A hacker discovered a copy of the US No Fly List, which contains the names of people banned from traveling in or out of the US on commercial flights, on an unsecured Jenkins server connected to a commercial airline. Will...
SANS ISC

ISC StormCast for Monday, January 30th, 2023

Microsoft Tips to Patch Your Exchange Servers https://techcommunity.microsoft.com/t5/exchange-team-blog/protect-your-exchange-servers/ba-p/3726001 FCC Treatens
Open Source Security Podcast

Episode 360 – Memory safety and the NSA

Josh and Kurt talk about the NSA guidance on using memory safety issues. The TL;DR is to stop using C. We discuss why C has so many problem, why we can't fix C, and what some alternatives looks like....
The CyberWire Podcast

Charlie Moore: Pilot to head honcho in cyber. [Cyber Command] [Career Notes[

Our guest, Charlie Moore, is a recently retired USAF Lieutenant General who sits down to share his story from flying high in the air to becoming a bigwig in the cyber...
The CyberWire Podcast

Interview with the AI, part one. [Special Editions]

Cybersecurity interview with ChatGPT.In part one of CyberWire’s Interview with the AI, Brandon Karpf interviews ChatGPT about topics related to cybersecurity. Rick Howard joins Brandon to analyze the conversation and discuss...
The CyberWire Podcast

Flagging firmware vulnerabilities. [Research Saturday]

Roya Gordon from Nozomi Networks sits down with Dave to discuss their research on "Vulnerabilities in BMC Firmware Affect OT/IoT Device Security." Researchers at Nozomi Networks has revealed that there are...

Weekly Update 332

Presently sponsored by: CrowdSec - Gain crowd-sourced protection against malicious IPs and benefit from the most accurate CTI in the world. Get started for free.Breaches all over the place today! Well, this past week, and there's some debate as...
The CyberWire Podcast

An update on the Hive ransomware takedown. More DDoS from Killnet. Advisories from CISA, and an addition to the Known Exploited Vulnerabilties Catalog.

An update on the takedown of the Hive ransomware gang, plus insights from CrowdStrike’s Adam Meyers. If you say you’re going to unleash the Leopards, expect a noisy call from Killnet. Our...
Security Weekly

SWN #269 – Empathy, Bitwarden, Lexmark, Exchange, Dragonbridge, & Derek Johnson Talks About Hive

This week Dr. Doug discusses: Empathy, hacking back, typosquatting, Bitwarden, Lexmark, Exchange, Russians, Iranians, Dragonbridge, Derek Johnson talks about Hive and more on the Security Weekly News.   Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter:...
7 minute security

7MS #557: Better Passive Network Visibility Using Teleseer

https://youtube.com/watch?v=yPbdKcdbWgw Today we're talking about Teleseer, which is an awesome service to give you better network visibility - whether you're on the blue, red or purple team! It all starts with a simple packet capture, and ends with gorgeous...
Security Weekly

ESW #303 – What Makes A Good Breach Response?

What makes a good breach response? What makes a bad one? Could we objectively measure them? How would we break down and rate a company’s breach response performance?   This is the first in our 2 segment Enterprise News...
SANS ISC

ISC StormCast for Friday, January 27th, 2023

Live Linux IR with UAC https://isc.sans.edu/diary/Live%20Linux%20IR%20with%20UAC/29480 Bitwarden Phishing https://community.bitwarden.com/t/phishing-website-bitwardenlogin-com/49704 https://www.reddit.com/r/Bitwarden/comments/10k2aj5/google_search_ads_showing_fake_bitwarden_web/
Security Weekly

PSW #770 – Brian Behlendorf

This week in the Security News: GetVariable strikes again, attackers could blow up your computer remotely, escaping containers, null-dereferences and faulty evaluations, 31 new CPU vulnerabilities for AMD, a look into Chrome, santa, not-so-secure secure booting, and malware included!...
The CyberWire Podcast

Remote monitoring and management tools abused. Russian and Iranian cyberespionage reported. The world according to the CIO. And if volume is your secret, maybe look for a better secret.

Joint advisory warns of remote monitoring and management software abuse. Iranian threat actors reported active against a range of targets. UK's NCSC warns of increased risk of Russian and Iranian social...
The CyberWire Podcast

CISA Alert AA23-025A – Protecting against malicious use of remote monitoring and management software

CISA, NSA, and the MS-ISAC are releasing this alert to warn network defenders about malicious use of legitimate remote monitoring and management software. AA23-025A Alert, Technical Details, and MitigationsFor a downloadable copy...

S3 Ep119: Breaches, patches, leaks and tweaks!

The programming language almost called Oak. GoTo admits to more breach woes. T-Mobile spills 37 million records. Apple patches everything, even iOS 12. And Google mAkES tYpOs for sECurity. https://nakedsecurity.sophos.com/goto-admits-customer-cloud-backups-stolen https://nakedsecurity.sophos.com/t-mobile-admits-to-37000000-customer-records-stolen https://nakedsecurity.sophos.com/apple-patches-are-out-old-iphones https://nakedsecurity.sophos.com/serious-security-how-deliberate-typos-might-improve-dns With Doug Aamoth and Paul Ducklin Original music by Edith Mudge (https://www.edithmudge.com) Got...
SANS ISC

ISC StormCast for Thursday, January 26th, 2023

First Malicious OneNote Document https://isc.sans.edu/diary/A%20First%20Malicious%20OneNote%20Document/29470 Guidance for Securing Remote Monitoring

GitHub says hackers cloned code-signing certificates in breached repository

Enlarge GitHub said unknown intruders gained unauthorized access to some of its code repositories and stole code-signing certificates for two of its desktop applications: Desktop and Atom. Code-signing certificates place...
Security Affairs

QNAP addresses a critical flaw impacting its NAS devices

Taiwanese vendor QNAP is warning customers to install QTS and QuTS firmware updates to address a critical flaw impacting its NAS devices. QNAP released QTS and QuTS firmware updates to address a critical vulnerability, tracked as CVE-2022-27596 (CVSS v3 score: 9.8), that...
The Register

Chromebook SH1MMER exploit promises admin jailbreak

Schools' laptops are out if this one gets around, but beware bricking Users of enterprise-managed Chromebooks now, for better or worse, have a way to break the shackles of administrative control through an exploit called SHI1MMER.…

MusicLM: Google AI generates music in various genres at 24 kHz

Enlarge / An AI-generated image of an exploding ball of music. (credit: Ars Technica) On Thursday, researchers from Google announced a new generative AI model called MusicLM that can create...

Russia's Sandworm APT Launches Swarm of Wiper Attacks in Ukraine

The incidents are the latest indication of the growing popularity of dangerous disk wipers, created to disrupt and degrade critical infrastructure and other organizations.