Criminal evolutions, disgruntled insiders, and gangsta wannabes. New wiper attacks hit Ukrainian targets, with less effect than the first rounds early last year. And support your local hacktivist?
Gootloader's evolution. Yandex source code leaked (and Yandex blames a rogue insider). New GRU wiper malware is active against Ukraine. Latvia reports cyberattacks by Gamaredon. Russia and the US trade accusations...
RCR 107: Conduct Security Control Testing (CISSP Domain 6)
Description: Shon Gerber from CISSPCyberTraining.com provides you the information and knowledge you need to prepare and pass the CISSP Exam while providing the tools you need to enhance your cybersecurity career....
NO. 367 | Hive Ransom, Anti-Google, Software 2.0…
NO. 367 | Hive Ransom, Anti-Google, Software 2.0…
The FBI infiltrated the HIVE ransomware group, stopping over $130 million in ransomware attacks
Riot had the League of Legends source code stolen by a ransomware group, but they're refusing to pay the...
U.S. ‘No Fly List’ Leaks, AI-Powered Phishing, Wi-Fi Used to See Humans Through Walls
A hacker discovered a copy of the US No Fly List, which contains the names of people banned from traveling in or out of the US on commercial flights, on an unsecured Jenkins server connected to a commercial airline.
Will...
ISC StormCast for Monday, January 30th, 2023
Microsoft Tips to Patch Your Exchange Servers https://techcommunity.microsoft.com/t5/exchange-team-blog/protect-your-exchange-servers/ba-p/3726001 FCC Treatens
Episode 360 – Memory safety and the NSA
Josh and Kurt talk about the NSA guidance on using memory safety issues. The TL;DR is to stop using C. We discuss why C has so many problem, why we can't fix C, and what some alternatives looks like....
Charlie Moore: Pilot to head honcho in cyber. [Cyber Command] [Career Notes[
Our guest, Charlie Moore, is a recently retired USAF Lieutenant General who sits down to share his story from flying high in the air to becoming a bigwig in the cyber...
Interview with the AI, part one. [Special Editions]
Cybersecurity interview with ChatGPT.In part one of CyberWire’s Interview with the AI, Brandon Karpf interviews ChatGPT about topics related to cybersecurity. Rick Howard joins Brandon to analyze the conversation and discuss...
Flagging firmware vulnerabilities. [Research Saturday]
Roya Gordon from Nozomi Networks sits down with Dave to discuss their research on "Vulnerabilities in BMC Firmware Affect OT/IoT Device Security." Researchers at Nozomi Networks has revealed that there are...
Weekly Update 332
Presently sponsored by: CrowdSec - Gain crowd-sourced protection against malicious IPs and benefit from the most accurate CTI in the world. Get started for free.Breaches all over the place today! Well, this past week, and there's some debate as...
An update on the Hive ransomware takedown. More DDoS from Killnet. Advisories from CISA, and an addition to the Known Exploited Vulnerabilties Catalog.
An update on the takedown of the Hive ransomware gang, plus insights from CrowdStrike’s Adam Meyers. If you say you’re going to unleash the Leopards, expect a noisy call from Killnet. Our...
SWN #269 – Empathy, Bitwarden, Lexmark, Exchange, Dragonbridge, & Derek Johnson Talks About Hive
This week Dr. Doug discusses: Empathy, hacking back, typosquatting, Bitwarden, Lexmark, Exchange, Russians, Iranians, Dragonbridge, Derek Johnson talks about Hive and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter:...
7MS #557: Better Passive Network Visibility Using Teleseer
https://youtube.com/watch?v=yPbdKcdbWgw
Today we're talking about Teleseer, which is an awesome service to give you better network visibility - whether you're on the blue, red or purple team! It all starts with a simple packet capture, and ends with gorgeous...
ESW #303 – What Makes A Good Breach Response?
What makes a good breach response? What makes a bad one? Could we objectively measure them? How would we break down and rate a company’s breach response performance? This is the first in our 2 segment Enterprise News...
ISC StormCast for Friday, January 27th, 2023
Live Linux IR with UAC https://isc.sans.edu/diary/Live%20Linux%20IR%20with%20UAC/29480 Bitwarden Phishing https://community.bitwarden.com/t/phishing-website-bitwardenlogin-com/49704 https://www.reddit.com/r/Bitwarden/comments/10k2aj5/google_search_ads_showing_fake_bitwarden_web/
PSW #770 – Brian Behlendorf
This week in the Security News: GetVariable strikes again, attackers could blow up your computer remotely, escaping containers, null-dereferences and faulty evaluations, 31 new CPU vulnerabilities for AMD, a look into Chrome, santa, not-so-secure secure booting, and malware included!...
Remote monitoring and management tools abused. Russian and Iranian cyberespionage reported. The world according to the CIO. And if volume is your secret, maybe look for a better secret.
Joint advisory warns of remote monitoring and management software abuse. Iranian threat actors reported active against a range of targets. UK's NCSC warns of increased risk of Russian and Iranian social...
CISA Alert AA23-025A – Protecting against malicious use of remote monitoring and management software
CISA, NSA, and the MS-ISAC are releasing this alert to warn network defenders about malicious use of legitimate remote monitoring and management software. AA23-025A Alert, Technical Details, and MitigationsFor a downloadable copy...
S3 Ep119: Breaches, patches, leaks and tweaks!
The programming language almost called Oak. GoTo admits to more breach woes. T-Mobile spills 37 million records. Apple patches everything, even iOS 12. And Google mAkES tYpOs for sECurity.
https://nakedsecurity.sophos.com/goto-admits-customer-cloud-backups-stolen
https://nakedsecurity.sophos.com/t-mobile-admits-to-37000000-customer-records-stolen
https://nakedsecurity.sophos.com/apple-patches-are-out-old-iphones
https://nakedsecurity.sophos.com/serious-security-how-deliberate-typos-might-improve-dns
With Doug Aamoth and Paul Ducklin
Original music by Edith Mudge (https://www.edithmudge.com)
Got...
ISC StormCast for Thursday, January 26th, 2023
First Malicious OneNote Document https://isc.sans.edu/diary/A%20First%20Malicious%20OneNote%20Document/29470 Guidance for Securing Remote Monitoring