Criminal evolutions, disgruntled insiders, and gangsta wannabes. New wiper attacks hit Ukrainian targets, with less effect than the first rounds early last year. And support your local hacktivist?
Gootloader's evolution. Yandex source code leaked (and Yandex blames a rogue insider). New GRU wiper malware is active against Ukraine. Latvia reports cyberattacks by Gamaredon. Russia and the US trade accusations...
Charlie Moore: Pilot to head honcho in cyber. [Cyber Command] [Career Notes[
Our guest, Charlie Moore, is a recently retired USAF Lieutenant General who sits down to share his story from flying high in the air to becoming a bigwig in the cyber...
Interview with the AI, part one. [Special Editions]
Cybersecurity interview with ChatGPT.In part one of CyberWire’s Interview with the AI, Brandon Karpf interviews ChatGPT about topics related to cybersecurity. Rick Howard joins Brandon to analyze the conversation and discuss...
Flagging firmware vulnerabilities. [Research Saturday]
Roya Gordon from Nozomi Networks sits down with Dave to discuss their research on "Vulnerabilities in BMC Firmware Affect OT/IoT Device Security." Researchers at Nozomi Networks has revealed that there are...
An update on the Hive ransomware takedown. More DDoS from Killnet. Advisories from CISA, and an addition to the Known Exploited Vulnerabilties Catalog.
An update on the takedown of the Hive ransomware gang, plus insights from CrowdStrike’s Adam Meyers. If you say you’re going to unleash the Leopards, expect a noisy call from Killnet. Our...
Remote monitoring and management tools abused. Russian and Iranian cyberespionage reported. The world according to the CIO. And if volume is your secret, maybe look for a better secret.
Joint advisory warns of remote monitoring and management software abuse. Iranian threat actors reported active against a range of targets. UK's NCSC warns of increased risk of Russian and Iranian social...
CISA Alert AA23-025A – Protecting against malicious use of remote monitoring and management software
CISA, NSA, and the MS-ISAC are releasing this alert to warn network defenders about malicious use of legitimate remote monitoring and management software. AA23-025A Alert, Technical Details, and MitigationsFor a downloadable copy...
TA444 and crypto theft on behalf of the Dear Successor. CryptoAPI spoofing vulnerability described. New Python-based malware campaign. User headspace. Tanks vs. hacktivists.
How do the North Koreans get away with it? They do run their cyber ops like a creepy start-up business. A spoofing vulnerability is discovered in Windows CryptoAPI. Python-based malware is...
Cyber Marketing Con 2022: From the horse’s mouth: CISO Q&A on solving the cyber marketer’s dilemma. [Special Editions]
At the 2022 Cyber Marketing Con, the CyberWire presented a CISO Q&A panel session on how to help cyber marketers reach CISOs and other security executives in the industry. The panel...
Cyber Marketing Con 2022: From the horse’s mouth: CISO Q&A on solving the cyber marketer’s dilemma. [Special Editions]
At the 2022 Cyber Marketing Con, the CyberWire presented a CISO Q&A panel session on how to help cyber marketers reach CISOs and other security executives in the industry. The panel...
Disentangling cybercrime from cyberespionage. A threat to the IoT supply chain. What do you do with the hacktivists when they stop being hacktivists? A retired FBI Special Agent is indicted.
DragonSpark conducts "opportunistic" cyberattacks in East Asia. ProxyNotShell and OWASSRF exploit chains target Microsoft Exchange servers. The IoT supply chain is threatened by exploitation of Realtek Jungle SDK vulnerability. CISA adds...
Contractor error behind FAA outage. OneNote malspam. Vastflux ad campaign disrupted. Ukraine moves closer to CCDCOE membership. Alerts for gamblers and gamers.
The FAA attributes its January NOTAM outage. Malicious OneNote attachments are appearing in phishing campaigns. The Vastflux ad campaign has been disrupted. Ukraine moves toward closer cybersecurity collaboration with NATO. Rick...
Miriam Wugmeister: Technology's not as complicated as you think. [Data Security] [Career Notes]
Miriam Wugmeister, co-chair of Morrison & Foerster’s Privacy and Data Security practice, sits down to share her in-depth experience and understanding of privacy and data security laws, obligations, and practices across a wide range...
The power of web data in cybersecurity. [CyberWire-X]
The public web data domain is a fancy way to say that there is a lot of information sitting on websites around the world that is freely available to anybody who has...
Billbug infests government agencies. [Research Saturday]
Brigid O. Gorman from Symantec's Threat Hunter Team joins Dave to discuss their report "Billbug - State-sponsored Actor Targets Cert Authority and Government Agencies in Multiple Asian Countries." The team has...