Monday, September 25, 2023
Home Tags The CyberWire

Tag: The CyberWire

The CyberWire Podcast

Threat intelligence discussion with Chris Krebs. [Special Edition]

In this extended interview, Simone Petrella sits down with Chris Krebs of the Krebs Stamos Group at the mWise 2023 Cybersecurity Conference to discuss threat intelligence . Learn more about your...
The CyberWire Podcast

Merritt Baer: No one has to go down for you to go up. [CISO] [Career Notes]

This week our guest is Merritt Baer, a Field CISO from Lacework, and a cloud security unicorn, sits down to share her incredible story working through the ranks to get to...
The CyberWire Podcast

Behind the Google shopping ad masks. [Research Saturday]

Maxim Zavodchik from Akamai joins Dave to discuss their research on "Xurum: New Magento Campaign Discovered." Akamai researchers have discovered an ongoing server-side template injection campaign that is exploiting digital commerce...
The CyberWire Podcast

Enter the Sandman. A look at an initial access broker. Iran’s OilRig hits Israeli targets. Cyber ops and soft power. Update on casino ransomware attacks. Bermuda’s government sustains cyberattacks.

A new APT is found: enter Sandman. Tracking an initial access broker called Gold Melody. Iran’s OilRig group is active against Israeli targets. Cyber ops as an instrument of soft power....
The CyberWire Podcast

Don’t get snatched. Trends in phishing, cyber insurance claims, and threats to academic institutions. Hacktivism in the hybrid war. Updates on the ICC attack. MGM says its casinos are back.

CISA and the FBI warn of Snatch ransomware. A look at phishing trends. Ransomware is increasingly cited in cyber insurance claims. Trends in cyber threats to academic institutions. A Russian hacktivist...
The CyberWire Podcast

Hacking the ICC. ShroudedSnooper active, simple, and novel. New criminal malware used against Chinese-speakers. More on the materiality of cyberattacks.

The International Criminal Court reports a "cybersecurity incident." ShroudedSnooper intrusion activity is both novel and simple. Criminal malware targets Chinese-speaking victims. The costs of insider risk. More on the casino attacks...
The CyberWire Podcast

Ransomware in Colombia. An accidental data exposure. Cyberespionage hits unpatched systems. An attack on IT systems disrupts industrial production. Bots and bad actors.

Colombia continues its recovery from last week's cyberattacks. AI training data is accidentally published to GitHub. The cyberespionage techniques of Earth Lusca. Clorox blames product shortages on a cyber attack. Cybersecurity...
The CyberWire Podcast

A quick look at some threats from China and North Korea, some engaged in collection, some in theft. BlackCat and other ransomware operators. And a view of cyberwar from Ukraine’s SSU.

Cyber threats trending from East Asia. The Lazarus Group is suspected in the CoinEx crypto theft. Pig butchering, enabled by cryptocurrency. BlackCat is active against Azure storage. a Ukrainian view of...
The CyberWire Podcast

Karl Mattson: Defer gratification. (CISO) [Career Notes]

Karl Mattson, CISO at Noname Security, joins us to share his story. Having started out as a "military brat," traveling the world as the child of a Marine, Karl later joined...
The CyberWire Podcast

A look into the emotions and anxieties of the highest levels of decision-making. [Research Saturday]

Guest Manuel Hepfer from ISTARI shares his research on cyber resilience which includes discussions with 37 CEOs to gain insight into how they manage cybersecurity risk. ISTARI and Oxford University's Saïd...
The CyberWire Podcast

Peach Sandstorm cyberespionage. Criminal attacks against a Colombian telco and two major US casino firms. A thief in the browser. And the Greater Manchester Police are on a virtual manhunt.

"Peach Sandstorm" is an Iranian cyberespionage campaign. A Cyberattack against a telecom provider affects government and corporate online operations in Colombia. Python NodeStealer takes browser credentials. Caesars Entertainment files its 8-K....
The CyberWire Podcast

Ransomware and materiality. MetaStealer hits businesses. Two looks at cloud risks. His Highness, the Large Language Model.

The MGM Resorts incident is now believed to be ransomware, and how does that inform our view of Materiality of a cyber incident? MetaStealer targets businesses. Cloud access with stolen credentials....
The CyberWire Podcast

How one access broker gets its initial access (it’s through novel phishing). Be alert for deepfakes, US authorities say. The Pentagon’s new cyber strategy. And a reminder: yesterday was Patch Tuesday.

An access broker's phishing facilitates ransomware. 3AM is fallback malware. Cross-site-scripting vulnerabilities are reported in Apache services. US agencies warn organizations to be alert for deepfakes. The US Department of Defense...
The CyberWire Podcast

Phishing with Facebook Messenger bots. Redfly hits a national power grid. Nice platform you got there…shame if something happened to it. MGM Resorts grapples with a “cybersecurity issue.”

Phishing with Facebook Messenger accounts. Redfly cyberespionage targets a national grid. The exploit trade in the C2C underground market. Phishing attack exploits Baidu link. A repojacking vulnerability. A hacktivist auxiliary looks...
The CyberWire Podcast

UK’s NCA and NCSC release a study of the cybercriminal underworld. HijackLoader’s growing share of the C2C market. Russia’s hacker diaspora in Turkey. Cyber diplomacy, free and frank..

UK's NCA and NCSC release a study of the cybercriminal underworld. HijackLoader's growing share of the C2C market. Russia's hacker diaspora in Turkey. Author David Hunt discusses his new book, “Irreducibly Complex...
Infosecurity Magazine

Researchers Spot Novel “Deadglyph” Backdoor

Malware is linked to UAE-backed spies
Infosecurity Magazine

Almost US 900 Schools Breached Via MOVEit

National Student Clearinghouse reveals more details of incident

Don’t Get Burned by CAPTCHAs: A Recipe for Accurate Bot Protection

Traditional CAPTCHAs, such as reCAPTCHA, no longer protect online businesses adequately. Real users hate them. Bots bypass them. It's time to upgrade.
The Hacker News

New Report Uncovers Three Distinct Clusters of China-Nexus Attacks on Southeast Asian Government

An unnamed Southeast Asian government has been targeted by multiple China-nexus threat actors as part of espionage campaigns targeting the region over extended periods of time. "While this activity occurred around the same time and in some instances even simultaneously...
The Register

T-mobile exposes some customer data – but don’t call it a breach

PLUS: Trojan hidden in PoC; cyber insurance surge; pig butchering's new cuts; and the week's critical vulns Infosec in brief  T-Mobile has had another bad week on the infosec front – this time stemming from a system glitch that...