More signal, less noise—we distill the day’s critical cyber security news into a concise daily briefing.
https://thecyberwire.com/podcasts/
Extending security tools to the at home workforce during the pandemic.
In this episode of CyberWire-X, Rick Howard, the CyberWire’s Chief Analyst, interviews security thought leaders on the strategy and tactics to extend the security controls we’ve typically used to protect our handful of remote employees in the past...
Twofold snooping venture.
Working with many different honeypot implementations, a security researcher did an experiment expanding on that setting up a simple docker image with SSH, running a guessable root password. The catch? What happened in the next 24 hours was unexpected....
Sandworm is out and about, so patch already. Steganography used in attacks on industrial targets. An Executive Order on Preventing Online Censorship. Breaches, ransomware, and lessons.
NSA warns that the GRU’s Sandworm outfit has been actively exploiting a known vulnerability in Exim. Someone is attacking industrial targets in Japan and Europe using steganography and other evasive tactics. NTT Communications is breached, and...
Hackers for hire. A bulk power distribution risk? An Executive Order on social media is under consideration. COVID-19 and cybersecurity.
Hackers-for-hire find criminal work during the pandemic. The US Department of Energy is said to have taken possession of a Chinese-manufactured transformer. US President Trump may be considering an Executive Order about the legal status of social...
Berserk Bear is back, and still loves that critical infrastructure honey. COVID-19 apps: good, bad, and bogus. Android issues discovered. A FIN7 arrest. Mr. Faraday’s underwear.
Berserk Bear is back, and snuffling around Germany’s infrastructure. Two new Android issues surface. India opens up the source code for its COVID-19 contact-tracing app as such technological adjuncts to public health continue to arouse privacy...
The evolution of malware, both criminal and state-run.
Turla tunes its tools. The commodity Trojan AnarchyGrabber is now stealing passwords. A new iOS jailbreak has been released. The UK reconsiders its decision to allow Huawei into its 5G networks. A tech group lobbies the US House against warrantless...
Naming and shaming is the worst thing we can do.
In December 2019, the GOLD VILLAGE threat group that operates the Maze ransomware created a public website to name and shame victims. The threat actors used the website to dump data they exfiltrated from victims' networks before they deployed the...
An election database leaks. Phishing from Firebase. Shiny Hunters sell Mathway user records. COVID-19-themed scams. On that return to the office thing...
Indonesia’s election database has leaked, and PII is for sale in the dark web. Phishing campaigns abuse Firebase. The Shiny Hunters are selling Mathway user records. US agencies warn of COVID-19-themed criminal campaigns. Contact tracing technology...
Cyberwar, cybercrime, and hacktivism: updates on all three. Contact tracing and its discontents. Cybersecurity economic trends during the pandemic.
Website defacements in Israel may be hacktivist work. Iranian cyberespionage against Saudi Arabia and Kuwait. The latest evolution of ZeuS. The Winnti Group is still hacking, and it still likes stealing in-game commodities. Contact tracing during the...
Cyber espionage: many operations and many targets. Misinformation and online fraud during the pandemic. Beer and conviviality versus operational security.
Cyber spies steal prototype missile data. Others hack into South Asian telecoms, and still others go after easyJet passengers’ travel data. Cyberattacks, misinformation, and cyber fraud continue to follow the COVID-19 pandemic. Joe Carrigan weighs...