CyberWire Daily

Log4Shell is exploited by criminals and intelligence services. Private sector offensive cyber capabilities are on par with nation-states. Noberus ransomware is used in double-extortion attacks. Malek Ben Salem from Accenture looks at cyber twins. Our guest is Tom Kellermann from VMware with reaction to CISA’s Binding Operational Directive. And Squid Game phishbait. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire...

It seems that Fancy Bear may be interested in Log4shell after all. CISA issues Emergency Directive 22-02, which addressed Log4j. Huawei’s reputation as a security risk may be traceable to a 2012 incident in an Australian telco’s networks. Tropic Trooper is back, and interested in transportation. Meta kicks out seven “cyber mercenary” surveillance outfits. PseudoManusrypt looks curiously indiscriminate...

Updates on Log4j vulnerabilities: new exploitation, new mitigations, new risk assessments, some good advice from the NCSC, and from Betsy Carmelite and Mike Saxton, analysts at Booz Allen Hamilton. Kronos interruptions continue into the holiday season. NCA shares compromised passwords with Have I Been Pwned. A power grid security exercise in Ukraine, AWS outage last week put down to congestion. Hack-A-Sat promises more transparency. Tis the season for charity scams, as Carole Theriault reports...

Belgium’s Ministry of Defense comes under attack via Log4j vulnerabilities. A cellular handover, man-in-the-middle exploit is described by researchers. The FBI says an APT group is exploiting unpatched Zoho ManageEngine Desktop Central servers. The US charges five Russian nationals with a range of cybercrimes. Coin-miners in China feel some heat. Ben Yelin describes a Meta lawsuit targeting anonymous phishers. Our guest Todd Carroll of CybelAngel explains the shifting tactics of “troll farms”...

More criminals exploit vulnerabilities in Log4j. The Five Eyes issue a joint advisory on Log4j-related vulnerabilities, as other government organizations look into defending themselves against Log4shell. Ransomware updates. Russo-Ukrainian tensions rise, as does the likelihood of Russian cyberattacks against its neighbor. Uganda and NSO Group’s troubles. CISA issues six ICS advisories. Malek Ben Salem explains synthetic voices. Our guest is Dr...

An update of where things stand with respect to the Log4j vulnerabilities, and a reminder that there are other matters to attend to as well. RSAC postpones its annual security shindig to June, hoping to avoid the COVID. A German court awards pain-and-suffering damages for a data breach. Carole Theriault looks at hiring challenges in cyber. Robert M. Lee from Dragos with insights from his own entrepreneurial journey. And a new start-up seeks to take lemons and make them into lemonade...

Nighthawk’s at the diner (but maybe not on the crooks’ menu). Internet service in Ukraine and Moldova is interrupted by strikes against Ukraine's power grid. Sandworm renews ransomware activity against Ukrainian targets. Russian cyber-reconnaissance seen at a Netherlands LNG terminal. European Parliament votes to declare Russia a terrorist state (and Russia responds with cyberattacks and terroristic threats). Carole Theriault reports on where these kids today are getting their news...