Cyberwire Daily Briefing.
- Get link
- X
- Other Apps
"Pervasive OSINT and a shift toward a defensive advantage."
Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents. Accessed on 05 November 2023, 1335 UTC.
Content and Source: https://thecyberwire.com/newsletters/daily-briefing ("The Cyberwire Newsletter").
Please click link or scroll down to read your selections. Thanks for joining us today.
Russ Roberts (https://www.hawaiicybersecurityjournal.net).
SSUESV12 | Issue 211 | 11.3.23
Pervasive OSINT and a shift toward a defensive advantage.
More evidence of OSINT's reach. An Apache vulnerability is being used to install ransomware. Exploitation of Citrix vulnerability in the wild. AP sustains DDoS attack. Microsoft draws a lesson from Russia's war: cyber defense now has the advantage over cyber offense. HHS reaches settlement in HIPAA data breach incident.
V12 | Issue 210 | 11.2.23
Reaching consensus on AI governance.
Bletchley Declaration represents a consensus starting point for AI governance. Lazarus Group prospects blockchain engineers with KANDYKORN. Boeing investigates ‘cyber incident’ affecting parts business. Update: NodeStealer used in attacks against Facebook. Citrix Bleed vulnerability exploited in the wild. MuddyWater spearphishes Israeli targets in the interest of Hamas. India to investigate alleged attacks on iPhones. Venomous Bear deploys some new tools.
V12 | Issue 209 | 11.1.23
Cyber phases of the Hamas-Israel war remain murky.
The Hamas-Israel war continues to be marked by hacktivism. Arid Viper's exploitation of Arabic speaker's Android devices. Iran shows improved cyberespionage capabilities. A URL shortener in the C2C market. Taking down the Mozi botnet. Ransomware in healthcare. Two Russians arrested on treason charges, accused of hacking for Ukraine. Ukrainian hacktivist auxiliaries deface Russian payments website.
V12 | Issue 208 | 10.31.23
Malware mealkits, and other commodity criminal tools.
Malicious packages found attached to NuGet. Russia will establish an autarkic substitute for VirusTotal. Commodity tools empower low-grade Russian cybercriminals. Malware mealkits, and other notes from the cyber underground. Cybersecurity workforce study. Full text of US Executive Order now available.
V12 | Issue 207 | 10.30.23
US AI policy is announced (and some of it is relevant to cybersecurity).
The US Executive Order on artificial intelligence is out. Passkeys as successors to passwords. Hive ransomware gang may be back, and rebranded. Coinminers exploit AWS IAM credentials. LockBit claims to have obtained sensitive information from Boeing. Internet and telecoms in Gaza are interrupted. Deepfakes have an effect even when they're not used. Ukrainian auxiliaries disrupt Internet service in Russian-occupied territory.
V12 | Issue 206 | 10.27.23
Social engineering by intimidation.
Eastern European gangs overcome their reservations about anglophone criminals. Mirth Connect vulnerable to critical flaw. A look at a mercenary spyware strain. “PepsiCo” used as phishbait. Prebunking disinformation. Russian intelligence services' cyber operations in the hybrid war. Russian hacktivist auxiliaries pester Australia for "Russophobia." Quantum computing and law enforcement.
V12 | Issue 205 | 10.26.23
Cyberespionage as misdirection: false flags and the screwd pretense of dumb criminality.
StripedFly reclassified. YoroTrooper is interested in the Commonwealth of Independent States. The current state of DDoS attacks. The effect of cyberattacks on small businesses. Ukrainian hacktivists deface Russian artists' Spotify pages. Troll amplification. Crooks heart Mr. Gosling.
V12 | Issue 204 | 10.25.23
Sector trends in cyber risk, and a rise in privateering.
Winter Vivern exploits a mail service 0-day. Teaching AI to misbehave. CISO challenges, across sectors. Ransomware's effect on healthcare downtime. Two reports on the state of cybersecurity in the financial services sector. Possible connections between Hamas and AridViper. Ukrainian cyber authorities report a rise in privateering Smokeloader attacks. Russian hacktivist auxiliaries strike Czech targets.
V12 | Issue 203 | 10.24.23
Cyber ops in two hybrid wars, with an excursus on the mobilization of bed bugs.
DDoS activity during the Hamas-Israeli war. Insurance firm reports cyber incident. District of Columbia voter data compromise: an update. Recent arrests in cybercrime sweeps. Ukrainian hacktivist auxiliaries compromise customer data at Russia's Alfa Bank. Russian services increase collection efforts against Ukrainian war crimes investigators. An odd case of disinformation.
V12 | Issue 202 | 10.23.23
Social engineering for espionage and for profit.
Okta discloses a data exposure incident. Cisco works to fix zero-day. DPRK threat actors pose as IT workers. Five Eyes warn of AI-enabled Chinese espionage. Job posting as phishbait. The risk of first-party fraud. The Quasar RAT and DLL side-loading. Hacktivists trouble humanitarian organizations with nuisance attacks. Content moderation during wartime. Not content-moderation, but fact-checking. Cyberespionage at the ICC.
Load More
Pervasive OSINT and a shift toward a defensive advantage.
More evidence of OSINT's reach. An Apache vulnerability is being used to install ransomware. Exploitation of Citrix vulnerability in the wild. AP sustains DDoS attack. Microsoft draws a lesson from Russia's war: cyber defense now has the advantage over cyber offense. HHS reaches settlement in HIPAA data breach incident.
Reaching consensus on AI governance.
Bletchley Declaration represents a consensus starting point for AI governance. Lazarus Group prospects blockchain engineers with KANDYKORN. Boeing investigates ‘cyber incident’ affecting parts business. Update: NodeStealer used in attacks against Facebook. Citrix Bleed vulnerability exploited in the wild. MuddyWater spearphishes Israeli targets in the interest of Hamas. India to investigate alleged attacks on iPhones. Venomous Bear deploys some new tools.
Cyber phases of the Hamas-Israel war remain murky.
The Hamas-Israel war continues to be marked by hacktivism. Arid Viper's exploitation of Arabic speaker's Android devices. Iran shows improved cyberespionage capabilities. A URL shortener in the C2C market. Taking down the Mozi botnet. Ransomware in healthcare. Two Russians arrested on treason charges, accused of hacking for Ukraine. Ukrainian hacktivist auxiliaries deface Russian payments website.
Malware mealkits, and other commodity criminal tools.
Malicious packages found attached to NuGet. Russia will establish an autarkic substitute for VirusTotal. Commodity tools empower low-grade Russian cybercriminals. Malware mealkits, and other notes from the cyber underground. Cybersecurity workforce study. Full text of US Executive Order now available.
US AI policy is announced (and some of it is relevant to cybersecurity).
The US Executive Order on artificial intelligence is out. Passkeys as successors to passwords. Hive ransomware gang may be back, and rebranded. Coinminers exploit AWS IAM credentials. LockBit claims to have obtained sensitive information from Boeing. Internet and telecoms in Gaza are interrupted. Deepfakes have an effect even when they're not used. Ukrainian auxiliaries disrupt Internet service in Russian-occupied territory.
Social engineering by intimidation.
Eastern European gangs overcome their reservations about anglophone criminals. Mirth Connect vulnerable to critical flaw. A look at a mercenary spyware strain. “PepsiCo” used as phishbait. Prebunking disinformation. Russian intelligence services' cyber operations in the hybrid war. Russian hacktivist auxiliaries pester Australia for "Russophobia." Quantum computing and law enforcement.
Cyberespionage as misdirection: false flags and the screwd pretense of dumb criminality.
StripedFly reclassified. YoroTrooper is interested in the Commonwealth of Independent States. The current state of DDoS attacks. The effect of cyberattacks on small businesses. Ukrainian hacktivists deface Russian artists' Spotify pages. Troll amplification. Crooks heart Mr. Gosling.
Sector trends in cyber risk, and a rise in privateering.
Winter Vivern exploits a mail service 0-day. Teaching AI to misbehave. CISO challenges, across sectors. Ransomware's effect on healthcare downtime. Two reports on the state of cybersecurity in the financial services sector. Possible connections between Hamas and AridViper. Ukrainian cyber authorities report a rise in privateering Smokeloader attacks. Russian hacktivist auxiliaries strike Czech targets.
Cyber ops in two hybrid wars, with an excursus on the mobilization of bed bugs.
DDoS activity during the Hamas-Israeli war. Insurance firm reports cyber incident. District of Columbia voter data compromise: an update. Recent arrests in cybercrime sweeps. Ukrainian hacktivist auxiliaries compromise customer data at Russia's Alfa Bank. Russian services increase collection efforts against Ukrainian war crimes investigators. An odd case of disinformation.
Social engineering for espionage and for profit.
Okta discloses a data exposure incident. Cisco works to fix zero-day. DPRK threat actors pose as IT workers. Five Eyes warn of AI-enabled Chinese espionage. Job posting as phishbait. The risk of first-party fraud. The Quasar RAT and DLL side-loading. Hacktivists trouble humanitarian organizations with nuisance attacks. Content moderation during wartime. Not content-moderation, but fact-checking. Cyberespionage at the ICC.
- Get link
- X
- Other Apps
Comments
Post a Comment
Please leave a comment about our recent post.