CyberWire Daily

2656 Episodes

1. Britain’s Labour Party sustains a “data incident.” CERT-FR describes a new affiliate gang, Lockean. US, Russian intelligence chiefs discuss cybersecurity. Gas is flowing in Iran again. Start-ups honor

   Published: 11/4/2021
2. Ransomware gangs talk about retiring, and about deception. High-level Russo-American talks. US sanctions four spyware vendors. CISA tells US agencies to patch known, exploited vulnerbalities.

   Published: 11/3/2021
3. Trojan Source--a threat to the software supply chain. Ransomware goes to influence operations school. Triple extortion? Criminal target selection.

   Published: 11/2/2021
4. Iranian officials blame the US and Israel for gas station cyber sabotage. A new direction for NSO? Cyber extortion, Minecraft phishing, and sugar daddies looking for sugar babies (sez they).

   Published: 11/1/2021
5. Jadee Hanson: Cybersecurity is a team effort. [CISO] [Career Notes]

   Published: 10/31/2021
6. Malware sometimes changes its behavior. [Research Saturday]

   Published: 10/30/2021
7. Iranian-Israeli cyber tensions rise. Decaf ransomware described. Philippine government phshbait. Unemployment due to cyberattack. Europol’s latest collars. Facebook rebrands as “Meta.”

   Published: 10/29/2021
8. The Malware Mash!

   Published: 10/29/2021
9. Hacktivists or intelligence services in Iran? BOLO NIkolay K. Renouncing Conti, and all its empty promises. SEO poisoning. US cyber strategic intent.

   Published: 10/28/2021
10. Coups and comms blackouts. Fuel sale sabotage in Iran. Wslink described. Operation Dark HunTor takes down a contraband market. FTC looks into Facebook. LockBit speaks.

    Published: 10/27/2021
11. Ransomware and privateering, counteroffense and deterrence. The US State Department will reestablish its cyber office. And looking forward to Halloween.

    Published: 10/26/2021
12. SolarMarket malware carried in some WordPress sites. Russian privateers don’t much like REvil’s takedown. The SVR in the supply chain. Malicious Squid Games app. Scary social media.

    Published: 10/25/2021
13. Mark Nunnikhoven: Providing clarity about security. [Cloud strategy] [Career Notes]

    Published: 10/24/2021
14. When big ransomware goes away, where should affiliates go? [Research Saturday]

    Published: 10/23/2021
15. Counting coup against REvil (and other gangs are taking note). Export controls and dual use. A timing bug will surface this weekend.

    Published: 10/22/2021
16. Evil Corp identified as the threat actor behind ransomware attacks on Sinclair and Olympus. Privateering. Fin7’s front company. Sentencing in a bulletproof hosting case.

    Published: 10/21/2021
17. Cyberespionage campaign looks a lot like SIGINT collection. Magnitude gets more capable. VPN exploits solicited. Ransomware trends. Seven years for UPMC hacker. Plenty of Candy Corn coming.

    Published: 10/20/2021
18. TA505’s recent activity. Advice on defending organizations from BlackMatter. CISA RFI seeks EDR information. REvil’s halting attempts to return. Sinclair’s incident response.

    Published: 10/19/2021
19. A US broadcaster sustains a ransomware attack. North Korean catphis expelled from Twitter. REvil’s Tor sites are hijacked. Hacking back. Prosecution and responsible disclosure?

    Published: 10/18/2021
20. Ell Marquez: It's okay to be new. [Linux] [Career Notes]

    Published: 10/17/2021