CyberWire Daily

3271 Odcinki

1. Advice on secure telework. Magecart infestations. DNS hijacking with a COVID-19 twist and an info-stealer hook. Patch notes. The US 5G security strategy.

   Opublikowany: 26.03.2020
2. APT41 is back from its Lunar New Year break. Commodity attack tools for states and gangs. Russia takes down a domestic carding crew. Restricting misinformation.

   Opublikowany: 25.03.2020
3. Active ICS threats. TrickBot and TrickMo. RCE vulnerability in Windows. Google ejects click-fraud malware infested apps from Play. Attackers hit WHO, hospitals, and biomedical research.

   Opublikowany: 24.03.2020
4. Coronavirus fraud booms; prosecutors are taking note. Stolen data on the dark net. Software updates affected by pandemic. A new Mirai variant is out. A DDoS that wasn’t.

   Opublikowany: 23.03.2020
5. The security implications of cloud infrastructure in IoT.

   Opublikowany: 21.03.2020
6. CISA on running critical sectors during an emergency. Disinformation, phishbait, and rumor. What’s Fancy Bear up to these days? Distinguishing altruism from self-interest.

   Opublikowany: 20.03.2020
7. EU suspects Russia of disinformation. TrickBot’s latest module is a brute. Parallax RAT and the MaaS black market. Pandemic hacking trends. What to do with time on your hands.

   Opublikowany: 19.03.2020
8. Coronavirus phishing. Money mule recruiting. Remote work and behavioral baselining. HHS incident seems to have been...an incident. Advice from NIST, and from Dame Vera Lynne.

   Opublikowany: 18.03.2020
9. Cyberattack on US HHS probably a minor probe. Disinformation about COVID-19 continues to serve as both phishbait and disruption. US prosecutors move to stop prosecution Concord Management.

   Opublikowany: 17.03.2020
10. COVID-19’s effects on cyberspace: disinformation, espionage, data theft, fraud, and extortion. Also far greater remote working.

    Opublikowany: 16.03.2020
11. TLS is here to stay.

    Opublikowany: 14.03.2020
12. COVID-19 as both incentive for remote work and phishbait. Offshored trolling. A list of “digital predators.” US Senate doesn’t extend domestic surveillance authority.

    Opublikowany: 13.03.2020
13. The return of Turla. Data exposure incidents disclosed. Beijing accuses Taipei of waging cyberwarfare against the PRC. Coronavirus disinformation.

    Opublikowany: 12.03.2020
14. The Cyberspace Solarium reports. Coronavirus scams and coronavirus realities. Notes on March’s Patch Tuesday.

    Opublikowany: 11.03.2020
15. Caution in the Play store. EU power consortium’s business systems hacked. Cablegate--a look back. Schulte trial ends in minor convictions, but a hung jury on major counts. The cyber underworld.

    Opublikowany: 10.03.2020
16. Coronavirus misinformation, phishbait, and disinformation. Ransomware’s growing reach. How criminals’ desire for glory works against their desire to escape apprehension.

    Opublikowany: 9.03.2020
17. Overworked developers write vulnerable software.

    Opublikowany: 7.03.2020
18. Misconfigured databases, again. Vulnerable subdomains. Dark web search engines. Troll farming. An update on the crypto wars.

    Opublikowany: 6.03.2020
19. Credential stuffing attacks and data breaches. Coronavirus-themed phishbait is an international problem. Super Tuesday security post mortems. Huawei agonistes.

    Opublikowany: 5.03.2020
20. Election security--a look back at Super Tuesday. Cyberspace Solarium preview. Rapid Alert System engaged in EU. Cyber capability building in Ukraine. Cloud backups as attack surface.

    Opublikowany: 4.03.2020