CyberWire Daily

3271 Odcinki

1. Public Wi-Fi advice from NSA. South African ports recover from ransomware. Iranian rail incident was a wiper attack. Developments in the criminal-to-criminal market. Intercept vendors under scrutiny.

   Opublikowany: 29.07.2021
2. US ICS Cybersecurity Initiative formalized. Developments in the ransomware world. Addressing known vulnerabilities. Caucasus coinmining crackdown. A long-running IRGC catphishing campaign.

   Opublikowany: 28.07.2021
3. South African ports invoke force majeure over cyberattack. Documents indicate Iranian interest in control systems attacks. Dark web wanted ads. Cyber diplomacy. Lousy cafeteria food?

   Opublikowany: 27.07.2021
4. The source of Kaseya’s REvil key remains unknown. Cyber incident disrupts port operations at Cape Town and Durban. Updates on the Pegasus Project. And a guilty plea in a swatting case.

   Opublikowany: 26.07.2021
5. Ingrid Toppelberg: Knowing how to take risks will pay off. [Cybersecurity education] [Career Notes]

   Opublikowany: 25.07.2021
6. Is enhanced hardware security the answer to ransomware? [CyberWire-X]

   Opublikowany: 25.07.2021
7. Free malware with cracked software. [Research Saturday]

   Opublikowany: 24.07.2021
8. Cyber threats to, and around, the Olympic Games. Kaseya got a decryptor, from somewhere…. NSO says it’s not responsible for Pegasus misuse. US cyber policy toward China. Fraud Family busted.

   Opublikowany: 23.07.2021
9. Extortion is the motive in the Saudi Aramco incident. Updates on the Pegasus Project. Chinese cyberespionage and Beijing’s tu quoque. FIN7 resurfaces, and a post-mortem on Egregor.

   Opublikowany: 22.07.2021
10. Historical threats to industrial control systems inform current security practices. Ransomware privateering and side-hustling. Updates on the Pegasus Project.

    Opublikowany: 21.07.2021
11. APT side hustles and evidence of espionage. NSO replies to the Pegasus Project, and AWS removes NSO from its CloudFront CDM. Other data breaches and ransomware incidents.

    Opublikowany: 20.07.2021
12. Microsoft Exchange Server hacks officially attributed to China. Indictment in industrial espionage case. Entities List expands. Abuse of NSO Group’s Pegasus tool reported.

    Opublikowany: 19.07.2021
13. Peter Baumann: Adding value to data. [CEO] [Career Notes]

    Opublikowany: 18.07.2021
14. Enabling connectivity enables exposures. [Research Saturday]

    Opublikowany: 17.07.2021
15. DDoS at Russia’s MoD. Facebook disrupts Iranian catphishing operation. An intercept tool vendor’s activities are exposed. No signs of the US softening on Huawei bans.

    Opublikowany: 16.07.2021
16. Luminous Moth or Mustang Panda, it’s the same bad actor (probably). Updates on other cyberespionage and ransomware campaigns. Rewards for tips on cyberattacks.

    Opublikowany: 15.07.2021
17. Patch notes. What’s happening with REvil remains unclear, but it would be rash to count the gang out.

    Opublikowany: 14.07.2021
18. SolarWinds patches a zero-day. Trickbot is back. Bogus Twitter accounts, now suspended, were verified by the social medium. DarkSide hits Guess. Updates on REvil and Kaseya.

    Opublikowany: 13.07.2021
19. Kaseya and REvil--the state of recovery. President Biden calls President Putin to ask for action on ransomware. Cyber incident in Iran. Ukraine says its naval website was hacked. Tracking ransom.

    Opublikowany: 12.07.2021
20. APTs transitioning to the cloud. [CyberWire-X]

    Opublikowany: 11.07.2021