Signals, scams, and a Salesforce snatch.

Russian hackers target Signal and WhatsApp. Permit scammers impersonate local officials. Anthropic sues over a Pentagon blacklist. The White House moves to restore fraud victims. ShinyHunters target Salesforce data. Ericsson reports a breach. macOS users face ClickFix malware. AWS credentials are phished. And CISA warns of an exploited Ivanti flaw. Our guest is Brian Baskin, Threat Researcher at Sublime Security, discussing tax season employee impersonation scams. Who fact-checks the fact-checkers? 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Our guest today is Brian Baskin, Threat Researcher at Sublime Security, discussing how tax season employee impersonation scams are conducted and what to look out for as we prepare our returns.

Selected Reading

Russia targets Signal and WhatsApp accounts in cyber campaign (AIVD)

FBI warns of phishing attacks impersonating US city, county officials (Bleeping Computer)

Anthropic sues Trump administration over Pentagon blacklist (CNBC)

White House floats Victims Restoration Program for millions affected by cyber fraud (The Record)

CybercrimeHundreds of Salesforce Customers Allegedly Targeted in New Data Theft Campaign (SecurityWeek)

Ericsson US discloses data breach after service provider hack (Bleeping Computer)

Fake CleanMyMac Site Uses ClickFix Trick to Install SHub Stealer on macOS (Hackread)

Behind the console: Active phishing campaign targeting AWS console credentials (Datadog Security Labs)

CISA: Recently patched Ivanti EPM flaw now actively exploited (Bleeping Computer)

AI fake-news detectors may look accurate but fail in real use, study finds (Tech Xplore)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. 

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices