CyberWire Daily

In this special edition of Hacking Humans, Dave and Rick discuss the contribution of Alan Turing in computing and AI. They also explore an episode of Chicago PD where officers deal with catfishing and apprehend a suspect. The hosts deconstruct the scenes and provide insights into scams and schemes in movies and TV shows.

Ihab Shraim, CTO at CSC, discusses how AI is providing cybercriminals new opportunities. Also covered: joint advisory on Citrix Bleed, pig butchering takedowns, Altman's return to OpenAI, electronic warfare in Ukraine, and holiday season cybersecurity.

Steve Winterfeld from Akamai discusses emerging threats in the financial services sector, including DDoS attacks and protecting data. Other topics highlighted in the podcast include OpenAI's turmoil, a crypto firm's API attack, a phishing campaign, and a data breach at Idaho National Laboratory.

Leadership turmoil at OpenAI. Citrix Bleed vulnerability implicated in ransomware attacks. QakBot successor. FSB deploys LitterDrifter. Russian firm on cyberattacks. Privateers and auxiliaries. Ann Johnson on cyber innovation. Alleged war crimes include cyber operations.

Ian Blumenfeld, Research Director from Two Six Technologies, shares his career journey from aspiring scientist to math teacher and eventually landing in the tech industry. He emphasizes the importance of taking risks and pursuing opportunities that advance your career. Ian's passion for code and desire to make the world a better place shines through in his story.

Explore the importance of diversity and inclusion in cybersecurity, challenges and opportunities for women in the field, mentorship and allyship, benefits of diverse backgrounds and experiences, institutional knowledge in cybersecurity, breaking barriers and advancing women in the field, and promoting gender diversity and holding leaders accountable.

Asheer Malhotra from Cisco Talos discusses their research on the espionage-focused threat actor YoroTrooper, attributing their work to individuals in Kazakhstan. YoroTrooper disguises its attacks as coming from Azerbaijan using VPN exit nodes. They heavily rely on phishing emails to direct victims to credential harvesting sites. The podcast also explores Eurotrooper's espionage and data theft activities, legacy sim challenges, YoroTrooper's aggressive tactics in targeting government entities and the energy sector, and the notion of persistence vs sophistication in espionage operations.

Buffy Wajvoda, Global Leader for Space Solutions Architecture at AWS Aerospace and Satellite, discusses the importance of cybersecurity in the space sector, AWS's innovations in cybersecurity, and the accessibility of security information using generative AI and natural language processing. They also highlight AWS's involvement in the space industry at the AWS re:Invent conference.

Scattered Spider prompts warnings from CISA and the FBI. Phobos ransomware is an affiliate crimeware-as-a-service program. A "hack-for-hire" contractor. “Scama” in the C2C market. Our guest is Lee Clark from the RH-ISAC with a look at Holiday Season Cyber Threat Trends. Tim Eades from Cyber Mentor Fund shares recent trends in cyber venture capital, with tips on finding a good match. And the tempo of cyber operations in Russia's hybrid war.For links to all of today's stories check out our CyberWire daily news briefing:https://thecyberwire.com/newsletters/daily-briefing/12/220Selected reading.FBI and CISA Release Advisory on Scattered Spider Group (Cybersecurity and Infrastructure Security Agency | CISA) FBI warns on Scattered Spider hackers, urges victims to come forward (Reuters) U.S. officials urge more information sharing on prolific cybercrime group (CyberScoop) A deep dive into Phobos ransomware, recently deployed by 8Base group (Cisco Talos Blog) Understanding the Phobos affiliate structure and activity (Cisco Talos Blog)Elephant Hunting | Inside an Indian Hack-For-Hire Group (SentinelOne) How an Indian startup hacked the world (Reuters) Scama: Uncovering the Dark Marketplace for Phishing Kits (Vade Secure)Ukraine Tracks a Record Number of Cyber Incidents During War (Bank Info Security) Russia will target other countries for web attacks, Ukraine cyber defence chief warns (The Irish Times) Sandworm Linked to Attack on Danish Critical Infrastructure (Infosecurity Magazine) Why cyber war readiness is critical for democracies (Help Net Security)  Learn more about your ad choices. Visit megaphone.fm/adchoices

Discussion on cyber safety for the holidays, using regulatory risk to pressure ransomware victims, and a call for regulatory action against a supply chain threat. Warning and description of Rhysida malware. Extending local breaches in Google Workspace. Protestware in open-source products. GRU's Sandworm implicated in campaign against Danish electrical power providers. Insightful interview with Jason Meller about The Shadow IT Report. Fascinating conversation on social engineering attacks. Exploiting sympathy through donation scams.