CyberWire Daily

Zscaler conducted research on the DuckTail threat actors who primarily target users in digital marketing and advertising. The podcast explores how DuckTail uses malware and social engineering techniques to target digital marketers and engage in financial scams. It also discusses methods used by attackers to deceive victims, install malware, steal victim information, and communicate with threat actors. The podcast highlights the goal of cybercriminals targeting business Facebook accounts for financial scams and the importance of TLS inspection to prevent data leakage and credential exfiltration. Additionally, an interview with Deepin Desai discusses research on Lucur 3's cloud tactics and their responsibility for breaching large enterprises.

Andrea Little Limbago discusses geopolitics, cyber, and the C-suite. Topics include common cybersecurity misconfigurations, cyber cooperation between Russia and North Korea, hacktivist auxiliaries, Russian cyber operations, and LoveGPT romance scam. Other chapters cover social engineering tactics, impact of cyber defenses on criminal actors in blockchain, and tensions between China and other countries over critical minerals and technologies.

Chris Tillett, Senior Research Engineer at Palo Alto Networks and member of the Advisory Board at Titaniam Labs, discusses security risks in hardware and software supply chains, recent cyberattacks against major corporations, and online surveillance and social credit in Russia. Topics include Apple's patched iOS vulnerability, Qakbot's survival, BADBOX inserting malware into the device supply chain, and the cyberattack against Clorox by Scattered Spider. Eric Goldstein also joins to talk about progress against ransomware threats and the importance of the Pre-Ransomware Notification Initiative.

Diane Janosek, Executive Director of Capitol Technology University's Center for Women in Cyber, discusses paths to cybersecurity and ways to address workforce intelligence through education. Other topics include phishing, typosquatting, stream-jacking, risk management, and guidelines for hacktivists during hybrid war.

Dave Bi, industry expert, discusses topics such as ICS services exposed to the Internet, BunnyLoader malware, phantom hacker scams, API risks, cybersecurity attitudes and behavior. The podcast also covers issues with TSA pipeline security programs and privacy concerns regarding the use of commercial telemetry by CBP, ICE, and USSS. Additionally, it explores Ukrainian preparations for attacks on the power grid and the need for regulations to enhance domestic chip manufacturing for national security.

Michael Denning, CEO at SecureG for Blu Ventures, discusses developments in zero trust. Other topics include ransomware attacks, cyber espionage, domestic surveillance in Russia, and Dark Web threat actors targeting macOS.

Guest Ted Wagner, Chief Information Security Officer at SAP National Security Services, shares his career journey from the Army to IT projects. He emphasizes the importance of teaching technical terms in non-technical ways and gaining hands-on experience for newcomers in the field.

Talos discovers cracked Windows software being downloaded by enterprise users, posing security risks and providing access to threat actors. Cracked software leads to RATs and unauthorized remote access, allowing control, screenshots, keystroke recording, and data exfiltration. The podcast discusses the dangers of downloading cracked software, compromised defenses, and the high cost of cybersecurity incidents. It also emphasizes the need for awareness and robust security measures, highlighting the cultural component and implications on different industries and regions.

Former Maryland cyber czar Jeffrey Wells and Tim Eades from Cyber Mentor Fund discuss malicious ads in a chatbot, a vulnerability clarification, Cl0p switching to torrents, influence operations as an adjunct to weapons of mass destruction, the potential impact of a US government shutdown on cybersecurity, and the NSA's new AI Security Center.

LogicGate describing struggles with low cost attacks, Kasada's findings on Stolen Auto Accounts. Budworm APT's bespoke tools, cyberattack on Johnson Controls. Oversight panel reports on Section 702. Cybersecurity in US industrial base. Hacktivism vs Russia.