CyberWire Daily

LogicGate describing struggles with low cost attacks, Kasada's findings on Stolen Auto Accounts. Budworm APT's bespoke tools, cyberattack on Johnson Controls. Oversight panel reports on Section 702. Cybersecurity in US industrial base. Hacktivism vs Russia.

China's 'BlackTech' threat activity, a new ransomware as a service group, UAE's Smishing Triad, Openfire flaw exploitation, suspicious Sony hack claims, Xenomorph malware, DDoS and API attacks in finance sector. Joe DePlato from Bluestone Analytics delves into dark net drug markets. Richard Hummel shares trending DDoS vectors. FCC chair plans to restore net neutrality.

An advanced phishing campaign hits hospitality industry. An information-stealing campaign deploys ZenRAT. More MOVEit-related data breaches are disclosed. Mixin Network suspends deposits and withdrawals. The OpenSea NFT market warns of third-party risk to its API. Phishing for Ukrainian military drone operators. Mr. Security Answer Person John Pescatore shares thoughts in Cisco acquiring Splunk. Ann Johnson from the Afternoon Cyber Tea podcast interviews Deb Cupp sharing a lesson in leadership. And the UK adopts a hunt-forward approach to cyber war.

Amit Sinha, CEO of Digicert, talks about digital trust in the software supply chain. The podcast also covers cyberespionage activities in East and Southeast Asia, including campaigns against Tibetan, Uighur, and Taiwanese targets. It discusses the use of Telegram groups to share spyware tools and the discovery of new backdoors. The episode highlights the importance of security coaching and incident detection. It also explores the risks of code signing key leaks and the need to inspect the software development supply chain. The podcast concludes with speculation on a recent ransomware incident and the challenges of incident analysis.

Chris Krebs, an expert in threat intelligence and cybersecurity, discusses the strategic integration of technological systems, challenges of attribution and strategic considerations in cyber attacks, common intelligence requirements and needed skill sets in cybersecurity, connecting cybersecurity with business objectives and growing the workforce. The conversation concludes with a lighthearted discussion about the speaker's unique sock collection.

Merritt Baer, a Field CISO from Lacework, shares her incredible journey in cybersecurity and the evolving role of the CISO. She emphasizes the importance of collaboration and supporting one another in the field. The podcast also discusses building trust, inclusivity, and enhancing security for vulnerable communities.

Akamai researchers have discovered a Magento 2 campaign named Xurum that exploits digital commerce websites by using an advanced web shell. The podcast discusses the details of the attack, vulnerability exploitation, and provides recommendations for protection against future attacks on e-commerce platforms.

The podcast discusses a new APT group called Sandman targeting telecommunications providers. They also cover recent cybersecurity incidents, talent retention, increasing the pipeline of diverse talent, challenges of employee retention, and the importance of being coachable and adaptable in life.

Topics discussed in the podcast include trends in phishing, cyber insurance claim related to ransomware, threats to academic institutions, hacktivism disrupting Canadian border control, updates on the ICC cyberattack, and MGM Resorts' recovery.

Aaron Brazelton, Dean of Admissions and Advancement at the Alabama School of Cyber Technology, discusses the Alabama School's unique admissions process. The podcast also covers a cybersecurity incident at the International Criminal Court, criminal malware targeting Chinese-speaking victims, and the challenges of determining material impact on public companies in cybersecurity investigations.