CyberWire Daily

America’s NSA reviews twenty-five vulnerabilities under active exploitation by Chinese intelligence services. The UK’s NCSC accuses the GRU of more international cyberattacks. The US Justice Department brings its long-expected anti-trust suit against Google. Ben Yelin examines overly invasive company Zoom policies. Our guest is Jessica Gulick from Katczy with a visit to the Cyber Carnival Games. And a warning on “abandonware.”For links to all of today's stories check out our CyberWire daily news brief:https://www.thecyberwire.com/newsletters/daily-briefing/9/203 Learn more about your ad choices. Visit megaphone.fm/adchoices

Updates on influence ops and campaign hacking show that the opposition has its troubles, too. TrickBot operators seem to have returned to business. Schools’ remote learning programs are providing attractive targets for cybercriminals. Iranian news outlets say ports were the targets of last week’s cyberattacks. David Dufour explains how phishing campaigns capitalized on a global crisis. And Charlie Tibor says, “hello world” (we paraphrase).For links to all of today's stories check out our CyberWire daily news brief:https://www.thecyberwire.com/newsletters/daily-briefing/9/202 Learn more about your ad choices. Visit megaphone.fm/adchoices

Senior VP of Cyber Operations at KnowBe4, Rosa Smothers, talks about her career as an early cybersecurity professional in what she describes as the Wild, Wild West to her path through government intelligence work. Rosa shares how she always knew she wanted to be involved with computers and how being a big Star Trek nerd and fan particularly of Spock and Uhura helped shape her direction. Following 9/11, Rosa wanted to work for the government and pursue the bad guys and she did just that completing her bachelor's degree and starting in the Defense Intelligence Agency as a cyber threat analyst focusing on extremist groups. She joined the CIA and worked on things you see in the movies, things that are science fictionesque. Rosa recommends talking with people to get your feet wet to find your passion. We thank Rosa for sharing her story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices

Bitdefender researchers recently uncovered a sophisticated APT-style attack targeting an international architectural and video production company. The attack shows signs of industrial espionage, similar to another of Bitdefender’s recent investigations of the StrongPity APT group. The real-estate industry is highly competitive, and information exfiltrated by APT mercenary group can give negotiation advantages to other players in high-profile real-estate contracts.While APT groups traditionally could only be afforded by governments or were financially motivated purely out of self-interest, they recently appear to have become a commodity.Joining us in this week's Research Saturday to discuss the research is Global Cybersecurity Researcher Liviu Arsene from Bitdefender.The research can be found here: APT Hackers for Hire Used for Industrial Espionage Learn more about your ad choices. Visit megaphone.fm/adchoices

Phishing through redirector domains. Content moderation, influence operations, and Section 230. A Twitter outage is due to an error, not an attack. QQAAZZ money-laundering gang members indicted. Johannes Ullrich tracks Mirai Bots going after Amanda backups. Our guest is Richard Hummel from Netscout with research on cybersecurity trends and forecasts. And some ruminations about range safety for cyber exercises. For links to all of today's stories check out our CyberWire daily news brief:https://www.thecyberwire.com/newsletters/daily-briefing/9/201 Learn more about your ad choices. Visit megaphone.fm/adchoices

Tehran says this week’s cyberattacks are under investigation. Silent Librarian returns to campus for academic year 2020-2021. Crooks are posing as nation-state hackers. Domestic disinformation reported in Guinea and Ghana. Disinformation, content moderation, and the difficulties presented by both. US Cyber Command’s forward engagement campaign. Mike Benjamin from Lumen on how bad actors reuse infrastructure. Our guest is Ralph Sita from Cybrary with a look at their "Skills Gap" research report. And an extended meditation on the Scunthorpe Problem.For links to all of today's stories check out our CyberWire daily news brief:https://www.thecyberwire.com/newsletters/daily-briefing/9/200 Learn more about your ad choices. Visit megaphone.fm/adchoices

Reports of cyberattacks against Iranian government and, possibly, economic targets, are circulating, but details are sparse. Norway accuses Russia of hacking parliamentary emails. A cybercriminal gang’s secret is volume. A social engineering campaign singles out victims with US IP addresses. Joe Carrigan on a million dollar REvil recruitment offer. Our guest is Paul Nicholson from A10 Networks with a look at the "State of DDoS Weapons". And the US Treasury Department warns banks to be on the lookout for signs of unemployment fraud.For links to all of today's stories check out our CyberWire daily news brief:https://www.thecyberwire.com/newsletters/daily-briefing/9/199 Learn more about your ad choices. Visit megaphone.fm/adchoices

Trickbot gets hit by both US Cyber Command and an industry team led by Microsoft. CISA and the FBI warn that an unnamed threat actor is chaining vulnerabilities, including Zerologon, to gain access to infrastructure and government targets. Ben Yelin shares his thoughts on the US House’s report on monopoly status for some of tech's biggest players. Our guest is David Higgins from CyberArk on how work from home has put a light on privilege access security. And the Five Eyes plus two call for legal access to encrypted communications.For links to all of today's stories check out our CyberWire daily news brief:https://www.thecyberwire.com/newsletters/daily-briefing/9/198 Learn more about your ad choices. Visit megaphone.fm/adchoices

Ben describes a decades-long global espionage campaign alleged to have been carried out by the CIA and NSA, Dave shares a story about the feds using cell phone location data for immigration enforcement, and later in the show our conversation with Drew Harwell from the Washington Post on his article on how Colleges are turning students’ phones into surveillance machines.Links to stories: ‘The intelligence coup of the century’ RIGGING THE GAME Spy sting Federal Agencies Use Cellphone Location Data for Immigration EnforcementGot a question you'd like us to answer on our show? You can send your audio file to caveat@thecyberwire.com or simply leave us a message at (410) 618-3720. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices

Investigative journalist and author Geoff White talks about tracing a line through the dots of his career covering technology. Geoff shares that he has always been "quite geeky," but came to covering technology after several roles in the journalism industry. Newspapers, magazines and television were all media Geoff worked in before covering technology. Geoff got into journalism not due to the glamour sometimes associated with it, but because he wanted to fight for the public to cover stories that helped those who didn't have massive amounts of money, power or a huge lobbying campaign in political circles. When writing his book, Crime Dot Com, Geoff reflected on the cybercrime and cybersecurity stories he's covered and saw how things started falling into place. Our thanks to Geoff for sharing his story with us.  Learn more about your ad choices. Visit megaphone.fm/adchoices