CyberWire Daily

Bernard Brantley, CISO from Corelight, shares his inspiring career path starting from the bottom of the tech stack. He overcame dropping out of the military academy and now reflects on handling adversity and problem-solving by taking ownership and learning from tough days.

Researchers from Bishop Fox discuss their work on building an exploit for the FortiGate Vulnerability CVE-2023-27997, including setting up a vulnerable system, manipulating the heap for remote code execution, and achieving goals in exploiting vulnerabilities. They also provide recommendations for securing organizations.

Senator Wyden blocks Senate vote on new NSA and Cyber Command lead. GPS interference attributed to Iran. Meta removes Chinese and Russian accounts for coordinated inauthenticity. EU proposes 'European cyber force' with offensive capabilities. Twisted Spider conducts new ransomware campaigns. Staples sustains cyberattack. Apple releases security updates for zero-days. John Pescatore discusses Microsoft's Secure Future Initiative. Large language models can deceive users without explicit instructions.

Guest John Huebner, a cybersecurity expert from Palo Alto Networks' Unit 42, discusses the management of threat intelligence feeds. They emphasize the challenges organizations face in sifting valuable intelligence from noise and the importance of risk assessments in selecting and tuning feeds. The podcast also covers the widespread exploitation of severe vulnerabilities in ownCloud and Okta, as well as cyber attacks on Japan's space agency and the laundering of stolen cryptocurrency.

Law enforcement cracks down on a ransomware gang in an international sweep. Attacks on infrastructure operators and a ransomware campaign on Qlik Sense installations. Google Workspace vulnerability discovered. Hacktivist auxiliary compromises a Russian media site. Exclusive interview with Eric Goldstein about CISA's new Secure by Design Alerts program. Insights on legislation dealing with section 702 surveillance. Security teams don't need to worry about their job after a breach.

Ransomware targets healthcare organizations. WildCard deploys SysJoker malware. DPRK cryptocurrency theft. The status of Ukraine's IT Army. A Russian news outlet unmasks Killmilk. Our Industry Insights guest today is Guy Bejerano, CEO and Co-Founder of SafeBreach, discussing risk reduction in action. And there’s discord on dark markets about large language models.CyberWire GuestOur Industry Insights guest today is Guy Bejerano, CEO and Co-Founder of SafeBreach, discussing risk reduction in action: the future of BAS and continuous threat exposure management.You can connect with Guy on LinkedIn and find out more about SafeBreach on their website.For links to all of today's stories check out our CyberWire daily news briefing:https://thecyberwire.com/newsletters/daily-briefing/12/225Giving TuesdayOur team offers up some suggestions for Giving Tuesday should you feel inclined to join us in sharing your time, talents or treasures on this day of giving back. Arizona Cyber InitiativeAssociation for Women in ScienceBlackGirlsHackCyber GuildExceptional MindsG{Code}Girls Who CodeLurie Children's HospitalNFARMelwoodTech Kids UnlimitedWiCySWomen of CyberjutsuSelected ReadingCyberattack on US hospital owner diverts ambulances from emergency rooms in multiple states (CNN) Portneuf Medical Center experienced ransomware attack. Hospital is adapting with pencils and paper (East Idaho News)Ardent Health Services Reports Information Technology Security Incident (BusinessWire)Vanderbilt University Medical Center investigating cybersecurity incident (The Record)Criminal hacking group breaches data, including Premier Health (WDTN 2 News)Global Threat Intelligence Report (Blackberry)ISRAEL-HAMAS WAR SPOTLIGHT: SHAKING THE RUST OFF SYSJOKER (Check Point Research)Operation Electric Powder – Who is targeting Israel Electric Company? (ClearSky Cyber Security)New Rust-based SysJoker backdoor linked to Hamas hackers (Bleeping Computer)WildCard: The APT Behind SysJoker Targets Critical Sectors in Israel (Intezer)DPRK Crypto Theft | macOS RustBucket Droppers Pivot to Deliver KandyKorn Payloads (SentinelOne) Leader of pro-Russia DDoS crew Killnet 'unmasked' by Russian state media (The Register) Ukraine’s Volunteer IT Army Confronts Tech, Legal Challenges (CEPA)Cybercriminals can’t agree on GPTs (Sophos) Learn more about your ad choices. Visit megaphone.fm/adchoices

Iranian hacktivists claim attack on Pennsylvania water utility. North Korea's supply chain attacks. Rhysida ransomware gang targets British and Chinese organizations. Sandworm activity alerts European power utilities. Neanderthals and Telekopye bot. Mirai botnet activity. Interview with Chris Betz, the new CISO of AWS Security on upcoming AWS re:Invent conference. Mar-a-Lago tracking. Data broker services and risks of surveillance.

Chris Hare, Project Management Specialist Content Developer at N2K, shares her career journey from writer to project manager. She emphasizes the importance of finding three types of people to help in self-improvement: someone who needs help, someone to be jealous of, and someone who nudges for continuous improvement. Chris also discusses her experiences in technology, cybersecurity, and promoting inclusivity in the field. She explores her leadership style, the value of certifications, and her aspirations of creating a nonprofit for people with disabilities.

Principal Security Intelligence Response Engineer discusses their research on 'KmsdBot: The Attack and Mine Malware' which uses UDP, TCP, HTTP POST and GET. They explore analyzing a malware targeting gaming servers, leaving code comments, using GoLang in malware development and the arms race of detecting honeypots.

Google's initiatives to address the cyber talent gap, effective hiring and talent retention strategies, importance of job descriptions and strategic workforce strategy, and a multifaceted solution to tackle the cyber talent gap through creative technologies and a holistic approach are discussed in this podcast interview with Tatyana Bolton from Google.