loader from loading.io

The CyberWire

More signal, less noise—we distill the day’s critical cyber security news into a concise daily briefing.

info_outline WHO email accounts prospected. Mandrake versus Android users. Vollgar versus MS-SQL servers. Ransomware and hospitals. Notes on the effects of COVID-19, and a disinformation campaign. 04/02/2020
info_outline More data breaches. DPRK spearphishing. DoJ IG sees problems in FISA warrant processes. Houseparty updates. Huawei sanctions. And notes about the pandemic. 04/01/2020
info_outline Supply chain attack warning. CFAA clarified. COVID-19 and its economic squalls. 03/31/2020
info_outline Updates on the cyber ramifications of the coronavirus pandemic. Saudi surveillance program. Ransomware developments. Lost USB attacks are in progress. 03/30/2020
info_outline Hidden dangers inside Windows and LINUX computers. 03/28/2020
info_outline Some notes on cyber gangland. South Koren APT using zero days against North Koreans? USB attacks. Telework challenges. CMMC remains on schedule. 03/27/2020
info_outline Advice on secure telework. Magecart infestations. DNS hijacking with a COVID-19 twist and an info-stealer hook. Patch notes. The US 5G security strategy. 03/26/2020
info_outline APT41 is back from its Lunar New Year break. Commodity attack tools for states and gangs. Russia takes down a domestic carding crew. Restricting misinformation. 03/25/2020
info_outline Active ICS threats. TrickBot and TrickMo. RCE vulnerability in Windows. Google ejects click-fraud malware infested apps from Play. Attackers hit WHO, hospitals, and biomedical research. 03/24/2020
info_outline Coronavirus fraud booms; prosecutors are taking note. Stolen data on the dark net. Software updates affected by pandemic. A new Mirai variant is out. A DDoS that wasn’t. 03/23/2020
info_outline The security implications of cloud infrastructure in IoT. 03/21/2020
info_outline CISA on running critical sectors during an emergency. Disinformation, phishbait, and rumor. What’s Fancy Bear up to these days? Distinguishing altruism from self-interest. 03/20/2020
info_outline EU suspects Russia of disinformation. TrickBot’s latest module is a brute. Parallax RAT and the MaaS black market. Pandemic hacking trends. What to do with time on your hands. 03/19/2020
info_outline Coronavirus phishing. Money mule recruiting. Remote work and behavioral baselining. HHS incident seems to have been...an incident. Advice from NIST, and from Dame Vera Lynne. 03/18/2020
info_outline Cyberattack on US HHS probably a minor probe. Disinformation about COVID-19 continues to serve as both phishbait and disruption. US prosecutors move to stop prosecution Concord Management. 03/17/2020
info_outline COVID-19’s effects on cyberspace: disinformation, espionage, data theft, fraud, and extortion. Also far greater remote working. 03/16/2020
info_outline TLS is here to stay. 03/14/2020
info_outline COVID-19 as both incentive for remote work and phishbait. Offshored trolling. A list of “digital predators.” US Senate doesn’t extend domestic surveillance authority. 03/13/2020
info_outline The return of Turla. Data exposure incidents disclosed. Beijing accuses Taipei of waging cyberwarfare against the PRC. Coronavirus disinformation. 03/12/2020
info_outline The Cyberspace Solarium reports. Coronavirus scams and coronavirus realities. Notes on March’s Patch Tuesday. 03/11/2020
info_outline Caution in the Play store. EU power consortium’s business systems hacked. Cablegate--a look back. Schulte trial ends in minor convictions, but a hung jury on major counts. The cyber underworld. 03/10/2020
info_outline Coronavirus misinformation, phishbait, and disinformation. Ransomware’s growing reach. How criminals’ desire for glory works against their desire to escape apprehension. 03/09/2020
info_outline Overworked developers write vulnerable software. 03/07/2020
info_outline Misconfigured databases, again. Vulnerable subdomains. Dark web search engines. Troll farming. An update on the crypto wars. 03/06/2020
info_outline Credential stuffing attacks and data breaches. Coronavirus-themed phishbait is an international problem. Super Tuesday security post mortems. Huawei agonistes. 03/05/2020
info_outline Election security--a look back at Super Tuesday. Cyberspace Solarium preview. Rapid Alert System engaged in EU. Cyber capability building in Ukraine. Cloud backups as attack surface. 03/04/2020
info_outline Vault 7, again, as Beijing names and shames. Schulte case goes to jury. Maersk to cut incident response jobs. The Cyberspace Solarium’s election security preview. Advice for intel collection. 03/03/2020
info_outline Super Tuesday eve primary jitters. DoppelPaymer hits an aerospace supplier. WordPress plugins exploited in the wild. Vote for the catphish. 03/02/2020
info_outline Application tracking in Wacom tablets. 02/29/2020
info_outline South Carolina primary affords the next test of US election security. Cerberus evolves. Bot-driven fraud. FCC to fine wireless carriers for location data handling. FISA changes. 02/28/2020