Podcasts about apt28

In this week's Security Sprint, Dave and Andy covered the following topics:Opening:• Cyber Insights 2026: Information Sharing (SecurityWeek, 16 Jan 2026)• ICYMI: Homeland Republicans underscore importance of strong public-private sector partnerships to deter cyber threats — House Homeland Security Committee (Majority) | Jan 17, 2026 Main Topics:Pro-Russia hacktivist activity continues to target UK organisations & NCSC warns of hacktivist groups disrupting UK online services (UK National Cyber Security Centre, Jan 2026). The NCSC reports sustained, low-sophistication but high-volume hacktivist campaigns—primarily DDoS and website defacements—linked to pro-Russia narratives and opportunistic targeting of UK public- and private-sector organizations. While technically unsophisticated, the activity is persistent, media-aware, and designed to generate disruption, reputational harm, and psychological impact rather than deep network compromise. The NCSC emphasizes preparedness measures including DDoS resilience, clear incident communications, and executive awareness that “noise” activity can still impose real operational cost. • Russia-linked APT28 targets energy and defense groups tied to NATO • UAT-8837 targets critical infrastructure sectors in North America • A Day Without ICS: The real impact of ICS/OT security threats Ransomware• Worldwide ransomware roundup: 2025 end-of-year report • Global ransomware attacks rose 32% in 2025, as manufacturers emerged as top target• 2025 Shattered Records: Key takeaways from the GRIT 2026 Ransomware & Cyber Threat Report• DeadLock Ransomware: Smart Contracts for Malicious Purposes Domestic Operations: Joint Interagency Task Force-Counter Cartel (JIATF-CC) established & US Northern Command establishes JTF-GOLD Quick Hits:• (TLP:CLEAR) Assessing Terrorism Trends on the Horizon in 2026 — WaterISAC — Jan 15, 2026 • UK NCSC: Designing safer links: secure connectivity for operational technology• NCSC UK: Secure connectivity principles for OT (collection) • FBI: Secure Connectivity Principles for Operational Technology (OT) (PDF)• ACSC (Australia): New publication for small businesses managing cyber risks from AI • Artificial intelligence for small business: Managing cyber security risks• Developing your IT recovery plan (Canadian Centre for Cyber Security, Jan 2026)• Improving cyber security resilience through emergency preparedness planning (Canadian Centre for Cyber Security, Jan 2026)• Developing your incident response plan (Canadian Centre for Cyber Security, Jan 2026)• Developing your business continuity plan (Canadian Centre for Cyber Security, Jan 2026)

From early 2022 through late 2024, a group of threat actors publicly known as APT28 exploited known vulnerabilities, such as CVE-2022-38028, to remotely and wirelessly access sensitive information from a targeted company network. This attack did not require any hardware to be placed in the vicinity of the targeted company's network as the attackers were able to execute remotely from thousands of miles away. With the ubiquity of Wi-Fi, cellular networks, and Internet of Things (IoT) devices, the attack surface of communications-related vulnerabilities that can compromise data is extremely large and constantly expanding.   In the latest podcast from the Carnegie Mellon University Software Engineering Institute (SEI) Joseph McIlvenny, a senior research scientist, and Michael Winter, vulnerability analysis technical manager, both with the SEI's CERT Division, discuss common radio frequency (RF) attacks and investigate how software and cybersecurity play key roles in preventing and mitigating these exploitations.

Dans un rapport rendu public début novembre, Google Threat Intelligence tire la sonnette d'alarme : les cybercriminels industrialisent désormais des malwares dopés à l'intelligence artificielle. Ce ne sont plus de simples programmes statiques, mais des menaces autonomes et adaptatives — capables de modifier leur comportement à la demande pour échapper aux défenses traditionnelles.Parmi les familles identifiées, PromptFlux illustre la mutation : ce malware interroge une API d'IA pour réécrire son propre code et générer, à chaque activation, une nouvelle variante indétectable par les antivirus. Résultat : une chasse au caméléon où les signatures classiques perdent toute efficacité. Autre cas préoccupant, PromptSteal, déployé en Ukraine et attribué à APT28 (le groupe lié à la Russie connu sous le nom de Fancy Bear). Là, l'IA génère à la volée des commandes pour extraire des données ciblées — le logiciel ne contient plus des instructions figées, il les fabrique en temps réel. Une première opérationnelle, selon Google. Enfin, QuietVault mène la chasse aux secrets : après avoir exfiltré des jetons d'accès, il utilise des outils d'IA locaux pour fouiller le système et récupérer d'autres identifiants, automatisant une traque qui, hier, demandait des analystes humains. L'autonomie atteint un seuil inédit et dangereux.La firme de Mountain View souligne aussi la facilité avec laquelle les modèles peuvent être manipulés : de faux prétextes — « exercice académique », « projet étudiant » — suffisent parfois à pousser un assistant IA à livrer des conseils d'exploitation. L'ingénierie sociale migre ainsi vers les modèles de langage : au lieu d'abuser d'un humain, l'attaquant abuse d'une IA. Le tableau se complète côté marché noir : des services nommés sur le modèle des chatbots proposent désormais des malwares « clé en main », abonnements et assistance compris. Le cybercrime se professionnalise, se banalise, et abaisse ses barrières d'entrée. Que faire ? Les chercheurs encouragent une stratégie en profondeur : durcir les modèles, renforcer la traçabilité des appels API, et surtout maintenir une vigilance permanente. Hébergé par Acast. Visitez acast.com/privacy pour plus d'informations.

Parce que… c'est l'épisode 0x656! Shameless plug 8 et 9 novembre 2025 - DEATHcon 17 au 20 novembre 2025 - European Cyber Week 25 et 26 février 2026 - SéQCure 2026 14 au 17 avril 2026 - Botconf 2026 28 et 29 avril 2026 - Cybereco Cyberconférence 2026 9 au 17 mai 2026 - NorthSec 2026 3 au 5 juin 2025 - SSTIC 2026 Description Ce podcast technique réunit Nicolas, l'animateur, avec Maxime Arquillière et Amaury-Jacques Garçon, deux analystes en cybermenace de sekoia., une société française spécialisée dans le renseignement sur les menaces informatiques (CTI - Cyber Threat Intelligence). Leur discussion porte sur une investigation approfondie d'une campagne de cyberespionnage sophistiquée baptisée “Double Tap”, probablement liée au groupe APT28 du renseignement militaire russe. Le contexte et la méthodologie Maxime et Amaury expliquent d'abord leur approche du travail de CTI, qui repose largement sur une veille continue des publications d'organismes spécialisés (CERT français, américains, canadiens) et de chercheurs en cybersécurité. Cette collecte systématique d'informations en source ouverte leur permet de modéliser les menaces et de créer des règles de détection, notamment des règles Yara pour identifier les fichiers malveillants. Leur équipe dispose de quatre spécialités : le tracking d'infrastructure, les règles de détection, le reverse engineering de malware, et l'analyse stratégique qui vise à comprendre les objectifs géopolitiques derrière les attaques étatiques. Cette approche multidimensionnelle permet une compréhension globale des cybermenaces. La découverte initiale L'investigation démarre à partir d'un article publié fin juillet 2024 par le CERT-UA (l'autorité ukrainienne de réponse aux incidents), qui documente des attaques ciblant régulièrement l'Ukraine. À partir de ces informations, l'équipe a créé des règles de détection, dont certaines volontairement plus souples pour capturer d'éventuelles variantes. Mi-octobre, une de ces règles Yara a détecté un document Word malveillant sur VirusTotal, une plateforme où sont analysés des millions de fichiers suspects. Ce document contenait une macro et semblait être issu du ministère des Affaires étrangères du Kazakhstan. Cette alerte a déclenché une investigation approfondie qui a permis de découvrir au total 18 documents similaires, dont une dizaine n'avaient jamais été publiés auparavant. L'analyse technique : la chaîne d'infection “Double Tap” Amaury détaille la sophistication technique de cette attaque. Les documents malveillants utilisent une technique de social engineering : ils apparaissent floutés ou déformés à l'ouverture, incitant la victime à cliquer sur “Activer les macros” pour les rendre lisibles. Cette action déclenche une chaîne d'infection particulièrement élaborée. La particularité qui a donné son nom à la campagne est l'utilisation d'un double mécanisme : le premier document Word crée un second document contenant des macros malveillantes dans un répertoire temporaire du système. Cette approche en plusieurs étapes vise à contourner les systèmes de détection. Une fois activé, le malware modifie les paramètres de sécurité du système pour permettre l'exécution automatique de macros futures, établit une persistance qui se réactive toutes les quatre minutes, et contacte un serveur de commande et contrôle (C2). Le code, largement obfusqué, construit progressivement une troisième macro qui communique avec un serveur externe pour transmettre des informations sur la machine compromise (nom d'utilisateur, nom du PC) et potentiellement déployer un backdoor Python appelé “Cherry Spy” pour l'exfiltration de données. La dimension géopolitique L'analyse de Maxime révèle que les dix documents découverts étaient tous rédigés en kazakh et concernaient des sujets diplomatiques : câbles d'ambassades kazakhes en Belgique et Afghanistan, comptes-rendus de visites présidentielles, et notamment une déclaration diplomatique conjointe entre l'Allemagne et le Kazakhstan datant de septembre 2024, lors d'une visite du chancelier Olaf Scholz visant à diversifier les approvisionnements énergétiques allemands. Ces documents, datés entre 2021 et 2024, semblent être des documents légitimes récupérés lors d'opérations antérieures et réutilisés comme appâts pour cibler des diplomates et officiels kazakhs. Le Kazakhstan, bien qu'allié traditionnel de la Russie, adopte une politique de plus en plus indépendante, ce qui expliquerait l'intérêt du renseignement russe. Le lien avec APT28 et Zebrocy L'équipe établit des connexions avec APT28 (également connu sous le nom de Fancy Bear), un groupe de cyberespionnage du renseignement militaire russe (GRU). Ils identifient également des similitudes avec Zebrocy, un mode opératoire actif entre 2015 et 2020 qui ciblait spécifiquement l'Asie centrale et utilisait des techniques similaires de “double tap”. L'importance du partage Les chercheurs soulignent l'importance de publier leurs découvertes en source ouverte. Bien que cela puisse alerter les attaquants et les pousser à modifier leur infrastructure, cette transparence contribue à l'amélioration de la cybersécurité globale, permettant à d'autres chercheurs de construire sur leurs travaux. De manière remarquable, quelques jours après la publication de leur rapport, un média kazakh a annoncé qu'une inspection imprévue du ministère des Affaires étrangères serait menée suite aux révélations sur cette cyberattaque. L'équipe avait d'ailleurs tenté de contacter le gouvernement kazakh avant publication, sans recevoir de réponse. Cette investigation illustre parfaitement la complexité du travail en CTI : combiner expertise technique, compréhension géopolitique et éthique du partage pour protéger efficacement contre les menaces étatiques sophistiquées qui peuvent s'étendre sur plusieurs années. Notes Double-Tap Campaign - Russia-nexus APT possibly related to APT28 conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations Collaborateurs Nicolas-Loïc Fortin Maxime Arquillière Amaury-Jacques Garçon Crédits Montage par Intrasecure inc Locaux virtuels par Riverside.fm

If you like what you hear, please subscribe, leave us a review and tell a friend!

In this episode of Cybersecurity Today, host David Shipley discusses several pressing cybersecurity issues. First, popular NPM Linter packages were hijacked via phishing to spread malware, affecting millions of downloads.  Concurrently, Ukrainian CERT uncovers new phishing campaigns tied to APT28 using large language models for command and control. Microsoft discontinues the use of China-based engineers for US Department of Defense systems following a controversial report. Lastly, social engineering, facilitated by AI, becomes a greater threat than zero-day exploits. The episode emphasizes the need for stronger maintainer security, multifactor authentication, and a comprehensive understanding of social engineering risks.  00:00 Introduction - 10 Million Downloads 01:30 NPM Linter Packages Hijacked 05:05 Social Engineering and AI in Cybersecurity 08:57 Microsoft's China-Based Engineers Controversy 12:15 The Real Threat: Social Engineering 16:39 Conclusion and Call to Action

Cybersecurity warnings about possible Iranian retaliation have surged. A potential act of sabotage disrupts the NATO Summit in The Hague. Canadian cybersecurity officials discover Salt Typhoon breached a major telecom provider. The U.S. House bans WhatsApp from all government devices. APT28 uses Signal chats in phishing campaigns targeting Ukrainian government entities. A China-linked APT has built a covert network of over 1,000 compromised devices  for long-term espionage. FileFix is a new variant of the well-known ClickFix method. SparkKitty targets Android and iOS users for image theft. Scammers steal $4 million from Coinbase users by posing as support staff. On today's Threat Vector, host David Moulton sits down with Tyler Shields, Principal Analyst at ESG, to discuss the fine line between thought leadership and echo chambers in the industry. War Thunder gamers just can't resist state secrets. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment In this segment of Threat Vector, host David Moulton sits down with Tyler Shields, Principal Analyst at ESG, entrepreneur, and cybersecurity marketing expert, to discuss the fine line between thought leadership and echo chambers in the industry. You can hear David and Tyler's full discussion on Threat Vector ⁠here⁠ and catch new episodes every Thursday on your favorite podcast app. Selected Reading Warnings Ratchet Over Iranian Cyberattack (BankInfoSecurity) NATO Summit in The Hague hit by potential sabotage as rail cables set on fire (The Record) Canada says Salt Typhoon hacked telecom firm via Cisco flaw (BleepingComputer)  Scoop: WhatsApp banned on House staffers' devices (Axios) APT28 hackers use Signal chats to launch new malware attacks on Ukraine (Bleeping Computer) Chinese APT Hacking Routers to Build Espionage Infrastructure (SecurityWeek) FileFix - A ClickFix Alternative (mr.d0x) Photo-Stealing Spyware Sneaks Into Apple App Store, Google Play (SecurityWeek) Hackers Impersonate Coinbase User Support To Scam Victims of $4,000,000 Before Blowing Most of Money on Gambling: ZachXBT (The Daily Hodl) Reset the clock! War Thunder fan posts restricted Harrier data to game forum (Cyber Daily) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Three Buddy Problem - Episode 47: We unpack a multi-agency report on Russia's APT28/Fancy Bear hacking and spying on Ukraine war supply lines, CISA's sloppy YARA rules riddled with false positives, the ethics of full-disclosure after Akamai dropped Windows Server “BadSuccessor” exploit details, and Sekoia's discovery of thousands of hijacked edge devices repurposed as honeypots. The back half veers into Microsoft's resurrected Windows Recall, Signal's new screenshot-blocking countermeasure, Japan's fresh legal mandate for pre-emptive cyber strikes, and why appliance vendors like Ivanti keep landing in the headlines. Along the way you get hot takes on techno-feudalism, Johnny Ive's rumored AI gadget, and a lively debate over whether publishing exploit code ever helps defenders. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

Hola aus der Cyber-Welt! Max Imbiel ist frisch aus dem Norwegen-Urlaub zurück (mit 5G selbst in der Pampa und trotzdem nichts mitbekommen!). Diesmal geht's um:

Millions of Apple Airplay-Enabled Devices Can Be Hacked via Wi-Fi Google tracked 75 zero days exploited in the wild in 2024 France ties Russian APT28 hackers to 12 cyberattacks on French orgs   Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

[LIVE] Out of the Woods Podcast January 30, 2025 | 12:00 - 1:30 PM ET Sign Up --> https://intel471.com/resources/podcasts/the-art-of-the-hunt-turning-intel-into-action Top Headlines: Truffle Security | Millions of Accounts Vulnerable due to Google's OAuth Flaw: https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw Halcyon | Abusing AWS Native Services: Ransomware Encrypting S3 Buckets with SSE-C: https://www.halcyon.ai/blog/abusing-aws-native-services-ransomware-encrypting-s3-buckets-with-sse-c Horizon3 | Critical Vulnerabilities in SimpleHelp Remote Support Software: https://www.horizon3.ai/attack-research/disclosures/critical-vulnerabilities-in-simplehelp-remote-support-software/ Sekoia | Double-Tap Campaign: Russia-nexus APT possibly related to APT28 conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations: https://blog.sekoia.io/double-tap-campaign-russia-nexus-apt-possibly-related-to-apt28-conducts-cyber-espionage-on-central-asia-and-kazakhstan-diplomatic-relations/ ---------- Stay in Touch! Twitter: https://twitter.com/Intel471Inc LinkedIn: https://www.linkedin.com/company/intel-471/ YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg Discord: https://discord.gg/DR4mcW4zBr Facebook: https://www.facebook.com/Intel471Inc/

[Referências do Episódio] FunkSec – Alleged Top Ransomware Group Powered by AI - https://research.checkpoint.com/2025/funksec-alleged-top-ransomware-group-powered-by-ai/  Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices - https://thehackernews.com/2025/01/google-project-zero-researcher-uncovers.html  Transaction Simulation Spoofing: A New Threat in Web3 - https://drops.scamsniffer.io/transaction-simulation-spoofing-a-new-threat-in-web3/  Double-Tap Campaign : Russia-nexus APT possibly related to APT28 conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations - https://blog.sekoia.io/double-tap-campaign-russia-nexus-apt-possibly-related-to-apt28-conducts-cyber-espionage-on-central-asia-and-kazakhstan-diplomatic-relations/  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Es ist soweit - Max meldet sich bei mir aus der „Wüste“ zurück - mit besseren Internet-Erfahrungen als in Deutschland und einigen Starallüren. Gemeinsam haben wir ein buntes Potpourri an Themen durchleuchtet:

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.In recent months, cybersecurity researchers have observed a surge in the use of a social engineering technique known as "ClickFix." This method involves threat actors presenting users with deceptive error messages that prompt them to manually execute malicious commands, often by copying and pasting scripts into their systems.Raspberry Robin, also known as Roshtyak, is a highly obfuscated malware first discovered in 2021, notable for its complex binary structure and advanced evasion techniques. It primarily spreads via infected USB devices and employs multi-layered execution to obscure its true purpose. A China-linked Advanced Persistent Threat (APT) group, Gelsemium, has been observed targeting Linux systems for the first time, deploying previously undocumented malware in an espionage campaign. Historically known for targeting Windows platforms, this new activity signifies a shift towards Linux, possibly driven by the increasing security of Windows systems.Russia's APT28 hacking group, also known as Fancy Bear or Unit 26165, has developed a novel technique dubbed the “nearest neighbor attack” to exploit Wi-Fi networks remotely.Hackers linked to the Chinese government, known as Salt Typhoon, have deeply infiltrated U.S. telecommunications infrastructure, gaining the ability to intercept unencrypted phone calls and text messages. The group exploited vulnerabilities in the wiretap systems used by U.S. authorities for lawful interception, marking what Senator Mark Warner has called "the worst telecom hack in our nation's history."

What's the new "nearest neighbor" attack and how do you defend against it? Let's Encrypt just turned 10. What changes has it wrought? Now the Coast Guard is worried about Chinese built ship-to-shore cranes. Pakistan becomes the first country to block Bluesky. There's a new way to get Git repos "swatted" and removed. Who's to blame for Palo Alto Networks' serious new 0-day vulnerabilities? If you have any of these six D-Link VPN routers, unplug them immediately! It turns out that VPN apps are against Shariah Law. Who knew? The Return of Windows Recall. What are we learning now? How many of today's systems remain vulnerable to last year's most popular exploits? We share and respond to a bunch of terrific feedback from our listeners. What are Microsoft's "Connected Experience" and why might you choose to disconnect from them? Show Notes - https://www.grc.com/sn/SN-1002-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: e-e.com/twit bitwarden.com/twit threatlocker.com for Security Now flashpoint.io

What's the new "nearest neighbor" attack and how do you defend against it? Let's Encrypt just turned 10. What changes has it wrought? Now the Coast Guard is worried about Chinese built ship-to-shore cranes. Pakistan becomes the first country to block Bluesky. There's a new way to get Git repos "swatted" and removed. Who's to blame for Palo Alto Networks' serious new 0-day vulnerabilities? If you have any of these six D-Link VPN routers, unplug them immediately! It turns out that VPN apps are against Shariah Law. Who knew? The Return of Windows Recall. What are we learning now? How many of today's systems remain vulnerable to last year's most popular exploits? We share and respond to a bunch of terrific feedback from our listeners. What are Microsoft's "Connected Experience" and why might you choose to disconnect from them? Show Notes - https://www.grc.com/sn/SN-1002-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: e-e.com/twit bitwarden.com/twit threatlocker.com for Security Now flashpoint.io

What's the new "nearest neighbor" attack and how do you defend against it? Let's Encrypt just turned 10. What changes has it wrought? Now the Coast Guard is worried about Chinese built ship-to-shore cranes. Pakistan becomes the first country to block Bluesky. There's a new way to get Git repos "swatted" and removed. Who's to blame for Palo Alto Networks' serious new 0-day vulnerabilities? If you have any of these six D-Link VPN routers, unplug them immediately! It turns out that VPN apps are against Shariah Law. Who knew? The Return of Windows Recall. What are we learning now? How many of today's systems remain vulnerable to last year's most popular exploits? We share and respond to a bunch of terrific feedback from our listeners. What are Microsoft's "Connected Experience" and why might you choose to disconnect from them? Show Notes - https://www.grc.com/sn/SN-1002-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: e-e.com/twit bitwarden.com/twit threatlocker.com for Security Now flashpoint.io

What's the new "nearest neighbor" attack and how do you defend against it? Let's Encrypt just turned 10. What changes has it wrought? Now the Coast Guard is worried about Chinese built ship-to-shore cranes. Pakistan becomes the first country to block Bluesky. There's a new way to get Git repos "swatted" and removed. Who's to blame for Palo Alto Networks' serious new 0-day vulnerabilities? If you have any of these six D-Link VPN routers, unplug them immediately! It turns out that VPN apps are against Shariah Law. Who knew? The Return of Windows Recall. What are we learning now? How many of today's systems remain vulnerable to last year's most popular exploits? We share and respond to a bunch of terrific feedback from our listeners. What are Microsoft's "Connected Experience" and why might you choose to disconnect from them? Show Notes - https://www.grc.com/sn/SN-1002-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: e-e.com/twit bitwarden.com/twit threatlocker.com for Security Now flashpoint.io

What's the new "nearest neighbor" attack and how do you defend against it? Let's Encrypt just turned 10. What changes has it wrought? Now the Coast Guard is worried about Chinese built ship-to-shore cranes. Pakistan becomes the first country to block Bluesky. There's a new way to get Git repos "swatted" and removed. Who's to blame for Palo Alto Networks' serious new 0-day vulnerabilities? If you have any of these six D-Link VPN routers, unplug them immediately! It turns out that VPN apps are against Shariah Law. Who knew? The Return of Windows Recall. What are we learning now? How many of today's systems remain vulnerable to last year's most popular exploits? We share and respond to a bunch of terrific feedback from our listeners. What are Microsoft's "Connected Experience" and why might you choose to disconnect from them? Show Notes - https://www.grc.com/sn/SN-1002-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: e-e.com/twit bitwarden.com/twit threatlocker.com for Security Now flashpoint.io

What's the new "nearest neighbor" attack and how do you defend against it? Let's Encrypt just turned 10. What changes has it wrought? Now the Coast Guard is worried about Chinese built ship-to-shore cranes. Pakistan becomes the first country to block Bluesky. There's a new way to get Git repos "swatted" and removed. Who's to blame for Palo Alto Networks' serious new 0-day vulnerabilities? If you have any of these six D-Link VPN routers, unplug them immediately! It turns out that VPN apps are against Shariah Law. Who knew? The Return of Windows Recall. What are we learning now? How many of today's systems remain vulnerable to last year's most popular exploits? We share and respond to a bunch of terrific feedback from our listeners. What are Microsoft's "Connected Experience" and why might you choose to disconnect from them? Show Notes - https://www.grc.com/sn/SN-1002-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: e-e.com/twit bitwarden.com/twit threatlocker.com for Security Now flashpoint.io

What's the new "nearest neighbor" attack and how do you defend against it? Let's Encrypt just turned 10. What changes has it wrought? Now the Coast Guard is worried about Chinese built ship-to-shore cranes. Pakistan becomes the first country to block Bluesky. There's a new way to get Git repos "swatted" and removed. Who's to blame for Palo Alto Networks' serious new 0-day vulnerabilities? If you have any of these six D-Link VPN routers, unplug them immediately! It turns out that VPN apps are against Shariah Law. Who knew? The Return of Windows Recall. What are we learning now? How many of today's systems remain vulnerable to last year's most popular exploits? We share and respond to a bunch of terrific feedback from our listeners. What are Microsoft's "Connected Experience" and why might you choose to disconnect from them? Show Notes - https://www.grc.com/sn/SN-1002-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: e-e.com/twit bitwarden.com/twit threatlocker.com for Security Now flashpoint.io

What's the new "nearest neighbor" attack and how do you defend against it? Let's Encrypt just turned 10. What changes has it wrought? Now the Coast Guard is worried about Chinese built ship-to-shore cranes. Pakistan becomes the first country to block Bluesky. There's a new way to get Git repos "swatted" and removed. Who's to blame for Palo Alto Networks' serious new 0-day vulnerabilities? If you have any of these six D-Link VPN routers, unplug them immediately! It turns out that VPN apps are against Shariah Law. Who knew? The Return of Windows Recall. What are we learning now? How many of today's systems remain vulnerable to last year's most popular exploits? We share and respond to a bunch of terrific feedback from our listeners. What are Microsoft's "Connected Experience" and why might you choose to disconnect from them? Show Notes - https://www.grc.com/sn/SN-1002-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: e-e.com/twit bitwarden.com/twit threatlocker.com for Security Now flashpoint.io

Forecast: Stormy skies with APT28's Wi-Fi exploits and rough seas in the Baltics as undersea cables are mysteriously cut. ‍ In this episode of Storm⚡️Watch, we review the fascinating poll results that reveal communication with non-technical leaders as the most undervalued skill in modern security, garnering 220 votes across three social media platforms and significantly outpacing other critical abilities like incident report writing, OSINT, and threat hunting. The crew then examines a groundbreaking cyber attack technique dubbed the "Nearest Neighbor Attack," executed by Russian APT28. This sophisticated operation allowed attackers to breach a U.S. organization's network by exploiting nearby Wi-Fi networks through a series of calculated steps, including password spraying and compromising adjacent organizations. The attack, occurring just before Russia's invasion of Ukraine, showcases a novel vector that combines the advantages of physical proximity with remote operation capabilities. Maritime security takes center stage as we explore two major undersea cable cuts in the Baltic Sea this November. The BSC East-West Interlink between Sweden and Lithuania and the C-Lion1 connecting Finland and Germany were severed, causing notable network latency increases. A Chinese vessel, Yi Peng 3, has drawn attention in the investigation, with German Defense Minister Boris Pistorius suggesting these incidents were deliberate hybrid actions rather than accidents. We round out the episode with updates from our respective organizations, including Censys's 2024 State of the Internet Report, VulnCheck's analysis of CISA's top exploited vulnerabilities, and GreyNoise's latest insights on critical infrastructure risks and technical challenges involving null bytes. Storm Watch Homepage >> Learn more about GreyNoise >>  

APT28 uses a novel technique to breach organizations via nearby WiFi networks. Your Apple ID is (not) suspended. UK highlighting Russian threats at NATO Cyber Defence Conference. US senators request an audit of TSA's facial recognition technology. Supply chain software company sustains ransomware attack. Critical QNAP vulnerability could allow remote code execution. Outdated Avast Anti-Rootkit driver exploited. No more internet rabbit holes for China. Guest Lesley Carhart from Dragos on "The Shifting Landscape of OT Incident Response." Stop & Shop turns cyber oops into coffee and cookies. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is ​​Lesley Carhart, Technical Director at Dragos, speaking with Dave Bittner about "The Shifting Landscape of OT Incident Response." You can find the blog here. Selected Reading Russian Cyberspies Hacked Building Across Street From Target for Wi-Fi Attack (SecurityWeek) The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access (Volexity) New Warning For 2 Billion iPhone, iPad, Mac Users—Your Apple ID Is Suspended (Forbes) Russia plotting to use AI to enhance cyber-attacks against UK, minister will warn (The Guardian)  Britain, NATO must stay ahead in 'new AI arms race', says UK minister (Reuters)  Senators call for audit of TSA's facial recognition tech as use expands in airports (The Record)  Blue Yonder ransomware attack disrupts supply chains across UK and US (Tech Monitor) Critical QNAP Vulnerability Let Attackers Execute Remote Code (Cyber Security News) Malware campaign abused flawed Avast Anti-Rootkit driver (Security Affairs) When Guardians Become Predators: How Malware Corrupts the Protectors (Trellix report)  Imagine a land where algorithms don't ruin the Internet (The Register) Stop & Shop recovers from 'cybersecurity issue,' will give out free food, coffee (WTNH) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Cybersecurity Today: Palo Alto Firewalls Breached, APT28's Wi-Fi Hack, Meta Fights Scams In today's episode, over 2,000 Palo Alto firewalls were hacked via patched zero-day vulnerabilities; a Russian group, APT28, exploited Wi-Fi networks in a novel 'Nearest Neighbor Attack' to breach a U.S. firm; Meta removed more than 2 million accounts linked to pig butchering scams; and Google launched a free cybersecurity certificate on Coursera to prepare students for entry-level jobs in six months. Host Jim Love provides in-depth analysis and the latest updates in the world of cybersecurity. 00:00 Introduction and Headlines 00:29 Palo Alto Firewalls Hacked 02:43 Nearest Neighbor Wi-Fi Attack 05:09 Meta's Crackdown on Pig Butchering Scams 07:10 Google's Free Cybersecurity Certificate 08:52 Conclusion and Resources

Česko a Německo jsou dlouhodobě cílem kybernetických útoků ruské skupiny APT28, která je financována ruským státem. Nyní NATO vydalo prohlášení, ve kterém vyzývá členské státy ke spolupráci. Proč až nyní? A jde se vůbec proti ruským útokům bránit?

This week we talk about APT28, spoofing, and hybrid warfare.We also discuss the Baltics, Tartu airport, and hacking.Recommended Book: The Middle Passage by James HollisTranscriptIn early May of 2024, the German government formally blamed a Russian hacking group called APT28 for hacking members of the governing German Social Democratic Party in 2023, and warned of unnamed consequences.Those consequences may apply just to APT28, which is also sometimes called "Fancy Bear," or they may apply to the Russian government, as like many Russia-based hacking groups, APT28 often operates hand-in-glove with the Russian military intelligence service, which allows the Russian government to deny involvement in all sorts of attacks on all sorts of targets, while covertly funding and directing the actions of these groups.APT28 reportedly also launched attacks against German defense, aerospace, and information technology companies, alongside other business entities and agencies involved, even tangentially, with Ukraine and its defense measures against Russia's invasion.This hacking effort allegedly began in early 2022, shortly after Russia began its full-scale invasion of Ukraine, and the head of the Russian embassy in Germany has been summoned to account for these accusations—though based on prior attacks and allegations related to them by Russia's intelligence agencies, and the hacking groups it uses as proxies, that summoning is unlikely to result in anything beyond a demonstration of anger on the part of the German government, formally registered with Russia's representative in Berlin.For its part, Russia's government has said that it was in no way involved in any incidents of the kind the German government describes, though Germany's government seems pretty confident in their assessment on this, at this point, having waited a fair while to make this accusation, and utilizing its partnerships with the US, UK, Canada, and New Zealand to confirm attribution.This accusation has been leveled amidst of wave of similar attacks, also allegedly by Russia and its proxies, against other targets in the EU and NATO—including but not limited to the Czech Republic, Lithuania, Poland, Slovakia, and Sweden.Many of these attacks have apparently made use of an at-the-time unknown security flaw in Microsoft software that gave them access to compromised email accounts for long periods of time, allowing them to, among other things, scoop up intelligence reports from folks in the know in these countries, sifting their messages for data that would help Russia's forces in Ukraine.This group, and other Russia GRU, their intelligence service, proxies, have reportedly targeted government and critical infrastructure targets in at least 10 NATO countries since the fourth quarter of 2023, alone, according to analysis by Palo Alto Networks, and experts in this space have said they're concerned these sorts of attacks, while often oriented toward intelligence-gleaning and at times embarrassing their targets, may also be part of a larger effort to weaken and even hobble intelligence, military, and critical infrastructure networks in regional nations, which could, over time, reduce stability in these countries, increase extremism, and possibly prevent them from defending themselves and their neighbors in the event of a more formal attack by Russian forces.What I'd like to talk about today is another sort of attack, allegedly also launched by Russia against their neighbors in this part of the world, but this one a little less well-reported-upon, at this point, despite it potentially being even more broadly impactful.—The Global Positioning System, or GPS, was originally developed in 1973 by the US Department of Defense. Its first satellite was launched in 1978, and its initial, complete constellation of 24 satellites were in orbit and functional in 1993.This satellite network's full functionality was only available to the US military until 2000, when then-President Bill Clinton announced that it would be opened up for civilian use, as well.This allowed aviation and similar industries to start using it on the vehicles and other assets, and normal, everyday people were thenceforth able to buy devices that tapped this network to help them figure out where they were in the world, and get to and from wherever they wanted to go.A high-level explanation of how GPS works is that all of these satellites contain atomic clocks that are incredibly stable and which remain synchronized with each other, all showing the exact same, very precise time. These satellites broadcast signals that indicate what time their clocks currently read.GPS devices, as long as they can connect to the signals broadcast by a few of these satellites, can figure out where they're located by noting the tiny differences in the time between these broadcasts: signals from satellites that are further away will take longer to arrive, and that time difference will be noted by a given device, which then allows it to triangulate a geolocation based on the distance between the device and those several satellites.This is a simple concept that has created in a world in which most personal electronic devices now contain the right hardware and software to tap these satellite signals, compute these distances, and casually place us—via our smartphones, cars, computers, watches, etc—on the world map, in a highly accurate fashion.This type of technology has proven to be so useful that even before it was made available for civilian use, catalyzing the world that we live in today, other governments were already investing in their own satellite networks, most predicated on the same general concept; they wanted to own their own constellation of satellites and technologies, though, just in case, because the GPS network could theoretically be locked down by the US government at some point, and because they wanted to make sure they had their own militarizable version of the tech, should they need it.There are also flaws in the US GPS system that make it less ideal for some use-cases and in some parts of the world, so some GPS copycats fill in the blanks on some of those flaws, while others operate better at some latitudes than vanilla GPS does.All of which brings us to recent troubles that the global aviation industry has had in some parts of the world, related to their flight tracking systems.Most modern aircraft use some kind of global navigation satellite system, which includes GPS, but also Europe's Galileo, Russia's GLONASS, and China's BeiDou, among other competitors.These signals can sometimes be interrupted or made fuzzy by natural phenomena, like solar flares and the weather, and all of these systems have their own peculiarities and flaws, and sometimes the hardware systems they use to lock onto these signals, or the software they use to compute a location based on them, will go haywire for normal, tech-misbehaving reasons.Beginning in the 1990s, though, we began to see electronic countermeasures oriented toward messing with these global navigation satellite system technologies.These technologies, often called satellite navigation deceivers, are used by pretty much every government on the planet, alongside a slew of nongovernment actors that engage in military or terrorist activities, and they operate using a variety of jamming methods, but most common is basically throwing out a bunch of signals that look like GPS or other navigation system signals, and this has the practical effect of rendering these gadgets unusable, because they don't know which signal is legit and which is garbage; a bit like blasting loud noises to keep people from talking to each other, messing with their communication capacity.It's also possible to engage in what's called GPS Spoofing, which means instead of throwing out gobs of garbage signals, you actually send just a few signals that are intended to look legit and to be accepted by, for instance, a plane's GPS device, which then makes the aircraft's navigation systems think the plane is somewhere other than it is—maybe just a little off, maybe on the other side of the planet.Notably, neither of these sorts of attacks are actually that hard to pull off anymore, and it's possible to build a GPS-jamming device at home, if you really want to, though spoofing is a fair bit more difficult. Also worth knowing is that while making your own jammer is absolutely frowned upon by most governments, and it's actually illegal in the US and UK, across most of the world it's kind of a Wild West in this regard, and you can generally get away with making one if you want to, though there's a chance you'd still be arrested if you caused any real trouble with it.And it is possible to cause trouble with these things: most pilots and crew are aware of how these devices work and can watch for their effects, using backup tools to keep tabs on their locations when they need to; but using those backup tools requires a lot more effort and attention, and there's a chance that if they're hit by these issues at a bad moment, when they're distracted by other things, or when they're coming in for a landing or attempting to navigate safely around another aircraft, that could present a dangerous situation.That's why, until May 31, at the minimum, Finnair will no longer be flying to Tartu airport—which is a very small airport in Estonia, but it's home to the Baltic Defense College, which is one of NATO's educational hubs, and losing a daily flight to Tartu (the only daily flight at this particular airport) from Helsinki, will disconnect this area, via plane, at least, from the rest of Europe, which is inconvenient and embarrassing.This daily flight was cancelled because of ongoing disruptions to the airport's GPS system, which was previously an on-and-off sort of thing, but which, since 2022, when Russia launched its full-scale invasion of Ukraine, has become a lot worse. And Tartu relies exclusively on GPS for planes landing at the airport, and thus doesn't have another fallback system, if GPS fails at a vital, dangerous moment.This is a running theme throughout the Baltic region, an area populated by now-democratic NATO members that were formerly part of the Soviet Union, and which are considered to be at risk of a Russian invasion or other sort of attack if the invasion of Ukraine goes Russia's way.Almost all aircraft flying through this area have experienced GPS-jamming issues since 2022, and though that Finnair flight is the only one to have been cancelled as a result of all this jamming, so far, there are concerns that this could really scramble travel and shipping in the region, as it's making all flying in the area that much more risky on a continuous basis.Finland's government is framing this jamming as part of a hybrid warfare effort on Russia's part—alongside other hybrid efforts, like bussing migrants to Finland's borders in order to strain national coffers and nudge politics toward reactionary extremes.Some other nations are thinking along the same lines, though there's a chance that, rather than this jamming representing an intentional assault on these neighboring nations, it may actually be something closer to overflow from other, nearby jamming activities: Russia jamming GPS signals in Ukraine, for instance, or the governance of the Kaliningrad region, which is a Russian enclave separated from the rest of Russia and surrounded by Poland and Lithuania, engaging in their own, localized jamming, and those signals are then picked up across national borders, because that's how these signals work—just like sound can travel further than you might intend.It's possible we're seeing a bit of both here, overflow from that huge regional conflict, but also intentional jabs meant to make life more difficult for NATO nations, stressing their systems and costing them money and other resources, while also maybe testing the region's capacity to cope with such GPS disruptions and blackouts in the event of a potential future conflict.Another point worth making here, though, is that we see a lot of this sort of behavior in conflict zones, globally.FlightRadar24 recently introduced a live GPS jamming map to keep track of this sort of thing, and as of the day I'm recording this, alongside these consistent irregularities in the Baltic region, Ukraine, and parts of Eastern Europe, there's jamming occurring in the Middle East, near Israel, throughout Turkey, which has ongoing conflicts with insurgents in the afflicted areas, a portion of Moldova that is attempting to break away with the support of Russia, similar to what happened in Ukraine back in 2014, a northern portion of India where the Indian government has an ongoing conflict with separatists, and in Myanmar, where the military government is embroiled in fighting with a variety of groups that have unified to overthrow them.This has become common in conflict zones over the past few decades, then, as those who want to deny this data, and the capabilities it grants, to their enemies tend to blanket the relevant airwaves with disruptive noise or incorrect location information, rendering the GPS and similar networks less useful or entirely useless thereabouts.In Ukraine, the military has already worked out ways around this noise and false information, incorporating alternative navigation systems into their infrastructure, allowing them to use whichever one is the most accurate at any given moment.And it's likely, especially if this dynamic continues, which it probably will, as again, this is a fairly easy thing to accomplish, it's likely that spreading out and becoming less reliant on just one navigation system will probably become more common, or possibly even the de facto setup, which will be beneficial in the sense that each of these systems has its own pros and cons, but perhaps less so in that more satellites will be necessary to keep that larger, multi-model network operating at full capacity, and that'll make it more expensive to operate these systems, while also creating more opportunities for satellite collisions up in the relevant orbit—an orbit that's becoming increasingly crowded, and which is already packed with an abundance of no longer operational craft that must be avoided and operated-around.Show Noteshttps://www.dw.com/en/gps-jamming-in-the-baltic-region-is-russia-responsible/a-68993942https://www.bbc.com/news/articles/cne900k4wvjohttps://www.economist.com/the-economist-explains/2024/04/30/who-is-jamming-airliners-gps-in-the-baltichttps://www.ft.com/content/37776b16-0b92-4a23-9f90-199d45d955c3https://www.reuters.com/business/aerospace-defense/what-is-gps-jamming-why-it-is-problem-aviation-2024-04-30/https://www.politico.eu/article/gps-jamming-is-a-side-effect-of-russian-military-activity-finnish-transport-agency-says/https://www.flightradar24.com/data/gps-jamminghttps://www.flightradar24.com/blog/types-of-gps-jamming/https://en.wikipedia.org/wiki/Aviaconversiyahttps://www.reuters.com/world/europe/russian-hackers-targeted-nato-eastern-european-militaries-google-2022-03-30/https://www.cnn.com/2023/12/07/politics/russian-hackers-nato-forces-diplomats/index.htmlhttps://www.reuters.com/technology/cybersecurity/russian-cyber-attacks-targeted-defence-aerospace-sectors-berlin-says-2024-05-03/https://www.aljazeera.com/news/2024/5/3/germany-accuses-russia-of-intolerable-cyberattack-warns-of-consequenceshttps://en.wikipedia.org/wiki/Fancy_Bear This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit letsknowthings.substack.com/subscribe

durée : 00:03:06 - Un monde connecté - par : François Saltiel - Plusieurs entreprises, institutions et organes publiques européens ont été victimes de cyberattaques, menées par le groupe de hackers APT28, lié aux services de renseignement russes.

In today's podcast we cover four crucial cyber and technology topics, including: Finland discloses ongoing Android malware campaign Czechia, Germany say Russia abused Microsoft flaw to spy Wichita officials say public services limited following ransomware Illinois to review language of law protecting biometric data I'd love feedback, feel free to send your comments and feedback to  | cyberandtechwithmike@gmail.com

 - Liên minh châu Âu (EU), NATO và nhiều nước thành viên hôm qua (03/5) đồng loạt chì trích Nga hỗ trợ nhóm tin tặc APT28 thực hiện các cuộc tấn công mạng nhắm vào nhiều cơ quan nhà nước tại châu Âu trong bối cảnh cuộc bầu cử châu Âu chuẩn bị diễn ra vào tháng 6 tới. Chủ đề : eu, phương tây --- Support this podcast: https://podcasters.spotify.com/pod/show/vov1tintuc/support

The State Department puts visa restrictions on spyware developers. UnitedHealth says its recent breach could affect tens of millions of Americans. LockBit leaks data allegedly stolen from the DC government. Microsoft says APT28 has hatched a GooseEgg. The White House and HHS update HIPAA rules to protect private medical data. Keyboard apps prove vulnerable. A New Hampshire hospital suffers a data breach. Microsoft's DRM may be vulnerable to compromise. On our Industry Voices segment, Ian Leatherman, Security Strategist at Microsoft, discusses raising the bar for security in the software supply chain. GoogleTeller just can't keep quiet.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, Ian Leatherman, Security Strategist at Microsoft, discusses raising the bar for security in the software supply chain. Selected Reading U.S. Gov imposed Visa restrictions on 13 individuals linked to commercial spyware activity (Security Affairs) UnitedHealth Group Previews Massive Change Healthcare Breach (GovInfo Security) Ransomware Gang Leaks Data Allegedly Stolen From Government Contractor (SecurityWeek) Russian APT28 Group in New “GooseEgg” Hacking Campaign (Infosecurity Magazine) HHS strengthens privacy protections for reproductive health patients and providers (The Record) The not-so-silent type: Vulnerabilities across keyboard apps reveal keystrokes to network eavesdroppers (The Citizen Lab) Records of almost 2,800 CMC patients vulnerable in 'data security incident': hospital | Crime (Union Leader)  Microsoft DRM Hack Could Allow Movie Downloads From Popular Streaming Services (SecurityWeek) The creepy sound of online trackers (Axbom)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

EPISODE 106 | Suffer the Children – Pizzagate, Wayfair & the Seeds of QAnon "Without a clear indication of the author's intent, it is difficult or impossible to tell the difference between an expression of sincere extremism and a parody of extremism." In the world of the internet, this is known as Poe's Law, and it's especially applicable to the weird narrative Gordian Knot known as Pizzagate. The adage applies not just to how absurd some beliefs are, but also to the arguments made by people who hold these beliefs. First formulated in 2005 by Nathan Poe, it builds on a 2001 quote by Alan Morgan called Alan's 2nd Law of Newsgroups, which states, “Any sufficiently advanced troll is indistinguishable from a genuine kook.” And that is certainly the case for the wild story that “a hipster-heavy pizza parlor” (as they put it on their website) in the Chevy Chase neighborhood of Washington D.C. is not just a fun family place with pizza, ping pong and live music, but the nerve center for an diabolical child trafficking ring that operates out in the open because they are protected by highly-placed pedophiles in the Democratic party. As an article on Cracked.com puts it, “This is supported by lots of very stupid evidence”. The stakes of the fake narrative are so high that it's become more than just true believers review bombing the place. Workers have been harassed and, on December 4, 2016, a heavily armed man entered the restaurant and started firing guns. The story of Pizzagate is the story of how the conspirasphere went from harmless kookery to being actually, physically dangerous. TRIGGER WARNING: Some pretty disturbing things will be talked about in this episode, so if the subject of child sexual abuse and trafficking is deeply uncomfortable for you, perhaps you should not listen. I mean, it should be uncomfortable to anyone, but you know what I mean. Like what we do? Then buy us a beer or three via our page on Buy Me a Coffee. #ConspiracyClearinghouse #sharingiscaring #donations #support #buymeacoffee You can also SUBSCRIBE to this podcast. Review us here or on IMDb! SECTIONS 03:11 - A note, pedophilia is a mental disorder, victims suffer for many years, how do we handle this problem? 06:31 - How it all began: Hillary Clinton's emails, John Podesta, Anthony Weiner and Huma Abedin; "Carmen Katz" makes allegations, "David Goldberg" shares and extends these 08:46 - Side note: "Carmen Katz" is Cynthia Campbell, "David Goldberg" is an anti-Semitic fake profile; Amanda Rob finds Borce Pejcev in Macedonia, a fake news click bait ecosystem, it really all began with Doug Hagmann of Eerie, PA 12:35 - Russian hackers Fancy Bear, APT28 and Sofacy use "spear phishing " attacks 13:30 - Pedo codes on 4chan: pizza, cheese, hot dogs, dominos and handkerchief codes; Comet Ping Pong gets targeted 16:30 - DumbScribblyUnctious see all sorts of things - murals, art, logos, musical acts and more; Pizzagaters talks of aliens, the Illuminati, Satanic rituals and Arun Rao; Susan Alefantis knew a pedophile, Tony "pasta obsession" Podesta knew Dennis Hastert, another pedophile, and also collects art (including some by Rachel Rose); Amanda Kleinman (Majestic Ape) of Heavy Breathing performs at Sasha Lord's birthday party and "secret pizza" is maybe mentioned, the film "Automatic At Sea", the Clinton Foundation in Haiti, Alex Jones issues a "bulletin" 25:49 - #pizzagate soars, Comet Ping Pong gets hassled, Turkey's Erdoğan jumps on the story, InfoWars spearheads the narrative, fake images proliferate, artists and musicians also harassed, it might all have been coordinated; other businesses (especially pizza places) get targeted, like Roberta's in Brooklyn and East Side Pies in Austin, TX 30:33 - Edgar Maddison Welch storms Comet Ping Pong with guns, InfoWars apologizes, then retracts the apology; white supremacist Jack Posobiec says Welch is a crisis actor; neo-Nazi pubs the Daily Stormer, the Right Stuff and Smoloko News continue the Pizzagate narrative 35:07 - Canadian Andrew Richmond's ice cream shop Sweet Jesus gets the #PedoGate treatment 36:15 - Portland, Oregon's Voodoo Donuts gets the same treatment thanks to talentless poet VeganMikey (Michael Whelan); #donutgate starts trending, building on a previous #donutgate when Ariana Grande and Ricky Alvarez licked food at Wolfee Donuts; Big League Politics's "research organization" Pedo Takedown Crew funds a coordinated harassment campaign and expand the narrative, adding tunnels, schools, and child-smiggling submarines 41:35 - In England, recreational troll Oliver Redmond targets Paul Cheape's vape shop business 43:32 - Mattress Firm gets targeted 45:32 - Frazzledrip: a very nasty fake video (trigger warning - seriously, it's really nasty), QAnon terms "adrenochrome" and "spirit cooking" get added to the Pizzagate lexicon 47:56 - PrincessPeach1987 kicks of the Wayfair affair, the now combined Pizzagate and QAnon make a LOT of noise, it's all nonsense and yet there were real consequences for real people, iMGSRC.ru and US Army Staff Sgt. Richard Ciccarella  57:25 - Cybersteria and the very first QAnon 4chan post Music by Fanette Ronjat More Info Pedophilia defined on Psychology Today Crimes against Children Research Center Facts and Stats About Child Sexual Abuse The possible long-term effects of experiencing child sexual abuse Long-term Effects of Child Sexual Abuse and Molestation on Helping Survivors A review of the long-term effects of child sexual abuse on the National Library of Medicine website Child Molesters: A Behavioral Analysis paper Sexuality of Offenders on the Zero Abuse Project Facts About Homosexuality and Child Molestation by Gregory Herek Everything You Need To Know About Pizzagate (Is Insane) on Cracked.com Pizzagate on RationalWiki Pizzagate: A slice of fake news on Reveal Anatomy of a Fake News Scandal in Rolling Stone Anthony Weiner breaks down after he's sentenced to 21 months for sexting on ABC News How The Bizarre Conspiracy Theory Behind "Pizzagate" Was Spread on BuzzFeed How Hackers Broke Into John Podesta and Colin Powell's Gmail Accounts on Vice Comet Ping Pong - Pizzagate Summary by DumbScribblyUnctious How Pizzagate went from fake news to a real problem for a D.C. business on PolitiFact 'It's a form of addiction' - Tony Podesta's art addiction article in The Guardian Rachel Rose - Aubade: Grendel's Mother (live reading) video Pizzagate, the fake news conspiracy theory that led a gunman to DC's Comet Ping Pong, explained on Vox Pizzagate gunman recorded video for daughters, said he's standing up for children on CBS News Death threats, abuse, then a gunman: 'Pizzagate' businesses relive ordeal in The Guardian  Pizzagate: Gunman fires in restaurant at centre of conspiracy on BBC News What to Know About Pizzagate, the Fake News Story With Real Consequences in Time 'Pizzagate' gunman pleads guilty as conspiracy theorist apologizes over case Is Comet Ping Pong Pizzeria Home to a Child Abuse Ring Led by Hillary Clinton? on Snopes Dissecting the #PizzaGate Conspiracy Theories in the New York Times A Moral Panic for the Age of Trump: “Pizzagate” is the latest in a long line of child-sex-ring myths on Slate The PizzaGate Gunman's Paranoid Rescue Fantasy Comes from a Long American Tradition on Reason 'There's Nothing You Can Do': The Legacy of #Pizzagate on SPLC Secret message board drives 'pizzagate'-style harassment campaign of small businesses on NBC News When Nerds Attack - Gamergate, Elevatorgate & Sad Puppies episode Voodoo Donuts website Voodoo Doughnut Gets Sucked Into Outrageous Far-Right Conspiracy Theory on Eater Wolfee Donuts Pressing Charges Against Ariana Grande Donut-Gate on Ariana Grande fandom wiki Vegan Mikey - bad poet and troll  #Donutgate: How one Oregon donut shop became the target of online conspiracy theorists on Salon Connecting the Dots Between Donutgate and Pizzagate Man jailed for falsely branding a businessman a ‘dirty paedophile' The Great Mattress Conspiracy: Why Are There So Many Mattress Firm Stores Why Are There So Many Mattress Stores? A wildly popular conspiracy theory about why there are so many Mattress Firm stores is starting to sound less crazy Mattress Firm responds to the wild conspiracy theory about its business that people are going crazy over The Mattress Firm Conspiracy: An Analysis The Mattress Firm Money Laundering Conspiracy Theory on Snopes What Is Frazzledrip? Fake Hillary Clinton Video Builds on Pizzagate Conspiracy Theory in Newsweek Frazzledrip: Is a Hillary Clinton 'Snuff Film' Circulating on the Dark Web? on Snopes Hush Supper Club Full Frazzledrip video (WARNING) Claims that pizza listings on Etsy are selling child pornography are baseless Reddit post that kicked off Wayfair conspiracy theories Outrageously Priced Wayfair Cabinets Lead to Human Trafficking Conspiracy Kids Shipped in Armoires? The Person Who Started the Wayfair Conspiracy Speaks in Newsweek Wayfair: The false conspiracy about a furniture firm and child trafficking on BBC News Baseless Wayfair child-trafficking theory spreads online on AP The bizarre story of how internet conspiracy theorists convinced themselves Wayfair is trafficking children on CBC News A US soldier working at Mar-a-Lago uploaded photos of an underage girl to a Russian website — a closer look at the site reveals a horrific underworld A US Army soldier who worked at Trump's Mar-a-Lago resort uploaded photos of an underage girl to a Russian website, prosecutors say How a reporter found the true story behind a false story of sex trafficking Is Wayfair Trafficking Children Via Overpriced Items? on Snopes MISSING IN KANSAS: Anabel Wilson no longer missing How A QAnon Conspiracy Theory Involving A Wayfair Pillow Left A Metro Detroit Teen Struggling A girl falsely believed to be a victim of the fake Wayfair sex-trafficking ring says she had hives, lost sleep over the conspiracy theory A QAnon con: How the viral Wayfair sex trafficking lie hurt real kids Human Trafficking Rumors: Viral Stories That Do More Harm Than Good at the Polaris Project The Storm Is the New Pizzagate — Only Worse Follow us on social: Facebook Twitter Other Podcasts by Derek DeWitt DIGITAL SIGNAGE DONE RIGHT - Winner of a 2022 Gold Quill Award, 2022 Gold MarCom Award, 2021 AVA Digital Award Gold, 2021 Silver Davey Award, 2020 Communicator Award of Excellence, and on numerous top 10 podcast lists.  PRAGUE TIMES - A city is more than just a location - it's a kaleidoscope of history, places, people and trends. This podcast looks at Prague, in the center of Europe, from a number of perspectives, including what it is now, what is has been and where it's going. It's Prague THEN, Prague NOW, Prague LATER  

In this week's Source Code podcast we talk about how threat actors are using malware that allows them to maintain a better foothold on compromised Ivanti appliances, and we discuss advisories from the U.S. government about APT28, APT29 and the BlackCat ransomware group.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast click here.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast click here.

Host of the CyberWire Daily podcast segment Threat Vector, David Moulton sits down with Mike "Siko" Sikorski from Palo Alto Networks Unit 42 to discuss their research on "Fighting Ursa Aka APT28: Illuminating a Covert Campaign." Unit 42 just published new threat intelligence on Fighting Ursa (aka APT28), a group associated with Russia's military intelligence, on how they are exploiting a Microsoft Outlook vulnerability (CVE-2023-23397) to target organizations in NATO member countries, Ukraine, Jordan, and the UAE. These organizations are of strategic importance in defense, foreign affairs, economy, energy, transportation, and telecommunications. The research can be found here: Fighting Ursa Aka APT28: Illuminating a Covert Campaign

Host of the CyberWire Daily podcast segment Threat Vector, David Moulton sits down with Mike "Siko" Sikorski from Palo Alto Networks Unit 42 to discuss their research on "Fighting Ursa Aka APT28: Illuminating a Covert Campaign." Unit 42 just published new threat intelligence on Fighting Ursa (aka APT28), a group associated with Russia's military intelligence, on how they are exploiting a Microsoft Outlook vulnerability (CVE-2023-23397) to target organizations in NATO member countries, Ukraine, Jordan, and the UAE. These organizations are of strategic importance in defense, foreign affairs, economy, energy, transportation, and telecommunications. The research can be found here: Fighting Ursa Aka APT28: Illuminating a Covert Campaign Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's podcast we cover four crucial cyber and technology topics, including: 1.        Atlas VPN for Linux flawed, could allow leakage of user data 2.        Pennsylvania school district continues school despite ransomware impact 3.        Russia tries to gain access to Ukrainian electric power organization 4.        UK Electoral Commission failed cyber audit amidst cyber attack  I'd love feedback, feel free to send your comments and feedback to  | cyberandtechwithmike@gmail.com

The UK National Cyber Security Centre (NCSC), NSA, CISA, and FBI are releasing this joint advisory to provide TTPs associated with APT28's exploitation of Cisco routers in 2021. AA23-108A Alert, Technical Details, and Mitigations Malware Analysis Report Resource to mitigate a ransomware attack: CISA-Multi-State Information Sharing and Analysis Center (MS-ISAC) Joint Ransomware Guide. No-cost cyber hygiene services: Cyber Hygiene Services and Ransomware Readiness Assessment. See CISA Insights Mitigations and Hardening Guidance for MSPs and Small- and Mid-sized Businesses for guidance on hardening MSP and customer infrastructure. U.S. DIB sector organizations may consider signing up for the NSA Cybersecurity Collaboration Center's DIB Cybersecurity Service Offerings, including Protective Domain Name System services, vulnerability scanning, and threat intelligence collaboration for eligible organizations. For more information on how to enroll in these services, email dib_defense@cyber.nsa.gov  To report incidents and anomalous activity or to request incident response resources or technical assistance related to these threats, contact CISA at report@cisa.gov, or call (888) 282-0870, or report incidents to your local FBI field office.

The UK National Cyber Security Centre (NCSC), NSA, CISA, and FBI are releasing this joint advisory to provide TTPs associated with APT28's exploitation of Cisco routers in 2021. AA23-108A Alert, Technical Details, and Mitigations Malware Analysis Report Resource to mitigate a ransomware attack: CISA-Multi-State Information Sharing and Analysis Center (MS-ISAC) Joint Ransomware Guide. No-cost cyber hygiene services: Cyber Hygiene Services and Ransomware Readiness Assessment. See CISA Insights Mitigations and Hardening Guidance for MSPs and Small- and Mid-sized Businesses for guidance on hardening MSP and customer infrastructure. U.S. DIB sector organizations may consider signing up for the NSA Cybersecurity Collaboration Center's DIB Cybersecurity Service Offerings, including Protective Domain Name System services, vulnerability scanning, and threat intelligence collaboration for eligible organizations. For more information on how to enroll in these services, email dib_defense@cyber.nsa.gov  To report incidents and anomalous activity or to request incident response resources or technical assistance related to these threats, contact CISA at report@cisa.gov, or call (888) 282-0870, or report incidents to your local FBI field office.

Latest Uber Trial and Arrest News. New Powerpoint Warning.Blockbuster testimony at the UBER Trial of former CISO Joe Sullivan facing federal charges and possible prison sentence if found guilty. Shocking new testimony and we break it down.Update on the recent Uber Breach and the arrest of the Hacker allegedly involved and his ties to organized crime.BREAKING NEWS!The Russian state-sponsored threat actor known as APT28 has been found leveraging a new code execution method that makes use of mouse movement in decoy Microsoft PowerPoint documents to deploy malware. Find out what this means.And check out our new Merchandise Market available at CyberCrimeJunkies.comWant EXCLUSIVE content? We now have have a special offer for those who want Exclusive Member-Only benefits! Subscribe here and sign up for Prime Access Today! (https://glow.fm/cybercrimejunkiesprime/) Get EXCLUSIVE Special Resources, Career Guidance, Cool Documentaries, Exclusive VIDEO Episodes, & Proprietary Security Trainings!Support the show

On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: Lapsus$'s Teapot arrested by UK police Optus hacker issues grovelling apology after feeling AFP and ASD heat Ukraine claims Russia is planning massive attacks on its infrastructure RSOCKS bot herder begs for extradition to USA Russians scammed when seeking military service exemptions Much, much more This week's show is sponsored by Votiro. Ravi Srinivasan, Votiro's CEO, joins the show this week to talk about how people are using content disarm and reconstruction. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that's your thing. Show notes British teen arrested in hacking case Australian cybersecurity minister lambasts Optus for ‘unprecedented' hack - The Record by Recorded Future CISA: Iranian hackers spent 14 months in Albanian gov't network before launching ransomware - The Record by Recorded Future Iran shutters mobile networks, Instagram, WhatsApp amid protests - The Record by Recorded Future US Treasury carves out Iran sanctions exceptions for internet providers - The Record by Recorded Future Signal Is Asking People Around the World to Help Iranians Access the Encrypted App Shadowy Russian Cell Phone Companies Are Cropping Up in Ukraine | WIRED Risky Biz News: XakNet "hacktivists" linked to APT28 and Russia's GRU intelligence service Russia plans “massive cyberattacks” on critical infrastructure, Ukraine warns | Ars Technica Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S. – Krebs on Security Сбербанк предупредил о мошенничестве с продажей якобы "белых" военников - РИА Новости, 26.09.2022 SIM Swapper Abducted, Beaten, Held for $200k Ransom – Krebs on Security How 3 hours of inaction from Amazon cost cryptocurrency holders $235,000 | Ars Technica The record-setting DDoSes keep coming, with no end in sight | Ars Technica International conflicts driving increased strength of DDoS attacks: report - The Record by Recorded Future Tarfile path traversal bug from 2007 still present in 350k open source repos | The Daily Swig

On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: Lapsus$'s Teapot arrested by UK police Optus hacker issues grovelling apology after feeling AFP and ASD heat Ukraine claims Russia is planning massive attacks on its infrastructure RSOCKS bot herder begs for extradition to USA Russians scammed when seeking military service exemptions Much, much more This week's show is sponsored by Votiro. Ravi Srinivasan, Votiro's CEO, joins the show this week to talk about how people are using content disarm and reconstruction. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that's your thing. Show notes British teen arrested in hacking case Australian cybersecurity minister lambasts Optus for ‘unprecedented' hack - The Record by Recorded Future CISA: Iranian hackers spent 14 months in Albanian gov't network before launching ransomware - The Record by Recorded Future Iran shutters mobile networks, Instagram, WhatsApp amid protests - The Record by Recorded Future US Treasury carves out Iran sanctions exceptions for internet providers - The Record by Recorded Future Signal Is Asking People Around the World to Help Iranians Access the Encrypted App Shadowy Russian Cell Phone Companies Are Cropping Up in Ukraine | WIRED Risky Biz News: XakNet "hacktivists" linked to APT28 and Russia's GRU intelligence service Russia plans “massive cyberattacks” on critical infrastructure, Ukraine warns | Ars Technica Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S. – Krebs on Security Сбербанк предупредил о мошенничестве с продажей якобы "белых" военников - РИА Новости, 26.09.2022 SIM Swapper Abducted, Beaten, Held for $200k Ransom – Krebs on Security How 3 hours of inaction from Amazon cost cryptocurrency holders $235,000 | Ars Technica The record-setting DDoSes keep coming, with no end in sight | Ars Technica International conflicts driving increased strength of DDoS attacks: report - The Record by Recorded Future Tarfile path traversal bug from 2007 still present in 350k open source repos | The Daily Swig

UTURE LOFI HACKER | idm nation state | BREAKCORE DISRUPTER | Live Looping PLA Unit 61398 | DRUM AND BASS WIZ-BIT | APT38 Lazarus Group | VAPORWAVE RETROWAVE | APT28 Fancy Bear | RIDDIM DUBSTEP TRAP | APT41 Double Dragon Dnb  FUTURE LOFI HACKER | idm nation state | BREAKCORE DISRUPTER | APT1 PLA Unit 61398 | DRUM AND BASS WIZ-BIT | APT38 Lazarus Group | VAPORWAVE RETROWAVE | APT28 Fancy Bear | RIDDIM DUBSTEP TRAP | APT41 Double Dragon Dnb LO-FI BASS HACKER | BREAKCORE STATE DISRUPTER | DRUM AND BASS WIZBIT | APT38 Lazarus Group | VAPORWAVE RETROWAVE | APT28 Fancy Bear | RIDDIM DUBSTEP TRAP | APT41 Double Dragon Dnb FUTURE LO-FI BASS HACKER | BREAKCORE STATE DISRUPTER | DRUM AND BASS WIZBIT | APT38 Lazarus Group | VAPORWAVE RETROWAVE | APT28 Fancy Bear | RIDDIM DUBSTEP TRAP | APT41 Double Dragon Dnb   FUTURE LO-FI BASS HACKER | BREAKCORE STATE DISRUPTER | DRUM AND BASS WIZBIT | APT38 Lazarus Group | VAPORWAVE RETROWAVE | APT28 Fancy Bear | RIDDIM DUBSTEP TRAP | APT41 Double Dragon Dnb  

Elon Musk's Twitter stake, Unreal Engine 5, WWDC predictions Elon Musk buys 9.2% stake in Twitter. Twitter Should Make Musk CEO. @TwitterComms: now that everyone is asking... yes, we've been working on an edit feature since last year!  Elon Musk asks court to scrap SEC agreement over his tweets, claiming he was 'forced' to enter into it.  SEC Probes Trading by Elon Musk and Brother in Wake of Tesla CEO's Sales.  Mike raises a glass to 17 years of TWiT.  Podcast listeners are likely to be more curious and less neurotic.  Apple's Worldwide Developers Conference returns in its all-online format.  Windows powers the future of hybrid work.  The 'Great Return' to the office is happening — now what?  How Argan Oil Is Made and Is So Expensive.  Gastronomad: THE MOROCCO EXPERIENCE.  Please don't use this new Windows 11 feature.  NVIDIA Broadcast App: AI-Powered Voice and Video.  Updated MacBook Air could launch at WWDC 2022.  Apple M1 Ultra vs M1 Max: Head-to-head shootout with photo and video editing apps.  Intercepted audio reveals Russians yelling at each other after getting pinned down in Ukraine.  As Russia Plots Its Next Move, an AI Listens to the Chatter.  Microsoft takes down APT28 domains used in attacks against Ukraine.  Apple defies the Russian government and restores opposition voting app.  Unreal Engine 5 is finally ready to power a new generation of games.  Apple Sets the Date for Another Virtual WWDC—Here's What to Expect. Inside Apple's 'Bionic Virtual Meeting Room'.  Magic Leap: Enterprise augmented reality (AR) platform.  How Amazon plans to fix its massive returns problem.  The only thing we should be talking about is the climate crisis.  r/Place and the battle of pixels.  Alphabet's Wing is bringing drone delivery to Texas this week.  Windows 3.1 is officially 30 years old.  MLB to allow pitchers and catchers to use anti-sign-stealing technology during regular season, sources say.  Amtrak Is Streaming an Empty Railroad on Twitch to Beef With Freight Rail Companies.  Chatterbox Smart Speaker. Host: Leo Laporte Guests: Doc Rock, Mike Elgan, and Daniel Rubino Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: wwt.com/twit mintmobile.com/twit www.stamps.com - promo code: TWIT itpro.tv/twit promo code TWIT30

Elon Musk's Twitter stake, Unreal Engine 5, WWDC predictions Elon Musk buys 9.2% stake in Twitter. Twitter Should Make Musk CEO. @TwitterComms: now that everyone is asking... yes, we've been working on an edit feature since last year!  Elon Musk asks court to scrap SEC agreement over his tweets, claiming he was 'forced' to enter into it.  SEC Probes Trading by Elon Musk and Brother in Wake of Tesla CEO's Sales.  Mike raises a glass to 17 years of TWiT.  Podcast listeners are likely to be more curious and less neurotic.  Apple's Worldwide Developers Conference returns in its all-online format.  Windows powers the future of hybrid work.  The 'Great Return' to the office is happening — now what?  How Argan Oil Is Made and Is So Expensive.  Gastronomad: THE MOROCCO EXPERIENCE.  Please don't use this new Windows 11 feature.  NVIDIA Broadcast App: AI-Powered Voice and Video.  Updated MacBook Air could launch at WWDC 2022.  Apple M1 Ultra vs M1 Max: Head-to-head shootout with photo and video editing apps.  Intercepted audio reveals Russians yelling at each other after getting pinned down in Ukraine.  As Russia Plots Its Next Move, an AI Listens to the Chatter.  Microsoft takes down APT28 domains used in attacks against Ukraine.  Apple defies the Russian government and restores opposition voting app.  Unreal Engine 5 is finally ready to power a new generation of games.  Apple Sets the Date for Another Virtual WWDC—Here's What to Expect. Inside Apple's 'Bionic Virtual Meeting Room'.  Magic Leap: Enterprise augmented reality (AR) platform.  How Amazon plans to fix its massive returns problem.  The only thing we should be talking about is the climate crisis.  r/Place and the battle of pixels.  Alphabet's Wing is bringing drone delivery to Texas this week.  Windows 3.1 is officially 30 years old.  MLB to allow pitchers and catchers to use anti-sign-stealing technology during regular season, sources say.  Amtrak Is Streaming an Empty Railroad on Twitch to Beef With Freight Rail Companies.  Chatterbox Smart Speaker. Host: Leo Laporte Guests: Doc Rock, Mike Elgan, and Daniel Rubino Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: wwt.com/twit mintmobile.com/twit www.stamps.com - promo code: TWIT itpro.tv/twit promo code TWIT30

Elon Musk's Twitter stake, Unreal Engine 5, WWDC predictions Elon Musk buys 9.2% stake in Twitter. Twitter Should Make Musk CEO. @TwitterComms: now that everyone is asking... yes, we've been working on an edit feature since last year!  Elon Musk asks court to scrap SEC agreement over his tweets, claiming he was 'forced' to enter into it.  SEC Probes Trading by Elon Musk and Brother in Wake of Tesla CEO's Sales.  Mike raises a glass to 17 years of TWiT.  Podcast listeners are likely to be more curious and less neurotic.  Apple's Worldwide Developers Conference returns in its all-online format.  Windows powers the future of hybrid work.  The 'Great Return' to the office is happening — now what?  How Argan Oil Is Made and Is So Expensive.  Gastronomad: THE MOROCCO EXPERIENCE.  Please don't use this new Windows 11 feature.  NVIDIA Broadcast App: AI-Powered Voice and Video.  Updated MacBook Air could launch at WWDC 2022.  Apple M1 Ultra vs M1 Max: Head-to-head shootout with photo and video editing apps.  Intercepted audio reveals Russians yelling at each other after getting pinned down in Ukraine.  As Russia Plots Its Next Move, an AI Listens to the Chatter.  Microsoft takes down APT28 domains used in attacks against Ukraine.  Apple defies the Russian government and restores opposition voting app.  Unreal Engine 5 is finally ready to power a new generation of games.  Apple Sets the Date for Another Virtual WWDC—Here's What to Expect. Inside Apple's 'Bionic Virtual Meeting Room'.  Magic Leap: Enterprise augmented reality (AR) platform.  How Amazon plans to fix its massive returns problem.  The only thing we should be talking about is the climate crisis.  r/Place and the battle of pixels.  Alphabet's Wing is bringing drone delivery to Texas this week.  Windows 3.1 is officially 30 years old.  MLB to allow pitchers and catchers to use anti-sign-stealing technology during regular season, sources say.  Amtrak Is Streaming an Empty Railroad on Twitch to Beef With Freight Rail Companies.  Chatterbox Smart Speaker. Host: Leo Laporte Guests: Doc Rock, Mike Elgan, and Daniel Rubino Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: wwt.com/twit mintmobile.com/twit www.stamps.com - promo code: TWIT itpro.tv/twit promo code TWIT30

Elon Musk's Twitter stake, Unreal Engine 5, WWDC predictions Elon Musk buys 9.2% stake in Twitter. Twitter Should Make Musk CEO. @TwitterComms: now that everyone is asking... yes, we've been working on an edit feature since last year!  Elon Musk asks court to scrap SEC agreement over his tweets, claiming he was 'forced' to enter into it.  SEC Probes Trading by Elon Musk and Brother in Wake of Tesla CEO's Sales.  Mike raises a glass to 17 years of TWiT.  Podcast listeners are likely to be more curious and less neurotic.  Apple's Worldwide Developers Conference returns in its all-online format.  Windows powers the future of hybrid work.  The 'Great Return' to the office is happening — now what?  How Argan Oil Is Made and Is So Expensive.  Gastronomad: THE MOROCCO EXPERIENCE.  Please don't use this new Windows 11 feature.  NVIDIA Broadcast App: AI-Powered Voice and Video.  Updated MacBook Air could launch at WWDC 2022.  Apple M1 Ultra vs M1 Max: Head-to-head shootout with photo and video editing apps.  Intercepted audio reveals Russians yelling at each other after getting pinned down in Ukraine.  As Russia Plots Its Next Move, an AI Listens to the Chatter.  Microsoft takes down APT28 domains used in attacks against Ukraine.  Apple defies the Russian government and restores opposition voting app.  Unreal Engine 5 is finally ready to power a new generation of games.  Apple Sets the Date for Another Virtual WWDC—Here's What to Expect. Inside Apple's 'Bionic Virtual Meeting Room'.  Magic Leap: Enterprise augmented reality (AR) platform.  How Amazon plans to fix its massive returns problem.  The only thing we should be talking about is the climate crisis.  r/Place and the battle of pixels.  Alphabet's Wing is bringing drone delivery to Texas this week.  Windows 3.1 is officially 30 years old.  MLB to allow pitchers and catchers to use anti-sign-stealing technology during regular season, sources say.  Amtrak Is Streaming an Empty Railroad on Twitch to Beef With Freight Rail Companies.  Chatterbox Smart Speaker. Host: Leo Laporte Guests: Doc Rock, Mike Elgan, and Daniel Rubino Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: wwt.com/twit mintmobile.com/twit www.stamps.com - promo code: TWIT itpro.tv/twit promo code TWIT30

Elon Musk's Twitter stake, Unreal Engine 5, WWDC predictions Elon Musk buys 9.2% stake in Twitter. Twitter Should Make Musk CEO. @TwitterComms: now that everyone is asking... yes, we've been working on an edit feature since last year!  Elon Musk asks court to scrap SEC agreement over his tweets, claiming he was 'forced' to enter into it.  SEC Probes Trading by Elon Musk and Brother in Wake of Tesla CEO's Sales.  Mike raises a glass to 17 years of TWiT.  Podcast listeners are likely to be more curious and less neurotic.  Apple's Worldwide Developers Conference returns in its all-online format.  Windows powers the future of hybrid work.  The 'Great Return' to the office is happening — now what?  How Argan Oil Is Made and Is So Expensive.  Gastronomad: THE MOROCCO EXPERIENCE.  Please don't use this new Windows 11 feature.  NVIDIA Broadcast App: AI-Powered Voice and Video.  Updated MacBook Air could launch at WWDC 2022.  Apple M1 Ultra vs M1 Max: Head-to-head shootout with photo and video editing apps.  Intercepted audio reveals Russians yelling at each other after getting pinned down in Ukraine.  As Russia Plots Its Next Move, an AI Listens to the Chatter.  Microsoft takes down APT28 domains used in attacks against Ukraine.  Apple defies the Russian government and restores opposition voting app.  Unreal Engine 5 is finally ready to power a new generation of games.  Apple Sets the Date for Another Virtual WWDC—Here's What to Expect. Inside Apple's 'Bionic Virtual Meeting Room'.  Magic Leap: Enterprise augmented reality (AR) platform.  How Amazon plans to fix its massive returns problem.  The only thing we should be talking about is the climate crisis.  r/Place and the battle of pixels.  Alphabet's Wing is bringing drone delivery to Texas this week.  Windows 3.1 is officially 30 years old.  MLB to allow pitchers and catchers to use anti-sign-stealing technology during regular season, sources say.  Amtrak Is Streaming an Empty Railroad on Twitch to Beef With Freight Rail Companies.  Chatterbox Smart Speaker. Host: Leo Laporte Guests: Doc Rock, Mike Elgan, and Daniel Rubino Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: wwt.com/twit mintmobile.com/twit www.stamps.com - promo code: TWIT itpro.tv/twit promo code TWIT30