Podcasts about apt33

[Referências do Episódio] Tweets da Microsoft sobre ataques do APT33 com o FalseFont - https://twitter.com/MsftSecIntel/status/1737895710169628824  Threat Actor 'UAC-0099' Continues to Target Ukraine - https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Lapsus$: GTA 6 hacker handed indefinite hospital order - https://www.bbc.com/news/technology-67663128   Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

The focus of this podcast will be on the latest cyber events for non-technical people; anyone can listen and understand. ---- A week ago we examined the cyber attack that was made on travelex, Travelex is a financial agency with more than 1500 outlets in different airports. the cyber attack was performed using a malware known as REvil, it's been almost a month since travelex declared about the cyber attack and still some of their web sites seems to be down giving the same message. the hackers who are spreading this type of malware continue to work and this time another big company was hit, Parts manufacturer Gedia Automotive Group, which employs more than 4,000 people in seven countries got hit by what they call a massive cyber attack and said it has been forced to shut down its IT systems and send staff home. The company is located in a town called Attendorn in Germany which shows that the group behind this malware is able to hit major enterprises all around the world, started with US computer services company Artech Information Systems after that UK based Travelex and now Gedia which is located in Germany. They managed to hit at least 3 big companies in 3 different segments and 3 different geographical location. The difference this time is that the hackers behind the malware are using psychological warfare in order to push the victims to pay. In Gedia case the hackers uploaded records of sensitive data taken from the internal network to show a proof they collected internal data and now they threaten to publish the data if they will not be paid soon. As we discussed previously, the malware developers worked with other hackers that were affiliates, this gave the developers behind the malware extensive reach to different networks in different segments. While the hackers made threats against all organizations they still haven't proved they actually got all the data they claim to have and did not published much sensitive data from previous breaches. is it going to change ? maybe , stay tunedfor more news soon. ---- The tension between Iran and the USA is high, the USA already admitted it performed several cyber attacks against Iran. On the other side Iran never admitted it made cyber attacks but security researchers are starting to see more and more evidences that such attacks are being performed. A group of security researchers from Recorded Future identified An hacking campaign with suspected ties to Iran has targeted the European energy sector in what's thought to be a reconnaissance mission aimed at gathering sensitive information. They particularly identified a malware that is known to be used mainly by the group known as APT33, and has previously been deployed in attacks targeting critical infrastructure. read full transcript at: https://blog.cybercure.ai/2020/01/29/intelligence-update-30-1-20/

We've seen some things, and we're gonna talk about them.

We've seen some things, and we're gonna talk about them.

Brad Smith is President of Microsoft and author (with Carol Ann Browne) of Tools and Weapons: The Promise and Peril of the Digital Age.” The book is a collection of vignettes of the tech policy battles in the last decade or so. Smith had a ringside seat for most of them, and he recounts what he learned in a compelling and good-natured way in the book—and in this episode's interview. Starting with the Snowden disclosures and the emotional reaction of Silicon Valley, through the CLOUD Act, Brad Smith and Microsoft displayed a relatively even keel while trying to reflect the interests of its many stakeholders. In that effort, Smith makes the case for more international cooperation in regulating digital technology. Along the way, he discloses how the Cyberlaw Podcast's own Nate Jones and Amy Hogan-Burney became “Namy,” achieving a fame and moniker inside Microsoft that only Brangelina has achieved in the wider world. Finally, he sums up Microsoft's own journey in the last quarter century as a recognition that humility is a better long-term strategy than hubris. Turning to the news, it looks like the surveillance renewal debate will be pushed to March 15 instead of Dec. 15. That's thanks to impeachment, David Kris assesses. We summarize what's up for renewal before turning to the hottest of FISA topics: The Justice Department's inspector general report on bias in the FBI's investigation of the Trump-Russia connection in 2016. All we're getting at this point is self-serving leaks, but it sounds as though the report is finding real misbehavior only in the lower rungs of the Bureau. The IG finds no political bias at the top, but criminal charges against one lawyer look possible. David sums up China's Vulnerability Equities Process: “You can disclose the vulns when MSS is done using them.” Nick Weaver, meanwhile, tells us that China's dependence on U.S.-origin AI frameworks is more a matter of bragging rights rather than real disadvantage—unless you think that being unable to deny access to GitHub is a real disadvantage. And if you're Xi Jinping, you might. Nate Jones, already immortalized as the quiet half of Namy, reveals that Iran's APT33 is targeting industrial control systems—and that Iran has shut down its Internet for several days in the face of civil unrest. I suggest that we keep track of the regime-essential links that stay up—so we can take them down if Iran decides to use its new upstream access to industrial control systems. Nate and I ask why a majority of the UN General Assembly bought into a Russian proposal for a “cybercrime” resolution. Hint: Many of the governments that support it couldn't survive a democratic election and a free press. Speaking of Russians, Nick flags a Brian Krebs explainer on why the Russians really, really didn't want their accused cybercriminal extradited from Israel to the US. David and I gape in wonder at the chutzpah of the Indiana police force that accused a suspected drug dealer of theft for removing a police GPS tracker from his car—and then used that theft to justify a search of his home. And in quick hits, Nick covers the new Russian law that prohibits sale of devices without preinstalled “alternative” software. And Nick and I debate the value and legality of Uber's plan to introduce audio recordings during rides.   Join Steptoe for a complimentary webinar on Tuesday, Dec. 10. We'll be talking about the impacts on retailers of the newly implemented California Consumer Privacy Act and the EU's General Data Protection Regulation. This is a fast-moving area of the law; we can keep you up to date. You can find out more and register here.   Download the 289th Episode (mp3). You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed! As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug! The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

APT 34 wrap up with the story of Mr. L4nnist3r and a little APT 33 too.

APT 34 wrap up with the story of Mr. L4nnist3r and a little APT 33 too.

PureLocker is a new ransomware strain available in the black market. APT33 is showing a surge of activity. Lawfare and information operations in and around Hong Kong. Facebook takes down content for violating its Community Standards. And two alleged cyber criminals are facing charges: one is allegedly the former proprietor of Cardplanet, the other was selling a remote administrative tool the RCMP says was really a different kind of RAT.  Justin Harvey from Accenture on the increasing use of biometrics in security. Guest is Jennifer Ayers from Crowdstrike with the insights from their Overwatch threat hunting report. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/November/CyberWire_2019_11_14.html  Support our show

In this eprisode, Man delves into the Iranian cyber war Read My Lips, PoisonFrog and Glimpse, Hypershell and TwoFace, tools EternalBlue and EternalRomance, DNSpionage, RAT malware phishing, brute-force attacks such as "credential stuffing" WannaCry and Man-in-the-middle attacks. FireEye, Advanced Persistent Threat 33, Advanced Persistent Threat 34 MBTM Computer Intro • Cyberattacks : Iran • Sat Jun 29 2019 • Cyber warfare : Iran + Russia • Track737 • Audio_06_25_2019_15_42_25.mp3

The US cyberattack against Iranian targets remains only indistinctly visible in the information fog of cyberwar. Iran’s APT33 seems to have altered its tactics after its operations against Saudi targets were described by Symantec at the end of March. An insurer and provider of vision and dental benefits investigates a “data incident.” Skids-on-skids, kids. Facebook talks information operations, and teases plans concerning identity. Notes on the labor market. Johannes Ullrich from the SANS Technology Institute and the ISC Stormcast podcast on malware C&C channels making use of TLS. Tamika Smith speaks with Harrison Van Riper from Digital Shadows about their recent report, “Too Much Information: The Sequel,” outlining the increase in data exposure over the past year. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/June/CyberWire_2019_06_27.html  Support our show

Jamie, Alex and Zuko sit down with Harrison to talk about a story that flew a little under the radar this week; Russia has allegedly been conducting a widespread satellite spoofing campaign since 2016, sending false positional data to ships and planes. Other highlights from this week include APT33 activity targeting engineering and manufacturing organizations, popular restaurant chains report some point of sale malware attacks, and South Korean websites being used in watering hole attacks. Also, Game of Thrones theories, Alex realizes he’s way late to the #GoT party, and more on this week’s ShadowTalk. Download the full intelligence summary at https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-28-mar-04-apr-2019.

The scope of Iran-linked APT33 cyberattacks has been revealed. GandCrab criminals are using more sophisticated tactics. A new type of malware was using Slack to communicate. Chrome gets an important update. Huawei sues the US, and Germany sets tougher security rules for telecom companies. And people who invest in cryptocurrency often don't know what they're getting into. David Dufour from Webroot with his thoughts on RSA Conference. Guest is Asaf Cidon from Barracuda Networks on account takeover vulnerabilities. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/March/CyberWire_2019_03_07.html  Support our show