Podcasts about cisa

DragonSpark conducts "opportunistic" cyberattacks in East Asia. ProxyNotShell and OWASSRF exploit chains target Microsoft Exchange servers. The IoT supply chain is threatened by exploitation of Realtek Jungle SDK vulnerability. CISA adds an entry to its Known Exploited Vulnerabilities Catalog. A Cisco study finds organizations see positive returns from investment in privacy. What's the hacktivist's postwar future? Joe Carrigan tracks a romance scam targeting seniors. Our guest is Pete Lund of OPSWAT to discuss the security of removable media devices. And a retired G-Man is indicted on multiple charges. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/15 Selected reading. DragonSpark | Attacks Evade Detection with SparkRAT and Golang Source Code Interpretation (SentinelOne) Technical Advisory: Proxy*Hell Exploit Chains in the Wild  (Bitdefender) Realtek SDK Vulnerability Attacks Highlight IoT Supply Chain Threats (Unit 42) CISA Adds One Known Exploited Vulnerability to Catalog (CISA)   2023 Data Privacy Benchmark Study (Cicso) Hacktivism Is a Risky Career Path (WIRED) Retired FBI Executive Charged With Concealing $225,000 In Cash Received From An Outside Source (Department of Justice, U.S. Attorney's Office, District of Columbia)  Former Special Agent In Charge Of The New York FBI Counterintelligence Division Charged With Violating U.S. Sanctions On Russia (Department of Justice, U.S. Attorney's Office, Southern District of New York) Former Senior F.B.I. Official in New York Charged With Aiding Oligarch (New York Times)

CISA recently announced critical guidance on threats against organizations using certain forms of multi-factor authentication. The agency urged all organizations to implement phishing-resistant MFA controls in order to prevent phishing and increasingly automated and sophisticated attacks on authentication processes. With so many phishing attacks targeting credentials to be used in a later campaign, more organizations are getting the hint that they need to have MFA in place for at least those users with access to critical resources and/or valuable data, if not everyone. However, what happens when the threat actor has the credentials but doesn't have the additional forms of authentication? I invited Sally Vincent, Threat Research Senior Engineer at LogRhythm to join me on Tech Talks Daily. Listen in as we discuss how organizations can identify unusual authentication activity and explore mitigation strategies to stay ahead of phishing attacks.

NTD News Today—1/20/20231. Cisa Flagged Election ‘Misinformation'2. Judge Sanctions Trump Nearly $1M over Lawsuit3. Biden Reacts to Discovery of Classified Docs4. Economist Vance Ginn on U.S. Debt5. Examining Biden's First Two Years in Office6. GOP Reveals Picks for Oversight Committee7. Ca Official to Plead Guilty to Fraud8. Governor Seeks University Transgender Data9. FAA Reveals Cause of Jan. 11 Flight Chaos10. Boeing to Appear in Court in Fraud Case

On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: Royal Mail attack was LockBit and GCHQ will probably “bust some heads” CircleCI's incident report and the problem with malwared endpoints in the Zero Trust age Cloudflare backs Mastodon Paul Nakasone: NSA did some great stuff! It was really good! Cisco won't patch SMB routers sold in 2020 Much, much more This week's show is brought to you by Material Security. Material co-founder Ryan Noon and Snowflake's head of cybersecurity strategy Omer Singer are this week's sponsor guests. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes Royal Mail cyberattack linked to LockBit ransomware operation Ransomware Diaries: Volume 1 | Analyst1 Congressman calls on CISA to investigate air travel vulnerabilities after outage - The Record from Recorded Future News Ransomware attack on maritime software impacts 1,000 ships - The Record from Recorded Future News CircleCI incident report for January 4, 2023 security incident Researchers: Large language models will revolutionize digital propaganda campaigns Nick Cave - The Red Hand Files - Issue #218 GitHub - cloudflare/wildebeest: Wildebeest is an ActivityPub and Mastodon-compatible server Meta sues Voyager Labs over scraping user data Twitter says leaked data on 200 million users was likely publicly available info - The Record from Recorded Future News A Police App Exposed Secret Details About Raids and Suspects | WIRED ODIN Intelligence website is defaced as hackers claim breach | TechCrunch Nakasone: Foreign surveillance program helped fend off cyberattacks - The Record from Recorded Future News The Guardian confirms criminals accessed staff data in ransomware attack - The Record from Recorded Future News Millions of Aflac, Zurich insurance customers in Japan have data leaked after breach - The Record from Recorded Future News Dark Pink, a newly discovered hacking campaign, threatens Southeast Asian military, government organizations The FBI Won't Say Whether It Hacked Dark Web ISIS Site Norton LifeLock says 925,000 accounts targeted by credential-stuffing attacks - The Record from Recorded Future News Cisco warns of two vulnerabilities affecting end-of-life routers - The Record from Recorded Future News Fortinet says hackers exploited critical vulnerability to infect VPN customers | Ars Technica Vulnerability with 9.8 severity in Control Web Panel is under active exploit | Ars Technica CISA adds recently-announced Microsoft zero-day to exploited vulnerability catalog - The Record from Recorded Future News Hundreds of SugarCRM servers infected with critical in-the-wild exploit | Ars Technica

CISA adds to its Known Exploited Vulnerability Catalog. Attacks against industrial systems. DNV is recovering from ransomware. Chinese cyberespionage is reported against Iran. The persistence of nuisance-level hacktivism. Robert M. Lee from Dragos outlines pipeline security. Our guest is Yasmin Abdi from Snap on bringing her team up to speed with zero trust. And a side-effect of Russia's war: a drop in paycard fraud. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/11 Selected reading. Bolster Your Company Defenses With Zero Trust Edge (iBoss) CISA Adds One Known Exploited Vulnerability to Catalog (CISA) GE Digital Proficy Historian (CISA) Mitsubishi Electric MELSEC iQ-F, iQ-R Series (CISA)  Siemens SINEC INS (CISA) Contec CONPROSYS HMI System (CHS) Update A (CISA) Nozomi Networks Researchers Take a Deep Look into the ICS Threat Landscape (Nozomi Networks) A look at IoT/ICS threats. (CyberWire) DNV's fleet management software recovering from ransomware attack. (CyberWire) DNV says up to 1,000 ships affected by ransomware attack (Computing) Ransomware attack on maritime software impacts 1,000 ships (The Record from Recorded Future News) Chinese Playful Taurus Activity in Iran (Unit 42) Playful Taurus: a Chinese APT active against Iran. (CyberWire) Russian hackers allegedly tried to disrupt a Ukrainian press briefing about cyberattacks (Axios) Russia's Ukraine War Drives 62% Slump in Stolen Cards (Infosecurity Magazine) Annual Payment Fraud Intelligence Report: 2022 (Recorded Future)

(1/18/23) - In today's Federal Newscast: The court fight continues over government-shutdown double back pay. A New York congressman is urging CISA to examine air traffic control vulnerabilities. And the State Department will pay $37 million in a class-action lawsuit involving some 230 disability discrimination cases.

GitHub disables NoName accounts. Russia dismisses reports of cyberespionage attempts against US National Laboratories. The Royal Mail cyber incident is now identified as ransomware attack. An update on the NOTAM issues that interfered with civil aviation. A Citrix vulnerability is exploited by ransomware group. CISA publishes its annual report. Bryan Vorndran of the FBI Cyber Division calibrates expectations with regard to the IC3. Our guest is Kayne McGladrey with insights on 2023 from the IEEE. And Positive Hack Days and the growing isolation of Russia's cyber sector. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/8 Selected reading.  Impact of Technology in 2023 and Beyond (IEEE) Ukraine at D+323: Fighting in Soledar, and industrial mobilization. (CyberWire) GitHub disables pro-Russian hacktivist DDoS pages (CyberScoop) Russia criticises Reuters story on Russian hackers targeting U.S. nuclear scientists (Reuters) Royal Mail cyber incident now identified as ransomware attack. (CyberWire) Not a cyberattack, but an IT failure. (CyberWire) The Guardian breach and news media as targets. (CyberWire) Citrix vulnerability exploited by ransomware group. (CyberWire) 2022 Year In Review (CISA) Russia's largest hacking conference reflects isolated cyber ecosystem (Brookings)

Patch Tuesday. CISA releases two ICS Advisories and makes some additions to its Known Exploited Vulnerabilities Catalog. Dark Pink APT is active against Asian targets. Kinsing cryptojacking targets Kubernetes instances. Ukrainian hacktivists conduct DDoS against Iranian sites. Risk exposure and a hospital's experience with ransomware. The Health3PT initiative seeks to manage 3rd-party risk. Tim Starks from the Washington Post's Cyber 202 on cyber rising to the level of war crime. Our guest is Connie Stack, CEO of Next DLP, on the path to leadership within cyber for women. And phishing with Pokémon NFTs. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/7 Selected reading. The Daily 202 (Latest Cybersecurity 202) Microsoft Releases January 2023 Security Updates (CISA) > Adobe Releases Security Updates for Multiple Products (CISA)  Black Box KVM (CISA) Delta Electronics InfraSuite Device Master (CISA) Known Exploited Vulnerabilities Catalog (CISA) Dark Pink (Group-IB) New Dark Pink APT group targets govt and military with custom malware (BleepingComputer) Kinsing cryptojacking. (CyberWire) Ukraine at D+321: "Difficult in places." (CyberWire) Iranian websites impacted by pro-Ukraine DDoS attacks (SC Media)  Ransomware attack against SickKids said to be unusual. (CyberWire) Health3PT seeks a uniform approach to healthcare supply chain issues. (CyberWire) Breaking the glass ceiling: My journey to close the leadership gap. (CyberWire, Creating Connections) Pokémon NFTs used as malware vectors. (CyberWire)

Is "The View" the most important political show in America? If so, not a great sign. Notes on the price of eggs. Unrest in Brazil. General Flynn now back on Twitter. Why was CISA censoring Tweets that conveyed skepticism of Mail-In-Ballots? Burgers in Walsenburg. Frank Church Reprise 1975. With Great Listener Calls.See omnystudio.com/listener for privacy information.

Security vulnerabilities in automobiles. CircleCI customers should "rotate their secrets." CISA Director Easterly notes Russian failures, but warns that shields should stay up. Attempted cyberespionage against US National Laboratories. Turla effectively recycles some commodity malware infrastructure. Robert M. Lee from Dragos shares his outlook on ICS for the new year. Our CyberWire Space correspondent Maria Varmazis interviews Diane Janosek from NSA about her research on space-cyber. And the Guardian continues to recover from last month's ransomware attack. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/4 Selected reading. Hitachi Energy UNEM (CISA) Hitachi Energy FOXMAN-UN (CISA) Hitachi Energy Lumada Asset Performance Management (CISA)  Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More (Sam Curry) Toyota, Mercedes, BMW API flaws exposed owners' personal info (BleepingComputer) 16 Car Makers and Their Vehicles Hacked via Telematics, APIs, Infrastructure (SecurityWeek) Ferrari, BMW, Rolls Royce, Porsche and more fix vulnerabilities giving car takeover capabilities (The Record by Recorded Future) CircleCI security alert: Rotate any secrets stored in CircleCI (CircleCI). CircleCI warns of security breach — rotate your secrets! (BleepingComputer) CircleCI Urges Customers to Rotate Secrets Following Security Incident (The Hacker News) CISA director: US needs to be vigilant, ‘keep our shields up' against Russia (The Hill) Exclusive-Russian Hackers Targeted U.S. Nuclear Scientists (Reuters via US News)  Notorious Russian Spies Piggybacked on Other Hackers' USB Infections (WIRED)  Turla: A Galaxy of Opportunity | Mandiant (Mandiant)  Fallout from Guardian cyber attack to last at least a month (ComputerWeekly) State of Ransomware Preparedness (Axio)

THE THESIS: Much of the media truly are Mockingbirds, infiltrated by the government, just like Twitter and Facebook. THE SCRIPTURE & SCRIPTURAL RESOURCES: Proverbs 6:16-19There are six things that the Lord hates, seven that are an abomination to him: haughty eyes, a lying tongue, and hands that shed innocent blood, a heart that devises wicked plans, feet that make haste to run to evil, a false witness who breathes out lies, and one who sows discord among brothers.Psalm 101:7 No one who practices deceit shall dwell in my house; no one who utters lies shall continue before my eyes.Luke 8:17 For nothing is hidden that will not be made manifest, nor is anything secret that will not be known and come to light.Revelation 21:8 But as for the cowardly, the faithless, the detestable, as for murderers, the sexually immoral, sorcerers, idolaters, and all liars, their portion will be in the lake that burns with fire and sulfur, which is the second death.”THE NEWS & COMMENT:[AUDIO] - CISA - Disinfo folderElon Musk slams CISA censorship network as 'propaganda platform'; This DHS-backed censorship network used 120 analysts to censor millions of social media posts on elections and covid-19.[AUDIO] - @SenatorCardin: "If you espouse hate, if you espouse violence, you're not protected under the First Amendment. I think we can be more aggressive in the way that we handle that type of use of the internet."In Bid to Avoid Ban, TikTok Forms 'Content Moderation' Bureau to Work in Concert With U.S. GovtI'm a psychologist and the 'Twitter Files' are a perfect storm of psychology and society's rules; Twitter's shadowbanning and censorship upended our sense of fairness and a feeling that we were all playing by the same rules

The deposition of Ray Epps, America's most innocent man, has been released the outgoing illegally constituted January 6th Committee. We through the 3-hour deposition.#RayEpps #FBI #InsurrectionMatt Taibbi provides an update on the Twitter Files investigation and Kanekoa assembles an interim Twitter Files thread covering CISA that Elon finds interesting.#TwitterFiles #CISA #FBIAn arrest is made in the deaths of 4 Idaho college students allegedly murdered by Bryan Christopher Kohberger. We review the Press Conference highlights and some details on Kohberger discovered by the Internet. We learn the Idaho Prosecutor Bill Thompson that Kohberger is in the process of being extradited and that murder weapon has yet to be found.#IdahoStudents #CriminalLaw #Justice

In this week's episode, the cybersecurity experts Bryan Hornung, Reginald Andre, Randy Bryan, and Ryan O'Hara discuss a wide range of cybersecurity topics currently impacting millions of people. In the show, the guys break down how and why the Password Manager provider Lastpass breach will impact millions in the coming months. Toronto Children's Hospital provides more information about their recent ransomware event, coinciding with a joint warning from the FBI & CISA to U.S. hospitals. We discuss what that is all about. As always, we enjoy updating our audience on past attacks, and Suffolk County has provided no shortage of lessons learned for cyber experts to dissect. The crew then discusses the big deal with Okta Source Code discovered on Github. And finally, the Electric Utility contractor data breach raises concerns over the security of the U.S. power grid.

Podcast: The Gate 15 Podcast ChannelEpisode: The Gate 15 Interview EP30: Brian Harrell on Energy & Infrastructure Security, plus baseball, boating & burgers!Pub date: 2022-12-26In this episode of The Gate 15 Interview, Andy Jabbour visits with Brian Harrell, Vice President and Chief Security Officer (CSO) at AVANGRID. Brian currently serves as the Vice President and Chief Security Officer (CSO) at AVANGRID, an energy company with assets and operations in 24 states. He is responsible for the company's cybersecurity, privacy, physical security, threat management, and business continuity.  In 2018, Brian was appointed by the President of the United States to serve as the sixth Assistant Secretary for Infrastructure Protection at the U.S. Department of Homeland Security. He was also the first Assistant Director for Infrastructure Security at the Cybersecurity and Infrastructure Security Agency (CISA). He has spent time during his career in the US Marine Corps and various private sector agencies with the goal of protecting the United States from security threats. Brian is a Board Member and Strategic Advisor to many great companies. Brian on Twitter: @gridsecure  In the discussion we address: Brian's background and path from law enforcement to infrastructure, CISA to AVANGRID  Information Sharing  Preparedness and Best Practices  Evolving threats to energy and infrastructure, including hostile events, insider threats, cyberattacks and nation state threats, 3rd party risk and more  We talk baseball, burgers, and boating, plus shoutouts to some valued friends and partners!  A few references mentioned in or relevant to our discussion include:  AVANGRID. “AVANGRID is a leading sustainable energy company transitioning America toward a clean and connected future headquartered in Orange, CT, and has a footprint in 24 states with $40 billion in assets. Our primary businesses are Avangrid Networks, which serves 3.3 million electric and natural gas customers in the Northeast, and Avangrid Renewables, the third-largest renewable energy company in the U.S. with a diverse onshore and offshore renewable energy portfolio.”  WSJ Pro Research Survey: Preparedness Results, 29 Nov 2022  The Cybersecurity and Infrastructure Security Agency (CISA) release of the Resilient Power Best Practices for Critical Facilities and Sites. This document supports emergency and continuity managers with guidelines, analysis, background material, and references to increase the resilience of backup and emergency power systems during all durations of power outages. Improving power resilience can help the nation withstand and recover rapidly from deliberate attacks, accidents, natural disasters, as well as unconventional stresses, shocks, and threats to our economy and democratic system.  The Electricity Information Sharing and Analysis Center (E-ISAC)  GridEx VII – November 14-15, 2023  Space ISAC  DHS CISA on Cyber-Physical Convergence  Gate 15: Blended Threats (update 1.1): Understanding an Evolving Threat Environment (and numerous other blog posts, papers and exercises)The podcast and artwork embedded on this page are from Gate 15, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

In this episode of The Gate 15 Interview, Andy Jabbour visits with Brian Harrell, Vice President and Chief Security Officer (CSO) at AVANGRID. Brian currently serves as the Vice President and Chief Security Officer (CSO) at AVANGRID, an energy company with assets and operations in 24 states. He is responsible for the company's cybersecurity, privacy, physical security, threat management, and business continuity.  In 2018, Brian was appointed by the President of the United States to serve as the sixth Assistant Secretary for Infrastructure Protection at the U.S. Department of Homeland Security. He was also the first Assistant Director for Infrastructure Security at the Cybersecurity and Infrastructure Security Agency (CISA). He has spent time during his career in the US Marine Corps and various private sector agencies with the goal of protecting the United States from security threats. Brian is a Board Member and Strategic Advisor to many great companies. Brian on Twitter: @gridsecure  In the discussion we address: Brian's background and path from law enforcement to infrastructure, CISA to AVANGRID  Information Sharing  Preparedness and Best Practices  Evolving threats to energy and infrastructure, including hostile events, insider threats, cyberattacks and nation state threats, 3rd party risk and more  We talk baseball, burgers, and boating, plus shoutouts to some valued friends and partners!  A few references mentioned in or relevant to our discussion include:  AVANGRID. “AVANGRID is a leading sustainable energy company transitioning America toward a clean and connected future headquartered in Orange, CT, and has a footprint in 24 states with $40 billion in assets. Our primary businesses are Avangrid Networks, which serves 3.3 million electric and natural gas customers in the Northeast, and Avangrid Renewables, the third-largest renewable energy company in the U.S. with a diverse onshore and offshore renewable energy portfolio.”  WSJ Pro Research Survey: Preparedness Results, 29 Nov 2022  The Cybersecurity and Infrastructure Security Agency (CISA) release of the Resilient Power Best Practices for Critical Facilities and Sites. This document supports emergency and continuity managers with guidelines, analysis, background material, and references to increase the resilience of backup and emergency power systems during all durations of power outages. Improving power resilience can help the nation withstand and recover rapidly from deliberate attacks, accidents, natural disasters, as well as unconventional stresses, shocks, and threats to our economy and democratic system.  The Electricity Information Sharing and Analysis Center (E-ISAC)  GridEx VII – November 14-15, 2023  Space ISAC  DHS CISA on Cyber-Physical Convergence  Gate 15: Blended Threats (update 1.1): Understanding an Evolving Threat Environment (and numerous other blog posts, papers and exercises)

The Vice Society may be upping its marketing game. Royal ransomware may have a connection to Conti. Royal delivers ransom note by hacked printer. KillNet goes after healthcare. CISA's Stakeholder Engagement Strategic Plan. Adam Meyers from CrowdStrike looks at cyber espionage. Giulia Porter from RoboKiller does not want to talk to you about your car's extended warranty. And holiday wishes to all. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/245 Selected reading. Custom-Branded Ransomware: The Vice Society Group and the Threat of Outsourced Development (SentinelOne) Vice Society ransomware gang switches to new custom encryptor (BleepingComputer)  Conti Team One Splinter Group Resurfaces as Royal Ransomware with Callback Phishing Attacks (Trend Micro) Researchers Link Royal Ransomware to Conti Group (SecurityWeek) Major Australian university dealing with suspected cybersecurity attack (7NEWS)  Printers at Queensland's second-largest university spit out ransomware messages after cyber attack (ABC)  Pro-Russian Hacktivist Group ‘KillNet' Threat to HPH Sector (HC3) HHS alert warns KillNet hacktivist group targeted US healthcare entity (SC Media)  HC3 Analyst Note TLP Clear Pro-Russian Hacktivist Group Killnet Threat to HPH Sector December 22, 2022 | AHA (American Hospital Association)  Strategic Plan for Stakeholder Engagement (CISA)

The Godfather banking Trojan has deep roots in older code. FuboTV was disrupted around its World Cup coverage. The Guardian has been hit with an apparent ransomware attack. A threat actor abuses AWS Elastic IP transfer. Moldova may be receiving more Russian attention in cyberspace. CISA releases six industrial control system advisories. Ben Yelin looks at legislation addressing health care security. Our guest is Hugh Njemanze of Anomali with advice on preparing for the holiday break. And criminals are impersonating other criminals' underworld souks. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/243 Selected reading. Godfather: A banking Trojan that is impossible to refuse (Group-IB) FuboTV outage during World Cup semifinal was caused by cyberattack (Record) Guardian hit by serious IT incident believed to be ransomware attack (the Guardian)  Elastic IP Hijacking — A New Attack Vector in AWS (Mitiga) Telegram Hack Exposes Growing Russian Cyber Threat in Moldova (Balkan Insight) Fuji Electric Tellus Lite V-Simulator (CISA) Rockwell Automation GuardLogix and ControlLogix controllers (CISA) ARC Informatique PcVue (CISA) Rockwell Automation MicroLogix 1100 and 1400 (CISA) Delta 4G Router DX-3021 (CISA) Prosys OPC UA Simulation Server (CISA) The scammers who scam scammers on cybercrime forums: Part 3 (Sophos News)

The Cybersecurity and Infrastructure Security Agency is in line for another budget boost under the fiscal 2023 spending agreement, while lawmakers are also reauthorizing CISA's marquee cyber defense program for another year.The fiscal 2023 omnibus spending agreement includes $2.9 billion for CISA, a $313 million increase over its current budget. The funding includes $1.3 billion for the agency's cybersecurity programs, about $230 million more than last year.

This week is a Best of 2022 series. The top 5 episodes of 2022 based on total downloads. Thank you for a great year. Be aware, be safe. Support the show and get access to behind the scenes content as a patron - https://www.patreon.com/SecurityInFive *** Support the podcast with a cup of coffee *** - Ko-Fi Security In Five Mighty Mackenzie - https://www.facebook.com/mightymackie Where you can find Security In Five - https://linktr.ee/binaryblogger Email - bblogger@protonmail.com

BEC takes aim at physical goods (including food). BlackCat ransomware activity increases. Epic Games settles an FTC regulatory case. The InfraGard database was pulled from a dark web auction site. CISA releases forty-one ICS advisories. Rick Howard interviews author Andy Greenberg. Rob Boyce from Accenture examines holiday cyber threats. The growing value of open source intelligence. Twitter says vox populi, vox dei. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/241 Selected reading. FBI, FDA OCI, and USDA Release Joint Cybersecurity Advisory Regarding Business Email Compromise Schemes Used to Steal Food (CISA) Colombian energy supplier EPM hit by BlackCat ransomware attack (BleepingComputer) Events D.C. data published online in apparent ransomware attack (Washington Post)  Fortnite Video Game Maker Epic Games to Pay More Than Half a Billion Dollars over FTC Allegations of Privacy Violations and Unwanted Charges (Federal Trade Commission)  Hacker Halts Sale of FBI's High-Profile InfraGard Database (HackRead)  CISA Releases Forty-One Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency)  Russia's Wartime Cyber Operations in Ukraine: Military Impacts, Influences, and Implications (Carnegie Endowment for International Peace)  How open-source intelligence has shaped the Russia-Ukraine war (GOV.UK) Front-line video makes Ukrainian combat some of history's most watched (Washington Post)  Elon Musk Polls Twitter Users, Asking Whether He Should Step Down (Wall Street Journal) Musk asks: Should I stay as CEO? (Computing) Elon Musk's Twitter Poll Shows Users Want Him to Step Down (Wall Street Journal)  Elon Musk's Twitter poll: 10 million say he should step down (the Guardian)

CISA says Russia's Fancy Bear infiltrated US satellite network Google introduces end-to-end encryption for Gmail on the web NSA cyber director warns of Russian digital assaults on global energy sector Thanks to this week's episode sponsor, Tines  Before Tines, co-founders Eoin and Thomas spent 15 years as senior security operators. Frustrated by the inability to solve for the challenges their teams were facing, they built their own solution. Tines allows security teams to robustly automate mundane, repetitive tasks – without code – so they can focus on their most important work. Visit Tines.com to learn more! For the stories behind the headlines, head to CISOseries.com.

Podcast: Control Loop: The OT Cybersecurity Podcast (LS 28 · TOP 10% what is this?)Episode: Cyber threat intelligence in the OT space.Pub date: 2022-12-14Microsoft offers predictions for Russia's war in Ukraine. A wiper targets the diamond industry. New version of Babuk ransomware hits manufacturing company. Cyberattacks against the manufacturing industry. Cybersecurity for farming equipment. CISA issues ICS advisories. Guest Kaleb Flem, Senior Cyber Threat Intel Analyst at Southern California Edison, discusses maximizing threat intelligence at a utility. And, in Part 2 of 2 on the Learning Lab, Mark Urban and Dragos' CISO Steve Applegate talk about starting an OT cybersecurity program.Control Loop News Brief.Predictions for Russia's war in Ukraine.Preparing for a Russian cyber offensive against Ukraine this winter (Microsoft)A wiper targets the diamond industry.Fantasy – a new Agrius wiper deployed through a supply‑chain attack (ESET)New version of Babuk ransomware hits manufacturing company.Morphisec Discovers Brand New Babuk Ransomware Variant in Major Attack (Morphisec)Cyberattacks against the manufacturing industry.BlackBerry/Make UK Research Reveals UK Manufacturing Sector Under Threat as Almost Half Suffer Cyberattack in the Last 12 Months (BlackBerry)Cybersecurity for farms.Tractors vs. threat actors: How to hack a farm (ESET)CISA's ICS advisories.CISA Releases Three Industrial Control Systems Advisories (CISA)Iguana triggers blackout.Rogue iguana causes widespread power outage in Lake Worth Beach (The Sun Sentinel)Control Loop Interview.Guest Kaleb Flem, Senior Cyber Threat Intel Analyst at Southern California Edison, discusses maximizing threat intel at a utility.Control Loop Learning Lab.Part 2 of 2 has Dragos CISO Steve Applegate talking with Dragos' Mark Urban about starting an OT cybersecurity program. The podcast and artwork embedded on this page are from CyberWire Inc., which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Roger Grimes is an industry expert and the Data Driven Defense Evangelist for KnowBe4. In this episode, Roger and host Hillarie McClure discuss the recent phishing infographic released by CISA, which covers data collected, lessons learned, and recommendations learned from simulated phishing attacks that CISA has conducted for organizations, as well as the news that Apple will have to start allowing outside app stores on iPhones and iPads, what this means for the company, and more. KnowBe4 is the world's first and largest New-school security awareness training and simulated phishing provider that helps you manage the ongoing problem of social engineering. To learn more about our sponsor, KnowBe4, visit https://knowbe4.com

Episode 194 of the Unsecurity Podcast is now live! This week, Oscar and Brad discuss a CISA alert regarding Veeam backup and replication vulnerabilities being exploited, FBI seizing 48 domains linked to DDoS services, hackers using .svg files to install QBot malware on windows systems, and more.Links:CISA Alert: Veeam Backup and Replication Vulnerabilities Being Exploited in Attacks https://thehackernews.com/2022/12/cisa-alert-veeam-backup-and-replication.htmlFBI Seized 48 Domains Linked to World's Leading DDoS-for-Hire Services https://gbhackers.com/fbi-seized-48-domains/Citrix ADC and Citrix Gateway Security Bulletin for CVE-2022-27518 https://support.citrix.com/article/CTX474995/citrix-adc-and-citrix-gateway-security-bulletin-for-cve202227518Hackers Use SVG Images to Install QBot Malware on Windows Systems https://gbhackers.com/hackers-use-svg-images/Give episode 194 a listen and send any questions, comments, or feedback to unsecurity@protonmail.com Don't forget to like and subscribe!

Microsoft offers predictions for Russia's war in Ukraine. A wiper targets the diamond industry. New version of Babuk ransomware hits manufacturing company. Cyberattacks against the manufacturing industry. Cybersecurity for farming equipment. CISA issues ICS advisories. Guest Kaleb Flem, Senior Cyber Threat Intel Analyst at Southern California Edison, discusses maximizing threat intelligence at a utility. And, in Part 2 of 2 on the Learning Lab, Mark Urban and Dragos' CISO Steve Applegate talk about starting an OT cybersecurity program. Control Loop News Brief. Predictions for Russia's war in Ukraine. Preparing for a Russian cyber offensive against Ukraine this winter (Microsoft) A wiper targets the diamond industry. Fantasy – a new Agrius wiper deployed through a supply‑chain attack (ESET) New version of Babuk ransomware hits manufacturing company. Morphisec Discovers Brand New Babuk Ransomware Variant in Major Attack (Morphisec) Cyberattacks against the manufacturing industry. BlackBerry/Make UK Research Reveals UK Manufacturing Sector Under Threat as Almost Half Suffer Cyberattack in the Last 12 Months (BlackBerry) Cybersecurity for farms. Tractors vs. threat actors: How to hack a farm (ESET) CISA's ICS advisories. CISA Releases Three Industrial Control Systems Advisories (CISA) Iguana triggers blackout. Rogue iguana causes widespread power outage in Lake Worth Beach (The Sun Sentinel) Control Loop Interview. Guest Kaleb Flem, Senior Cyber Threat Intel Analyst at Southern California Edison, discusses maximizing threat intel at a utility. Control Loop Learning Lab. Part 2 of 2 has Dragos CISO Steve Applegate talking with Dragos' Mark Urban about starting an OT cybersecurity program. 

Hour 1 * Guest: Dr. Scott Bradley, * To Preserve the Nation: In the Tradition of the Founding Fathers – FreedomsRisingSun.com * Majority of Americans don't want Biden or Trump to run again in 2024, CNBC survey shows. * ‘Let's Go Brandon' wrapping paper — created by conservative company — expected to double in sales this year: ‘We're having tons of fun with this' – TheBlaze.com * Twitter Files Detail Trump Suspension, Regular Meetings With FBI, DHS. * The latest release of internal Twitter correspondence indicate former First Lady Michelle Obama was instrumental in banning former President Trump. * Twitter executives and employees actively engaged in “visibility filtering” to control user visibility and limit what people see on the platform, What many people call “shadow banning,” Twitter executives and employees call “Visibility Filtering” or “VF”. * Evidence Shows that It's Not Just Twitter and the FBI, the State Department, CISA, Facebook. YouTube and Google Are Also Working to Censure and Ban the Information You Receive. * Twitter CEO Elon Musk confirmed that the platform has imposed search and visibility restrictions on the accounts of political candidates running for office, limiting voters' ability to hear from them. Hour 2 * Billionaire and Democratic mega-donor George Soros poured $50 million into a Democratic super PAC this fall in preparation for the 2024 election cycle, according to Politico. * Soros spent another $50 million throughout the 2022 campaign cycle, with cash going to Democratic groups including the Senate Majority PAC, House Majority PAC and candidates including former Democratic Georgia gubernatorial candidate Stacey Abrams. * FBI Refuses Again to Share the Whole Truth About Seth Rich's Murder – Experts Wonder If Deep State Is Trying to Protect Its Use of a Domestic Spying Database. * Vaccine Passports are back – The G20 group of nations (19 countries plus the European Union) recently agreed to implement global Vaccine Passports under the control of the World Health Organization (WHO). We already know their agenda and what they are pushing—unfettered power and control over every aspect of our lives! * Musk claims his ‘pronouns are Prosecute/Fauci,'. * US Household Wealth Sees Second-Fastest Decline in US History in 2022 Under Joe Biden – The Gateway Pundit. * For years, the government has warned travelers they will need a security-enhanced Real ID to board domestic flights, and for years the requirement has been delayed. Now they mean it. It's a change nearly 20 years in the making. * What is Real ID, anyway? Real ID is a driver's license or identification card that bears a special seal, which signifies that the bearer of the card has been screened and approved according to a standard set by the federal government, rather than just by the state issuing the license. * Beginning May 3, 2023, U.S. travelers flying within the United States will need to show Transportation Security Administration agents either a security-enhanced driver's license that's Real ID-compliant or another T.S.A. -approved form of identification like a passport. A state driver's license that does not contain the Real ID seal will no longer be accepted. --- Support this podcast: https://anchor.fm/loving-liberty/support

* Guest: Dr. Scott Bradley, * To Preserve the Nation: In the Tradition of the Founding Fathers - FreedomsRisingSun.com * Majority of Americans don't want Biden or Trump to run again in 2024, CNBC survey shows. * 'Let's Go Brandon' wrapping paper — created by conservative company — expected to double in sales this year: 'We're having tons of fun with this' - TheBlaze.com * Twitter Files Detail Trump Suspension, Regular Meetings With FBI, DHS. * The latest release of internal Twitter correspondence indicate former First Lady Michelle Obama was instrumental in banning former President Trump. * Twitter executives and employees actively engaged in "visibility filtering" to control user visibility and limit what people see on the platform, What many people call "shadow banning," Twitter executives and employees call "Visibility Filtering" or "VF". * Evidence Shows that It's Not Just Twitter and the FBI, the State Department, CISA, Facebook. YouTube and Google Are Also Working to Censure and Ban the Information You Receive. * Twitter CEO Elon Musk confirmed that the platform has imposed search and visibility restrictions on the accounts of political candidates running for office, limiting voters' ability to hear from them.

In this episode, Omar Turner, Managing Director of Cloud Security at Microsoft, discusses data privacy and protection. Key takeaways: Data protection and privacy Evaluating smaller vs. big companies Stakeholder buy-in Data protection/privacy divergence from security Classifying data Privacy defines who has access Being aware of the data you have Understanding data sovereignty About today's guest: Omar A. Turner is a Managing Director of Cloud Security for Microsoft. He brings over 25 years of experience supporting, deploying, architecting, and securing solutions for startups and globally recognized organizations. He holds numerous certifications, including the CISSP, CCSP, CRISC, CISA, CDPSE, and CISM, and holds B.S. degrees in Mathematics and Computer Science. Omar is passionate about cybersecurity enablement and training and career mentoring for those looking to start their journey in the fantastic and important field of cloud security. LinkedIn: https://www.linkedin.com/in/omarturner/ ___ Thank you so much for checking out this episode of The Tech Trek, and we would appreciate it if you would take a minute to rate and review us on your favorite podcast player. Want to learn more about us? Head over at https://www.elevano.com Have questions or want to cover specific topics with our future guests? Please message me at https://www.linkedin.com/in/amirbormand (Amir Bormand)

A pandemic, a change in administration, inflation issues, and your own personal life can cause stress outside the workplace – but if your workplace is the federal government, you have added pressure to do your job well, so the American people thrive.But what if federal workers are becoming unhappy with their employment? As we forecast the next ten years of policy, federal jobs, and what the future of work is – considering the satisfaction of the federal workforce is vital.The Partnership for Public Service collects data for the Best Places to Work in the Federal Government® rankings, also produced with the Boston Consulting Group. They join us for the Security Clearance Careers podcast to talk about pay, telework, security clearance hot topics and give us an initial preview of this year's data.This podcast is brought to you by the Cybersecurity and Infrastructure Security Agency, known as CISA – the nation's number one cyber defense agency. Today, the agency has grown and evolved, assuring the nation's critical and physical infrastructure is secure, resilient, and reliable. Learn more about CISA career opportunities at www.cisa.gov/careers Hosted on Acast. See acast.com/privacy for more information.

GPT++, Apple Security, CISA Cuba…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.

Today when computer systems fail, they can cause real, physical harm. In just the last few years, we've seen cyber attacks interfere with our food supply, tamper with city water supplies, and disrupt gas pipelines. While cheap consumer electronics often have poor security, medical devices like insulin pumps and pacemakers are also vulnerable to attack - and the consequences of failure can be lethal. The free market doesn't reward better security. Regulations are weak or nonexistent, regulators are understaffed and underfunded. Targeted organizations lack sufficient funding, training and personnel to prepare and respond. They need help. I Am the Cavalry aims to engage technologists and hackers to ride to the rescue. Joshua Corman is VP of Cyber Safety Strategy at Claroty, Founder of I am The Cavalry, and formerly served as Chief Strategist for CISA regarding COVID, healthcare, and public safety. Interview Links I Am The Cavalry: https://iamthecavalry.org/  BSides 2022 Cavalry presentation: https://www.youtube.com/watch?v=aw3egJej7so  The Cavalry Isn't Coming (DEF CON 21 talk): https://www.youtube.com/watch?v=2kMGdkOMSK0  Rugged Software Manifesto: https://github.com/rugged-software/rugged-software.github.io  CISA Bad Practices: https://www.cisa.gov/BadPractices  CISA Information Sharing and Awareness: https://www.cisa.gov/information-sharing-and-awareness  Maslow's Hierarchy of Needs: https://www.simplypsychology.org/maslow.html  Click Here to Kill Everyone: https://www.schneier.com/books/click-here/  SBOM interview: https://podcast.firewallsdontstopdragons.com/2021/07/19/its-time-to-drop-the-sbom/  My Jeff Moss interview: https://podcast.firewallsdontstopdragons.com/2022/08/29/the-night-the-lights-went-out-in-vegas/  Further Info 300th episode promotion: https://fdsd.me/ep300  Patron promotion: https://fdsd.me/coinpromo  Send me your questions! https://fdsd.me/qna  Subscribe to the newsletter: https://fdsd.me/newsletter Check out my book, Firewalls Don't Stop Dragons: https://fdsd.me/book  Become a Patron! https://www.patreon.com/FirewallsDontStopDragons  Donate directly with Monero! https://firewallsdontstopdragons.com/contact/  Would you like me to speak to your group about security and/privacy? http://bit.ly/Firewalls-Speaker Generate secure passphrases! https://d20key.com/#/ Table of Contents Use these timestamps to jump to a particular section of the show. 0:01:28: Giveaway and promotion update 0:02:46: Holiday gift ideas 0:03:59: Interview preview 0:08:35: How did I Am the Cavalry get started? 0:16:52: How does focusing on physical harms change your approach to cybersecurity? 0:20:33: Why is it so important to 'meet people where they are'? 0:23:40: How do you best help organizations that are target rich but cyber poor? 0:31:47: What is the crawl, walk, run progression? 0:34:33: Why is it so important to compartmentalize systems? 0:35:56: How do we do a better job of designing security in from the start? 0:39:01: Is it safer for small companies to use managed services? 0:42:17: What role should the government play here? 0:52:57: If I want to get help for my organization, where should I go? 0:58:18: What's next for the Cavalry and how can I get involved? 1:05:09: Interview wrap-up 1:06:35: Book recommendations 1:07:43: Preview of upcoming shows

Welcome to the TrustedSec Security Podcast – a podcast dedicated to bringing the latest news on information security and the industry. This episode features the following members: Geoff Walton, Justin Bollinger, Alex Hamerstone, and Skyler Tuter.   Announcements   Join the TrustedSec Discord Community TrustedSec is on Discord! Join our server to interact with the security community and the TrustedSec team. Go to discord.gg/trustedsec to join.   Stories Title: FBI, CISA say Cuba ransomware gang extorted $60M from victims this year URL: https://techcrunch.com/2022/12/02/fbi-cisa-cuba-ransomware Author: Carley Page   Title: A new analysis urges CISO's to take strategic steps ahead of the advent of quantum computing. URL: https://www.nextgov.com/emerging-tech/2021/11/report-china-may-steal-encrypted-government-data-now-decrypt-quantum-computers-later/187020/ Author: Brandi Vincent   Title: Lastpass says hackers accessed customer data in new breach URL: https://www.bleepingcomputer.com/news/security/lastpass-says-hackers-accessed-customer-data-in-new-breach/?mibextid=Zxz2cZ Author: Sergiu Gatlan

Cobalt Mirage deploys Drokbk malware. Zombinder in the C2C market. Impersonation scams: that's not Ukraine's Ministry of Digital Transformation. On the cyber front, nothing new. CISA releases three new ICS advisories. Caleb Barlow on attack surface management. Mike Hamilton from Critical Insight explains how state and local governments apply for the $1 billion allocated by the feds for cybersecurity funding. And criminals prey on other criminals. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/235 Selected reading. Drokbk Malware Uses GitHub as Dead Drop Resolver (Secureworks) Zombinder: new obfuscation service used by Ermac, now distributed next to desktop stealers (ThreatFabric) Crypto Winter: Fraudsters Impersonate Ukraine's Government to Steal NFTs and Cryptocurrency (DomainTools) Danish defence ministry says its websites hit by cyberattack (Reuters) Kela website hit by DoS attack (Yle) Advantech iView (CISA)  AVEVA InTouch Access Anywhere (CISA) Rockwell Automation Logix controllers (CISA)  The scammers who scam scammers on cybercrime forums: Part 1 (Sophos News)  Cyber-criminals Scammed Each Other Out of Millions in 2022 (Infosecurity Magazine)

Episode 193 of the Unsecurity Podcast is now live! This week, Oscar and Brad discuss the new CISA reporting rule and what it means for organizations in the critical infrastructure sector. Links:Critical Infrastructure Sectorshttps://www.cisa.gov/critical-infrastructure-sectorsCISA - Reporting Rulehttps://thehackernews.com/2022/12/what-cisa-reporting-rule-means-for-your.htmlhttps://www.congress.gov/bill/117th-congress/house-bill/5440/text?format=txthttps://www.federalregister.gov/documents/2022/09/12/2022-19551/request-for-information-on-the-cyber-incident-reporting-for-critical-infrastructure-act-of-2022https://www.cisa.gov/reporthttps://www.cisa.gov/sites/default/files/publications/Sharing_Cyber_Event_Information_Fact_Sheet_FINAL_v4.pdfGive episode 193 a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com.

The FBI and CISA are releasing this alert to disseminate known Cuba Ransomware Group indicators of compromise and TTPs identified through FBI investigations. FBI and CISA would like to thank BlackBerry, ESET, The National Cyber-Forensics and Training Alliance (NCFTA), and Palo Alto Networks for their contributions to this CSA. AA22-335A Alert, Technical Details, and Mitigations For a downloadable copy of IOCs, see AA22-335A.stix Stopransomware.gov is a whole-of-government approach that gives one central location for ransomware resources and alerts. Resource to mitigate a ransomware attack: CISA-Multi-State Information Sharing and Analysis Center (MS-ISAC) Joint Ransomware Guide. No-cost cyber hygiene services: Cyber Hygiene Services and Ransomware Readiness Assessment. U.S. DIB sector organizations may consider signing up for the NSA Cybersecurity Collaboration Center's DIB Cybersecurity Service Offerings, including Protective Domain Name System services, vulnerability scanning, and threat intelligence collaboration for eligible organizations. For more information on how to enroll in these services, email dib_defense@cyber.nsa.gov  To report incidents and anomalous activity or to request incident response resources or technical assistance related to these threats, contact CISA at report@cisa.gov, or call (888) 282-0870, or report incidents to your local FBI field office.

This episode of the Cyberlaw Podcast delves into the use of location technology in two big events—the surprisingly outspoken lockdown protests in China and the Jan. 6 riot at the U.S. Capitol. Both were seen as big threats to the government, and both produced aggressive police responses that relied heavily on government access to phone location data. Jamil Jaffer and Mark MacCarthy walk us through both stories and respond to the provocative question, what's the difference? Jamil's answer (and mine, for what it's worth) is that the U.S. government gained access to location information from Google only after a multi-stage process meant to protect innocent users' information, and that there is now a court case that will determine whether the government actually did protect users whose privacy should not have been invaded.  Whether we should be relying on Google's made-up and self-protective rules for access to location data is a separate question. It becomes more pointed as Silicon Valley has started making up a set of self-protective penalties on companies that assist law enforcement in gaining access to phones that Silicon Valley has made inaccessible. The movement to punish law enforcement access providers has moved from trashing companies like NSO, whose technology has been widely misused, to punishing companies on a lot less evidence. This week, TrustCor lost its certificate authority status mostly for looking suspiciously close to the National Security Agency and Google outed Variston of Spain for ties to a vulnerability exploitation system. Nick Weaver is there to hose me down. The U.K. is working on an online safety bill, likely to be finalized in January, Mark reports, but this week the government agreed to drop its direct regulation of “lawful but awful” speech on social media. The step was a symbolic victory for free speech advocates, but the details of the bill before and after the change suggest it was more modest than the brouhaha suggests. The Department of Homeland Security's Cyber Security and Infrastructure Security Agency (CISA) has finished taking comments on its proposed cyber incident reporting regulation. Jamil summarizes industry's complaints, which focus on the risk of having to file multiple reports with multiple agencies. Industry has a point, I suggest, and CISA should take the other agencies in hand to agree on a report format that doesn't resemble the State of the Union address. It turns out that the collapse of FTX is going to curtail a lot of artificial intelligence (AI) safety research. Nick explains why, and offers reasons to be skeptical of the “effective altruism” movement that has made AI safety one of its priorities. Today, Jamil notes, the U.S. and EU are getting together for a divisive discussion of the U.S. subsidies for electric vehicles (EV) made in North America but not Germany. That's very likely a World Trade Organziation (WTO) violation, I offer, but one that pales in comparison to thirty years of WTO-violating threats to constrain European data exports to the U.S. When you think of it as retaliation for the use of General Data Protection Regulation (GDPR) to attack U.S. intelligence programs, the EV subsidy is easy to defend. I ask Nick what we learned this week from Twitter coverage. His answer—that Elon Musk doesn't understand how hard content moderation is—doesn't exactly come as news. Nor, really, does most of what we learned from Matt Taibbi's review of Twitter's internal discussion of the Hunter Biden laptop story and whether to suppress it. Twitter doesn't come out of that review looking better. It just looks bad in ways we already suspected were true. One person who does come out of the mess looking good is Rep. Ro Khanna (D.-Calif.), who vigorously advocated that Twitter reverse its ban, on both prudential and principled grounds. Good for him. Speaking of San Francisco Dems who surprised us this week, Nick notes that the city council in San Francisco approved the use of remote-controlled bomb “robots” to kill suspects. He does not think the robots are fit for that purpose.   Finally, in quick hits: Meta was fined $275 million for allowing data scraping for personal data. Nick and Jamil tell us that Snowden has at last shown his true colors. Jamil has unwonted praise for Apple, which persuaded TSMC to make more advanced chips in Arizona than it originally planned. And I try to explain why the decision of the DHS cyber safety board to look into the Lapsus$ hacks seems to drawing fire.

A Chinese cyberespionage campaign is believed to be active in the Middle East. Poor quality control turns ransomware into a wiper, and a typo crashes a cryptojacker. A large DDoS attack is reported to have hit a Russian state-owned bank. Privateers compromise Western infrastructure to stage cyberattacks. Cyber operations against national morale. A look at the Vice Society. Ben Yelin on the growing concerns over TicTok. Ann Johnson from Afternoon Cyber Tea speaks with Charles Blauner about the evolution of the CISO role. And CISA has added an entry to its Known Exploited Vulnerabilities Catalog. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/232 Selected reading. BackdoorDiplomacy Wields New Tools in Fresh Middle East Campaign (Bitdefender Labs)  The Story of a Ransomware Turning into an Accidental Wiper | FortiGuard Labs (Fortinet Blog)  Syntax errors are the doom of us all, including botnet authors (Ars Technica)  Russia's No. 2 bank VTB suffers largest DDoS in history (Computing)  Russia compromises major UK and US organisations to attack Ukraine (Lupovis)  Russia's online attacks target Ukrainians' feelings (POLITICO)  Vice Society: Profiling a Persistent Threat to the Education Sector (Unit 42) CISA Adds One Known Exploited Vulnerability to Catalog (CISA)

GitHub Actions vulnerability, US bans sales of Huawei, TrueNAS open source hyperconverged storage, and more. Tesla finally delivers its first production Semi Artifact poisoning in GitHub Actions imports malware via software pipelines US bans sales of Huawei, Hikvision, ZTE, and Dahua equipment FBI, CISA say Cuba ransomware gang extorted $60M from victims this year Data security concerns are driving changes in US consumer behavior and demands iXsystems VP of Marketing Mario Blandini talks about TrueNAS' open source storage and how it can be leveraged in a wide range of environments Hosts: Louis Maresca, Brian Chee, and Curtis Franklin Guest: Mario Blandini Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: onlogic.com/TWIT hover.com/twit Code Comments

Cuba ransomware pulls in $60 million. CISA releases three ICS advisories. DDoSing the Vatican. Andrea Little Limbago from Interos on the implications of Albania cutting off diplomatic ties with Iran. Our space correspondent Maria Varmazis speaks with Brandon Bailey about Space Attack Research and Tactic Analysis matrix. And how Google supports Ukrainian startups in wartime. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/230 Selected reading. Alert (AA22-335A) #StopRansomware: Cuba Ransomware (CISA) Novel News on Cuba Ransomware: Greetings From Tropical Scorpius (Palo Alto Networks Unit 42) New ways we're supporting Ukraine (Google) 25 new startup recipients of the Ukraine Support Fund (Google) Vatican shuts down its website amid hacking attempts (Cybernews)

A very busy Wednesday show starts off with some newly released emails from discovery in the Missouri v. Biden case that give us an idea of what CISA is actually doing with our tax dollars. Then we move on to some more censorship talk regarding Twitter, some Andrew Tate commentary on how the world really […] The post Dark To Light: What Is CISA REALLY Doing appeared first on Radio Influence.

Picture of the Week. iSpoof you no more. Here come the Freebie Bots! Anatomy of the real-time Cryptocurrency heist. Lookin' for something to do? Boa server vulnerability. The dilemma of closed-source Chinese networking products. The Cyber Defense Index. Malicious Docker Hub images. Since we've been tracking 0-days for a while. CISA on Mastodon. Miscellany. Closing The Loop. SpinRite. Show Notes https://www.grc.com/sn/SN-899-Notes.pdf   Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow plextrac.com/twit nordlayer.com/twit

Picture of the Week. iSpoof you no more. Here come the Freebie Bots! Anatomy of the real-time Cryptocurrency heist. Lookin' for something to do? Boa server vulnerability. The dilemma of closed-source Chinese networking products. The Cyber Defense Index. Malicious Docker Hub images. Since we've been tracking 0-days for a while. CISA on Mastodon. Miscellany. Closing The Loop. SpinRite. Show Notes https://www.grc.com/sn/SN-899-Notes.pdf   Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow plextrac.com/twit nordlayer.com/twit

Picture of the Week. iSpoof you no more. Here come the Freebie Bots! Anatomy of the real-time Cryptocurrency heist. Lookin' for something to do? Boa server vulnerability. The dilemma of closed-source Chinese networking products. The Cyber Defense Index. Malicious Docker Hub images. Since we've been tracking 0-days for a while. CISA on Mastodon. Miscellany. Closing The Loop. SpinRite. Show Notes https://www.grc.com/sn/SN-899-Notes.pdf   Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow plextrac.com/twit nordlayer.com/twit

Picture of the Week. iSpoof you no more. Here come the Freebie Bots! Anatomy of the real-time Cryptocurrency heist. Lookin' for something to do? Boa server vulnerability. The dilemma of closed-source Chinese networking products. The Cyber Defense Index. Malicious Docker Hub images. Since we've been tracking 0-days for a while. CISA on Mastodon. Miscellany. Closing The Loop. SpinRite. Show Notes https://www.grc.com/sn/SN-899-Notes.pdf   Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow plextrac.com/twit nordlayer.com/twit

Picture of the Week. iSpoof you no more. Here come the Freebie Bots! Anatomy of the real-time Cryptocurrency heist. Lookin' for something to do? Boa server vulnerability. The dilemma of closed-source Chinese networking products. The Cyber Defense Index. Malicious Docker Hub images. Since we've been tracking 0-days for a while. CISA on Mastodon. Miscellany. Closing The Loop. SpinRite. Show Notes https://www.grc.com/sn/SN-899-Notes.pdf   Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow plextrac.com/twit nordlayer.com/twit

Picture of the Week. iSpoof you no more. Here come the Freebie Bots! Anatomy of the real-time Cryptocurrency heist. Lookin' for something to do? Boa server vulnerability. The dilemma of closed-source Chinese networking products. The Cyber Defense Index. Malicious Docker Hub images. Since we've been tracking 0-days for a while. CISA on Mastodon. Miscellany. Closing The Loop. SpinRite. Show Notes https://www.grc.com/sn/SN-899-Notes.pdf   Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow plextrac.com/twit nordlayer.com/twit

Another pentesting tool may soon be abused by threat actors. Cyberattack disrupts Guadeloupe. Ducktail evolves and expands. Warning of the potential disruption cyberattacks might work against European ports. CISA releases eight industrial control system advisories. Patrick Tiquet, VP of Security and Architecture at Keeper Security, talks about the FedRAMP authorization process. Bryan Vorndran of the FBI Cyber Division with reflections on ransomware. And stay safe on Black Friday (and Cyber Monday, and Panic Saturday, and…you get the picture. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/225 Selected reading. Nighthawk: An Up-and-Coming Pentest Tool Likely to Gain Threat Actor Notice (Proofpoint) Making Cobalt Strike harder for threat actors to abuse (Google Cloud Blog) Guadeloupe government fights 'large-scale' cyberattack (AP NEWS) Vietnam-Based Ducktail Cybercrime Operation Evolving, Expanding (SecurityWeek) Cyber as important as missile defences - ex-NATO general (Reuters) CISA Releases Eight Industrial Control Systems Advisories (CISA)  Black Friday and Cyber Monday risks. (CyberWire)