Podcasts about Fancy Bear

Register for Free, Live webcasts & summits:https://poweredbybhis.com00:00 - PreShow Banter™ — I just want Jorts!05:42 - Blackmailing A.I. - Talkin' Bout [infosec] News 2025-05-2707:01 - Story # 1: Experimental drones developed to neutralize mass shooters, disable weapons11:29 - Story # 2: How a global malware operation was taken down from a federal court in Georgia13:50 - Story # 3: Judge allows Workday AI bias lawsuit to proceed as collective action15:23 - Marker 1719:25 - Story # 4: Anthropic's new AI model turns to blackmail when engineers try to take it offline32:19 - Story # 5: TeleMessage customers include DC Police, Andreessen Horowitz, JP Morgan, and hundreds more34:53 - Story # 6: TikTok videos now push infostealer malware in ClickFix attacks36:57 - Story # 7: Beware, Coinbase users. Crypto thieves are taking fingers now40:56 - Story # 8: Signal now blocks Microsoft Recall screenshots on Windows 1143:16 - Story # 9: Suspected InfoStealer Malware Data Breach Exposed 184 Million Logins and Passwords44:54 - Story # 10: Google Chrome's Built-in Manager Lets Users Update Breached Passwords with One Click48:09 - Story # 11: Russian military hackers ‘Fancy Bear' target Western aid supply chains to Ukraine, NSA report says50:13 - Story # 12: Google Gemini AI assistant coming to new cars in 2025, starting with Volvo54:17 - Story # 13: Hacker Conference HOPE Says U.S. Immigration Crackdown Caused Massive Crash in Ticket Sales56:55 - Story # 13b: [HOPE_16] International Travel Tips

Keyboards, 3 am, TikTok, LummaC2, Cityworks, Honeypots, Fancy Bear, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-479

Three Buddy Problem - Episode 47: We unpack a multi-agency report on Russia's APT28/Fancy Bear hacking and spying on Ukraine war supply lines, CISA's sloppy YARA rules riddled with false positives, the ethics of full-disclosure after Akamai dropped Windows Server “BadSuccessor” exploit details, and Sekoia's discovery of thousands of hijacked edge devices repurposed as honeypots. The back half veers into Microsoft's resurrected Windows Recall, Signal's new screenshot-blocking countermeasure, Japan's fresh legal mandate for pre-emptive cyber strikes, and why appliance vendors like Ivanti keep landing in the headlines. Along the way you get hot takes on techno-feudalism, Johnny Ive's rumored AI gadget, and a lively debate over whether publishing exploit code ever helps defenders. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

Keyboards, 3 am, TikTok, LummaC2, Cityworks, Honeypots, Fancy Bear, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-479

Keyboards, 3 am, TikTok, LummaC2, Cityworks, Honeypots, Fancy Bear, Aaran Leyland, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-479

A joint advisory warns of Fancy Bear targeting Western logistics and technology firms. A nonprofit hospital network in Ohio suffers a disruptive ransomware attack. The Consumer Financial Protection Bureau (CFPB) drops plans to subject data brokers to tighter regulations. KrebsOnSecurity and Google block a record breaking DDoS attack. A phishing campaign rerouted employee paychecks. Atlassian patches multiple high-severity vulnerabilities. A Wisconsin telecom provider confirms a cyberattack caused a week-long outage.  VMware issues a Security Advisory addressing multiple high-risk vulnerabilities.  Prosecutors say a 19-year-old student from Massachusetts will plead guilty to hacking PowerSchool. Our guest is Rob Allen, Chief Product Officer at ThreatLocker, discussing deliberate simplicity of fundamental controls around zero trust. Oversharing your call location data. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, today we are joined by Rob Allen, Chief Product Officer at ThreatLocker from RSAC 2025. Rob is discussing the deliberate simplicity of fundamental controls around zero trust. Token theft and phishing attacks bypass traditional MFA protections, letting attackers impersonate users and access critical SaaS platforms — without needing passwords. Listen to Rob's interview here. Learn more from the ThreatLocker team here. Selected Reading Russian GRU Targeting Western Logistics Entities and Technology Companies ( CISA) Ransomware attack disrupts Kettering Health Network in Ohio (Beyond Machines) America's CFPB bins proposed data broker crackdown (The Register) Krebs on Security hit by 'test run' DDoS attack that peaked at 6.3 terabits of data per second (Metacurity) SEO poisoning campaign swipes direct deposits from employees (SC Media) Atlassian Warns of Multiple High-Severity Vulnerabilities Hits Data Center Server (Cybersecurity News) Cellcom Service Disruption Caused by Cyberattack (SecurityWeek) VMware releases patches for security flaws in multiple virtualization products (Beyond Machines) Massachusetts man will plead guilty in PowerSchool hack case (CyberScoop) O2 VoLTE: locating any customer with a phone call  (Mast Database) Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Updates from RSAC 2025. Former NSA cyber chief Rob Joyce warns that AI is rapidly approaching the ability to develop high-level software exploits. An FBI official warns that China is the top threat to U.S. critical infrastructure. Mandiant and Google raise alarms over widespread infiltration of global companies by North Korean IT workers. France accuses Russia's Fancy Bear of targeting at least a dozen French government and institutional entities. SonicWall has issued an urgent alert about active exploitation of a high-severity vulnerability in its Secure Mobile Access appliances. A China-linked APT group known as “TheWizards” is abusing an IPv6 networking feature. Gremlin Stealer emerges as a serious threat. A 23-year-old Scottish man linked to the Scattered Spider hacking group has been extradited from Spain to the U.S. Senators urge FTC action on consumer neural data. New WordPress malware masquerades as an anti-malware plugin. Our guest is Andy Cao from ProjectDiscovery, the Winner of the 20th Annual RSAC™ Innovation Sandbox Contest. Our intern Kevin returns with some Kevin on the Street interviews from the RSAC floor.  Research reveals the risk of juice jacking isn't entirely imaginary.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Andy Cao from ProjectDiscovery, who is the Winner of the 20th Annual RSAC™ Innovation Sandbox Contest 2025 event. Kevin on the Street Joining us this week from RSAC 2025, we have our partner Kevin Magee, Global Director of Cybersecurity Startups at Microsoft for Startups. Stay tuned to the CyberWire Daily podcast for “Kevin on the Street” updates on all things RSAC 2025 from Kevin all week. Today Kevin is joined by Shane Harding CEO of Devicie and Nathan Ostrowski Co-Founder Petrą Security.  You can also catch Kevin on our Microsoft for Startups⁠ Spotlight, brought to you by N2K CyberWire and Microsoft, where we shine a light on innovation, ambition, and the tech trailblazers building the future right from the startup trenches. Kevin and Dave talk with startup veteran and Cygenta co-founder FC about making the leap from hacker to entrepreneur, then speak with three Microsoft for Startups members: Matthew Chiodi⁠ of ⁠Cerby⁠, ⁠Travis Howerton⁠ of ⁠RegScale⁠, and ⁠Karl Mattson⁠ of ⁠Endor Labs⁠. Whether you are building your own startup or just love a good innovation story, listen and learn more here. Selected Reading Ex-NSA cyber boss: AI will soon be a great exploit dev (The Register)  AI makes China leading threat to US critical infrastructure, says FBI official (SC World) North Korean operatives have infiltrated hundreds of Fortune 500 companies (CyberScoop) France Blames Russia for Cyberattacks on Dozen Entities (SecurityWeek) SonicWall OS Command Injection Vulnerability Exploited in the Wild (Cyber Security News) Hackers abuse IPv6 networking feature to hijack software updates (Bleeping Computer)  New Gremlin Stealer Advertised on Hacker Forums Targets Credit Card Data and Login Credentials (GB Hackers) Alleged ‘Scattered Spider' Member Extradited to U.S. (Krebs on Security) Senators Urge FTC Action on Consumer Neural Data, Signaling Heightened Scrutiny (Cooley) New WordPress Malware as Anti-Malware Plugin Take Full Control of Website (Cyber Security News)  iOS and Android juice jacking defenses have been trivial to bypass for years (Ars Technica)Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.In recent months, cybersecurity researchers have observed a surge in the use of a social engineering technique known as "ClickFix." This method involves threat actors presenting users with deceptive error messages that prompt them to manually execute malicious commands, often by copying and pasting scripts into their systems.Raspberry Robin, also known as Roshtyak, is a highly obfuscated malware first discovered in 2021, notable for its complex binary structure and advanced evasion techniques. It primarily spreads via infected USB devices and employs multi-layered execution to obscure its true purpose. A China-linked Advanced Persistent Threat (APT) group, Gelsemium, has been observed targeting Linux systems for the first time, deploying previously undocumented malware in an espionage campaign. Historically known for targeting Windows platforms, this new activity signifies a shift towards Linux, possibly driven by the increasing security of Windows systems.Russia's APT28 hacking group, also known as Fancy Bear or Unit 26165, has developed a novel technique dubbed the “nearest neighbor attack” to exploit Wi-Fi networks remotely.Hackers linked to the Chinese government, known as Salt Typhoon, have deeply infiltrated U.S. telecommunications infrastructure, gaining the ability to intercept unencrypted phone calls and text messages. The group exploited vulnerabilities in the wiretap systems used by U.S. authorities for lawful interception, marking what Senator Mark Warner has called "the worst telecom hack in our nation's history."

Столи з регулюванням висоти, крісла та аксесуари STIYSTIL: https://bit.ly/4d66yXl

Mal wieder ein Angriff auf kritische Infrastruktur Deutschlands. Dieses mal hat es die Deutsche Flugsicherung (DFS) erwischt und obwohl es noch nicht viele Informationen zu diesem Fall gibt, ordnen wir ein was es einzuordnen gibt. Spoiler: Du brauchst kein schlechtes Gefühl zu haben ein Flugzeug zu besteigen. -- Wenn Euch unser Podcast gefallen hat, freuen wir uns über eine Bewertung! Feedback wie z.B. Themenwünsche könnt Ihr uns über sämtliche Kanäle zukommen lassen: Email: podcast@ichglaubeeshackt.de Web: podcast.ichglaubeeshackt.de Instagram: http://instagram.com/igehpodcast

Are Rusia cu adevărat intenția de a pune mâna pe o insulă din Marea Baltică aparținând Suediei? Temerile au crescut după ce în presă a apărut un plan al Ministerului rus al Apărării vizând retrasarea fără consultări cu statele vecine a frontierelor maritime ale Rusiei în Marea Baltică. Între timp, proiectul a fost șters de pe pagina ministerului rus. Dar implicațiile strategice ale unei astfel de mișcări ar fi uriașe. Și nu este singurul gest agresiv al Rusiei pe flancul nordic. Recentele dezvăluiri privind planurile rusești de ocupare a insulei suedeze Gotland ar trebui să fie un ultim semnal de trezire pentru cei care mai cred că războiul lui Putin are drept scop doar ocuparea câtorva kilometri pătrați din teritoriul Ucrainei.Veritabil portavion natural, insula poate asigura controlul asupra celor trei state baltice. Experții militari spun că dacă ar avea insula, Rusia ar putea institui o blocadă aeriană asupra Estoniei, Letoniei și Lituaniei, folosindu-se și de echipamentele deja stocate în exclava Kaliningrad.Micael Bydén, șeful forțelor armate suedeze, se teme că un astfel de gest din partea Rusiei ar putea însemna sfârșitul păcii și stabilității. Oficialul suedez s-a numărat, de altfel, printre primii înalți responsabili europeni care, de la începutul anului, au atras atenția asupra intențiilor Rusiei de a extinde războiul, chiar și pe teritoriul Alianței Atlantice, în cazul prăbușirii Ucrainei.Dar aceasta nu este singura provocare a Rusiei pe flancul nordic.Într-o declarație pentru Politico, premierul finlandez Petteri Orpo a atenționat că Rusia atacă UE pe mai multe fronturi.Conducta de gaz Balticconnector – care leagă statele membre NATO Finlanda și Estonia – a fost ruptă anul trecut, împreună cu cablurile subacvatice de telecomunicații care leagă Estonia de Finlanda și Suedia.Citeste si"Europa are nevoie să își întărească postura de apărare credibilă în fața Rusiei" (Interviu)Regiunea Mării Baltice a înregistrat, de asemenea, perturbări masive ale sistemelor GPS, investigațiile dovedind că sursele de bruiaj se aflau în interiorul Rusiei. Compania aviatică Finnair a suspendat zborurile către orașul Tartu din Estonia din cauza interferențelor.Mai mult, Rusia a trimis sute de migranți peste granița cu Finlanda, ceea ce a determinat Helsinki să închidă frontiera.Dar și alte țări înregistrează o creștere a amenințărilor rusești.Germania, Polonia și Republica Cehă au declarat la începutul lunii mai că au fost vizate de grupul de hackeri Fancy Bear, controlat de Rusia, în timp ce Polonia a arestat în această săptămână nouă membri ai unei  grupări suspecte de sabotaj în sprijinul Rusiei. Între timp, Cehia a acuzat Rusia că plănuiește să-i submineze siguranța feroviară.Aliatul Rusiei, Belarus, a permis, de asemenea, ca mii de migranți să treacă ilegal granițele sale cu Polonia, Lituania și Letonia, mai scrie Politico.„Ceea ce vedem dinspre Rusia ne arată că trebuie să ne pregătim pentru atacuri împotriva infrastructurii noastre critice”, a spus Orpo.Premierul finlandez a cerut UE să-și sporească capacitatea de a răspunde la astfel de amenințări.El dorește ca următoarea agendă strategică a UE, care definește prioritățile blocului pentru perioada 2024-2029, să includă o propunere finlandeză de a crea o Uniune a pregătirii în fața amenințărilor strategice. Ascultați rubrica ”Eurocronica”, cu Ovidiu Nahoi, în fiecare zi, de luni până vineri, de la 8.45 și în reluare duminica, de la 15.00, numai la RFI România

This week we talk about APT28, spoofing, and hybrid warfare.We also discuss the Baltics, Tartu airport, and hacking.Recommended Book: The Middle Passage by James HollisTranscriptIn early May of 2024, the German government formally blamed a Russian hacking group called APT28 for hacking members of the governing German Social Democratic Party in 2023, and warned of unnamed consequences.Those consequences may apply just to APT28, which is also sometimes called "Fancy Bear," or they may apply to the Russian government, as like many Russia-based hacking groups, APT28 often operates hand-in-glove with the Russian military intelligence service, which allows the Russian government to deny involvement in all sorts of attacks on all sorts of targets, while covertly funding and directing the actions of these groups.APT28 reportedly also launched attacks against German defense, aerospace, and information technology companies, alongside other business entities and agencies involved, even tangentially, with Ukraine and its defense measures against Russia's invasion.This hacking effort allegedly began in early 2022, shortly after Russia began its full-scale invasion of Ukraine, and the head of the Russian embassy in Germany has been summoned to account for these accusations—though based on prior attacks and allegations related to them by Russia's intelligence agencies, and the hacking groups it uses as proxies, that summoning is unlikely to result in anything beyond a demonstration of anger on the part of the German government, formally registered with Russia's representative in Berlin.For its part, Russia's government has said that it was in no way involved in any incidents of the kind the German government describes, though Germany's government seems pretty confident in their assessment on this, at this point, having waited a fair while to make this accusation, and utilizing its partnerships with the US, UK, Canada, and New Zealand to confirm attribution.This accusation has been leveled amidst of wave of similar attacks, also allegedly by Russia and its proxies, against other targets in the EU and NATO—including but not limited to the Czech Republic, Lithuania, Poland, Slovakia, and Sweden.Many of these attacks have apparently made use of an at-the-time unknown security flaw in Microsoft software that gave them access to compromised email accounts for long periods of time, allowing them to, among other things, scoop up intelligence reports from folks in the know in these countries, sifting their messages for data that would help Russia's forces in Ukraine.This group, and other Russia GRU, their intelligence service, proxies, have reportedly targeted government and critical infrastructure targets in at least 10 NATO countries since the fourth quarter of 2023, alone, according to analysis by Palo Alto Networks, and experts in this space have said they're concerned these sorts of attacks, while often oriented toward intelligence-gleaning and at times embarrassing their targets, may also be part of a larger effort to weaken and even hobble intelligence, military, and critical infrastructure networks in regional nations, which could, over time, reduce stability in these countries, increase extremism, and possibly prevent them from defending themselves and their neighbors in the event of a more formal attack by Russian forces.What I'd like to talk about today is another sort of attack, allegedly also launched by Russia against their neighbors in this part of the world, but this one a little less well-reported-upon, at this point, despite it potentially being even more broadly impactful.—The Global Positioning System, or GPS, was originally developed in 1973 by the US Department of Defense. Its first satellite was launched in 1978, and its initial, complete constellation of 24 satellites were in orbit and functional in 1993.This satellite network's full functionality was only available to the US military until 2000, when then-President Bill Clinton announced that it would be opened up for civilian use, as well.This allowed aviation and similar industries to start using it on the vehicles and other assets, and normal, everyday people were thenceforth able to buy devices that tapped this network to help them figure out where they were in the world, and get to and from wherever they wanted to go.A high-level explanation of how GPS works is that all of these satellites contain atomic clocks that are incredibly stable and which remain synchronized with each other, all showing the exact same, very precise time. These satellites broadcast signals that indicate what time their clocks currently read.GPS devices, as long as they can connect to the signals broadcast by a few of these satellites, can figure out where they're located by noting the tiny differences in the time between these broadcasts: signals from satellites that are further away will take longer to arrive, and that time difference will be noted by a given device, which then allows it to triangulate a geolocation based on the distance between the device and those several satellites.This is a simple concept that has created in a world in which most personal electronic devices now contain the right hardware and software to tap these satellite signals, compute these distances, and casually place us—via our smartphones, cars, computers, watches, etc—on the world map, in a highly accurate fashion.This type of technology has proven to be so useful that even before it was made available for civilian use, catalyzing the world that we live in today, other governments were already investing in their own satellite networks, most predicated on the same general concept; they wanted to own their own constellation of satellites and technologies, though, just in case, because the GPS network could theoretically be locked down by the US government at some point, and because they wanted to make sure they had their own militarizable version of the tech, should they need it.There are also flaws in the US GPS system that make it less ideal for some use-cases and in some parts of the world, so some GPS copycats fill in the blanks on some of those flaws, while others operate better at some latitudes than vanilla GPS does.All of which brings us to recent troubles that the global aviation industry has had in some parts of the world, related to their flight tracking systems.Most modern aircraft use some kind of global navigation satellite system, which includes GPS, but also Europe's Galileo, Russia's GLONASS, and China's BeiDou, among other competitors.These signals can sometimes be interrupted or made fuzzy by natural phenomena, like solar flares and the weather, and all of these systems have their own peculiarities and flaws, and sometimes the hardware systems they use to lock onto these signals, or the software they use to compute a location based on them, will go haywire for normal, tech-misbehaving reasons.Beginning in the 1990s, though, we began to see electronic countermeasures oriented toward messing with these global navigation satellite system technologies.These technologies, often called satellite navigation deceivers, are used by pretty much every government on the planet, alongside a slew of nongovernment actors that engage in military or terrorist activities, and they operate using a variety of jamming methods, but most common is basically throwing out a bunch of signals that look like GPS or other navigation system signals, and this has the practical effect of rendering these gadgets unusable, because they don't know which signal is legit and which is garbage; a bit like blasting loud noises to keep people from talking to each other, messing with their communication capacity.It's also possible to engage in what's called GPS Spoofing, which means instead of throwing out gobs of garbage signals, you actually send just a few signals that are intended to look legit and to be accepted by, for instance, a plane's GPS device, which then makes the aircraft's navigation systems think the plane is somewhere other than it is—maybe just a little off, maybe on the other side of the planet.Notably, neither of these sorts of attacks are actually that hard to pull off anymore, and it's possible to build a GPS-jamming device at home, if you really want to, though spoofing is a fair bit more difficult. Also worth knowing is that while making your own jammer is absolutely frowned upon by most governments, and it's actually illegal in the US and UK, across most of the world it's kind of a Wild West in this regard, and you can generally get away with making one if you want to, though there's a chance you'd still be arrested if you caused any real trouble with it.And it is possible to cause trouble with these things: most pilots and crew are aware of how these devices work and can watch for their effects, using backup tools to keep tabs on their locations when they need to; but using those backup tools requires a lot more effort and attention, and there's a chance that if they're hit by these issues at a bad moment, when they're distracted by other things, or when they're coming in for a landing or attempting to navigate safely around another aircraft, that could present a dangerous situation.That's why, until May 31, at the minimum, Finnair will no longer be flying to Tartu airport—which is a very small airport in Estonia, but it's home to the Baltic Defense College, which is one of NATO's educational hubs, and losing a daily flight to Tartu (the only daily flight at this particular airport) from Helsinki, will disconnect this area, via plane, at least, from the rest of Europe, which is inconvenient and embarrassing.This daily flight was cancelled because of ongoing disruptions to the airport's GPS system, which was previously an on-and-off sort of thing, but which, since 2022, when Russia launched its full-scale invasion of Ukraine, has become a lot worse. And Tartu relies exclusively on GPS for planes landing at the airport, and thus doesn't have another fallback system, if GPS fails at a vital, dangerous moment.This is a running theme throughout the Baltic region, an area populated by now-democratic NATO members that were formerly part of the Soviet Union, and which are considered to be at risk of a Russian invasion or other sort of attack if the invasion of Ukraine goes Russia's way.Almost all aircraft flying through this area have experienced GPS-jamming issues since 2022, and though that Finnair flight is the only one to have been cancelled as a result of all this jamming, so far, there are concerns that this could really scramble travel and shipping in the region, as it's making all flying in the area that much more risky on a continuous basis.Finland's government is framing this jamming as part of a hybrid warfare effort on Russia's part—alongside other hybrid efforts, like bussing migrants to Finland's borders in order to strain national coffers and nudge politics toward reactionary extremes.Some other nations are thinking along the same lines, though there's a chance that, rather than this jamming representing an intentional assault on these neighboring nations, it may actually be something closer to overflow from other, nearby jamming activities: Russia jamming GPS signals in Ukraine, for instance, or the governance of the Kaliningrad region, which is a Russian enclave separated from the rest of Russia and surrounded by Poland and Lithuania, engaging in their own, localized jamming, and those signals are then picked up across national borders, because that's how these signals work—just like sound can travel further than you might intend.It's possible we're seeing a bit of both here, overflow from that huge regional conflict, but also intentional jabs meant to make life more difficult for NATO nations, stressing their systems and costing them money and other resources, while also maybe testing the region's capacity to cope with such GPS disruptions and blackouts in the event of a potential future conflict.Another point worth making here, though, is that we see a lot of this sort of behavior in conflict zones, globally.FlightRadar24 recently introduced a live GPS jamming map to keep track of this sort of thing, and as of the day I'm recording this, alongside these consistent irregularities in the Baltic region, Ukraine, and parts of Eastern Europe, there's jamming occurring in the Middle East, near Israel, throughout Turkey, which has ongoing conflicts with insurgents in the afflicted areas, a portion of Moldova that is attempting to break away with the support of Russia, similar to what happened in Ukraine back in 2014, a northern portion of India where the Indian government has an ongoing conflict with separatists, and in Myanmar, where the military government is embroiled in fighting with a variety of groups that have unified to overthrow them.This has become common in conflict zones over the past few decades, then, as those who want to deny this data, and the capabilities it grants, to their enemies tend to blanket the relevant airwaves with disruptive noise or incorrect location information, rendering the GPS and similar networks less useful or entirely useless thereabouts.In Ukraine, the military has already worked out ways around this noise and false information, incorporating alternative navigation systems into their infrastructure, allowing them to use whichever one is the most accurate at any given moment.And it's likely, especially if this dynamic continues, which it probably will, as again, this is a fairly easy thing to accomplish, it's likely that spreading out and becoming less reliant on just one navigation system will probably become more common, or possibly even the de facto setup, which will be beneficial in the sense that each of these systems has its own pros and cons, but perhaps less so in that more satellites will be necessary to keep that larger, multi-model network operating at full capacity, and that'll make it more expensive to operate these systems, while also creating more opportunities for satellite collisions up in the relevant orbit—an orbit that's becoming increasingly crowded, and which is already packed with an abundance of no longer operational craft that must be avoided and operated-around.Show Noteshttps://www.dw.com/en/gps-jamming-in-the-baltic-region-is-russia-responsible/a-68993942https://www.bbc.com/news/articles/cne900k4wvjohttps://www.economist.com/the-economist-explains/2024/04/30/who-is-jamming-airliners-gps-in-the-baltichttps://www.ft.com/content/37776b16-0b92-4a23-9f90-199d45d955c3https://www.reuters.com/business/aerospace-defense/what-is-gps-jamming-why-it-is-problem-aviation-2024-04-30/https://www.politico.eu/article/gps-jamming-is-a-side-effect-of-russian-military-activity-finnish-transport-agency-says/https://www.flightradar24.com/data/gps-jamminghttps://www.flightradar24.com/blog/types-of-gps-jamming/https://en.wikipedia.org/wiki/Aviaconversiyahttps://www.reuters.com/world/europe/russian-hackers-targeted-nato-eastern-european-militaries-google-2022-03-30/https://www.cnn.com/2023/12/07/politics/russian-hackers-nato-forces-diplomats/index.htmlhttps://www.reuters.com/technology/cybersecurity/russian-cyber-attacks-targeted-defence-aerospace-sectors-berlin-says-2024-05-03/https://www.aljazeera.com/news/2024/5/3/germany-accuses-russia-of-intolerable-cyberattack-warns-of-consequenceshttps://en.wikipedia.org/wiki/Fancy_Bear This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit letsknowthings.substack.com/subscribe

In today's podcast we cover four crucial cyber and technology topics, including: Finland discloses ongoing Android malware campaign Czechia, Germany say Russia abused Microsoft flaw to spy Wichita officials say public services limited following ransomware Illinois to review language of law protecting biometric data I'd love feedback, feel free to send your comments and feedback to  | cyberandtechwithmike@gmail.com

Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-380

Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland, and more, on this Edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-380

Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-380

Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland, and more, on this Edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-380

EPISODE 106 | Suffer the Children – Pizzagate, Wayfair & the Seeds of QAnon "Without a clear indication of the author's intent, it is difficult or impossible to tell the difference between an expression of sincere extremism and a parody of extremism." In the world of the internet, this is known as Poe's Law, and it's especially applicable to the weird narrative Gordian Knot known as Pizzagate. The adage applies not just to how absurd some beliefs are, but also to the arguments made by people who hold these beliefs. First formulated in 2005 by Nathan Poe, it builds on a 2001 quote by Alan Morgan called Alan's 2nd Law of Newsgroups, which states, “Any sufficiently advanced troll is indistinguishable from a genuine kook.” And that is certainly the case for the wild story that “a hipster-heavy pizza parlor” (as they put it on their website) in the Chevy Chase neighborhood of Washington D.C. is not just a fun family place with pizza, ping pong and live music, but the nerve center for an diabolical child trafficking ring that operates out in the open because they are protected by highly-placed pedophiles in the Democratic party. As an article on Cracked.com puts it, “This is supported by lots of very stupid evidence”. The stakes of the fake narrative are so high that it's become more than just true believers review bombing the place. Workers have been harassed and, on December 4, 2016, a heavily armed man entered the restaurant and started firing guns. The story of Pizzagate is the story of how the conspirasphere went from harmless kookery to being actually, physically dangerous. TRIGGER WARNING: Some pretty disturbing things will be talked about in this episode, so if the subject of child sexual abuse and trafficking is deeply uncomfortable for you, perhaps you should not listen. I mean, it should be uncomfortable to anyone, but you know what I mean. Like what we do? Then buy us a beer or three via our page on Buy Me a Coffee. #ConspiracyClearinghouse #sharingiscaring #donations #support #buymeacoffee You can also SUBSCRIBE to this podcast. Review us here or on IMDb! SECTIONS 03:11 - A note, pedophilia is a mental disorder, victims suffer for many years, how do we handle this problem? 06:31 - How it all began: Hillary Clinton's emails, John Podesta, Anthony Weiner and Huma Abedin; "Carmen Katz" makes allegations, "David Goldberg" shares and extends these 08:46 - Side note: "Carmen Katz" is Cynthia Campbell, "David Goldberg" is an anti-Semitic fake profile; Amanda Rob finds Borce Pejcev in Macedonia, a fake news click bait ecosystem, it really all began with Doug Hagmann of Eerie, PA 12:35 - Russian hackers Fancy Bear, APT28 and Sofacy use "spear phishing " attacks 13:30 - Pedo codes on 4chan: pizza, cheese, hot dogs, dominos and handkerchief codes; Comet Ping Pong gets targeted 16:30 - DumbScribblyUnctious see all sorts of things - murals, art, logos, musical acts and more; Pizzagaters talks of aliens, the Illuminati, Satanic rituals and Arun Rao; Susan Alefantis knew a pedophile, Tony "pasta obsession" Podesta knew Dennis Hastert, another pedophile, and also collects art (including some by Rachel Rose); Amanda Kleinman (Majestic Ape) of Heavy Breathing performs at Sasha Lord's birthday party and "secret pizza" is maybe mentioned, the film "Automatic At Sea", the Clinton Foundation in Haiti, Alex Jones issues a "bulletin" 25:49 - #pizzagate soars, Comet Ping Pong gets hassled, Turkey's Erdoğan jumps on the story, InfoWars spearheads the narrative, fake images proliferate, artists and musicians also harassed, it might all have been coordinated; other businesses (especially pizza places) get targeted, like Roberta's in Brooklyn and East Side Pies in Austin, TX 30:33 - Edgar Maddison Welch storms Comet Ping Pong with guns, InfoWars apologizes, then retracts the apology; white supremacist Jack Posobiec says Welch is a crisis actor; neo-Nazi pubs the Daily Stormer, the Right Stuff and Smoloko News continue the Pizzagate narrative 35:07 - Canadian Andrew Richmond's ice cream shop Sweet Jesus gets the #PedoGate treatment 36:15 - Portland, Oregon's Voodoo Donuts gets the same treatment thanks to talentless poet VeganMikey (Michael Whelan); #donutgate starts trending, building on a previous #donutgate when Ariana Grande and Ricky Alvarez licked food at Wolfee Donuts; Big League Politics's "research organization" Pedo Takedown Crew funds a coordinated harassment campaign and expand the narrative, adding tunnels, schools, and child-smiggling submarines 41:35 - In England, recreational troll Oliver Redmond targets Paul Cheape's vape shop business 43:32 - Mattress Firm gets targeted 45:32 - Frazzledrip: a very nasty fake video (trigger warning - seriously, it's really nasty), QAnon terms "adrenochrome" and "spirit cooking" get added to the Pizzagate lexicon 47:56 - PrincessPeach1987 kicks of the Wayfair affair, the now combined Pizzagate and QAnon make a LOT of noise, it's all nonsense and yet there were real consequences for real people, iMGSRC.ru and US Army Staff Sgt. Richard Ciccarella  57:25 - Cybersteria and the very first QAnon 4chan post Music by Fanette Ronjat More Info Pedophilia defined on Psychology Today Crimes against Children Research Center Facts and Stats About Child Sexual Abuse The possible long-term effects of experiencing child sexual abuse Long-term Effects of Child Sexual Abuse and Molestation on Helping Survivors A review of the long-term effects of child sexual abuse on the National Library of Medicine website Child Molesters: A Behavioral Analysis paper Sexuality of Offenders on the Zero Abuse Project Facts About Homosexuality and Child Molestation by Gregory Herek Everything You Need To Know About Pizzagate (Is Insane) on Cracked.com Pizzagate on RationalWiki Pizzagate: A slice of fake news on Reveal Anatomy of a Fake News Scandal in Rolling Stone Anthony Weiner breaks down after he's sentenced to 21 months for sexting on ABC News How The Bizarre Conspiracy Theory Behind "Pizzagate" Was Spread on BuzzFeed How Hackers Broke Into John Podesta and Colin Powell's Gmail Accounts on Vice Comet Ping Pong - Pizzagate Summary by DumbScribblyUnctious How Pizzagate went from fake news to a real problem for a D.C. business on PolitiFact 'It's a form of addiction' - Tony Podesta's art addiction article in The Guardian Rachel Rose - Aubade: Grendel's Mother (live reading) video Pizzagate, the fake news conspiracy theory that led a gunman to DC's Comet Ping Pong, explained on Vox Pizzagate gunman recorded video for daughters, said he's standing up for children on CBS News Death threats, abuse, then a gunman: 'Pizzagate' businesses relive ordeal in The Guardian  Pizzagate: Gunman fires in restaurant at centre of conspiracy on BBC News What to Know About Pizzagate, the Fake News Story With Real Consequences in Time 'Pizzagate' gunman pleads guilty as conspiracy theorist apologizes over case Is Comet Ping Pong Pizzeria Home to a Child Abuse Ring Led by Hillary Clinton? on Snopes Dissecting the #PizzaGate Conspiracy Theories in the New York Times A Moral Panic for the Age of Trump: “Pizzagate” is the latest in a long line of child-sex-ring myths on Slate The PizzaGate Gunman's Paranoid Rescue Fantasy Comes from a Long American Tradition on Reason 'There's Nothing You Can Do': The Legacy of #Pizzagate on SPLC Secret message board drives 'pizzagate'-style harassment campaign of small businesses on NBC News When Nerds Attack - Gamergate, Elevatorgate & Sad Puppies episode Voodoo Donuts website Voodoo Doughnut Gets Sucked Into Outrageous Far-Right Conspiracy Theory on Eater Wolfee Donuts Pressing Charges Against Ariana Grande Donut-Gate on Ariana Grande fandom wiki Vegan Mikey - bad poet and troll  #Donutgate: How one Oregon donut shop became the target of online conspiracy theorists on Salon Connecting the Dots Between Donutgate and Pizzagate Man jailed for falsely branding a businessman a ‘dirty paedophile' The Great Mattress Conspiracy: Why Are There So Many Mattress Firm Stores Why Are There So Many Mattress Stores? A wildly popular conspiracy theory about why there are so many Mattress Firm stores is starting to sound less crazy Mattress Firm responds to the wild conspiracy theory about its business that people are going crazy over The Mattress Firm Conspiracy: An Analysis The Mattress Firm Money Laundering Conspiracy Theory on Snopes What Is Frazzledrip? Fake Hillary Clinton Video Builds on Pizzagate Conspiracy Theory in Newsweek Frazzledrip: Is a Hillary Clinton 'Snuff Film' Circulating on the Dark Web? on Snopes Hush Supper Club Full Frazzledrip video (WARNING) Claims that pizza listings on Etsy are selling child pornography are baseless Reddit post that kicked off Wayfair conspiracy theories Outrageously Priced Wayfair Cabinets Lead to Human Trafficking Conspiracy Kids Shipped in Armoires? The Person Who Started the Wayfair Conspiracy Speaks in Newsweek Wayfair: The false conspiracy about a furniture firm and child trafficking on BBC News Baseless Wayfair child-trafficking theory spreads online on AP The bizarre story of how internet conspiracy theorists convinced themselves Wayfair is trafficking children on CBC News A US soldier working at Mar-a-Lago uploaded photos of an underage girl to a Russian website — a closer look at the site reveals a horrific underworld A US Army soldier who worked at Trump's Mar-a-Lago resort uploaded photos of an underage girl to a Russian website, prosecutors say How a reporter found the true story behind a false story of sex trafficking Is Wayfair Trafficking Children Via Overpriced Items? on Snopes MISSING IN KANSAS: Anabel Wilson no longer missing How A QAnon Conspiracy Theory Involving A Wayfair Pillow Left A Metro Detroit Teen Struggling A girl falsely believed to be a victim of the fake Wayfair sex-trafficking ring says she had hives, lost sleep over the conspiracy theory A QAnon con: How the viral Wayfair sex trafficking lie hurt real kids Human Trafficking Rumors: Viral Stories That Do More Harm Than Good at the Polaris Project The Storm Is the New Pizzagate — Only Worse Follow us on social: Facebook Twitter Other Podcasts by Derek DeWitt DIGITAL SIGNAGE DONE RIGHT - Winner of a 2022 Gold Quill Award, 2022 Gold MarCom Award, 2021 AVA Digital Award Gold, 2021 Silver Davey Award, 2020 Communicator Award of Excellence, and on numerous top 10 podcast lists.  PRAGUE TIMES - A city is more than just a location - it's a kaleidoscope of history, places, people and trends. This podcast looks at Prague, in the center of Europe, from a number of perspectives, including what it is now, what is has been and where it's going. It's Prague THEN, Prague NOW, Prague LATER  

The US Department of Justice is at it again with a new team for Operation Dying Ember. Sounds spooky, right? This time it was to undertake a secret court order to remove malware from Ubiquiti devices infected by Fancy Bear. The devices in question had default administration passwords as well as remote admin access on the public Internet. The DOJ reinfected the routers with the original malware used to compromise them in the first place and then used that compromise to remove remote access and clean up the secondary payload that had been installed to turn them into a potential botnet. The DOJ said it would then notify users to do a factory reset and install the latest firmware as well as changing their admin password. There's a lot to unpack here! This and more on the Gestalt IT Rundown hosted by Tom Hollingsworth and guest Max Mortillaro. Hosts: Tom Hollingsworth: https://www.linkedin.com/in/networkingnerd/ Max Mortillaro: https://www.linkedin.com/in/maxmortillaro/ Follow Gestalt IT Website: https://www.GestaltIT.com/ Twitter: https://www.twitter.com/GestaltIT LinkedIn: https://www.linkedin.com/company/Gestalt-IT Tags: #Rundown, #Security, #AI, #DataCenters, #GenAI, #Data, @NGINX, @LockbitTeam, @GestaltIT, @NetworkingNerd, @MaxMortillaro

Scott Shapiro, author, "Fancy Bear Goes Phishing" Tomaš Dvořák - "Game Boy Tune" - "Mark's intro" - "Interview with Scott Shapiro" [0:03:58] - "Mark's comments" [0:36:30] Peter Frampton feat. Courtney Pine - "Boot It Up" [0:53:56] https://www.wfmu.org/playlists/shows/137124

In this week's Source Code podcast we discuss flaws found in Sierra Wireless routers, sanctions announced by the US and UK, and a Microsoft Exchange flaw under attack by the Fancy Bear threat group.

Governments target push notification metadata. Dissecting the latest GRU cyber activities. A look at  Russia's AI-powered Doppelgänger influence campaigns, and how cyber warfare is evolving beyond the battlefield. We've got updates on the Adobe ColdFusion vulnerability, the expanding 23andMe data breach, and insights into the financial impacts of ransomware. Our guest is Camille Stewart Gloster, Deputy National Cyber Director for Technology & Ecosystem Security from the Office of the National Cyber Director at the White House. Plus, discover how the TSA is embracing AI for future security.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Camille Stewart Gloster, Deputy National Cyber Director, Technology & Ecosystem Security from the Office of the National Cyber Director at the White House. Camille shares her views on women in cybersecurity, their efforts in diversity, equity and inclusion and what she sees for the future. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/231 Selected Reading Governments spying on Apple, Google users through push notifications - US senator (Reuters)  Obfuscation and AI Content in the Russian Influence Network “Doppelgänger” Signals Evolving Tactics (Recorded Future) Russian AI-generated propaganda struggles to find an audience (CyberScoop) How cybersecurity teams should prepare for geopolitical crisis spillover (CSO) Russia's Fancy Bear launches mass credential collection campaigns (CSO) The Dragos Community Defense Program Helps Secure Industrial Infrastructure for Small Utilities (Dragos) Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers (CISA) CVE-2023-26360 Detail (NIST) SEC on 23andMe breach (SEC)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

This week on Breaking Badness, Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss the latest accusations against Fancy Bear along with a look at 404 Media's findings about the SIM Swapper group known as The Comm.

I take advantage of Scott Shapiro's participation in this episode of the Cyberlaw Podcast to interview him about his book, Fancy Bear Goes Phishing – The Dark History of the Information Age, in Five Extraordinary Hacks. It's a remarkable tutorial on cybersecurity, told through stories that you'll probably think you already know until you see what Scott has found by digging into historical and legal records. We cover the Morris worm, the Paris Hilton hack, and the earliest Bulgarian virus writer's nemesis. Along the way, we share views about the refreshing emergence of a well-paid profession largely free of the credentialism that infects so much of the American economy. In keeping with the rest of the episode, I ask Bing Image Creator to generate alternative artwork for the book. In the news roundup, Michael Ellis walks us through the “sweeping”™ White House executive order on artificial intelligence. The tl;dr: the order may or may not actually have real impact on the field. The same can probably be said of the advice now being dispensed by AI's “godfathers.”™ -- the keepers of the flame for AI existential risk who have urged that AI companies devote a third of their R&D budgets to AI safety and security and accept liability for serious harm. Scott and I puzzle over how dangerous AI can be when even the most advanced engines can only do multiplication successfully 85% of the time. Along the way, we evaluate methods for poisoning training data and their utility for helping starving artists get paid when their work is repurposed by AI. Speaking of AI regulation, Nick Weaver offers a real-life example: the California DMV's immediate suspension of Cruise's robotaxi permit after a serious accident that the company handled poorly.  Michael tells us what's been happening in the Google antitrust trial, to the extent that anyone can tell, thanks to the heavy confidentiality restrictions imposed by Judge Mehta. One number that escaped -- $26 billion in payments to maintain Google as everyone's default search engine – draws plenty of commentary. Scott and I try to make sense of CISA's claim that its vulnerability list has produced cybersecurity dividends. We are inclined to agree that there's a pony in there somewhere. Nick explains why it's dangerous to try to spy on Kaspersky. The rewards my be big, but so is the risk that your intelligence service will be pantsed. Nick also notes that using Let's Encrypt as part of your man in the middle attack has risks as well – advice he probably should deliver auf Deutsch. Scott and I cover a great Andy Greenberg story about a team of hackers who discovered how to unlock a vast store of bitcoin on an IronKey but may not see a payoff soon. I reveal my connection to the story. Michael and I share thoughts about the effort to renew section 702 of FISA, which lost momentum during the long battle over choosing a Speaker of the House. I note that USTR has surrendered to reality in global digital trade and point out that last week's story about judicial interest in tort cases against social media turned out to be the first robin in what now looks like a remake of The Birds.  Download 479th Episode (mp3) You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@gmail.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug! The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.  

I take advantage of Scott Shapiro's participation in this episode of the Cyberlaw Podcast to interview him about his book, Fancy Bear Goes Phishing – The Dark History of the Information Age, in Five Extraordinary Hacks. It's a remarkable tutorial on cybersecurity, told through stories that you'll probably think you already know until you see what Scott has found by digging into historical and legal records. We cover the Morris worm, the Paris Hilton hack, and the earliest Bulgarian virus writer's nemesis. Along the way, we share views about the refreshing emergence of a well-paid profession largely free of the credentialism that infects so much of the American economy. In keeping with the rest of the episode, I ask Bing Image Creator to generate alternative artwork for the book. In the news roundup, Michael Ellis walks us through the “sweeping”™ White House executive order on artificial intelligence. The tl;dr: the order may or may not actually have real impact on the field. The same can probably be said of the advice now being dispensed by AI's “godfathers.”™ -- the keepers of the flame for AI existential risk who have urged that AI companies devote a third of their R&D budgets to AI safety and security and accept liability for serious harm. Scott and I puzzle over how dangerous AI can be when even the most advanced engines can only do multiplication successfully 85% of the time. Along the way, we evaluate methods for poisoning training data and their utility for helping starving artists get paid when their work is repurposed by AI. Speaking of AI regulation, Nick Weaver offers a real-life example: the California DMV's immediate suspension of Cruise's robotaxi permit after a serious accident that the company handled poorly.  Michael tells us what's been happening in the Google antitrust trial, to the extent that anyone can tell, thanks to the heavy confidentiality restrictions imposed by Judge Mehta. One number that escaped -- $26 billion in payments to maintain Google as everyone's default search engine – draws plenty of commentary. Scott and I try to make sense of CISA's claim that its vulnerability list has produced cybersecurity dividends. We are inclined to agree that there's a pony in there somewhere. Nick explains why it's dangerous to try to spy on Kaspersky. The rewards my be big, but so is the risk that your intelligence service will be pantsed. Nick also notes that using Let's Encrypt as part of your man in the middle attack has risks as well – advice he probably should deliver auf Deutsch. Scott and I cover a great Andy Greenberg story about a team of hackers who discovered how to unlock a vast store of bitcoin on an IronKey but may not see a payoff soon. I reveal my connection to the story. Michael and I share thoughts about the effort to renew section 702 of FISA, which lost momentum during the long battle over choosing a Speaker of the House. I note that USTR has surrendered to reality in global digital trade and point out that last week's story about judicial interest in tort cases against social media turned out to be the first robin in what now looks like a remake of The Birds.  Download 479th Episode (mp3) You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@gmail.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug! The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.  

There's a new Agent Tesla variant. Lost credentials and crypto wallet hacks. Tension between DevSecOps and AI. Fancy Bear makes an attempt on Ukrainian energy infrastructure. A look at NoName057(16). Tim Starks from the Washington Post's Cybersecurity 202. Simone Petrella and Helen Patton discuss People as a security first principle. And cybersecurity jobs seem to be getting tougher (say the people who are doing them). For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/170 Selected reading. New Agent Tesla Variant Being Spread by Crafted Excel Document (Fortinet Blog)  World's Largest Cryptocurrency Casino Stake Hacked for $41 Million (Hackread)  Crypto casino Stake.com loses $41 million to hot wallet hackers (BleepingComputer)  Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach (KrebsOnSecurity)  Global DevSecOps Report on AI Shows Cybersecurity and Privacy Concerns Create an Adoption Dilemma (GitLab) APT28 cyberattack: msedge as a bootloader, TOR and mockbin.org/website.hook services as a control center (CERT-UA#7469) (CERT-UA) Ukraine's CERT Thwarts APT28's Cyberattack on Critical Energy Infrastructure (The Hacker News) Ukraine says an energy facility disrupted a Fancy Bear intrusion (Record) What's in a NoName? Researchers see a lone-wolf DDoS group (Record)  New Research from TechTarget's Enterprise Strategy Group and the ISSA Reveals Continuous Struggles within Cybersecurity Professional Workforce - ISSA International (ISSA International)  Life and Times 2023 Download Landing Page (ISSA International)  E-book: The Life and Times of Cybersecurity Professionals Volume VI (ESG Global)  Layoffs list extended by Malwarebytes, Fortinet, Veriff, SecureWorks (Cybernews)  Learn more about your ad choices. Visit megaphone.fm/adchoices

On this week's show Patrick Gray and Adam Boileau discuss the week's security news. They cover: Why everyone should pay attention to some recent attacks on Okta customers Why third party comms apps are risky af Why are Russian espionage opps using Tor for C2? Surveillance firms abuse Fiji Telco Digicel's SS7 access Much, much more! This week's show is brought to you by Gigamon. Mark Jow, Gigamon's EMEA Technical Director is this week's sponsor guest. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes Cross-Tenant Impersonation: Prevention and Detection | Okta Security BadBazaar espionage tool targets Android users via trojanized Signal and Telegram apps NCSC-MAR-Infamous-Chisel.pdf Ukraine says an energy facility disrupted a Fancy Bear intrusion Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach – Krebs on Security Telstra-owned Pacific mobile network likely exploited by spies for hire - ABC News CISA, MITRE shore up operational tech networks with adversary emulation platform LogicMonitor customers hit by hackers, because of default passwords | TechCrunch Barracuda thought it drove 0-day hackers out of customers' networks. It was wrong. | Ars Technica Why is .US Being Used to Phish So Many of Us? – Krebs on Security UK cyber agency announces Ollie Whitehouse as its first ever CTO Embattled consulting firm PwC swept up in global cyber breach of file service MOVEit by cybercrime group C10p ONLINE-SCAM-OPERATIONS-2582023.pdf Unmasking Trickbot, One of the World's Top Cybercrime Gangs | WIRED

On this week's show Patrick Gray and Adam Boileau discuss the week's security news. They cover: Why everyone should pay attention to some recent attacks on Okta customers Why third party comms apps are risky af Why are Russian espionage opps using Tor for C2? Surveillance firms abuse Fiji Telco Digicel's SS7 access Much, much more! This week's show is brought to you by Gigamon. Mark Jow, Gigamon's EMEA Technical Director is this week's sponsor guest. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes Cross-Tenant Impersonation: Prevention and Detection | Okta Security BadBazaar espionage tool targets Android users via trojanized Signal and Telegram apps NCSC-MAR-Infamous-Chisel.pdf Ukraine says an energy facility disrupted a Fancy Bear intrusion Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach – Krebs on Security Telstra-owned Pacific mobile network likely exploited by spies for hire - ABC News CISA, MITRE shore up operational tech networks with adversary emulation platform LogicMonitor customers hit by hackers, because of default passwords | TechCrunch Barracuda thought it drove 0-day hackers out of customers' networks. It was wrong. | Ars Technica Why is .US Being Used to Phish So Many of Us? – Krebs on Security UK cyber agency announces Ollie Whitehouse as its first ever CTO Embattled consulting firm PwC swept up in global cyber breach of file service MOVEit by cybercrime group C10p ONLINE-SCAM-OPERATIONS-2582023.pdf Unmasking Trickbot, One of the World's Top Cybercrime Gangs | WIRED

FraudGPT is a chatbot with malign intent. Stealer logs in the C2C market. Signs in the blockchain that some Conti alumni are working with the Akira gang. Tim Starks from Washington Post's Cybersecurity 202 on the White House's new National Cyber Director nominee. Maria Varmazis speaks with David Luber, Deputy Director of NSA's Cybersecurity Directorate, on space systems as critical infrastructure. And a kinetic strike against a cyber target: Ukrainian drones may have hit Fancy Bear's Moscow digs. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/141 Selected reading. FraudGPT: The Villain Avatar of ChatGPT (Netenrich)  Stealer Logs & Corporate Access (Flare) Over 400,000 corporate credentials stolen by info-stealing malware (BleepingComputer) The Alarming Rise of Infostealers: How to Detect this Silent Threat (The Hacker News) Conti and Akira: Chained Together (Arctic Wolf) Ukraine-Russia war: Ukraine vows further drone strikes on Moscow and Crimea (The Telegraph) 

Scott Shapiro is the author of Fancy Bear Goes Phishing: The Dark History of the Information Age in Five Extraordinary Hacks. You can read an excerpt of Fancy Bear at IEEE Spectrum, but in today's episode of Fixing the Future, Shapiro talks with Spectrum editor David Schneider about why cybersecurity can't be fixed with purely technical solutions, why the threat of cyberwarfare tends to be exaggerated, and why cyberespionage will always be with us.

Сегодня в эпизоде:

Yale Law professor Scott Shapiro takes us on an exhilarating journey through the world of cybercrime and hacking, unraveling the captivating stories behind five extraordinary hacks that have left an indelible mark on our information society. From the audacious exploits of Fancy Bear, the elite hacking unit within Russian military intelligence, to lesser-known yet equally astonishing incidents, Scott Shapiro sheds light on the origins, motivations, and consequences of these remarkable cyber intrusions. Our host for this episode is Carl Miller - Research Director at Demos and author of The Death of The Gods: The New Global Power Grab. We'd love to hear your feedback and what you think we should talk about next, who we should have on and what our future debates should be.  Send us an email or voice note with your thoughts to podcasts@intelligencesquared.com or Tweet us @intelligence2.  And if you'd like to get ad-free access to all Intelligence Squared podcasts, including exclusive bonus content, early access to new episodes and much more, become a supporter of Intelligence Squared today for just £4.99, or the equivalent in your local currency .  Just visit intelligencesquared.com/membership to find out more.  Learn more about your ad choices. Visit megaphone.fm/adchoices

Jen's guest today is Professor Scott J. Shapiro, author of the new book FANCY BEAR GOES PHISHING. That's phishing with a PH. But Fancy with an F, as in Fancy Bear, the Russian hack. Subtitled THE DARK HISTORY OF THE INFORMATION AGE, IN FIVE EXTRAORDINARY HACKS. With this book, Scott hopes “that these true-crime stories – some accidental, some not – will engage readers who have little or not prior interest in technology and equip them to read beyond the headlines.” You know Scott from his famous shitposting on Twitter, which he kindly also offers up on Threads. Or, if you're lucky, you've taken a course from him at Yale Law school where he eaks out a meagre existence as the Charles F. Southmayd Professor of Law and Professor of Philosophy. His areas of interest include jurisprudence, international law, constitutional law, criminal law and cybersecurity. He is also Scott the founding director of the Yale CyberSecurity Lab.  Here's some praise for FANCY BEAR GOES PHISHING from author Garrett Graff, “Accessible for regular readers, yet still fun for experts, this delightful book expertly traces the challenge of securing our digital lives and how the optimism of the internet's early pioneers has resulted in an online world today threatened by spies, criminals, and over-eager teen hackers.” In 2017 Scott also co-authored THE INTERNATIONALISTS with Professor Oona Hathaway. And his first book, published in 2011 was called LEGALITY: How a Radical Plan to Outlaw War Remade the World.   Contact Booked Up: You can email Jen & the Booked Up team at: BOOKEDUP@POLITICON.COM or by writing to:  BOOKED UP  P.O. BOX 147 NORTHAMPTON, MA 01061 Get More from Scott J. Shapiro Twitter | Website| Author of FANCY BEAR GOES PHISHING Get More from Jen Taub: taubjen on Threads| Money & Gossip  Substack | Author of BIG DIRTY MONEY 

You've probably encountered phishing emails or computer viruses. Or maybe one or more of your accounts has been hacked or compromised. How and why do hackers hack and what are they generally seeking? Our guest this week points out that understanding the answers to those questions is essential for making sense of the psychological, economic, political and social effects of cybercrime. Scott Shapiro is Southmayd Professor of Law and Professor of Philosophy at Yale Law School. He is the author of a new book called, “Fancy Bear Goes Phishing: The Dark History of the Information Age, in Five Extraordinary Hacks.” The book dives into five historical examples, one of which involves its namesake, Fancy Bear, a Russian cyberintelligence unit responsible for hacking the Democratic National Convention. Shapiro joins WITHpod to discuss some of the biggest inflection points in the history of hacking, why the internet is so vulnerable, the role that generative AI may place in future cybercrime and his thoughts on if we should really be concerned about cyberwar.

The Flea APT sets its sights on diplomatic targets. An update on the Cl0p gang's exploitation of a MOVEit vulnerability. Unpatched TP-Link Archer routers are meeting their match in the Condi botnet. The Muddled Libra threat group compromises companies in a variety of industries. A look into passwordless authentication. Derek Manky of Fortinet describes the Global Threat Landscape. Rick Howard speaks with Rod Wallace from AWS about data lakes. And Fancy Bear noses its way into Ukrainian servers. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/118 Selected reading. Graphican: Flea Uses New Backdoor in Attacks Targeting Foreign Ministries (Symantec) Ke3chang (MITRE) Third MOVEit vulnerability raises alarms as US Agriculture Department says it may be impacted (The Record) PwC and EY impacted by MOVEit cyber attack (Cybersecurity Hub) Norton Parent Says Employee Data Stolen in MOVEit Ransomware Attack (SecurityWeek) MOVEit hack: Gang claims not to have BBC, BA and Boots data (BBC) US govt offers $10 million bounty for info on Clop ransomware (BleepingComputer) Condi DDoS Botnet Spreads via TP-Link's CVE-2023-1389 (Fortinet) CVE-2023-1389 Detail (NIST) Download for Archer AX21 V3 (TP-Link) Threat Group Assessment: Muddled Libra (Unit 42) Axiad and ESG Survey: 82% of Respondents Indicate Passwordless Authentication is a Top Five Priority (PR Newswire) APT28 group used three Roundcube exploits (CVE-2020-35730, CVE-2021-44026, CVE-2020-12641) during another espionage campaign (CERT-UA#6805) (CERT-UA) BlueDelta Exploits Ukrainian Government Roundcube Mail Servers to Support Espionage Activities (The Record) CVE-2020-35730 Detail (NIST) CVE-2023-23397 Detail (NIST)

It's the final episode of the season! Join us for one last action-packed show as we break down all the latest security news in Watchtower Weekly and get nostalgic with a 90s-themed game of Play Your Passwords Right.

Just how safe is the online world? Yale Professor of Law and Philosophy Scott Shapiro delves into cybersecurity in his book, Fancy Bear Goes Phishing. The book's title derives from the exploits of ‘Fancy Bear', an elite unit of the Russian military intelligence that hacked the US Democratic National Committee in 2016. From a bored graduate student who accidentally crashed the nascent internet, to cyber criminals and bot farms, Shapiro looks at the dark history of the information age. Dr Alice Hutchings first began researching cybercrime in the late 1990s, while working in industry, and is now Director of the Cambridge Cybercrime Centre. She argues that the romanticised image of the underground hacker as an anti-authoritarian ‘lone wolf' who possesses technological wizardry is outdated. Hacking has become industrialised with criminals able to buy ‘off-the-shelf' tools to infect computers. While hackers constantly look to exploit vulnerabilities within the technology, one of the major weak points are users themselves. Jenny Radcliffe's job is to expose the flaws and weaknesses in security operations. In People Hacker she explains how she uses a blend of psychology, stagecraft and charm to gain access to computer systems, and reveals how people can boost their security and make her job more difficult. Producer: Katy Hickman

Scott Shapiro is the author of “Fancy Bear Goes Phishing: The Dark History of the Information Age, In Five Extraordinary Hacks," which is available for purchase on Amazon and at other major booksellers. Visit https://getfancybear.com to learn more. This microcast is a short version of our full interview with Shapiro, which you can listen to at https://soundcloud.com/cybercrimemagazine/fancy-bear-goes-phishing-the-dark-history-of-the-information-age-scott-shapiro-author

Scott Shapiro is the author of “Fancy Bear Goes Phishing: The Dark History of the Information Age, In Five Extraordinary Hacks.” In this episode, Shapiro joins host Scott Schober to discuss the book, several of the famous hacks it dives into, and more. “Fancy Bear Goes Phishing: The Dark History of the Information Age, In Five Extraordinary Hacks” will be available for purchase on May 23rd, 2023. It will be available on Amazon and at other major booksellers. Visit https://www.getfancybear.com to learn more. • For more on cybersecurity, visit us at https://cybersecurityventures.com

Elon, Clop, EvalPhP, VMWare, Google, Fancy Bear, Routers, 3CX, Aaran Leyland, and More on this episode of the Security Weekly News.   Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/swn291 

Elon, Clop, EvalPhP, VMWare, Google, Fancy Bear, Routers, 3CX, Aaran Leyland, and More on this episode of the Security Weekly News.   Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn291

Elon, Clop, EvalPhP, VMWare, Google, Fancy Bear, Routers, 3CX, Aaran Leyland, and More on this episode of the Security Weekly News.   Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/swn291 

Play ransomware's new tools. Fancy Bear is out and about. Updates on Sandworm. Ransomware in Russia's war against Ukraine. The US Air Force opens an investigation into the alleged leaker's Air National Guard wing. The Washington Post's Tim Starks joins us with insights on the Biden administration's attempts to better secure the water supply. Carole Theriault chats with Cisco Talos' Vanja Svacjer about the threat landscape, now and tomorrow. And KillNet's in the education business with a new hacker course: “Dark School.”  For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/75 Selected reading. Play Ransomware Group Using New Custom Data-Gathering Tools (Symantec) NCSC-UK, NSA, and Partners Advise about APT28 Exploitation of Cisco Routers (National Security Agency/Central Security Service) APT28 exploits known vulnerability to carry out reconnaissance and deploy malware on Cisco routers (NCSC) State-sponsored campaigns target global network infrastructure (Cisco Talos Blog)  Ukraine remains Russia's biggest cyber focus in 2023 (Google) Fog of War: How the Ukraine Conflict Transformed the Cyber Threat Landscape (Google Threat Analysis Group) M-Trends 2023: Cybersecurity Insights From the Frontlines (Mandiant) Faltering against Ukraine, Russian hackers resort to ransomware: Researchers (Breaking Defense)  Air Force unit in document leaks case loses intel mission (AP NEWS) Pentagon Details Review of Policies for Handling Classified Information (New York Times)  Ukraine at D+419: GRU cyber ops scrutinized. (CyberWire)

Scott Shapiro is the Charles F. Southmayd Professor of Law and Professor of Philosophy at Yale Law School, where he is also the founding director of the Yale CyberSecurity Lab. Robinson and Scott talk about studying at Columbia University under the auspices of the legendary Isaac Levi, Sidney Morgenbesser, and Haim Gaifman before discussing the philosophy of law, one of Scott's areas of expertise. Among the topics they touch on are the distinction between analytic and normative jurisprudence, the problem of the chicken and the egg, and progress in legal thought from Austin to Hart and beyond. Then they turn to Scott's upcoming book, Fancy Bear goes Phishing: The Dark History of the Information Age, in Five Extraordinary Hacks, where Scott explores the intersection of cybersecurity, hacking, and legal philosophy. Scott is also the author of Legality and the host of the Jurisprudence Course podcast, the latter of which will soon have a second season. You can keep up with Scott on Twitter at @scottjshapiro, and preorder Fancy Bear Goes Phishing on Amazon. Fancy Bear Goes Phishing: https://a.co/d/aPv2zpY Legality: https://a.co/d/1qYg0OY Jurisprudence Course: https://open.spotify.com/show/6yOIMnVASRLN2nPLlBL0Dn?si=0de8b550346942d6 Twitter: https://twitter.com/scottjshapiro Outline: 00:00 In This Episode 00:20 Introduction 3:35 Scott the Jurisprude 7:49 War Stories From Columbia 18:36 Analytic Versus Normative Jurisprudence 22:23 The Chicken And The Egg Problem For Jurisprudence 28:03 Austin, Hart, and Progress in Legal Philosophy 44:43 Fancy Bear Goes Phishing 43:23: Cybersecurity and Legal Philosophy 59:02:40 Hacking Paris Hilton's Cell Phone 1:05:07 The Psychology of Hackers Robinson Erhardt researches symbolic logic and the foundations of mathematics at Stanford University. Join him in conversations with philosophers, scientists, weightlifters, artists, and everyone in-between. linktree: https://linktr.ee/robinsonerhardt --- Support this podcast: https://podcasters.spotify.com/pod/show/robinson-erhardt/support

On this week's show Patrick Gray and Adam Boileau discuss the news we missed while on break. Because it's the first show of the year, we split the discussion into themes: Attacks against critical online services like Okta, CircleCI, Slack and Lastpass will increase in volume All the latest global intrigue, from NSO being noped by the US Supreme Court to DDoS attacks in Serbia, Turla's latest campaign, supply chain attacks against Ukraine, why Russia has been more active than we realised and much more A ransomware wrap, a discussion about the rise of data extortion and why it's unlikely to remain a huge problem Why automotive security research will actually be interesting this year PLUS: A bunch of random news! This week's show is brought to you by Trail of Bits. Dan Guido is this week's sponsor guest and he joins us to talk about something they've developed – a zero knowledge proof of exploit technique. Very interesting stuff! Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes First LastPass, now Slack and CircleCI. The hacks go on (and will likely worsen) | Ars Technica Devs urged to rotate secrets after CircleCI suffers security breach | The Daily Swig LastPass: Hackers accessed and copied customers' password vaults - The Record from Recorded Future News GitHub incident allowed attacker to copy Okta's source code - The Record from Recorded Future News Supreme Court dismisses spyware company NSO Group's claim of immunity - The Record from Recorded Future News Serbian government reports ‘massive DDoS attack' amid heightened tensions in Balkans - The Record from Recorded Future News Iran's support of Russia draws attention of pro-Ukraine hackers - The Record from Recorded Future News Pro-Ukraine hackers leak Russian data in hopes someone will make sense of it - The Record from Recorded Future News CISA researchers: Russia's Fancy Bear infiltrated US satellite network Exclusive: Russian hackers targeted U.S. nuclear scientists | Reuters NSA cyber director warns of Russian digital assaults on global energy sector - CyberScoop Notorious Russian hacking group appears to resurface with fresh cyberattacks on Ukraine Military operations software in Ukraine was hit by Russian hackers - The Record from Recorded Future News New supply chain attack targeted Ukrainian government networks - The Record from Recorded Future News Moldovaʼs government hit by flood of phishing attacks - The Record from Recorded Future News Kremlin-backed hackers targeted a “large” petroleum refinery in a NATO nation | Ars Technica Cyber Command conducted offensive operations to protect midterm elections - The Record from Recorded Future News Guardian newspaper hit by suspected ransomware attack, staff told not to come to office - The Record from Recorded Future News British company that helps make semiconductors hit by cyber incident - The Record from Recorded Future News Port of Lisbon website still down as LockBit gang claims cyberattack - The Record from Recorded Future News SickKids: 80% of hospital priority systems back online after LockBit ransomware attack - The Record from Recorded Future News Canada's largest children's hospital struggles to recover from pre-Christmas ransomware attack - The Record from Recorded Future News Canadian copper mine suffers ransomware attack, shuts down mills - The Record from Recorded Future News Los Angeles housing authority says cyberattack disrupting systems - The Record from Recorded Future News The Guardian contacts data protection regulator after suspected ransomware incident - The Record from Recorded Future News Australian fire service operating 85 stations shuts down network after cyberattack - The Record from Recorded Future News San Francisco BART investigating ransomware attack - The Record from Recorded Future News Hackers leak sensitive files following attack on San Francisco transit police New U.S. cyber strategy will require critical infrastructure companies to protect against hacks - The Washington Post Car hackers discover vulnerabilities that could let them hijack millions of vehicles Compromised dispatch system helped move taxis to front of the line | Ars Technica Researcher Deepfakes His Voice, Uses AI to Demand Refund From Wells Fargo Armed With ChatGPT, Cybercriminals Build Malware And Plot Fake Girl Bots Cybercriminals' latest grift: powdered milk and sugar by the truckload - The Record from Recorded Future News This app will self-destruct: How Belarusian hackers created an alternative Telegram for activists - The Record from Recorded Future News Chinese researchers claim to have broken RSA with a quantum computer. Experts aren't so sure. - The Record from Recorded Future News Key bitcoin developer calls on FBI to recover $3.6M in digital coin | Ars Technica Chick-fil-A acknowledges customer account abuse but denies compromise of internal systems - The Record from Recorded Future News Microsoft ends Windows 7 security updates | TechCrunch

On this week's show Patrick Gray and Adam Boileau discuss the news we missed while on break. Because it's the first show of the year, we split the discussion into themes: Attacks against critical online services like Okta, CircleCI, Slack and Lastpass will increase in volume All the latest global intrigue, from NSO being noped by the US Supreme Court to DDoS attacks in Serbia, Turla's latest campaign, supply chain attacks against Ukraine, why Russia has been more active than we realised and much more A ransomware wrap, a discussion about the rise of data extortion and why it's unlikely to remain a huge problem Why automotive security research will actually be interesting this year PLUS: A bunch of random news! This week's show is brought to you by Trail of Bits. Dan Guido is this week's sponsor guest and he joins us to talk about something they've developed – a zero knowledge proof of exploit technique. Very interesting stuff! Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes First LastPass, now Slack and CircleCI. The hacks go on (and will likely worsen) | Ars Technica Devs urged to rotate secrets after CircleCI suffers security breach | The Daily Swig LastPass: Hackers accessed and copied customers' password vaults - The Record from Recorded Future News GitHub incident allowed attacker to copy Okta's source code - The Record from Recorded Future News Supreme Court dismisses spyware company NSO Group's claim of immunity - The Record from Recorded Future News Serbian government reports ‘massive DDoS attack' amid heightened tensions in Balkans - The Record from Recorded Future News Iran's support of Russia draws attention of pro-Ukraine hackers - The Record from Recorded Future News Pro-Ukraine hackers leak Russian data in hopes someone will make sense of it - The Record from Recorded Future News CISA researchers: Russia's Fancy Bear infiltrated US satellite network Exclusive: Russian hackers targeted U.S. nuclear scientists | Reuters NSA cyber director warns of Russian digital assaults on global energy sector - CyberScoop Notorious Russian hacking group appears to resurface with fresh cyberattacks on Ukraine Military operations software in Ukraine was hit by Russian hackers - The Record from Recorded Future News New supply chain attack targeted Ukrainian government networks - The Record from Recorded Future News Moldovaʼs government hit by flood of phishing attacks - The Record from Recorded Future News Kremlin-backed hackers targeted a “large” petroleum refinery in a NATO nation | Ars Technica Cyber Command conducted offensive operations to protect midterm elections - The Record from Recorded Future News Guardian newspaper hit by suspected ransomware attack, staff told not to come to office - The Record from Recorded Future News British company that helps make semiconductors hit by cyber incident - The Record from Recorded Future News Port of Lisbon website still down as LockBit gang claims cyberattack - The Record from Recorded Future News SickKids: 80% of hospital priority systems back online after LockBit ransomware attack - The Record from Recorded Future News Canada's largest children's hospital struggles to recover from pre-Christmas ransomware attack - The Record from Recorded Future News Canadian copper mine suffers ransomware attack, shuts down mills - The Record from Recorded Future News Los Angeles housing authority says cyberattack disrupting systems - The Record from Recorded Future News The Guardian contacts data protection regulator after suspected ransomware incident - The Record from Recorded Future News Australian fire service operating 85 stations shuts down network after cyberattack - The Record from Recorded Future News San Francisco BART investigating ransomware attack - The Record from Recorded Future News Hackers leak sensitive files following attack on San Francisco transit police New U.S. cyber strategy will require critical infrastructure companies to protect against hacks - The Washington Post Car hackers discover vulnerabilities that could let them hijack millions of vehicles Compromised dispatch system helped move taxis to front of the line | Ars Technica Researcher Deepfakes His Voice, Uses AI to Demand Refund From Wells Fargo Armed With ChatGPT, Cybercriminals Build Malware And Plot Fake Girl Bots Cybercriminals' latest grift: powdered milk and sugar by the truckload - The Record from Recorded Future News This app will self-destruct: How Belarusian hackers created an alternative Telegram for activists - The Record from Recorded Future News Chinese researchers claim to have broken RSA with a quantum computer. Experts aren't so sure. - The Record from Recorded Future News Key bitcoin developer calls on FBI to recover $3.6M in digital coin | Ars Technica Chick-fil-A acknowledges customer account abuse but denies compromise of internal systems - The Record from Recorded Future News Microsoft ends Windows 7 security updates | TechCrunch

Top 5 Threat Hunting Headlines - 19 December 2022 OPWNAI: AI THAT CAN SAVE THE DAY OR HACK IT AWAY https://research.checkpoint.com/2022/opwnai-ai-that-can-save-the-day-or-hack-it-away/ ISA Researchers: Russia's Fancy Bear infiltrated US Satellite Network https://www.cyberscoop.com/apt28-fancy-bear-satellite/ Colombian Energy Supplier EPM Hit by BlackCat Ransomware Attack https://www.bleepingcomputer.com/news/security/colombian-energy-supplier-epm-hit-by-blackcat-ransomware-attack/ Russia's Trident Ursa (aka Gamaredon APT) Cyber Conflict Operations Unwavering Since Invasion of Ukraine https://unit42.paloaltonetworks.com/trident-ursa/ FBI's Vetted Info Sharing Network ‘InfraGard' Hacked https://krebsonsecurity.com/2022/12/fbis-vetted-info-sharing-network-infragard-hacked/ Follow Us! Twitter: https://twitter.com/CyborgSecInc LinkedIn: https://www.linkedin.com/company/cyborg-security/ YouTube: https://www.youtube.com/cyborgsecurity Instagram: https://www.instagram.com/cyborgsecinc/ Facebook: https://www.facebook.com/CyborgSecInc

This week, Jason Wood talks: Fancy Bear Nukes, CISA/NSA on PowerShell, and Lots More Crime, as well as all the show Wrap-Ups on the Security Weekly News!   Visit https://www.securityweekly.com/swn for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/swn219

Fancy Bear sighted in Ukrainian in-boxes. Why Russian cyberattacks against Ukraine have fallen short of expectations. ToddyCat APT is active in European and Asian networks. ICEFALL ICS vulnerabilities described. CISA issues ICS vulnerability advisories. Europol makes nine collars. Andrea Little Limbago from Interos on The global state of data protection and sharing. Rick Howard speaks with Michelangelo Sidagni from NopSec on the Future of Vulnerability Management. We are shocked, shocked, to hear of corruption in the FSB For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/119 Selected reading. Ukrainian cybersecurity officials disclose two new hacking campaigns (CyberScoop)  Ukraine Warns of New Malware Campaign Tied to Russian Hackers (Bloomberg Law)  Russian govt hackers hit Ukraine with Cobalt Strike, CredoMap malware (BleepingComputer)  Opinion How Russia's vaunted cyber capabilities were frustrated in Ukraine (Washington Post)  New Toddycat APT Targets MS Exchange Servers in Europe and Asia (Infosecurity Magazine)  Microsoft Exchange servers hacked by new ToddyCat APT gang (BleepingComputer) OT:ICEFALL: 56 Vulnerabilities Caused by Insecure-by-Design Practices in OT (Forescout) From Basecamp to Icefall: Secure by Design OT Makes Little Headway (SecurityWeek) Dozens of vulnerabilities threaten major OT device makers (Cybersecurity Dive)  CISA releases 6 Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency)  Phishing gang behind several million euros worth of losses busted in Belgium and the Netherlands (Europol) Подполковника УФСБ по Самарской области арестовали за кражу криптовалюты у хакера (TASS)