POPULARITY
In this episode of the Power Vertical Podcast, Justin Sherman joins host Brian Whitmore to unpack the complex ecosystem behind Russia's offensive cyber operations. From government agencies like the GRU and SVR to loosely affiliated cybercriminals and patriotic hackers, Sherman explores how these entities operate—often independently, yet in alignment with state interests.
En este episodio de A GUSTO EN MI PIEL by SVR hablamos de una de las moléculas más mencionadas (y no siempre bien entendidas) en el mundo del cuidado facial: el colágeno. ¿Qué es? ¿A qué edad empezamos a perderlo? ¿Cómo podemos estimular su producción desde dentro y desde fuera? ¿Y funcionan realmente las cremas y suplementos con colágeno? Junto a Marina García, farmacéutica experta en dermocosmética, resolvemos todas estas dudas y repasamos los mejores activos para mantener una piel firme, hidratada y luminosa. Conduce el episodio Néstor Amorín, del equipo SVR, y como siempre, cerramos con nuestra sección “Desmontando Mitos”, con Beatriz Garde, Farmacéutica y Training Manager de SVR, donde desvelamos si algunas de las creencias más virales… son verdad o puro cuento.
RISC Zero publishes a white paper for Boundless Protocol. Chaos Labs releases an SVR monitoring dashboard. And Tally raises an $8 million Series A. Read more: https://ethdaily.io/688
Ce 209e épisode de Pos. Report est consacré à deux marins de la classe Ultim, celle des multicoques volants : Tom Laperche et Anthony Marchand.Tandis que le skipper de SVR Lazartigue embarque Franck Cammas cette saison, le skipper d'Actual apprend à connaître l'ancien Gitana 17, acquis cet hiver par son partenaire. Alors que leur bateau est encore en chantier, les deux marins ont profité du week-end de Pâques pour régater dans le cadre du Spi Ouest-France à La Trinité-sur-Mer. Outre la convivialité, pas question de se laisser distancer par les « vieilles » connaissances : l'équipage de Tom Laperche, « made in SVR » devance le Team Banque Populaire de Loïs Berrehar en Open 7,50. Anthony Marchand se contente de la quatrième place en Mach 6,50.S'il leur faut attendre l'été pour la mise à l'eau de leur Ultim, le programme est intense : Anthony Marchand et son équipe démontent - puis remontent - les pièces du futur Actual Ultim 4. Le marin de Plérin raconte aussi l'acquisition du simulateur, jumeau numérique du bateau pour accélérer la prise en main. Le mât est attendu sous peu alors que les travaux « cosmétiques » sont engagés.Côté SVR-Lazartigue, Tom Laperche revient sur la frustration des 5 tentatives hivernales de Trophée Jules Verne et les enseignements tirés en matière de fiabilisation. De nouveaux appendices sont attendus. Il se confie aussi sur sa découverte du mode record… un challenge auquel Anthony Marchand se frotterait bien avec sa nouvelle machine.Après trois années passées aux côtés de François Gabart, ou Pascal Bidégorry, Tom Laperche raconte son tandem avec l'expérimenté Franck Cammas : le vainqueur de la Solitaire du Figaro 2022 espère bien tirer profit de son expérience récente sur la Coupe de l'America en termes de développement et d'innovation.Les deux hommes se projettent enfin sur la Transat Café l'Or (départ le 26 octobre du Havre). Si Anthony Marchand reste mystérieux sur l'identité de son co-skipper, il concède qu'un profil navigateur / routeur a retenu toute son attention, au regard des règles désormais en vigueur (pas de routage depuis la terre). Après ses deuxièmes places en 2021 et 2023, Tom Laperche rêve quant à lui de victoire en 2025 avec des arrivées d'Ultim « dans le même quart d'heure en Martinique ! ».Présenté par la Classe Imer
Apaisée et protégée, c'est ce qu'on attend d'une peau sensible et réactive. Anna, atteinte d'alopécie, nous raconte son quotidien : des réactions inattendues après un simple contact ou un bisou sur la joue, avec des symptômes qui peuvent rapidement devenir inconfortables. Accompagnée de Pauline, elles partagent leurs tips et solutions dermato pour apaiser et protéger la peau.Retrouvez nos conseils et solutions dermato sur Instagram et TikTok : @laboratoire_SVRHébergé par Ausha. Visitez ausha.co/politique-de-confidentialite pour plus d'informations.
Recomendados de la semana en iVoox.com Semana del 5 al 11 de julio del 2021
Las manchas en la piel son una de las inquietudes más frecuentes. En este sexto episodio de "A GUSTO EN MI PIEL” by SVR, nos sumergimos en el mundo del melasma y las diferentes formas de hiperpigmentación. ¿Qué son exactamente? ¿Cómo se clasifican? ¿Qué tratamientos existen para ellas? ¿Es posible prevenirlas eficazmente? Para abordar este tema, nos acompaña la dermatóloga Mar Luque Luna, quien despejará todas las dudas y ofrecerá consejos prácticos para mantener una piel uniforme y saludable. Con Néstor Amorín, del equipo SVR, liderando esta charla, descubriremos cada detalle sobre estas alteraciones en la pigmentación. Y, como no podía faltar, en nuestra sección habitual “Desmontando Mitos”, Beatriz Garde, Farmacéutica y Training Manager de SVR, pondrá a prueba las creencias más populares sobre el cuidado de la piel. ¿Los confirmamos o simplemente… mitos son?
Vitalik outlines a roadmap for Ethereum L2 rollup security. Aave integrates Chainlink's SVR oracle. And the FDIC updates crypto activity guidelines. Read more: https://ethdaily.io/675
Vivre avec une maladie visible sur la peau, ce n'est pas toujours simple : le regard des autres, la confiance en soi, l'inconfort au quotidien… Le psoriasis, c'est bien plus qu'un problème de peau. C'est une maladie inflammatoire qui impacte la qualité de vie et l'estime de soi. Dans cet épisode, Dr Jourdan et @Poussine décryptent cette pathologie, brisent les idées reçues et partagent leurs conseils pour mieux comprendre la maladie, apaiser la peau et améliorer le quotidien.Retrouvez nos conseils et solutions dermato sur Instagram et TikTok : @laboratoire_SVRHébergé par Ausha. Visitez ausha.co/politique-de-confidentialite pour plus d'informations.
In this episode of The Underpowered Hour, hosts Steve Beres and Ike Goss discuss a variety of eclectic Land Rover-related topics. Steve highlights Canada's new Gaia Range Rover, SVR and the debut of the Range Rover London Collection in British Columbia. The duo also covers Land Rover's significant investment in a Portland, Oregon tech hub for autonomous vehicles. Ike announces his purchase of an Austin Healy 3000 and their humorous speculations on the car's condition. They also take a look at intriguing listings on Bring a Trailer, including a unique Suzuki Jimny and a hybrid Series 3/Defender Land Rover. Tune in for these updates and more on Land Rover news and adventures.https://media.landrover.com/en-us/news/2025/03/range-rover-london-collection-makes-debut-range-rover-house-whistlerhttps://bringatrailer.com/listing/1999-suzuki-jimny/
Recomendados de la semana en iVoox.com Semana del 5 al 11 de julio del 2021
La primavera despierta los sentidos, ¡pero no tiene por qué alterar tu piel! En este quinto episodio de "A GUSTO EN MI PIEL” by SVR, nos adentramos en el fascinante concepto del wellaging: ¿es posible envejecer bien? ¿Qué define a una piel que se siente y luce más joven? ¿Cómo podemos tratar manchas, líneas de expresión y arrugas para lograrlo? Para resolver estas cuestiones, contamos con Adela Prada, farmacéutica experta en dermocosmética, quien desglosará los secretos detrás de una piel que irradia juventud. Néstor Amorín, del equipo SVR, estará al frente de esta charla, tomando nota de cada consejo clave. Además, no podía faltar nuestra icónica sección: “Desmontando Mitos”, liderada por Beatriz Garde, Farmacéutica y Training Manager de SVR. ¿Será este el episodio donde descubramos si existe el verdadero secreto de la eterna juventud?
Minister Marjolein Faber van asiel en migratie is vandaag officieel op bezoek in Ter Apel. Ze bezocht eerst de aanmeld locatie om daar te praten over overlast door derdelanders. Een oud-werknemer van ASML en NXP heeft jarenlang belangrijke informatie aan de Russische inlichtingendienst SVR gelekt. Dat blijkt uit de pro-formazitting van de man. Hij zit op dit moment vast. De Autoriteit Consument en Markt heeft een nog onbekend bedrijf een tik op de vingers gegeven voor manipulatie van de gasmarkt. Het bedrijf zou de prijs hebben opgedreven. Werknemers van Elon Musk's Department of Government Efficiency (DOGE) hebben nu ook toegang tot gevoelige overheids-informatie over miljoenen ambtenaren. Dat meldt de Washington Post vandaag. See omnystudio.com/listener for privacy information.
Dans ce hors-série qui aborde la RSE (Responsabilité Sociétale des Entreprises), on reçoit Laure de chez Spring, la marque clean et éco-responsable qui révolutionne le monde de la lessive et des produits d'entretien. De la formulation aux packagings, comment Spring a-t-elle réussi à proposer des produits réellement engagés face aux géants industriels ? Laure nous raconte ce challenge et partage son expérience avec Charlotte, également engagée au sujet de l'éco-responsabilité et des perturbateurs endocriniens chez SVR.Retrouvez nos conseils et solutions dermato sur Instagram et TikTok : @laboratoire_SVRHébergé par Ausha. Visitez ausha.co/politique-de-confidentialite pour plus d'informations.
durée : 00:54:41 - Côté Club - par : Laurent Goumarre - Côté Club, le rendez-vous de toute la scène française et plus si affinités reçoit Edge pour son album "De janvier à janvier", Léo SVR pour son projet "Sunchaser", et NeS pour son EP "Pour 2 vrai. Bienvenue au Club ! - réalisé par : Stéphane LE GUENNEC
durée : 00:54:41 - Côté Club - par : Laurent Goumarre - Côté Club, le rendez-vous de toute la scène française et plus si affinités reçoit Edge pour son album "De janvier à janvier", Léo SVR pour son projet "Sunchaser", et NeS pour son EP "Pour 2 vrai. Bienvenue au Club ! - réalisé par : Stéphane LE GUENNEC
Slovesnost, ki je včeraj potekala v Celovcu, sta pripravila Krščanska kulturna zveza in Narodni svet koroških Slovencev. Njegov predsednik dr. Zdravko Inzko je že uvodoma dejal, da so mu jo zaradi zadržanosti iz zdravstvenih razlogov izročili pred dnevi v njegovem rodnem Rožeku. Podpredsednica Krščanske kulturne zveze Micka Opetnik je podčrtala eno do zaslug nagrajenca - kako je s somišljenikoma Nužejem Tolmajerjem in Jankom Zerzerjem sestavljal predloge in utemeljitev za statut Tischlerjeve nagrade. Dolgoletnega direktorja založbe Mohorjeve družine je orisal Hanzi Filipič: Če bi moral na hitro povedati, kaj je za Franca Kattniga značilno, mi med prvimi pridejo na misel ljubezen do slovenske besede, ljubezen do kulture, umetnosti in knjige, duhovitost, domiselnost, kreativnost, iniciativnost, humor. Med nemško govorečimi je znan pod vzdevkom Ideen-Franz. Za glasbeni del programa je poskrbela moška vokalna skupina Svrž. Na sinočnji slovesnosti v Celovcu so razglasili tudi zmagovalko letošnjega govorniškega natečaja za mlade. To je postala Lea Globočnik, dijakinja dvojezične trgovske akademije, sicer pa prihaja z Gorenjske. Na ogled je bila tudi potujoča razstava o dr. Jošku Tischlerju.
Productos mencionados: Limpieza facial: Gel de 5punto5: https://www.farmaelglobo.com/cosmetica/3155-gel-espumoso-200ml-todo-tipo-de-pieles-5punto5-8770198110929.html?mot_tcid=410ff6a2-a30f-496a-b638-325aaa4dea36 Crema Espuma de Cetaphil: https://www.farmaelglobo.com/cosmetica/2733-cetaphil-crema-espuma-limpiadora-1-envase-473-ml-3499320015707.html?mot_tcid=10e33959-a03a-46a4-ab2c-52f07353e72a Tónico 5punto5 equilibrante: https://www.farmaelglobo.com/cosmetica/1201-tonico-equilibrante-5punto5-8770198110318.html?mot_tcid=cd3ddcb8-e334-4715-9d41-8dc640948344 Esencia B3 de SVR: https://www.farmaelglobo.com/cosmetica/1365-essence-b-150ml-3662361000944.html?mot_tcid=19e8a5d7-9757-4745-bc39-206c6a1d8e6b Serum con ácido hialurónico Age Barrier: https://www.farmaelglobo.com/cosmetica/2302-endocare-hyaluboost-age-barrier-30-ml-8470002094857.html?mot_tcid=f7c8bd6f-bf04-497d-8e16-07574cb49bbbCremas piel mixta grasa: Crema Hydra de Sebiaclear: https://www.farmaelglobo.com/cosmetica/1411-svr-sebiaclear-hydra-40ml-crema-reparadora-3662361003594.html?mot_tcid=2fb6a982-843a-4ada-b921-fe37fe9c631e Crema Biretix Isorepair: https://www.farmaelglobo.com/cosmetica/2427-biretix-isorepair-crema-reparadora-50-ml-8436574361582.html?mot_tcid=c656f0a4-765c-473d-a542-ed90d12f2047 Cremas piel normal a seca: Crema Rapsodia: https://www.farmaelglobo.com/cosmetica/1841-dr-arthouros-alba-formula-rapsodia-alta-recuperacion-balsamo-factores-crecimiento-50-ml-8437026064006.html?mot_tcid=8e099c59-abd2-4b2d-bb53-0f7c81aef969 Crema Redefiner: https://www.farmaelglobo.com/cosmetica/861-hd-redefiner-crema-8424561008008.html?mot_tcid=d651a611-7322-4ea5-942a-c1c8d78849bb Vitamina C: Super C Ferulic de Medik8: https://www.farmaelglobo.com/cosmetica/2368-medik8-super-c-ferulic-30-ml.html?mot_tcid=7490283b-c3e2-4759-845c-fd1a31a931af C Tetra de Medik8: https://www.farmaelglobo.com/cosmetica/2366-medik8-c-tetra-serum-vitamina-c-30-ml.html?mot_tcid=7f93f48c-3764-4470-8a9d-e413cce9a254 Mascarillas hidratantes: Singuladerm: https://www.farmaelglobo.com/cosmetica/2806-singuladerm-biodefense-prebiotic-mask-1-envase-5-8436564667052.html?mot_tcid=47291933-e5c6-4609-b604-0b5972a8e3f2 CABELLO:Pre-champú Aceite de Modesta Cassinello: https://www.farmaelglobo.com/cosmetica/2323-modesta-cassinello-h10-aceite-sublime-30-ml-8436597880237.html?mot_tcid=5268f613-7bef-4fcb-b255-659bf3925f5e Acondicionador de Sendo nutritivo (regalo por 2 uds): https://www.farmaelglobo.com/cuidado-capilar/2195-sendo-acondicionador-hidratante-nutritivo-250-ml-8029352355936.html?mot_tcid=f872d767-3aee-49db-8f1d-41556aa8d237 Gorro revive: https://www.farmaelglobo.com/cuidado-capilar/3036-the-cosmetic-republic-gorro-revive-8437009593332.html?mot_tcid=a6155ffe-a405-48ba-8c4c-28f1adc5ff56 LABIOS: Bálsamo Vinotherapist de Caudalie: https://www.farmaelglobo.com/cosmetica/2731-caudalie-vinotherapist-balsamo-de-labios-3522930004080.html?mot_tcid=a9c0b179-3a43-4075-b7b7-799d5c55e433 Singuladerm Balsamo Peptidos: https://www.farmaelglobo.com/cosmetica/2664-singuladerm-xpert-expression-booster-peptide-balm--8436564667007.html?mot_tcid=47d49894-720a-457a-8a82-a6208756c58f Mia Cosmetic Labial color: MANOS: Manos agrietadas y secas: https://www.farmaelglobo.com/manos-y-pies/2604-svr-xerial-50-extrme-crme-pieds-50ml-crema-hidratante-pies-secos-3662361003235.html?mot_tcid=e4137e60-9f68-4003-b3e4-dbd45d7d711a Manos secas: https://www.farmaelglobo.com/cosmetica/106-crema-deliciosa-para-manos-y-uas-75-ml-3522930003618.html?mot_tcid=b6d0a24d-f7fe-49c2-90a5-02c73c1f23ba CUERPO: Gel de baño: https://www.farmaelglobo.com/cosmetica/743-syndet-emoliente-tendencia-atopica-farmacia-el-globo-8470009295790.html?mot_tcid=5e02ae39-7f12-4e7e-a4ad-e56933619731 Crema Cetaphil: https://www.farmaelglobo.com/corporal/2351-cetaphil-locion-ultra-hidratante-daily-advance-473-ml-3499320013901.html?mot_tcid=112a26eb-bd02-482e-984c-4432825f70a9 Código del podcast: HOLISTICPODCAST
Hannah und Fred besprechen den zweiten Teil des Jahresgutachtens des SVR-Wirtschaft.
Hannah und Fred besprechen die ersten 2 Kapitel des Jahresgutachtens des SVR Wirtschaft.
Recomendados de la semana en iVoox.com Semana del 5 al 11 de julio del 2021
¡Inauguramos la 3ª temporada de “A GUSTO EN MI PIEL” by SVR! En este primer episodio, nos sumergimos en el fascinante mundo del Retinol y todo lo que implica su uso. De la mano de Eduardo Senante, farmacéutico comunitario y experto en dermocosmética, nutricosmética y cuidado capilar, aprenderemos sobre este potente activo. Con más de 60 mil seguidores en redes, Eduardo desvela cómo y cuándo usar el retinol, en qué edades es más recomendable y los pasos clave para su correcta aplicación. Néstor Amorín del equipo de SVR lidera esta entrevista, explorando cada detalle sobre este derivado de la vitamina A; y como ya es tradición, continuamos con la sección “Desmontando Mitos”, en la que Beatriz Garde, Farmacéutica y Training Manager de SVR, nos trae los mitos más virales de las redes sociales sobre el cuidado de la piel. ¿Funcionan realmente o son solo eso, mitos?
Colorado election officials downplay a partial password leak. Over 22,000 CyberPanel instances were targeted in a ransomware attack. Google issues a critical security update for Chrome. Microsoft says Russia's SVR is conducting a wide-ranging phishing campaign. The FakeCall Android banking trojan gains advanced evasion and espionage capabilities. A New 0patch Fix Blocks Malicious Theme Files. iOS malware LightSpy adds destructive features. LinkedIn faces class-action lawsuits over alleged privacy violations. The U.S. charges a Russian national as part of Operation Magnus. On this week's CertByte segment, Chris Hare is joined by Dan Neville to break down a question targeting the Certified Associate in Project Management (CAPM)® certification. An Ex-Disney Staffer Allegedly Adds a Side of Sabotage to Park Menus. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CertByte Segment In this segment, Chris is joined by an N2K Content Developer to help illustrate the learning. This week, Chris is joined by Dan Neville to break down a question targeting the Certified Associate in Project Management (CAPM)® certification by the Project Management Institute®. Today's question comes from N2K's PMI® Certified Associate in Project Management (CAPM®) Practice Test. If you're studying for a certification exam, check out N2K's full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify. To get the full news to knowledge experience, learn more about our N2K Pro subscription at https://thecyberwire.com/pro. Please note: The questions and answers provided here, and on our site, are not actual current or prior questions and answers from these certification publishers or providers. Additional sources: The 9 Most In-Demand Professional Certifications You Can Get Right Now Selected Reading Partial Breach of Election Machine Passwords in Colorado Poses No Risk, State Says (The New York Times) Election Threats Escalating as US Voters Flock to the Polls (BankInfo Security) Massive PSAUX ransomware attack targets 22,000 CyberPanel instances (Bleeping Computer) Critical Chrome Security Update: Patch for Out-of-Bounds & WebRTC Vulnerability (Cyber Security News) Russian spies use remote desktop protocol files in unusual mass phishing drive (The Register) FakeCall Android Trojan Evolves with New Evasion Tactics and Expanded Espionage Capabilities (SecurityWeek) 0patch Blog: We Patched CVE-2024-38030, Found Another Windows Themes Spoofing Vulnerability (0day) (0patch) Recent Version of LightSpy iOS Malware Packs Destructive Capabilities (SecurityWeek) Lawsuits Accuse LinkedIn of Tracking Users' Health Info (GovInfo Security) Feds name a Russian accused of developing Redline (The Register) Fired Employee Allegedly Hacked Disney World's Menu System to Alter Peanut Allergy Information (404 Media) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Spycraft utilizes psychology more than gadgets. Ex-CIA officer Andrew Bustamante reveals the human side of intelligence gathering and deception. [Pt. 2/2 — find Pt. 1 here!] What We Discuss with Andrew Bustamante: The psychology of espionage and the process of recruiting assets, with an emphasis on the importance of building relationships and trust. The CIA uses a process called SADRAT (Spot, Assess, Develop, Recruit, Handle, and Terminate) to develop intelligence sources, which is similar to sales techniques and relationship building. The concept of public, private, and secret lives, highlighting how understanding and accessing someone's secret life is crucial for intelligence work. The strengths and operational styles of the CIA, Russia's SVR, Israel's Mossad, and China's MSS. Anxiety, often viewed negatively in society, can be a valuable asset in intelligence work and other high-performance fields. By reframing anxiety as a potential superpower, individuals can harness its benefits to drive success in their personal and professional lives. And much more — be sure to check out part one of this conversation here if you haven’t already! Full show notes and resources can be found here: jordanharbinger.com/1065 If you love listening to this show as much as we love making it, would you please peruse and reply to our Membership Survey here? And if you're still game to support us, please leave a review here — even one sentence helps! Consider including your Twitter handle so we can thank you personally! This Episode Is Brought To You By Our Fine Sponsors: jordanharbinger.com/deals Sign up for Six-Minute Networking — our free networking and relationship development mini course — at jordanharbinger.com/course! Subscribe to our once-a-week Wee Bit Wiser newsletter today and start filling your Wednesdays with wisdom! Do you even Reddit, bro? Join us at r/JordanHarbinger!
Michael Myers of The Sound Factory returns to discuss the Tuner Challenge at SVR and WCA Finals, as well as the ECA Finals, and some of his plans as the director of ECA. If there are topics or people you'd like to hear over the coming season, please do us a favor and submit them here: https://forms.gle/hz9GsfrZxn92r9qLA Many thanks to ResoNix Sound Solutions for supporting the SQOLOGY Podcast. You can find out more about Resonix Sound Treatment Solutions, along with tons of other info and products, at https://resonixsoundsolutions.com
Ett kyrkbygge utanför Västerås har koppling till rysk underrättelsetjänst och ligger vid en militärt viktig plats. Och det finns fler exempel. Lyssna på alla avsnitt i Sveriges Radio Play. När den nybyggda rysk-ortodoxa kyrkan utanför Västerås står klar reser sig ett 22 meter högt torn med guldig lökkupol mellan trädtopparna. Tornet är betydligt högre än vad detaljplanen tidigare angivit och bland andra Säpo har varit kritiska mot det och varnat för bygget.Församlingen tillhör Moskvapatriarkatet. Det är den del av den rysk-ortodoxa kyrkan som styrs av patriark Kirill. Han kallas Putins påve och är tydligt för kriget i Ukraina. Dessutom har den delen av den rysk-ortodoxa kyrkan långtgående kopplingar till den ryska underrättelsevärlden.– Kyrkan som organisation på toppnivå, och framförallt kyrkans aktiviteter i utlandet – det är någonting som alltid används som ett verktyg av den ryska staten, säger Stefan Ingvarsson, analytiker på Centrum för Östeuropastudier.Därför höjs ögonbrynen när en rysk-ortodox församling, tillhörande Moskvapatriarkatet, fått köpa mark och bygga en stor kyrka vid Västerås flygplats. Det är en av Sveriges beredskapsflygplatser med en erkänt lång och bred landningsbana. Församlingens präst har dessutom belönats med en medalj av SVR - en del av den ryska utrikesunderrättelsetjänsten.– Det finns ju en koppling från företrädare till den rysk-ortodoxa kyrkan här i Sverige och företrädare inom Ryssland och rysk underrättelsetjänst, säger Karl Melin, presschef på Säkerhetspolisen, säpo.Mysteriet på MusköSamtidigt finns det fler exempel där personer eller organisationer med koppling till Ryssland köpt mark nära militärt strategiska platser. I närheten av den stora marinbasen på Muskö håller en rysk affärsman, med kopplingar till den ryska staten, på att bygga en stor lyxvilla.Sverige är inte ensamma om problemet med uppköp av mark och fastigheter som ligger i närheten av skyddsområden.– Det är en ökande trend. Det blir vanligare och vanligare och det sker samtidigt som säkerhetshotet i Europa ökar och säkerhetshotet mot Sverige ökar, säger Henrik Häggström, strategisk rådgivare i totalförsvarsfrågor på Försvarshögskolan.Som det ser ut nu är det inte möjligt att stoppa köp av fastigheter som ligger utanför skyddsområden i Sverige. Men det pågår en diskussion om vad man kan göra för att få bukt med problemet. I Finland – där problematiken är snarlik men mer utbredd – har regeringen nyligen föreslagit en lagändring som gör det omöjligt för ryska medborgare att göra fastighetsaffärer i landet. I Sverige väntas en utredning presenteras i december.– Det som sker i Sverige idag är att det är allt fler som förstår de utmaningar vi står inför, säger Henrik Häggström.Medverkande:Stefan Ingvarsson, analytiker vid Centrum för Östeuropastudier vid Utrikespolitiska institutet.Henrik Häggström, strategisk rådgivare i totalförsvarsfrågor på Försvarshögskolan.Karl Melin, presschef på Säkerhetspolisen, Säpo.Programledare: Claes Aronsson och Sara SundbergProducent: Karin HållstenLjud från: Sveriges Radio, Reuters, Telegramkanalen Agency News, DW, Expressen
Alors que vendredi 23 août marque un an que le cofondateur du groupe de mercenaires russes Wagner Evgueni Prigojine est mort, les activités militaires russes se poursuivent en Afrique. Depuis son décès dans le crash de son avion en Russie, les activités de Wagner en Afrique ont été reprises par l'État russe sous le nom d'Africa Corps. Qu'en est-il de l'évolution du groupe paramilitaire sur le continent depuis un an ? Dimitri Zufferey, membre du collectif All Eyes On Wagner, répond à Sidy Yansané. RFI : Dimitri Zufferey, Depuis la mort d'Evgueni Prigojine et la reprise en main des activités paramilitaires de Wagner par l'État russe, une nouvelle structure appelée Africa Corps a fait son apparition dans le Sahel. Qu'est-ce qui la distingue de Wagner ?Dimitri Zufferey : On pourrait utiliser la métaphore du réfrigérateur et du frigo. « Frigo » a été la marque qui est devenue le terme employé par tout le monde pour désigner un réfrigérateur. Aujourd'hui, Wagner est en quelque sorte un frigo puisque les paramilitaires russes sont tous désignés, peu importe où ils travaillent, sous l'appellation de Wagner, par la presse et même par les spécialistes. Dans le cas de African Initiative, c'est le secteur de la communication qui poursuit ses activités, notamment avec les fermes à trolls. Aujourd'hui, il est très difficile de déterminer à qui il appartient et qui le gère effectivement. On peut parler encore de la Fondation pour les valeurs nationales. Et tout ce secteur de propagande et d'influence qui reste très actif est très probablement piloté par les services de renseignement russes.Et de quelle manière l'appareil sécuritaire du Kremlin pilote l'entité Africa Corps ?La chaîne de commandement n'est pas si simple à comprendre. On a pu analyser et comprendre un peu ce qui se passe, notamment en prenant les photos de réunion officielle entre des Russes et des dirigeants africains du Mali, du Niger, du Burkina Faso par exemple. En regardant précisément quels sont les Russes qui sont présents, on arrive à déterminer quels sont les corps d'armée, quelles sont les unités, les services qui sont présents sur place et qui vont jouer un rôle. En l'occurrence, vous avez le général Averianov qui est un spécialiste des opérations spéciales et psychologiques, et les deux services principaux qui jouent un peu des coudes dans la région sont le SVR, le service de renseignement extérieur, et la GRU, le service des renseignements militaires.Wagner qui est également très présent en Libye depuis l'époque Prigogine, aux côtés du maréchal Khalifa Haftar, et il semblerait que le territoire libyen serve de base arrière à Wagner en Afrique.Effectivement, pour tout ce qui est de la Libye, il y a les bases aériennes du sud du pays comme Al Qaïm par exemple, qui sont toujours sous contrôle des forces du général Haftar. All Eyes On Wagner avait pu documenter en avril dernier l'arrivée notamment d'à peu près 1 800 paramilitaires russes dans cette région, avant d'être en partie dispatchés vers le Niger et le Mali. Comme Wagner est plus ou moins très proche de l'Africa Corps, on utilise aujourd'hui assez indistinctement les deux noms pour désigner des paramilitaires russes.Est ce qu'il y a un objectif militaire clair de l'État russe dans le Sahel ?Wagner et ses franchises dans la région du Sahel, et même partout où Wagner est déployé en Afrique, ma co-autrice Lou Osborne et moi avions évoqué dans notre livre Wagner, enquête au cœur du système Prigojine (Ed. du Faubourg) cette notion de « préservation de régime ». À savoir, tout faire pour apporter une certaine stabilité politique. Pour ce qui est de la lutte contre le djihadisme et les groupes armés et terroristes, il est difficile d'analyser puisqu'il y a très peu d'informations qui remontent depuis les chaînes des commandements et les communications entre l'état-major des forces armées maliennes, par exemple, et les « wagnériens ». On ne sait pas qu'elle est la stratégie exactement poursuivie, mais une volonté de préservation de régime, ça c'est sûr.Au début du mois, les renseignements militaires ukrainiens annonçaient que la défaite de Wagner dans la localité malienne de Tinzaouatène était le fruit d'une coopération avec les rebelles touareg du CSP. Y a-t-il un échange d'informations entre les rebelles et l'État ukrainien, voire même des forces ukrainiennes directement présentes au Mali ?Pour reprendre une métaphore, Vladimir Poutine avait dit à la suite d'un attentat en 1999 qu'il irait « buter les terroristes jusque dans les chiottes ». Les Ukrainiens semblent avoir repris ce même adage en allant traquer les wagnériens aux quatre coins de la planète. Et aujourd'hui, effectivement, la présence des Forces spéciales ukrainiennes au Soudan a pu être démontrée par le groupe de recherche Bellingcat. Mais pour ce qui est de la présence de Forces spéciales ukrainiennes dans le nord du Mali, cela semble peu clair et peu documenté. Ça semble très peu probable qu'il y ait vraiment eu des soldats de l'Ukraine présents sur le terrain malien. Ça ressemble plus à de la communication stratégique ou une opération d'influence, ou peut-être une tentative malheureuse de Kiev de vouloir s'attribuer quelque chose où elle n'aurait pas fait grand-chose.À lire aussiAfrica Corps, le groupe paramilitaire russe dans les pas de Wagner en Afrique?À lire aussiQuel avenir pour le groupe Wagner en Afrique après la mort d'Evgueni Prigojine?
Přerov vzdává boj s bobrem evropským. Zákonem chráněná zvířata letos poškodila hráze rybníků v městském polesí Svrčov, pokáceli velké množství stromů a způsobili desetitísícové škody.
ההיערכות למתקפת הציר האיראני: שיחה עם עפר שלח בעקבות איומי איראן וחזבאללה להגיב על חיסולי הבכירים בטהראן ובביירות, מנתח חוקר המכון, הח"כ לשעבר עפר שלח, את המשמעויות וההשפעות של שני החיסולים האחרונים, ודן בהיערכות הישראלית למתקפת תגובה אפשרית של הציר השיעי: מה ניתן ללמוד לגבי המתקפה הצפויה מהתגובה האיראנית לחיסול הבכיר האיראני בסוריה באפריל האחרון? מה נדרש מישראל בכל הנוגע להיערכות למתקפה שתהיה בסדר גודל כזה – וכיצד צריך להיראות שיתוף הפעולה בנושא עם ארה"ב והגורמים האזוריים? וגם: בהתחשב באתגר שמציבים איראן והציר השיעי לפתחה של ישראל – האם אפשר לנצח מערכה כזו בכלים שמפעילה ישראל היום, ומה נדרש כדי להשיג הכרעה? מגרש הרוסים - פרק 5 | הסיכולים בביירות ובטהראן: האם רוסיה מתנהגת אחרת? בפרק החמישי של "מגרש הרוסים" דנים חוקרי תכנית רוסיה של ה-INSS בהבדלים בין היחס הרוסי למתיחות האזורית כיום לעומת התנהלותה בתקופת מלחמת לבנון השנייה. וגם: הסיפור הלא מוכר על חטיפת דיפלומטים סובייטים על ידי המחבלים בלבנון. לינק לקריקטורה מאתר ה SVR : https://x.com/ArkadyMan/status/1771905056574439712/photo/1 אז מה כן? - פרק 4 : מחקר - הישראלים בוחרים במלחמה ולא בשלום פרק חדש של "אז מה כן? חשיבה מחדש על הקונספציה הישראלית-פלסטינית": עשרה חודשים לתוך המלחמה, בדקנו בקבוצות מיקוד את עמדתם של הישראלים לגבי הסוגיות המדיניות המרכזיות. מסקנותינו: רוב הישראלים מאמינים בהפעלת עוד כוח ולא בהסכמים מדיניים, ומתנגדים לתהליך מדיני שעשוי להוביל למדינה פלסטינית. "יש פה אלמנט מאוד חזק של חוסר אונים", מסבירה ענת נרקיס, פסיכולוגית חברתית שהובילה את קבוצות המיקוד. באשר לעמדות הפוליטיות שלהם, הישראלים נעו ימינה לתפיסה ש"לעולם נחיה על חרבנו". ובכל זאת - מה כן? - הישראלים מבינים שצריך לתקן את הבית לפני שמתקנים את הסביבה האסטרטגית. פרק מיוחד עם ממצאים של מחקר עומק ששופכים אור על המלכוד האסטרטגי בו שרויה החברה הישראלית. סין, הפלסטינים וחרבות ברזל: מה עומד ברקע מאמצי התיווך הסיניים בין פת"ח לחמאס? חוקרת הזירה הסינית במכון, גליה לביא, וחוקר הזירה הפלסטינית, פרופ' קובי מיכאל, מנתחים את המעורבות הסינית במאמצים לפייס בין הפלגים הפלסטיניים, בדגש על פת"ח וחמאס, שהובילה ל"הצהרת בייג'ינג" – הכרזה על התקדמות בפיוס והקמת "ממשלת אחדות זמנית". עד כמה ההצהרה משקפת התקדמות בדרך לפיוס - האם מדובר בהצהרה למראית עין בלבד? מה התמריץ של סין לגלות תוך כדי המלחמה מעורבות פעילה במגעים אלה – מה היא מנסה להשיג בזירה הפלסטינית בפרט ובזירה המזרח תיכונית בכלל? והאם האירוע הזה הוא עוד נדבך בעימות בין סין לארה"ב?
בפרק החמישי של "מגרש הרוסים" דנים חוקרי תכנית רוסיה של ה-INSS בהבדלים בין היחס הרוסי למתיחות האזורית כיום לעומת התנהלותה בתקופת מלחמת לבנון השנייה. וגם: הסיפור הלא מוכר על חטיפת דיפלומטים סובייטים על ידי המחבלים בלבנון. לינק לקריקטורה מאתר ה SVR : https://x.com/ArkadyMan/status/1771905056574439712/photo/1
Recomendados de la semana en iVoox.com Semana del 5 al 11 de julio del 2021
En este episodio de nuestro pódcast, nuestro presentador, Néstor Amorín, nos guía a través de una discusión crucial sobre el cuidado del acné. Está acompañado por María López de la Farmacia Lecrín, una especialista reconocida en el tratamiento del acné desde la oficina de farmacia. María compartirá sus mejores consejos y estrategias para mantener la piel limpia y saludable. Además, contaremos con la experta colaboración de Beatriz Garde, Farmacéutica y Training Manager de SVR, quien aportará su visión profesional sobre el cuidado de la piel. Juntos, proporcionaremos información práctica y útil para que puedas manejar el acné de manera efectiva, explicando qué debemos hacer y qué no para mantenerlo a raya. No te pierdas este episodio lleno de consejos esenciales. #AGustoEnMiPielTemporada2
It's time for another weekly beauty roundup! First up, Leigh's luxurious mascara that curls like a dream, giving Tarte a run for its money. And, the fabulous French Beauty box Kelly brought in to kick off the Olympics in style. Plus, while we'd all love to deck out our makeup bags with Victoria Beckham Beauty, we've discovered an amazing dupe that's under $25 and currently on sale for even less! LINKS TO EVERYTHING MENTIONED: Listen to 'The Treatment With A ‘Benjamin Button Effect' For Your Skin' here. Our spendy and savey recommendations can now be sent straight to your inbox by signing up for our free You Beauty weekly newsletter. Plus, you'll also find exclusive beauty news, reviews, articles, deals and much more! HOURGLASS Veil Soft Focus Setting Spray $83 Embryolisse Lait-Creme Concentre Cream $27 SPENDY: Freezeframe Instant Lash Mascara Xtreme $59 Morphe Jumbo Continuous Prep & Set Mist+ $40 SAVEY: Hi Smile Charlotte Bright Pink Electric Toothbrush $39.50 L'Oreal Paris Infallible Gel Auto Eyeliner Emerald Green $23.99 NEWBIE: Gem Deodorant Antiperspirant Santal $10 FRENCH BEAUTY CO.Avec Amour Box - The Gold Medallist Edit $69 SHOP MY STASH: Mukti Deep Cleanse Enzyme Mask $68 L'Occitane Lavande Lavender Foaming Bath $59 SUBSCRIBE: Subscribe to Mamamia Want to try our new exercise app? Click here to start a seven-day free trial of MOVE by Mamamia GET IN TOUCH: Got a beauty question you want answered? Email us at youbeauty@mamamia.com.au or send us a voice message, and one of our Podcast Producers will come back to you ASAP. Join our You Beauty Facebook Group here. You Beauty is a podcast by Mamamia. Listen to more Mamamia podcasts here. CREDITS: Hosts: Kelly McCarren & Leigh Campbell Producer: Cassie Merritt Audio Producer: Lu Hill Mamamia acknowledges the Traditional Owners of the Land we have recorded this podcast on, the Gadigal people of the Eora Nation. We pay our respects to their Elders past and present, and extend that respect to all Aboriginal and Torres Strait Islander cultures.Become a Mamamia subscriber: https://www.mamamia.com.au/subscribeSee omnystudio.com/listener for privacy information.
Ep 46 - Michael Jordan Syndrome This week Cole jumps into 3 songs he's got in rotation currently starting with The ARTI$t song "Easy" (4:55), next Cole jumps back into his UK bag when he finds a song from Russ Millions called "SVR" (6:58), and finally he goes back in time to listen to Tyler, the Creator's song "Smuckers" (9:55) In the news, Cole talks about Lupe and his stressful week talking about his "love" for Kendrick Lamar and how the internet is throwing dirt on his name (14:37) and finally, Cole figures out that Big Sean has fake opps that leaked his album (25:02) Join the Patreon https://www.patreon.com/TheStemSociety Follow Cole: IG: https://www.instagram.com/colejackson_bynk/ X: https://twitter.com/ColeJackson12
Tonight's First Guest WeatherBrain is a NWS meteorologist at Rapid City, SD who turned a childhood fear of thunderstorms into a career focused on public safety, with experience in forecasting and research. Keith Sherburn, welcome to the show. Last but certainly not least, our Second Guest WeatherBrain on tonight's episode is a NWS meteorologist focused on protecting lives and property by communicating severe weather risks, serving as the Severe Weather Program Coordinator and Lightning Safety Expert for the NWS. He holds a BS in meteorology from the University of Oklahoma and an MS in Emergency Management from Jacksonville State. Aaron Treadway, it's great to see you on the show. Senior Vice President of WeatherCall Services Bruce Thomas also drops by later in the episode to discuss WeatherCall's products and services. WeatherCall delivers polygonal warnings on your smartphone and works with many Fortune 500 companies including cruise lines and pharmaceutical companies. Our email officer Jen is continuing to handle the incoming messages from our listeners. Reach us here: email@weatherbrains.com. Tulsa breaks June record with 118F Heat Index (01:00) NOAA Pathways Program (12:30) Ernest P Hollings Undergraduate Scholarship (14:45) Improving the severe weather warning process/Current warning paradigm issues (26:10) NWS Community-centric warnings (27:00) Convective Warning Mutual Aid (47:30) AI/automation and weather forecasting (52:00) Reducing number of SVR warnings/FAR (01:10:30) 6/25 Unwarned Nebraska tornado (01:32:00) Updated lightning death statistics (01:52:00) WeatherCall NexGen (01:53:45) The Astronomy Outlook with Tony Rice (01:44:45) This Week in Tornado History With Jen (Jen is out this week) National Weather Round-Up (02:03:00) E-Mail Segment (Jen is out this week) and more! Web Sites from Episode 963: WeatherCall Keith Sherburn on X Picks of the Week: Keith Sherburn - AMS BOGM YouTube Page Aaron Treadway - "Isaac's Storm: A Man, A Time, and the Deadliest Hurricane in History" by Erik Larson James Aydelott - NOAA Aircraft Operations Center on X: Into the eye of Hurricane Beryl Jen Narramore - Out Rick Smith - Out Neil Jacobs - Out Troy Kimmel - Aviation Weather Center Kim Klockow-McClain - Hurricane Epsilon Discussion from December 2005 Bill Murray - Tropical Tidbits James Spann - Phillip Klotzbach on X The WeatherBrains crew includes your host, James Spann, plus other notable geeks like Troy Kimmel, Bill Murray, Rick Smith, James Aydelott, Jen Narramore, Dr. Neil Jacobs, and Dr. Kim Klockow-McClain. They bring together a wealth of weather knowledge and experience for another fascinating podcast about weather.
Hannah und Ulrich diskutieren Elon's Bezahlung, das Frühjahrsgutachten des SVR samt Minderheitenvotum und den Einfluss von ETFs auf die Kursentwicklung an den Börsen.
Un grup de hackeri, legat de serviciile ruse de informații externe (SVR), desfășoară o campanie elaborată care vizează diplomații și ambasadele franceze cel puțin din 2021, detaliază un nou raport al agenției de securitate cibernetică a guvernului francez, publicat miercuri 19 iunie, relatează Le Monde, care citează un raport al Agenției de Securitate Cibernetică a guvernului francez.
Check out the latest buys Kelly and Leigh have added to their carts, featuring a supermarket shampoo and conditioner duo so impressive, it deserves a spot in salons. Plus, treat yourself with a luxurious nail polish that does the Lord's work - staying flawless without chipping or flaking. And, meet the new vitamin C serum in town. It's perfect for sensitive skin, boosts collagen, and has an instant brightening effect we can't get enough of. LINKS TO EVERYTHING MENTIONED: Our spendy and savey recommendations can now be sent straight to your inbox by signing up for our free You Beauty weekly newsletter. Plus, you'll also find exclusive beauty news, reviews, articles, deals and much more! SPENDY: SVR [C] Anti-Ox Ampoule $69 OPI Infinite Shine At Strong Last Nail Polish $25 SAVEY: Tresemme Pro Collection Shampoo Keratin Smooth $15 Trilogy Vitamin C+ Super Serum $49 NEWBIE: BENEFIT COSMETICS Dew-La-La Liquid Glow Illuminateur $55 Naked Sundays CabanaGlow SPF50 Mineral Glow Serum Drops $45 SHOP MY STASH: Australis Eyeshadow Palette - Stay Grounded $22 EMPTY: GEM Premium Natural Mouthwash Crisp Mint $13 SUBSCRIBE: Subscribe to Mamamia Want to try our new exercise app? Click here to start a seven-day free trial of MOVE by Mamamia GET IN TOUCH: Got a beauty question you want answered? Email us at youbeauty@mamamia.com.au or send us a voice message, and one of our Podcast Producers will come back to you ASAP. Join our You Beauty Facebook Group here. You Beauty is a podcast by Mamamia. Listen to more Mamamia podcasts here. CREDITS: Hosts: Kelly McCarren & Leigh Campbell Producer: Cassie Merritt Audio Producer: Lu Hill Mamamia acknowledges the Traditional Owners of the Land we have recorded this podcast on, the Gadigal people of the Eora Nation. We pay our respects to their Elders past and present, and extend that respect to all Aboriginal and Torres Strait Islander cultures.Become a Mamamia subscriber: https://www.mamamia.com.au/subscribeSee omnystudio.com/listener for privacy information.
Darth and I welcome Michael Weiss, an investigative journalist renowned for his extensive coverage of the wars in Syria and Ukraine, as well as his publications on Russian espionage and disinformation. Amid a fair amount of jokes and sarcasm, we delve into discussions about the GRU and how its spy culture contrasts with that of the SVR, Russia's foreign intelligence service. We look at some of the GRU's “successful” operations, as Michael is currently writing a book about this infamous institution. Interestingly, some of the most talented individuals who served in the GRU during its inception in the 1920s-1930s, were foreigners rather than Russians. My favorite takeaways: How the appeasement of Russia failed: attempts by the Obama and early Biden's administrations to restart relations and "tickle Putin's tummy" were fruitless. Michael nearly developed a PTSD from dealing with the divided Syrian opposition, which had a hard time uniting against the common enemy. I can relate to this, since there are similar conflicts among the Belarusian democratic groups in exile. Do you remember the footage of Russian soldiers shipping the looted fridges and other stuff from Ukraine via Belarus post offices? The footage of that circus was actually leaked to the public by the Belarusian state services, so there is a bit of the Fifth column in the Belarusian power vertical. Yours truly, Katie from Minsk
This week we talk about Linux, backdoors, and the Open Source community.We also discuss CPU usage, state-backed hackers, and SSH.Recommended Book: The Underworld by Susan CaseyTranscriptIn the world of computers, a "backdoor" is a means of accessing a device or piece of software via an alternative entry point that allows one to bypass typical security measures and often, though not always, to do so in a subtle, undetected and maybe even undetectable manner.While backdoors can be built into hardware and software systems by the companies that make those devices and apps and bits of internet architecture, and while some governments and agencies, including the Chinese government, and allegedly folks at the NSA, have at times installed backdoors in relevant hardware and software for surveillance purposes, backdoors are generally the domain of tech-oriented criminals of various stripes, most of whom make use of vulnerabilities that are baked into their targets in order to gain access, and then while inside the administration components of a system, they write some code or find some kind of management lever meant to give the company or other entity behind the target access for non-criminal, repair and security purposes, and that then allows them to continue to gain access in the future; like using a rock to prop open a door.Concerns over a backdoor being installed in vital systems is fundamental to why the US and European governments have been so hesitant to allow Chinese-made 5G hardware into their wireless communication systems: there's a chance that, with the aid, or perhaps just at the prodding of the Chinese government, such hardware, or the software it utilizes, could contain a Trojan or other packet of code, hidden from view and hardcoded into the devices in some covert manner; these devices could also harbor even smaller devices, indistinguishable from hardware that's meat to be there, that would allow them to do the same via more tangible means.Though there were almost certainly other economic and technology-dominance reasons for the clampdown on products made by Chinese tech company Huawei beginning in earnest in 2012, and escalating rapidly during the US Trump administration, that process was at least ostensibly tied to worries that a Chinese company, prone to spying and stealing foreign tech, already, might incorporate itself into fundamental global communication infrastructure.It was underpricing everybody else, offering whizbang new high-end 5G technology at a discount, and supposedly, if the accusations are true, at least, doing so as part of a bigger plan to tap into all sorts of vital aspects of these systems, giving them unparalleled access to all communications, basically, but also giving them the ability, supposedly, to shut down those systems with the press of a button in the event that China wants or needs to do so at some point, if they ever decide to invade Taiwan, for instance, and want to distract the Western world until that invasion is complete, or just make rallying a defense a lot more difficult.Other, confirmed and successfully deployed backdoors have been found in all sorts of products, ranging from counterfeit Cisco network products, like routers and modems, some of which were installed in military and government facilities back in 2008 before they were recognized for what they were, to Microsoft software, Wordpress plugins, and a brand of terminals that manage the data sent along fiber-optic cables, mostly for high-speed internet purposes.Again, in some cases, the entities making these products sometimes do install what are literally or essentially backdoors in their hardware and software because it allows them to, for instance, help their customers retrieve lost passwords, fix issues, install security updates, and so on.But backdoors of any shape or size are considered to be major security vulnerabilities, as stealing a password or getting access to a vital terminal could then grant someone with bad intentions access to absolutely everything, giving them god-like control over all aspects of a customer's information and operations, or maybe all of the company's customer's information and operations, and that creates a single point of failure that most companies want to avoid, because at a certain point there's no real way to prevent a truly determined and well-funded foe if they know the payout for investing in accessing that terminal or getting that password would be that substantial.What I'd like to talk about today is a long-term effort to do exactly that, the target, in this case, being small, but the potential payoff of backdooring it being pretty much as big as you can imagine.—XZ Utils is the name of an Open Source data compression utility, which means that it squishes data in such a way that no information is lost, but so that big files and other packets of information become smaller, and that makes it faster and easier and cheaper to send that data from place to place.XZ is popular in part because it's effective, in many cases outperforming other free alternatives, like gzip and bzip2, but it also supports an older compression model called LZMA, and it exists in the public domain, which means it's incredibly inexpensive to use, free, for most purposes.It's especially popular in Linux and other Unix-like systems, and in practice that means it's used across these systems so that when data is moved from place to place, it's compressed and decompressed, putting less pressure on the systems themselves, almost like reducing the weight of everything you have to carry throughout the day, without any reduction in quality or the nature of those books and bags and laptops and other things you're hauling around all the time; even small reductions in that weight could make a big difference in the strain on your body, over time, and this utility accomplishes the same for the systems that incorporate it.So this software utility is super useful, is free to anyone who wants to use it, and it's better than a lot of other options, and it's thus been baked into a bunch of fundamental computer infrastructure, like most Unix-like systems. And that's important for a lot of reasons, but the most immediately concerning issue is that the vast majority of servers that run the tech world—basically all the major tech companies, and all the companies they work with—manage their services with Linux.XZ isn't just important for folks who have laptops running on Linux, then, it's also vital to the functionality of huge chunks of the internet; stats from the past few years show that about 96.3% of the top million web sites run on Linux servers, and a substantial amount of non-web-serving servers do, as well.All of which sets the stage for the hubbub that arose on March 29, 2024, when a Microsoft employee named Andres Freund announced that, after looking into a decrease in performance in a version of Linux called Debian—a distinction between how fast it should have been going and how fast it was going of about 500 milliseconds, and that minor slowdown bugged him enough to look into what newer, experimental versions of XZ Utils were doing to the Debian operating system he was working with—after looking into that issue, he announced that he had discovered a backdoor in XZ that was causing errors in a memory debugging tool built into the software, and using more CPU power than Debian otherwise would have used.So he announced this discovery, reported it to an open source security mailing list, to make it known amongst the right people, and that alerted the folks who were experimentally incorporating this new build of XZ into their software.As it turns out, this backdoor, had it been implemented in all this software and spread across the servers that manage the web, would have granted whomever had access to it the ability to alter the behavior of the local instance of the Secure Shell Protocol, or SSH, which is what protects servers while they operate on open networks like the internet.The degree to which this would have damaged the web, as it exists today, cannot be overstated. This problem was given a Common Vulnerability Scoring System ranking, which rates the alarmingness of software issues based on how much damage they could potentially cause, which helps computer security professionals figure out which problems to address first, a score of 10, which is the highest possible score.In theory, this would have granted the person or other entity with backdoor access the ability to get into essentially any server touching the internet with full administrator privileges, making all that information transparent to them, providing them all information about users, passwords, banking information, everything everyone has ever posted to social media, private communications, research and technology secrets—it's really just boggling thinking about how much damage could have been caused by the right person or people, as such a backdoor would basically do away with most of the security measures they might encounter while attempting to infiltrate and even take over pretty much anyone.Because it was discovered by Freund, though, and because he got word out to the right people as quickly as he did, the cybersecurity world was able to pivot pretty quickly, advising everyone who had implemented these test versions to roll back to earlier versions of the relevant software, and the folks behind XZ quickly released updated versions of the utility that removed the backdoor problem.This also triggered a response in the wider software world as many developers have started to reduce the damage future, similar backdoors would be able to cause by reducing the connections and dependencies it took advantage of to function.So this was a big enough deal that even something as arcane as compression utilities and SSH became front-page news around the world, but arguably one of the most interesting aspects of this story is what we know about the person or people who seem to have installed this backdoor.Someone, or group of someones, going by the name Jia Tan, alongside an array of sock puppet accounts—fake accounts with different names that they also managed—started to contribute to the maintenance and development of this project, which is common in the open source world; that's part of what makes open source software and systems so powerful and desirable, despite often not having much in the way of funding or official support from big-name companies; they're often passion projects maintained by maybe just one or a few or a handful of dedicated developers.In 2021, this entity that became known as Jia Tan started contributing to open source projects, and then contributed a patch to XZ via its mailing list.Around that same time, several people who hadn't been seen in this project's community, previously, started to complain that it wasn't being updated fast enough, and arguing that another maintainer should be brought on board, to help it move along faster.This Jia Tan character then started making a lot more contributions to the project, all of them seemingly innocuous and helpful, though in retrospect at least one of them changed a function that would have detected the more malicious changes they ultimately submitted, later.In February of 2024, Tan submitted changes for the new version of XZ Utils that incorporated a backdoor, and groups of people in this larger open source community, possibly sock puppet accounts, started telling the developers who run Debian, Ubuntu, and Red Hat, all popular versions of Linux, they should incorporate this new version with those backdoor-incorporating changes into their operating systems.There are strong suspicions, but little evidence, at this point at least, that Jia Tan and those other sock puppet accounts were run by a well-funded and skilled, probably government-backed hacking group, like one of the entities that often work as proxies for Russia's SVR—their intelligence agency that tends to support local hacking groups to do this sort of dirty work; though again, we can't say that with any certainty, as a lot of government-backed hacking groups could pull off something like this, with enough patience, years worth of patience, and it's still possible that this was a single hacker seeing a soft-target and the potential for a huge payoff if it all worked out.That said, because of the approach this threat actor, whomever they actually are, took to target this utility, and because of how close they got to doing what they intended to do, which would have been devastating, probably even world-changing in some ways, the relationship that big tech and governance has with the open source world is being reassessed, because often the folks running these projects are just individual people doing all this important work in their free time. But because of how the tech world has evolved, huge swathes of the internet and other vital infrastructure are reliant on these single-person, passion-projects that are potential targets for cooption or, as seems to have been the case here, using what's called social engineering to manipulate the folks behind these projects, which can then gives more access to all the stuff they manage, and thus, the things that rely on the stuff they manage, to entities that want to cause harm.Again, and this cannot be emphasized enough, we just barely dodged a bullet here, and the only thing that prevented a huge amount of potential destruction was the effort of another single person who was, almost on a whim, hacking away on a little problem they wanted to look into, and who thus stumbled upon this issue right before it reached a scale that would have been truly problematic.And all of these issues were arguably the result of someone who found themself in the position of maintaining, more or less solo, a utility that became vital to global cybersecurity, and which thus made them the target of a sophisticated social engineering campaign.Show Noteshttps://en.wikipedia.org/wiki/Backdoor_(computing)https://en.wikipedia.org/wiki/Hardware_backdoorhttps://en.wikipedia.org/wiki/Social_engineering_(security)https://www.zdnet.com/article/linux-has-over-3-of-the-desktop-market-its-more-complicated-than-that/https://arstechnica.com/security/2024/04/what-we-know-about-the-xz-utils-backdoor-that-almost-infected-the-world/https://research.swtch.com/xz-timelinehttps://research.swtch.com/xz-scripthttps://news.ycombinator.com/item?id=39895344https://www.runtime.news/sabotage-in-the-software-supply-chain/https://news.ycombinator.com/item?id=39903685https://www.theverge.com/2024/4/2/24119342/xz-utils-linux-backdoor-attempthttps://www.wired.com/story/jia-tan-xz-backdoor/https://www.404media.co/xz-backdoor-bullying-in-open-source-software-is-a-massive-security-vulnerability/https://www.nytimes.com/2024/04/03/technology/prevent-cyberattack-linux.htmlhttps://www.economist.com/science-and-technology/2024/04/02/a-stealth-attack-came-close-to-compromising-the-worlds-computers This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit letsknowthings.substack.com/subscribe
The Supreme Court is getting a heavy serving of first amendment social media cases. Gus Hurwitz covers two that made the news last week. In the first, Justice Barrett spoke for a unanimous court in spelling out the very factbound rules that determine when a public official may use a platform's tools to suppress critics posting on his or her social media page. Gus and I agree that this might mean a lot of litigation, unless public officials wise up and simply follow the Court's broad hint: If you don't want your page to be treated as official, simply say up top that it isn't official. The second social media case making news was being argued as we recorded. Murthy v. Missouri appealed a broad injunction against the US government pressuring social media companies to take down posts the government disagrees with. The Court was plainly struggling with a host of justiciability issues and a factual record that the government challenged vigorously. If the Court reaches the merits, it will likely address the question of when encouraging the suppression of particular speech slides into coerced censorship. Gus and Jeffrey Atik review the week's biggest news – the House has passed a bill to force the divestment of TikTok, despite the outcry of millions of influencers. Whether the Senate will be quick to follow suit is deeply uncertain. Melanie Teplinsky covers the news that data about Americans' driving habits is increasingly being sent to insurance companies to help them adjust their rates. Melanie also describes the FCC's new Cyber Trust Mark for IOT devices. Like the Commission, our commentators think this is a good idea. Gus takes us back to more contest territory: What should be done about the use of technology to generate fake pictures, especially nude fake pictures. We also touch on a UK debate about a snippet of audio that many believe is a fake meant to embarrass a British Labour politician. Gus tells us the latest news from the SVR's compromise of a Microsoft network. This leads us to a meditation on the unintended consequences of the SEC's new cyber incident reporting requirements. Jeffrey explains the bitter conflict over app store sales between Apple and Epic games. Melanie outlines a possible solution to the lack of cybersecurity standards (not to mention a lack of cybersecurity) in water systems. It's interesting but it's too early to judge its chances of being adopted. Melanie also tells us why JetBrains and Rapid7 have been fighting over “silent patching.” Finally, Gus and I dig into Meta's high-stakes fight with the FTC, and the rough reception it got from a DC district court.
The Supreme Court is getting a heavy serving of first amendment social media cases. Gus Hurwitz covers two that made the news last week. In the first, Justice Barrett spoke for a unanimous court in spelling out the very factbound rules that determine when a public official may use a platform's tools to suppress critics posting on his or her social media page. Gus and I agree that this might mean a lot of litigation, unless public officials wise up and simply follow the Court's broad hint: If you don't want your page to be treated as official, simply say up top that it isn't official. The second social media case making news was being argued as we recorded. Murthy v. Missouri appealed a broad injunction against the US government pressuring social media companies to take down posts the government disagrees with. The Court was plainly struggling with a host of justiciability issues and a factual record that the government challenged vigorously. If the Court reaches the merits, it will likely address the question of when encouraging the suppression of particular speech slides into coerced censorship. Gus and Jeffrey Atik review the week's biggest news – the House has passed a bill to force the divestment of TikTok, despite the outcry of millions of influencers. Whether the Senate will be quick to follow suit is deeply uncertain. Melanie Teplinsky covers the news that data about Americans' driving habits is increasingly being sent to insurance companies to help them adjust their rates. Melanie also describes the FCC's new Cyber Trust Mark for IOT devices. Like the Commission, our commentators think this is a good idea. Gus takes us back to more contest territory: What should be done about the use of technology to generate fake pictures, especially nude fake pictures. We also touch on a UK debate about a snippet of audio that many believe is a fake meant to embarrass a British Labour politician. Gus tells us the latest news from the SVR's compromise of a Microsoft network. This leads us to a meditation on the unintended consequences of the SEC's new cyber incident reporting requirements. Jeffrey explains the bitter conflict over app store sales between Apple and Epic games. Melanie outlines a possible solution to the lack of cybersecurity standards (not to mention a lack of cybersecurity) in water systems. It's interesting but it's too early to judge its chances of being adopted. Melanie also tells us why JetBrains and Rapid7 have been fighting over “silent patching.” Finally, Gus and I dig into Meta's high-stakes fight with the FTC, and the rough reception it got from a DC district court.
On this week's show Patrick and Adam discuss the week's security news, including: Weather forecast in Redmond is still for blizzards at midnight Maybe Change Healthcare wasn't just crying nation-state wolf Hackers abuse e-prescription systems to sell drugs CISA goes above and beyond to relate to its constituency by getting its Ivantis owned VMware drinks from the Tianfu Cup Much, much more This week's feature guest is John P Carlin. He was principal associate deputy attorney general under Deputy Attorney General Lisa Monaco for about 18 months in 2021 and 2022, and also served as Robert Mueller's chief of staff when he was FBI director. John is joining us this week to talk about all things SEC. He wrote the recent Amicus Brief that says the SEC needs to be careful in its action against Solarwinds. He'll also be talking to us more generally about these new SEC disclosure requirements, which are in full swing. Rad founder Jimmy Mesta will along in this week's sponsor segment to talk about some really interesting work they've done in baselining cloud workloads. It's the sort of thing that sounds simple that really, really isn't. Show notes Risky Biz News: The aftermath of Microsoft's SVR hack is rearing its ugly head Swindled Blackcat affiliate wants money from Change Healthcare ransom - Blog | Menlo Security BlackCat Ransomware Group Implodes After Apparent $22M Payment by Change Healthcare – Krebs on Security Change Healthcare systems expected to come back online in mid-March | Cybersecurity Dive LockBit takes credit for February shutdown of South African pension fund Ransomware gang claims to have made $3.4 million after attacking children's hospital Jason D. Clinton on X: "Fully automated vulnerability research is changing the cybersecurity landscape Claude 3 Opus is capable of reading source code and identifying complex security vulnerabilities used by APTs. But scaling is still a challenge. Demo: https://t.co/UfLNGdkLp8 This is beginner-level… https://t.co/mMQb2vYln1" / X Jason Koebler on X: "Hackers are hacking doctors, then using their digital prescription portals to "legitimately" prescribe themselves & their customers adderall, oxy, and other prescription drugs https://t.co/6elTKQnXSB" / X How Hackers Dox Doctors to Order Mountains of Oxy and Adderall CISA forced to take two systems offline last month after Ivanti compromise VMware sandbox escape bugs are so critical, patches are released for end-of-life products | Ars Technica A Close Up Look at the Consumer Data Broker Radaris – Krebs on Security Brief of Amici Curiae Former Government Officials Securities and Exchange Commission v Solarwinds Corp
On this week's show Patrick and Adam discuss the week's security news, including: Weather forecast in Redmond is still for blizzards at midnight Maybe Change Healthcare wasn't just crying nation-state wolf Hackers abuse e-prescription systems to sell drugs CISA goes above and beyond to relate to its constituency by getting its Ivantis owned VMware drinks from the Tianfu Cup Much, much more This week's feature guest is John P Carlin. He was principal associate deputy attorney general under Deputy Attorney General Lisa Monaco for about 18 months in 2021 and 2022, and also served as Robert Mueller's chief of staff when he was FBI director. John is joining us this week to talk about all things SEC. He wrote the recent Amicus Brief that says the SEC needs to be careful in its action against Solarwinds. He'll also be talking to us more generally about these new SEC disclosure requirements, which are in full swing. Rad founder Jimmy Mesta will along in this week's sponsor segment to talk about some really interesting work they've done in baselining cloud workloads. It's the sort of thing that sounds simple that really, really isn't. Show notes Risky Biz News: The aftermath of Microsoft's SVR hack is rearing its ugly head Swindled Blackcat affiliate wants money from Change Healthcare ransom - Blog | Menlo Security BlackCat Ransomware Group Implodes After Apparent $22M Payment by Change Healthcare – Krebs on Security Change Healthcare systems expected to come back online in mid-March | Cybersecurity Dive LockBit takes credit for February shutdown of South African pension fund Ransomware gang claims to have made $3.4 million after attacking children's hospital Jason D. Clinton on X: "Fully automated vulnerability research is changing the cybersecurity landscape Claude 3 Opus is capable of reading source code and identifying complex security vulnerabilities used by APTs. But scaling is still a challenge. Demo: https://t.co/UfLNGdkLp8 This is beginner-level… https://t.co/mMQb2vYln1" / X Jason Koebler on X: "Hackers are hacking doctors, then using their digital prescription portals to "legitimately" prescribe themselves & their customers adderall, oxy, and other prescription drugs https://t.co/6elTKQnXSB" / X How Hackers Dox Doctors to Order Mountains of Oxy and Adderall CISA forced to take two systems offline last month after Ivanti compromise VMware sandbox escape bugs are so critical, patches are released for end-of-life products | Ars Technica A Close Up Look at the Consumer Data Broker Radaris – Krebs on Security Brief of Amici Curiae Former Government Officials Securities and Exchange Commission v Solarwinds Corp
This week, we are joined by Brian Gill and Adam Schlepphorst to discuss Brian's background in car audio and everyone's expectations at significant events like Aggieland and SVR. The discussion regarding events begins at 34:07. Many thanks to ResoNix Sound Solutions for supporting the SQOLOGY Podcast. You can find out more about Resonix Sound Treatment Solutions, along with tons of other info and products, at resonixsoundsolutions.com/
LockBits reawakening. China's ramp up to safety for vital sectors. Data leak leaves China feeling exposed. Malware hidden by North Korea in fake developer job listings. UK Watchdog rebukes firm for biometric scanning of staff at leisure centers. SVR found adapting for the cloud environment. DOE proposes cybersecurity guidelines for the electric sector. Wideness of breach in the financial industry revealed. Moving on to better things. Things are looking up in the cybersecurity startup ecosystem. UK's National Cyber Security Centre announced they are launching a Cyber Governance Training Pack for boards. N2K's President Simone Petrella talks with Elastic's CISO Mandy Andress about the CISO role and the intersection of cybersecurity, law, and organizational strategy. And, there's a facial recognition battle going on at Waterloo, the University of Waterloo that is. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Simone Petrella, N2K's President, talks with Mandy Andress, Elastic's CISO, about the CISO role and the intersection of cybersecurity, law, and organizational strategy. Selected Reading LockBit Ransomware Gang Resurfaces With New Site (SecurityWeek) LockBit ransomware gang attempts to relaunch its services following takedown (The Record) China to increase protections against hacking for key industries (Reuters) The I-Soon data leak unveils China's cyber espionage tactics, techniques, procedures, and capabilities. (N2K CyberWire) Fake Developer Jobs Laced With Malware (Phylum Blog) Data watchdog tells off outsourcing giant for scanning staff biometrics despite 'power imbalance' (The Register) SVR cyber actors adapt tactics for initial cloud access (National Cyber Security Centre) New DOE-Funded Initiative Outlines Proposed Cybersecurity Baselines for Electric Distribution Systems (Energy.gov) LoanDepot says about 17 million customers had personal data and Social Security numbers stolen during cyberattack (TechCrunch) Actual filing to Office of Maine Attorney General: Data Breach Notifications - Consumer Protection (Maine.gov) U-Haul data breach affects 67,000 customers in US and Canada (AZ Central) Actual filing to Office of Maine AG: Data Breach Notifications - Consumer Protection (Maine.gov) Funding Down, Optimism Up: The Bright Spots For Cybersecurity Startups In 2024 (Forbes) NCSC to Offer Cyber Governance Guidance to Boards (InfoSecurity Magazine) 'Facial recognition' error message on vending machine sparks concern at University of Waterloo (CTV News) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
The need to properly secure Entra ID tenants has been made pretty obvious this year thanks to a large-scale attack on them by Russia's SVR intelligence agency. In this interview Andy Robbins from SpecterOps, the maker of Bloodhound Enterprise, talks through how he thinks those attacks actually went down, about how if you're an o365 customer you're using Entra ID whether you like it or not, and about how you can lock down your Entra ID tenant.
The need to properly secure Entra ID tenants has been made pretty obvious this year thanks to a large-scale attack on them by Russia's SVR intelligence agency. In this interview Andy Robbins from SpecterOps, the maker of Bloodhound Enterprise, talks through how he thinks those attacks actually went down, about how if you're an o365 customer you're using Entra ID whether you like it or not, and about how you can lock down your Entra ID tenant.
For years, Leah Carey felt equal parts shut down and obsessed re: sex. Meanwhile, she chose terrible partners. Then in her 40s, during her final session with a therapist, she revealed a long held sexual secret. Leah's admission marked the start of what would become an across-the-country sexual awakening adventure. She eventually landed on desires that surprised her and began transforming her life into helping other women find similar healing. Learn more from Leah: leahcarey.com Save 50% on a Beducated annual pass here. Get a free TENGA Egg Lovers with your iroha SVR purchase here. Stock up on lube at The Pleasure Chest! IG: @GirlBonerMedia TikTok: @GirlBonerRadio FB: @MyGirlBoner augustmclaughlin.com/girlboner patreon.com/girlboner Produced by August McLaughlin
This week I am welcoming Melanie Cristol. Named as one of Entrepreneur Magazine's 100 Most Influential Women of 2022, Melanie is the inventor of Lorals, the world's first oral sex undies. Designed to look and feel like silk lingerie, Lorals combine fashion with material science, utilizing 700% multi-directional stretch at just six hundredths of a millimeter of thickness. As Founder & CEO of Lorals, Melanie holds multiple United States & international patents and has been featured in the New York Times, Fast Company, The Cut, Cosmopolitan, and countless other top-tier media outlets. Prior to creating and patenting Lorals, Melanie studied Sociology at Columbia University and received her JD from Columbia Law School. She worked as a healthcare and consumer products attorney and was part of the legal team that secured gay marriage rights for the western United States. Ads: Iroha: Check out the iroha SVR now! https://usstore.iroha-tenga.com/delightss Live Show: https://adlive.eventbrite.com/ FOLLOW US Twitter Instagram Facebook Send questions, comments, stories, rants to: SlutsAndScholars@gmail.com Sluts And Scholars is a production of sluts and scholars media. Loving disclaimer: Sluts and Scholars is a podcast produced by Sluts & Scholars Media, LLC. It is a shame free educational podcast made for your entertainment and informational desires only. The podcast, any opinions we share, and any resources including social media and emails from us are not therapy, medical care or professional advice and do not create a patient-client relationship. None of the information, opinions, suggestions, resources or exercises mentioned in this podcast should be used without clearance from your health care provider. All opinions, information and ideas expressed by the guests are solely their own. If you need emergency mental health or medical help, please call 911 or 988 or go to your nearest emergency center. We hope you enjoy the show.
In this week's show Patrick Gray and Adam Boileau discuss the week's security news. They talk about: More details on sanctioned Medibank hacker Aleksandr Ermakov More details on alleged Scattered Spider hacker Noah Michael Urban RUMINT that the number of Microsoft customers impacted by the SVR oauth/365 campaign is huge Ron Wyden did something useful… …then did something stupid Ivanti's clown car collides with dumpster fire Much, much more This week's feature guest is Australia's assistant foreign minister (and cybersecurity tragic) Tim Watts. He joins us to talk about why the Australian government sanctioned Aleksandr Ermakob. Sublime Security founder and CEO Josh Kamdjou is this week's sponsor guest. He joins us to talk about combating QR-code phishing. Show notes Exclusive: US disabled Chinese hacking network targeting critical infrastructure | Reuters Medibank's Attacker: IT Businessman, Claimed Psychologist… | Intel471 Who is Alleged Medibank Hacker Aleksandr Ermakov? – Krebs on Security Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider – Krebs on Security Microsoft says Russian hackers also targeted other organizations | TechCrunch HPE hit by a monthslong cyberattack on its cloud-based email | Cybersecurity Dive (99+) Microsoft's Dangerous Addiction To Security Revenue | LinkedIn Microsoft critics accuse the firm of ‘negligence' in latest breach | CyberScoop N.S.A. Buys Americans' Internet Data Without Warrants, Letter Says - The New York Times Trading platform EquiLend down following cyberattack | Cybersecurity Dive Ivanti Connect Secure zero-day patches delayed | Cybersecurity Dive Popular CI/CD tool Jenkins discloses critical CVE | Cybersecurity Dive MOVEit liabilities mount for Progress Software | Cybersecurity Dive Tim Watts bio: Pennywise - Down Under [Men at Work Cover] - YouTube
In this week's show Patrick Gray and Adam Boileau discuss the week's security news. They talk about: More details on sanctioned Medibank hacker Aleksandr Ermakov More details on alleged Scattered Spider hacker Noah Michael Urban RUMINT that the number of Microsoft customers impacted by the SVR oauth/365 campaign is huge Ron Wyden did something useful… …then did something stupid Ivanti's clown car collides with dumpster fire Much, much more This week's feature guest is Australia's assistant foreign minister (and cybersecurity tragic) Tim Watts. He joins us to talk about why the Australian government sanctioned Aleksandr Ermakob. Sublime Security founder and CEO Josh Kamdjou is this week's sponsor guest. He joins us to talk about combating QR-code phishing. Show notes Exclusive: US disabled Chinese hacking network targeting critical infrastructure | Reuters Medibank's Attacker: IT Businessman, Claimed Psychologist… | Intel471 Who is Alleged Medibank Hacker Aleksandr Ermakov? – Krebs on Security Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider – Krebs on Security Microsoft says Russian hackers also targeted other organizations | TechCrunch HPE hit by a monthslong cyberattack on its cloud-based email | Cybersecurity Dive (99+) Microsoft's Dangerous Addiction To Security Revenue | LinkedIn Microsoft critics accuse the firm of ‘negligence' in latest breach | CyberScoop N.S.A. Buys Americans' Internet Data Without Warrants, Letter Says - The New York Times Trading platform EquiLend down following cyberattack | Cybersecurity Dive Ivanti Connect Secure zero-day patches delayed | Cybersecurity Dive Popular CI/CD tool Jenkins discloses critical CVE | Cybersecurity Dive MOVEit liabilities mount for Progress Software | Cybersecurity Dive Tim Watts bio: Pennywise - Down Under [Men at Work Cover] - YouTube
Microsoft takes down the Storm-1152 cybercrime operation. “GambleForce” is a newly discovered threat actor. The SVR exploits a JetBrains TeamCity vulnerability. US Postal Service impersonation. Malicious ads associated with Zoom. An update on the cyberattack against Kyivstar. Apache issues a Struts 2 security advisory. The FCC adopts new data breach rules. In our latest Threat Vector segment, David Mouton and Palo Alto Networks Madeline Sedgwick discuss the skills and methods necessary for understanding threat actor intent and behaviors. And the State Department's Global Engagement Center is under fire. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On the Threat Vector segment with Palo Alto Networks Unit 42's David Moulton, hear about decoding cyber adversaries. David discusses unveiling intent and behavior in the world of threat hunting with Madeline Sedgwick. Selected Reading Microsoft disrupts cybercrime operation selling fraudulent accounts to notorious hacking gang (TechCrunch+) New hacker group GambleForce targets government and gambling sites in Asia Pacific using SQL injections (Group-IB) Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally (Joint Advisory) Malvertisers zoom in on cryptocurrencies and initial access (MalwareBytes) Russian hacker group claims responsibility for Kyivstar cyberattack (The Kyiv Independent) New Critical RCE Vulnerability Discovered in Apache Struts 2 - Patch Now (The Hacker News) FCC Adopts Updates to Data Breach Rules, Sets Up Privacy Battle (Bloomberg Law) State Dept.'s Fight Against Disinformation Comes Under Attack (The New York Times) Threat Vector. In this Threat Vector segment, David Mouton and Palo Alto Networks Madeline Sedgwick discuss the skills and methods necessary for understanding threat actor intent and behaviors. Madeline, a Senior Cyber Research Engineer and Threat Analyst for the Cortex Xpanse team at Palo Alto Networks, shares insights into how analyzing adversary behavior helps in anticipating threats and avoiding guesswork. They discuss the value of understanding both system dynamics and human behavior in cybersecurity, emphasizing that cyber adversaries are limited by the same laws of internet physics. Please share your thoughts with us for future Threat Vector segments by taking our brief survey. To learn what is top of mind each month from the experts at Unit 42 sign up for their Threat Intel Bulletin. Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
A look back at Patch Tuesday. BlackCat uses malicious Google ads. Social engineering in the third quarter of 2023. Are small businesses in denial about ransomware? Molerats have some new tools. Israel turns to NSO Group's Pegasus to search for hostages taken by Hamas. Tim Starks from the Washington Post examines the potential aftermath of a Russian group hitting a Chinese bank. In our Learning Layer, Sam Meisenberg helps a student understand and create a strategy for the CISSP CAT. And a cyberespionage campaign is attributed to Russia's SVR. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/218 Selected reading. Adobe Releases Security Updates for Multiple Products | CISA (Cybersecurity and Infrastructure Security Agency CISA) Fortinet Releases Security Updates for FortiClient and FortiGate (Cybersecurity and Infrastructure Security Agency | CISA) VMware Releases Security Update for Cloud Director Appliance (Cybersecurity and Infrastructure Security Agency | CISA) CISA Releases Two Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency | CISA) Microsoft Releases October 2023 Security Updates (Cybersecurity and Infrastructure Security Agency | CISA) Microsoft November 2023 Patch Tuesday fixes 5 zero-days, 58 flaws (BleepingComputer) SAP Security Patch Day for November 2023 (Onapsis) The ALPHV/BlackCat Ransomware Gang is Using Google Ads to Conduct… (eSentire) Q3 2023 Threat Landscape Report: Social Engineering Takes Center Stage (Kroll) OpenText Cybersecurity 2023 Global Ransomware Survey: The risk perception gap (OpenText Blogs) TA402 Uses Complex IronWind Infection Chains to Target Middle East-Based Government Entities (Proofpoint) Israel's NSO unleashes controversial spyware in Gaza conflict (Axios) APT29 Attacks Embassies Using CVE-2023-38831 (NCSCC) Cyber-espionage operation on embassies linked to Russia's Cozy Bear hackers (Record) Learn more about your ad choices. Visit megaphone.fm/adchoices