More signal, less noise—we distill the day’s critical cyber security news into a concise daily briefing.
Spot Latino Podcast
Spot Latino Podcast es realizado por Suz Fernández y Jac Mauro.
Rosneft suspicions shift from espionage to business email compromise — Research Saturday
Feb. 23, 2019
Influence operations in Ukraine’s elections. Australian hacks look more like China’s work. Huawei and the 5G future. Objectionable content in comments. DrainerNot. No more soldier-selfies in Russia.
Feb. 22, 2019
Hybrid war and tactical influence operations. Separ lives off the land. NoRelationship attacks get past email filters. Responsible disclosure. Man-in-the-room bug. Ship hacking. Password managers.
Feb. 21, 2019
Fancy Bear phishes in think tanks. Lazarus Group takes a swipe at Russian organizations. New decryptor for GandCrab. Citizen Lab and Novalpina discuss NSO Group. Ryuk’s lousy help desk.
Feb. 20, 2019
International cyber conflict: India and Pakistan; Australia and China. Rietspoof malware. Microsoft ejects cyptojackers from its store. NCSC may go easy on Huawei. Parliament criticizes Facebook.
Feb. 19, 2019
Seedworm digs Middle East intelligence — Research Saturday
Feb. 16, 2019
GandCrab notes. Make tests, not bans, says GSMA. Content moderation. Takedown of inauthentic accounts. Influence operations. Happy birthday, GCHQ.
Feb. 15, 2019
Former Air Force counterintelligence specialist indicted on charges of spying for Iran. Where’s the stolen Equifax data? Two alleged Apophis Squad clowns indicted.
Feb. 14, 2019
China says it had nothing to do with the Parliament hack in Australia. Notes on Patch Tuesday. Shlayer and GreyEnergy malware analyzed. Tomorrow is Valentine’s Day—act accordingly.
Feb. 13, 2019
VFEmail attacked, infrastructure wiped. EU considers a response to APT10. US Executive Order on AI is out. GPS jamming threat. Stryker hack. Shadow IT in the Corps.
Feb. 12, 2019
Cryptojackers gone wild. Attempted hack of Australia’s Parliament investigated. Huawei security concerns continue. Russia tests Internet autarky. Prosecutors investigate alleged blackmail.
Feb. 11, 2019
Trends and tips for cloud security — Research Saturday
Feb. 9, 2019
Australia’s Federal Parliament has a cyber incident. DHS warns of third-party spying. Legit privacy app tampered with. Credit Union phishing. Bezos vs. Pecker. FaceTime bounty. Seal scat.
Feb. 8, 2019
Social engineering and the power of brands. Insecure check-ins? APT10 is quiet but not gone. MacOS Keychain bug. Assessment of Chinese device manufacturers continues.
Feb. 7, 2019
APT10 stays busy. More skepticism about Huawei (and ZTE, for that matter). No foreign “material effect” on US midterms. Reverse RDP risk. IIoT bug found. RSA Innovation Sandbox finalists.
Feb. 6, 2019
ExileRAT versus Tibet. SpeakUp backdoors Linux. Facebook bans Myanmar militias. Norway sees a threat in Huawei. Westminster gets hacked? Bangladesh Bank sues over SWIFT caper.
Feb. 5, 2019
Tracking the impresario behind Collection#1. OceanLotus and a new downloader. CookieMiner malware afflicts Macs. Huawei’ prospects. Influence ops. Extortion by bluff.
Feb. 4, 2019
Online underground markets in the Middle East — Research Saturday
Feb. 2, 2019
No more Apple time-out for Facebook and Google. Inauthentic sites taken down. Fancy Bear paws at Washington, again. Malware-serving ads. Amplification DDoS. Data exposures in India.
Feb. 1, 2019
Commodity credential stuffing gets four new collections. Google was also doing a pay-to-pwn, like Facebook. Russian trolling. FaceTime bug investigation. Joanap botnet. Other online scams.
Jan. 31, 2019
US IC on cyber threats. Iran goes after PII. UAE surveillance described. Scanning for unpatched routers. Huawei’s possible fates. Scam exploits child. FaceTime disclosure. Facebook Research.
Jan. 30, 2019
004 Case studies in risk and regulation — CyberWire-X
FaceTime’s odd bug, and how to squash it. FormBook malware surges through a new hosting service. Some international law enforcement wins. International conflict in cyberspace.
Jan. 29, 2019
Someone takes an unhealthy interest in Citizen Lab. Ukraines accuses Russia of election phishing. Russian bigshots doxed. Tension over Venezuela. Swatting indictments. National Privacy Day.
Jan. 28, 2019
Amplification bots and how to detect them. — Research Saturday
Jan. 26, 2019
Glitches, not attacks or takedowns. Tracing Gray Energy and Zebrocy back to their servers. US Army tactical cyber operations. Venezuela crisis. Bellingcat and OSINT. Roger Stone arrested.
Jan. 25, 2019
The US House of Representatives wants to know more about DNS-hijacking. Huawei skepticism. Anonymous dunnit, say the Russians. Financial data exposed. Family spooked by hackers.
Jan. 24, 2019
Emergency Directive 19-01 versus DNS hijacking. 2019 US National Intelligence Strategy on cyber. France says cyber war is upon us. Courts in UK have email trouble. Hacks and lulz.
Jan. 23, 2019
Ex-employee backdoor. Stealthy DDoS. Anubis dropper looks for motion. Influence operations. Privacy actions. The curious case of the espionage arrest in Russia.
Jan. 22, 2019
Luring IoT botnets to the honeypot — Research Saturday
Jan. 19, 2019
Collection #1 and the threat of credential stuffing. Cryptojacker disables some cloud security tools. Don’t chat with strange bots. Facbebook shutters more Russian coordinated inauthenticity.
Jan. 18, 2019
Cyber espionage vs. the RoK MoD. Fancy Bear’s old Lojax tricks. US rumored to be prepping another case against Huawei. Database exposure in Oklahoma. Yes Men prank Post.
Jan. 17, 2019
SEC, DoJ, issue civil and criminal complaints against EDGAR hackers. Lazarus Group in Chile? Iran’s Ashiyane Forum. Cryptomix ransomware. Money laundering through Fortnite. Fake WaPo edition.
Jan. 16, 2019
Web hosts fix account takeover issues. Passenger Name Record exposure proof-of-concept. Swatting isn’t funny. Chinese manufacturers and suspicions of espinonage.
Jan. 15, 2019
Polish espionage case. Ryuk tactics, and some thoughts on its attribution. Access-control system zero-days. Lawsuit may bring clarity to cyber insurance war exclusion clauses.
Jan. 14, 2019
Magecart payment card theft analysis — Research Saturday
Jan. 12, 2019
Iran linked to DNS hijacking campaign. Smart doorbells not smart enough about security. Fuze cards are convenient for crooks, too. Huawei espionage arrest in Poland. Russian sympathy for NSA.
Jan. 11, 2019
TA505’s new tools. ISIS turns to emerging chat apps. Reddit asks for password resets. The EU’s right to be forgotten gets some court-imposed limits. The tweets Kaspersky flagged to NSA.
Jan. 10, 2019
ICEPick-3PC in the wild. Influence ops warning in Israel. Hackerangriff and a lone hacktivist. OXO and Magecart. The Dark Overlord wants you. Oversharing. Internet autarky. Kaspersky helped NSA?
Jan. 9, 2019
German police have a suspect in #hackerangriff. Cyber espionage awareness campaign. Cyber cold war in the offing? US political operators learn from Russian trolls. WikiLeaks on the record.
Jan. 8, 2019
German doxing incident remains under investigation. Marriott breach update. Dark Overlord watch. Can cryptocurrency become less burdensome in terms of energy consumption?
Jan. 7, 2019
NOKKI, Reaper and DOGCALL target Russians and Cambodians — Research Saturday
Jan. 5, 2019
Doxing in Germany. How Lojax works. Spyware found in apps downloaded from Google Play. ISIS hijacks dormant Twitter accounts. Update on Moscow spy case. Chromecast hacking endgame.
Jan. 4, 2019
2019’s first noteworthy breach. Update on the Tribune Publishing hack. reCAPTCHA defeated in proof-of-concept. Dark Overlord should avail itself of the right to remain silent.
Jan. 3, 2019
Stop the presses—the presses were stopped by ransomware. Video security system found vulnerable to oversharing. Changes in US DoD leadership. An arrest in Moscow, a court ruling in Baltimore.
Jan. 2, 2019
Apple Device Enrollment Program vulnerabilities explored — Research Saturday
Dec. 22, 2018
Operation Cloudhopper and industrial espionage. Anonymous social network Blind server left exposed. Reputation jacking. Alexa shares too much, by accident. Hitman scam is back.
Dec. 21, 2018
003 Risk and regulation in the financial sector — CyberWire X
US indicts two Stone Panda operators amid ongoing international concern over Chinese IP theft. Suspicious customer support traffic on Twitter. Emergency IE patch. Influence experiment.
Dec. 20, 2018
Suspicion of Chinese hardware manufacturers continues. EU diplomatic cables leaked. Hiding out by dumbing down. Facebook data-sharing. NASA PII exposed. Parrot uses Alexa to advantage.
Dec. 19, 2018
Shamoon 3 and Charming Kitten. Czech CERT issues warning concerning Huawei, ZTE. Influence ops and a Facebook boycott. PewDiePie’s followers versus the Wall Street Journal.
Dec. 18, 2018
Huawei and the Five Eyes. Report on Russian trolling finds fluency in American. Boomstortion scammers turn to new threats. PewDiePie followers hack printers, again.
Dec. 17, 2018
The Sony hack and the perils of attribution — Research Saturday
Dec. 15, 2018
False flags and real flags. ISIS claims the Strasbourg killer as one of its soldiers. A bogus bomb threat circulates by email.
Dec. 14, 2018
Shamoon variant implicated in Saipem hack. Charming Kitten reappears. Sino-American tension over trade and industrial espionage.
Dec. 13, 2018
Operation Sharpshooter. Meng makes bail. Sino-American cyber tensions. Leadership crises in the UK and France. Congress doesn’t lay a glove on Google. 2018’s bad password practices.
Dec. 12, 2018
Audit finds no Chinese spy chips on motherboards. Huawei CFO hearings continue in Vancouver. Oilfield services firm’s servers attacked. Spyware and adware. Congressional hearings, reports.
Dec. 11, 2018
A bail hearing in Vancouver. The prospect of indictments in IP theft cases. Kubernetes vulnerabilities. Russia and Ukraine swap hacks? An advance fee scam asks for help getting out of jail.
Dec. 10, 2018
Operation Red Signature targets South Korean supply chain — Research Saturday
Dec. 8, 2018
Huawei legal and security updates. A shift to personalized spam in attacks on retailers. “Hollywood hacks” in Eastern European banks.
Dec. 7, 2018
Huawei CFO arrested in Canada, faces extradition to US. Anonymous claims that Chinese intelligence hacked Marriott. Russian hospital phished. SamSam indictments, warnings. Facebook agonistes.
Dec. 6, 2018
DDoS and BEC risks rising. Ukraine says it stopped Russian cyber campaign. EU looks to stopping disinformation. NRCC email compromise. Facebook emails released by Parliament.
Dec. 5, 2018
Fancy Bear in Czech government systems. Watering hole attacks. Quora breached. Marriott breach follow-up. Kubernetes privilege escalation flaw. Scams kicked out of Apple’s App Store.
Dec. 4, 2018
US Defense Department and UK’s MI6 aren’t buying Russian honey over cyber operations. Iranian influence operations. Marriott breach fallout. Court upholds Kaspersky ban. Ransom and sanctions.
Dec. 3, 2018
Settling in with GDPR — CyberWire-X
Getting an education on Cobalt Dickens — Research Saturday
Dec. 1, 2018
Marriott suffers data breach. Dunkin Donuts credential stuffing attack. Urban Massage database exposed, unsecured. Fancy Bear paws at German government targets. SamSam cost.
Nov. 30, 2018
Reconnaissance and degradation. Hybrid war in Eastern Europe and Southwest Asia. Eternal Silence infects unpatched systems. Dell customers reset passwords. SamSam indictments.
Nov. 29, 2018
DNSpionage. Cobalt Dickens’ unwelcome return. iOS spyware may be more widespread than believed. Governments move toward content moderation. Small towns, big problems.
Nov. 28, 2018
Rotexy Trojan gets worse. Bad apps in Google Play. Backdoor for crypto-wallets. Facebook goes before Parliament. Pegasus spyware versus journalists. Russian hybrid war. Too-smart devices.
Nov. 27, 2018
A quick look at the state of spam. Phishing for power grids. Industrial espionage. Free and command economy versions of social control. Lessons from JTF Ares.
Nov. 26, 2018
Perils of paycards, as Cyber Weekend approacheth. Tessa88 is identified. Many more people than before have now heard of High Tail Hall.
Nov. 21, 2018
Nation-state cyber campaigns: North Korean, Iranian, Russian, and unknown. Social media outages.
Nov. 20, 2018
CISA is now officially an agency. Cozy Bear is back. Gmail spoofing issue opens social engineering possibilities. Speculation about “cyber 9/11s.”
Nov. 19, 2018
Doubling down on Cobalt Group activity — Research Saturday
Nov. 17, 2018
GPS jamming. Bank phishing. Exposed server. Censorship, East, West, and South. Is there a sealed indictment of Julian Assange?
Nov. 16, 2018
RATs and the long game. New ransomware, Learning from other espionage services. Advance-fee scams continue to infest Twitter. Fancy Bear says it can’t be sued.
Nov. 15, 2018
When BGP hijacking isn’t hijacking at all. The White Company’s Operation Shaheen. SWAuTistic pleads guilty. NPPD will become CISA.
Nov. 14, 2018
GPS jamming. Jihadist account hijacking. ISIS on Wickr? Magecart exposed. Cathay Pacific breach. Paris Call for Trust and Security in Cyberspace.
Nov. 13, 2018
Regulation in the U.S. — CyberWire X
Establishing international norms in cyberspace — Research Saturday
Nov. 10, 2018
Critical infrastructure resiliency. Lazarus Group’s FASTcash robberies. China’s ongoing industrial espionage. Trolls aside, Russian observers think the US elections were A-OK.
Nov. 9, 2018
Post hack ergo propter hack: DHS calls Russian claims “noisy garbage.” Responsible and irresponsible disclosure. FCC wants an end to robocalls. USPS Informed Delivery abused. Post Canada—whoa.
Nov. 8, 2018
A quick look back at the US midterms, and the cyber Pearl Harbor that wasn’t. Update Apache Struts. Smishing with the Play Store. Another advance fee scam.
Nov. 7, 2018
Iran complains, threatens, and spies. Election Day cybersecurity notes.
Nov. 6, 2018
US midterm election cybersecurity updates. PortSmash side-channel proof-of-concept. Botnets compete to cryptojack Android devices. And will the GRU get its "R" back?
Nov. 5, 2018
Election protection — Research Saturday
Nov. 3, 2018
Cyber Sitzkrieg. Waiting for the Bears to show up (and ready to set the Dogs on them). Facebook private messages for sale.
Nov. 2, 2018
Wi-Fi access point zero-day reported. US Cyber Command on the offensive. Transparency is tougher than it looks. GandCrab not paying out as much—good. PIPEDA takes effect. Soulmate spyware.
Nov. 1, 2018
Influence operations, and advice on recognizing them. Ransomware updates. US indicts Chinese nationals for industrial espionage. An object lesson from the US Geological Survey.
Oct. 31, 2018
The Malware Mash
This cybersecurity stuff is tougher than it looks, US state election officials learn. Saudi surveillance. Espionage in Iran. New attack varieties. Chinese hardware concerns. US sanctions chipmaker.
Oct. 30, 2018
Facebook takes down Iranian-run accounts. Criminal investigations look online. IBM to buy Red Hat. Satori is still with us. British Airways and Magecart.
Oct. 29, 2018
Faxploitation — Research Saturday
Oct. 27, 2018
Airline breach bigger than thought. Securing Mexican financial institutions. Demonbot vs. Hadoop. New decryptor out for GandCrab ransomware. Civilian Cybersecurity Corps?
Oct. 26, 2018
Influence operations, da. Direct hacking? Maybe nyet. Chalubo botnet borrows old tricks. Financial sector alert in Mexico. Airline breach disclosed. Lawsuits over privacy. ICS Security notes.
Oct. 25, 2018
Trolling the trolls. Triton/Trisis attributed to Russia. Asset management in ICS. Threat intelligence drives threat evolution. Shadow web-apps. Apple likes GDPR, hates the Data-Industrial Complex.
Oct. 24, 2018
Influence operations in Brazil and the US. Vulnerabilities disclosed in commonly used software. Healthcare.gov breach. Industrial control system cybersecurity.
Oct. 23, 2018
Making the business case for privacy. — Special Edition
Russian indicted in US midterm election influence conspiracy case. Styles and goals of info ops. Cyber deterrence. DPRK petty crime. Alt-coin scammer. Spy chip story remains unconfirmed, unretracted.
Oct. 22, 2018
Stormy weather in the Office 365 cloud. — Research Saturday
Oct. 20, 2018
Chinese supply-chain hack story gets vanishingly thin. Twitter downs pro-Saudi bots. SEO poisoning. OceanLotus evolves. Ransomware notes.
Oct. 19, 2018
Looks like Comment Crew, but probably isn't. Facebook breached by spammers. Twitter's big troll trove. Router issues. Who dunnit to YouTube?
Oct. 18, 2018
Meddling with the midterms — Special Edition
Oct. 17, 2018
Two ways of hacking the vote. BlackEnergy is active in Poland and Ukraine. ISIS and info ops. Hurricane-stressed utility further stressed by ransomware. Silicon Valley governance.
Facebook in Myanmar. Supply chain seeding attack update. Election hacking. NCSC reports. EU prepares sanctions (Russia feels ill-used).
Oct. 16, 2018
Facebook breach details. Privacy issues and an image problem for advocates. Supply-chain-attack skepticism. Info ops, bikers, and deniable paramilitaries.
Oct. 15, 2018
Driving GPS manipulation — Research Saturday
Oct. 13, 2018
Busy Bears, again. Mixing IT and OT is a risky business. New Android Trojan. Supply chain seeding attack updates. Facebook purges more "inauthentic" accounts. Data privacy. Cyber sanctions.
Oct. 12, 2018
Seeding-attack skepticism. MSS officer arrested, will face industrial espionage charges in the US. Russia says again that it didn't hack the OPCW.
Oct. 11, 2018
Updates on supply-chain seeding reports. DDoS in Ukraine. GAO reports on US weapon system cyber vulnerabilities. Bugs exploited by Mirai persist. Patch note and toe dialing.
Oct. 10, 2018
Update on supply chain seeding reports. GRU comes in for more criticism. UK prepares cyber retaliatory capability. Power grid resilience. Panda Banker. Google's good and bad news.
Oct. 9, 2018
Cryptojacking criminal capers continue — Research Saturday
Oct. 6, 2018
Reports of Chinese seeding attacks on the supply chain. Five Eyes and other allies push back at Russia's GRU. NPPD to become Cybersecurity and Infrastructure Security Agency
Oct. 5, 2018
Bloomberg reports a seeding attack on the supply chain by Chinese intelligence services. GRU is named, shamed, indicted, and expelled.
Oct. 4, 2018
Facebook breach updates. Bogus Zoho Office Suite. Brazil's big botnet. Vulnerable router firmware. Patch news. A DGSI officer arrested for dark web collusion with the mob. Bad Fortnite cheats.
Oct. 3, 2018
RDP exploitation. More on the Facebook breach. Google and content moderation. Reaper Group stayed busy even after US-DPRK summit. Spyware in Canada. Hacking an airport.
Oct. 2, 2018
Facebook agonistes. Election meddling. Livestreamed hack gets cancelled.
Oct. 1, 2018
Sophisticated FIN7 criminal group hits payment card data — Research Saturday.
Sept. 29, 2018
Facebook discloses a major breach. Botnet brute forcing ransomware. Retail domain typosquatting. ATM wiretapping. Ransomware in San Diego. SEC hits cyber deficiencies. Assange retires?
Sept. 28, 2018
Fancy Bear, again and again. QRecorder is a banking Trojan. Authentication issues with Apple's Device Enrollment Program. Notes on regulation. Farewell to a code-breaker.
Sept. 27, 2018
Cryptojacking and ransomware news. The black market in zero-days looks like a bear market. Google budges (a little) on Chrome login. Senate hearings on privacy. Political campaign cybersecurity.
Sept. 26, 2018
Follow-up to terror attack in Iran. UN data exposure. Kodi and cryptojacking. SHEIN retail breach. Atlanta's ransomware remediation. Payroll phishing. Quantum strategy.
Sept. 25, 2018
Terror attack in Iran prompts info skirmishing, and perhaps worse to come. JET bug disclosed. ANSSI open-sources OS. Anglo-American response to Russian cyber ops. Russian elections. Scam notes.
Sept. 24, 2018
ICS honeypots attract sophisticated snoops. — Research Saturday
Sept. 22, 2018
US National Cyber Strategy. New sanctions. GCHQ beefs up Russia unit. Cryptocurrency heist. Hacking Senatorial Gmail. Crime and punishment.
Sept. 21, 2018
Magecart is back. Bad apps booted from Google Play. OilRig taken seriously. Election influence operations. Sending in the National Guard. ICO fines Equifax for last year's breach.
Sept. 20, 2018
State Department cybersecurity issues. Iron Group's pseudoransomware. Bristol Airport's deliberate recovery. State of cryptojacking. Facebook offers campaigns help. US cyber strategy. Mirai masters.
Sept. 19, 2018
Tracking Pegasus. OilRig spearphishing. IP theft from universities. Peekaboo bug in surveillance cameras. WannaMine won't be EternalBlue's last ride. Preventing data abuse.
Sept. 18, 2018
Ransomware and cryptojacking are all the rage. Iran seeks IP, North Korea seeks a quick buck. More on EU content moderation. Alleged Russian hacking of WADA, Spiez Laboratory. Propaganda overreach?
Sept. 17, 2018
Android device eavesdropping investigation. — Research Saturday
Sept. 15, 2018
Magecart continues its way. Evil cursor attacks. Seasonal trends in Trojans. More Novichok disinformation. Pyongyand denounces a "smear campaign." Wait and see on pipeline fires.
Sept. 14, 2018
Domestic Kitten spyware. Crypto wallet shenanigans. Firmware issues enable cold boot attacks. BlueBorne bugs are still out and about. Tech support scams. Election security.
Sept. 13, 2018
Executive Order mandates election interference sanctions. British Airways regulatory exposure. Patch Tuesday notes. EU passes copyright law. Russia says no to Novichok. WhatsApp scam.
Sept. 12, 2018
Trend Micro answers spying allegations. Magecart blamed for British Airways breach. Tor Browser exploit disclosed. Google vs. the right to be forgotten. Accused JPMorgan hacker extradited.
Sept. 11, 2018
Elections and information operations, but not necessarily the elections you expect. Apple purges dodgy security apps. Who are the Silence criminals? BA's breach. Cyber moonshots.
Sept. 10, 2018
Leafminer espionage digs the Middle East. — Research Saturday
Sept. 8, 2018
Russia does the info ops dance. An indictment of a Lazarus Groupie. FOIA shares too much. British Airways breaches. Silence makes some noise. Notes from the Billington Cybersecurity Summit.
Sept. 7, 2018
Cyberwar looms between Russia and the UK. Twitter and Facebook complete testimony, but inquiries continue. Unpatched MikroTik routers exploited. OilRig's new tricks.
Sept. 6, 2018
Sleeper malware. Hakai botnet spreads. SamSam is still with us. US DNI warns of election threats. Congressional panels interrogate Facebook and Twitter, but not Google.
Sept. 5, 2018
Tracking Stone Panda to the Tianjin Bureau. Ad-fraud and Tokelau. RansomWarrior decrypted. US Congress to grill Facebook, Google, and Twitter. Celebrity scams.
Sept. 4, 2018
ATM hacks on the rise. — Research Saturday
Sept. 1, 2018
Recruiting spies via LinkedIn. WindShift in the Gulf. GlobeImposter ransomware. Blocking Telegram is harder than it looks. Policy notes from the Five Eyes.
Aug. 31, 2018
Twitter bots in Swedish politics. A different approach to influence operations. Hotel guest PII for sale. Medical device vulnerabilities. Charges in the case of the Satori botnet.
Aug. 30, 2018
Unpatched Apache Struts installations being exploited in the wild. Windows local privilege escalation flaw. Similarities among spyware. Stalkerware hack. Criminal threats to the grid. Breaches.
Aug. 29, 2018
Social media struggle with their social role. Election hacking concerns remain high. Australia's new government shuffles cybersecurity responsibilities.
Aug. 28, 2018
Moscow HUMINT drought? Spying on the Patriarch. Ottoman hacktivism. Iranian information operations. ISIS in cyberspace. RtPOS malware discovered.
Aug. 27, 2018
Cyber espionage coming from Chinese University. — Research Saturday
Aug. 25, 2018
More action against Iranian influence operations. Tehran's cyberespionage against universities. Counter-value targeting in cyber deterrence. Sino-Australian trade war? Law and order.
Aug. 24, 2018
If you're running a red team, let someone know it's a drill. Apache patches Struts. Another exposed AWS bucket. Remcos abused by hackers. DPRK goes after Macs. Dark Tequila runs in Mexico.
Aug. 23, 2018
Facebook takes down "inauthentic" Russian and Iranian fronts. Twitter blocks Iranian false-flags, and FireEye explains why they think it's Tehran. Triout Android spyware described. Hacking back?
Aug. 22, 2018
Fancy Bear bogus sites taken down. Some in the US Congress think they want hack-back laws. Cyber and sanctions. Operation Red Signature. Doxing Chinese Intelligence. Buggy medical devices.
Aug. 21, 2018
Beers with Talos — Live from the RiRa at Black Hat
DarkHotel is back. So is Necurs, and it's distributing a modular malware dropper. Industrial espionage follows international trade. Election meddling. The use and abuse of data.
Aug. 20, 2018
Stealthy ad fraud campaign evades detection. — Research Saturday
Aug. 18, 2018
Election risks—hacking and influence. Chinese industrial espionage spike. Misconfigured project management. Necurs appears briefly. Bogus Fortnite downloads. What they heard in the banya.
Aug. 17, 2018
Hacking Old Man River. Nation-state cyber conflict: objectives and norms of behavior. Australia's new cyber laws. ATM campaign. Lawsuits, and the Dread Pirate Robert asks for pardon.
Aug. 16, 2018
Notes on patching. Foreshadow speculative execution vulnerability. Influence operations. The FBI's new cyber chief. Are stickers a temptation to thieves, hackers, and customs officers?
Aug. 15, 2018
Cryptowars notes. DDoS in Finland. Bears aren't under the beds; they're in the routers. Smart city attack surfaces. Sanction notes. Training through puzzle-solving .
Aug. 14, 2018
Spyware for states and spouses. Election hacking demos. New ransomware strains, and a clipper for Android. Airline Wi-Fi is not only irritating, but insecure as well.
Aug. 13, 2018
Thrip espionage group lives off the land. — Research Saturday
Aug. 11, 2018
DPRK RAT in the wild. Vulnerable WPA2 4-way handshake implementations. Black Hat notes. Sanctions and retaliation. RoK to reorganize Cyber Command. PGA and ransomware.
Aug. 10, 2018
State-sponsored ransomware campaigns coming? DarkHydrus and Phishery. Hitting ATMs for alt-coin. US sanctions Russia. IBM looks at artificially intelligent malware. Black Hat notes.
Aug. 9, 2018
Payment processors probed with BGP exploits for redirection attacks. WhatsApp vulnerable to manipulation? Deterrence and retaliation. Anonymous vs. QAnon. Notes from Black Hat.
Aug. 8, 2018
TSMC recovers from WannaCry infection. OpenEMR fixes 30 bugs. UK will ask Russia to extradite two GRU operators for Novichok attacks. Twitterbots flourish.
Aug. 7, 2018
More data exposures, from banks and a major CRM provider. Ransomware strikes back. The irresistibility of data. An unhackable wallet gets hacked…maybe. Spreading goodwill through Akido?
Aug. 6, 2018
Cortana voice assistant lets you in. — Research Saturday
Aug. 4, 2018
Russian threats and threats to Russia. Cryptojacking wave spreads out from Brazil. Recovering from malware in Alaska and Atlanta. Notes on automotive cybersecurity.
Aug. 3, 2018
RASPITE noses around the US power grid. Cisco will buy Duo Security. Sandworm afflicts lab investigating Novichok attack. Influence ops can be no-lose proposition.Crytpojacking and malspam.
Aug. 2, 2018
Reddit Hacked. Ukrainians nabbed. Facebook boots "inauthentic" accounts for malign influence. Pegasus spyware found in Amnesty phone. Yale's old breach. Google and censorship.
Aug. 1, 2018
Data-centric security. — Special Edition
Infrastructure security, especially power, finance, and elections. Preparation pays off. Proofpoint warns of new AZORult malware. Check Point tracks Master134 malvertising. Crime news.
July 31, 2018
NetSpectre proof-of-concept. Election hacking, in the US and Australia. Cyber industrial espionage. Cyber threats to power grids. Hacking JPay.
July 30, 2018
BabaYaga strangely symbiotic Wordpress malware — Research Saturday
July 28, 2018
Fancy Bear sniffs around Senatorial staffs. US NSC considers Russian election interference. Chinese and Iranian cyberespionage. Malware loaders. Smart home bugs. Stealing WiFi.
July 27, 2018
LifeLock closes proof-of-concept hole. US-CERT warns of active campaigns against ERP applications. Ad blockers may function as spyware. Parasite HTTP RAT. Underminer EK. NSA's IG scowls.
July 26, 2018
Leafminer wants to learn from the best, and that's not good. Shipper hacked. Old malware resurfaces in improved form. Russian grid and election threats. What insurance covers.
July 25, 2018
Warnings of Russian cyber threat to power grids. Phishing rises. Patch gets patched. SingHealth breach. Satori botnet. Bluetooth MitM. Evil maids?
July 24, 2018
SingHealth breach hits Singapore. Manufacturers afflicted with third-party data exposure. Aspen Security Forum takes cyber threats seriously. Ecuador may withdraw asylum from Assange.
July 23, 2018
Measuring the spearphishing threat — Research Saturday
July 21, 2018
Cyberespionage and influence operations. Big botnet assembled in less than a day. Monetizing stolen paycards through online games. Amazon nudges developers. Report on Huawei. Phishing notes.
July 20, 2018
Fancy Bear's Roman Holiday. RAT phishing in Ukraine. AWS S3 bucket leaks robocaller data. Bug or abuse? NIST to withdraw outdated cybersecurity publications. Content moderation.
July 19, 2018
Magnibur ransomware spreads. LabCorp discloses suspicious incident on its networks. Spectre, Meltdown notes. Oracle patches. Helsinki summit backing and filling and backing.
July 18, 2018
Trump-Putin summit. East Asian cyberespionage campaigns. Vulnerable DVRs. Concern about census security.
July 17, 2018
DNI warns of cyber threats. Russo-US summit. Mueller investigation and indictments. Huawei agonists. Congress reconsiders ZTE reinstatement. Kaspersky receives no emergency ban relief.
July 16, 2018
A new approach to mission critical systems — Research Saturday
July 14, 2018
Fancy Bear indictments. VPNFilter found in Ukrainian water-treatment chlorine plant. Comment spam. Speculative execution side-channel attacks. MDM exploits in India.
July 13, 2018
Timehop refines its breach disclosure. Speculative execution side-channel attacks described. Tech manuals offered for sale on the dark web. Twitter versus bots.
July 12, 2018
Ticketmaster paycard breach is part of a very large skimmer campaign. Chinese cyberespionage and censorship. Smartphone privacy issues. Data misuse litigation. Affirming the consequent.
July 11, 2018
More Elon Musk impersonators in social media. Cryptocurrency raided. Spearphishing in Palestine. BlackTech espionage group. Apple upgrades. Polar Flow fitness app and oversharing.
July 10, 2018
Malware infections down during World Cup matches. UK-Russia tensions. Australian National University hacked. Data breach notes. Calls for cooperation. Tell it to the Marines.
July 9, 2018
No Distribute Scanners help sell malware
July 7, 2018
When catphishing, it pays to know what bait they'll take. Permission hogs are often misers. Cyber comes to the NTC. Natural intelligence screening for artificial intelligence. The Thermanator.
July 6, 2018
Catphish and Charming Kittens. Data-sharing receives more scrutiny. European copyright law won't be fast-tracked. ZTE gets some relief. Juggalos and Juggalettes defeat facial recognition tools.
July 5, 2018
Hybrid warfare. Inveterate DDoS against ProtonMail. Security concerns about Chinese companies. Retail breaches. Agencies scrutinize Facebook data abuse. Infrasound weapons?
July 3, 2018
Adidas data breach. Facebook on data abuse. Investigation of Exactis data exposure continues. Algonquin College hacked. Tenable's IPO. US-Russia summit will talk election influence ops.
July 2, 2018
VPNFilter malware could brick devices worldwide — Research Saturday
June 30, 2018
Data breaches and data exposure. Privacy legislation. Improperly collected phone call records destroyed.
June 29, 2018
Ukraine accuses Russia of preparing a cyber campaign. China eyes Tibetan diaspora. A decryptor for Thanatos ransomware. Nudging away from privacy. Dark web undercover.
June 28, 2018
Separating fools from money. — Hacking Humans
DDoS attack on ProtonMail. Rancor cyberespionage campaign. PythonBot serves ads and a cryptominer. EU joint cyber response unit forming. Arrests in BEC campaign. Reality Winner's plea.
June 27, 2018
Romania, UK, warn of Russian cyber ops. International norms of cyber conflict. Bronze Butler's USB drives. Too-smart batteries not smart enough. Industry notes. Game cheater gets jail time.
June 26, 2018
Nation-state cyberespionage and cybercrime. Cryptocurrency fraud and theft give alt-coins a rocky ride. Sino-US trade conflict update. GDPR data extortion. Spammy protection racket.
June 25, 2018
LG smartphone keyboard vulnerabilities — Research Saturday
June 23, 2018
Phishing plays small ball with depressing success. Chinese cyberespionage up. US IC, JCS, worries about innovation. Guilty plea in US espionage case. Ex-Knesset member suspected of spying. Supreme Court decides location privacy case.
June 22, 2018
Malicious apps, a clever botnet, and cryptojacking. Patch notes. EU copyright regulations. Congress still doesn't like the cut of ZTE's or Huawei's jib. Tesla sues a former employee.
June 21, 2018
Playing on Kindness — Hacking Humans
Satellite communications suffer from Thrip(s). Zacinlo rootkit poses as a VPN. Insecure Firebase apps. EU copyright legislation. Kardon Loader. Bithumb robbed. #Opicarus2018. Bitcoin Baron jailed.
June 20, 2018
Charges in Vault 7 case. Olympic Destroyer appears to be back. Liberty Life hack. Does Tesla have a rogue insider? US Senate hits at ZTE. Guilty plea in OPM hack-related fraud. Motive: blackmail.
June 19, 2018
Date extortion attempt against Liberty Life. Rex Mundi, Black Hand arrests. Hidden Cobra's back. Clipboard hijacking hits cryptocurrency wallets. ZTE, Huawei security fears. Pulp fiction.
June 18, 2018
Cyber bank heists — Research Saturday
June 16, 2018
MysteryBot developed from LokiBot. Satan rebranded as DBGer. Snooping on iOS got harder, but maybe not impossible. IG report on the FBI is out, not damning but not good, either.
June 15, 2018
Chinese espionage in Central Asia. Dixons Carphone data exposure. Lazy State speculative execution bug. Pyongyang is expected to come roaring back into cyberspace. Unlucky 13. Chinese espionage in Central Asia. Dixons Carphone data exposure. Lazy State sp
June 14, 2018
Hacking Humans — Gaming pro athletes online.
Cable-tapping for a new century. Lazarus Group update. BabaYaga's cannibalistic malware. Patch Tuesday notes. Cryptojacking. World Cup surveillance. Beware of strangers bearing gifts with USB connections.
June 13, 2018
Don't get cozy with Cozy Bear. Code-signing issues stem from muddled documentation. Devices ship with inadvertent backdoor. Matryosha attack. Operation WireWire versus BEC scammers.
June 12, 2018
SWIFT fraud (behind a wiper). Coinrail ICO robbery. Chinese espionage. G7 agrees to a coordinated response to hostile cyber operations. Malwaretech faces new charges.
June 11, 2018
Winnti Umbrella Chinese threat group — Research Saturday
June 9, 2018
Adobe patches a zero-day being exploited in the wild. Chinese cyber espionage, and the risks of data-sharing. Facebook default settings glitch. Industry notes.
June 8, 2018
New criminal campaigns out and about. Fancy Bear changes style, but not management. VPNFilter hits more devices. CloudPets overshare, but maybe more benignly than Google and Facebook.
June 7, 2018
Hacking Humans — A flood of misinformation and fake news
Espionage, influence, summits, and elections. What counts as a luxury? An iCloud warrant raises cryptowars speculation. Microsoft's GitHub acquisition. Facebook's coziness with Shanghai?
June 6, 2018
DPRK hackers quieter in the run-up to the Kim-Trump summit. Russian EW. Cryptocurrencies and crime. Law firm social engineering. Dodgy World Cup Wi-Fi. Bad AI, a time-traveler's poly.
June 5, 2018
Microsoft buys GitHub for $7.5 billion. VPNFilter tries to reconstitute itself. Ransomware and DDoS notes. USA Really seems to be latest in Russian disinformation.
June 4, 2018
Islamic State propaganda persistence — Research Saturday
June 2, 2018
Lazarus Group updates. Cybercrime's GDP. New Zealand a Chinese espionage target? ZTE and Huawei criticized. BND will continue to monitor Frankfurt hub. Google's knowledge panels.
June 1, 2018
Kaspersky loses court challenge to US Government ban. Cryptomix ransomware. US Departments of Commerce, Homeland Security, and Energy plan resiliency. A packrat at CIA? Reboot your routers.
May 31, 2018
Hacking Humans - Social engineering works because we're human.
More North Korean malware identified. EOS scanned for misconfigurations by parties unknown. Canadian banks won't pay extortion. Stay away from Joker's Stash. Crime and punishment.
May 30, 2018
Rebooting routers against VPNFilter. Canadian banks compromised? Cobalt gang is back. 51% attacks on blockchains. "Courvoisier" sentenced. NATO looks at Russia's weaponized jokes.
May 29, 2018
UPnProxy infiltrates home routers — Research Saturday
May 26, 2018
VPNFilter takedown. Low-cost Android phones with preloaded adware. Alexa's selective attention. BMW patches connected cars. Cryptocurrency crimes. New swatting charges. GDPR is here.
May 25, 2018
VPNFilter and battlespace preparation. XENOTIME may be back, and after industrial systems. GDPR updates. Following Presidential Tweets.
May 24, 2018
Variant 4 and other chipset vulnerabilities. Confucius and Patchwork. Turla goes two-stage. Misconfigured not-for-profit bucket. ZTE's fraying lifeline. Facebook and the EU. Brain Food.
May 23, 2018
Speculative Store Bypass. GPON-based botnet. Customer data exposures. Roaming Mantis gets more capable. Nation-state threats.
May 22, 2018
DPRK's Sun Team works from three apps in Google Play. PII for sale in Zheijiang. SPEI theft. Jihadist content in social media. SEA charges. DDoS-for-hire sentencing. ZipperDown bug.
May 21, 2018
Threat actors hijack Lojack — Research Saturday
May 19, 2018
Something Wicked this way comes. Automating wallet pilferage. Office 365 phsihing scams. DPRK hackers remain active. Recognizing alt-coin investment frauds.
May 18, 2018
Competing for terrorist mindshare. ICS threat group update. AnonPlus vandalizes US state sites. GDPR's disclosure timeline. Congressional hearings. DarkOverlord collared.
May 17, 2018
Spyware campaigns: phishing and watering holes. Signal patches (fast). DHS cyber strategy. Russian election hacking. Cyber Investing Summit. Do smart people pick better passwords?
May 16, 2018
Email client vulnerabilities. Sanctions and trade policy. FinFisher in Turkey. myPersonality data scandal. Patch news. High school phishing.
May 15, 2018
Unauthorized banking transfers in Mexico? A lifeline for ZTE. Iranian cyber op-tempo rises. Russian troll farm's ad buys. Reining in apps. Cell tracking. Anonymous is back.
May 14, 2018
Three pillars of Artificial Intelligence — Research Saturday
May 12, 2018
Vigilantes and hacktivists. Point-of-sale malware source code leaks. Malicious extensions and apps. US Federal indictments: spying and hacking. Robo-caller gets record fine.
May 11, 2018
Cyber conflict between Iran and the US widely expected. ALLENITE threat group is after US, UK power grids. Jack-in-the-Box vulnerability. Signal's memory. Is ZTE going down?
May 10, 2018
Subborn IoT botnets. Razzle-dazzle HTML phishing lure. Fancy Bear's false flag. Busy Yahoo boys. Crooks turn from Tor to Telegram. Kaspersky and contractors. Patch notes. SB 315 vetoed.
May 9, 2018
Greek and Turkish hacktivists swap defacements. Process Doppelgänging in the wild. GDRP is coming (like winter, for you Game of Thrones fans.) Profiling infosec enthusiasts.
May 8, 2018
2018 RSAC Outlook - Special Edition
Winnti Umbrella covers multiple threat actors. DPRK off-shores cyber ops. ZooPark is in its fourth generation. GPON router bugs exploited in the wild. Russian Twitterbots. Block the EU?
May 7, 2018
BlackTDS and ThreadKit offered in criminal markets — Research Saturday
May 5, 2018
In the shredder or off the truck? Battlespace prep for a supply chain campaign? NG-Spectre found in Intel chips. No domain fronting for you. Kitty mines monero. NSA, US Cyber Command under new management.
May 4, 2018
Lojack for Laptops backdoor? World Cup cybersecurity. Schneider Electric patch. Reward points for sale. Medical device vulnerabilities. PPD-20 revision?
May 3, 2018
New nation-state actors in cyberspace. SiliVaccine AV said to incorporate pirated code. Credential stuffing and password reuse. GravityRAT evades sandboxes. GDPR approaches.
May 2, 2018
Payment system hack investigated. Patch weaponization. Medical zero-days for sale. Responsible disclosure. Bad bots attack. Car hacking. Trends in phishbait.
May 1, 2018
Bank hack in Mexico. FacexWorm goes cryptomining. SamSam's volume discount. Influence ops. Researchers confirm that teams use teamwork.
April 30, 2018
New MacOS backdoor linked to OceanLotus — Research Saturday
April 28, 2018
Crimeware kits, ransomware, and source code breaches. The Internet conduces to organic radicalization. Russia in Finland. Snooper's Charter notes. Crypt armistice or just key escrow?
April 27, 2018
Some fix fast, others not at all. Ransomware campaign's demands are non-negotiable (for most victims—Russians get a hometown discount). Content filtering. Jamming in Syria.
April 26, 2018
DPRK plays offense and defense. PyRoMine and EternalRomance. Russian disinformation on Syrian massacre. Alt-coin heist may be misdirection. Nakasone confirmed at NSA. Webstresser takedown.
April 25, 2018
Ransomware in Ukraine's Energy Ministry. Energetic Bear infrastructure. Anonymous Twitter accounts equal bots? Orangeworm in x-ray, MRI machines. Sanction notes. Election security.
April 24, 2018
ISIS coordinates online inspiration campaign with terror attacks. APT10 spearphishing. IE zero day. Twitter won't sell Kaspersky ads. UK sentence in Crackas with Attitude case.
April 23, 2018
InnaputRAT exfiltrates victim data — Research Saturday
April 21, 2018
RSA wraps up. Staging offensive cyber operations. (Information ops, too.) Business email compromise affects maritime shipping sectors. Sanctions bit Chinese device giants.
April 20, 2018
Dispatches from RSA 2018. Russia continues to test the Five Eyes' patience and resolve. Trustjacking, Stresspaint, and an exposed AWS bucket.
April 19, 2018
More cyber battlespace preparation. Hacking as the continuation of war by other means. Ongoing social media privacy concerns. Tech glitch extends tax deadline. Notes from RSA.
April 18, 2018
Russia versus routers. Desert Scorpion swept out of Google Play. ZTE faces sanctions. RSA notes, and a Sandbox winner.
April 17, 2018
Info ops follow airstrikes, to be followed by sanctions. Expect cyberattacks and reprisals, with a chance of kompromat.
April 16, 2018
Energetic Dragonfly and DYMALLOY Bear 2.0 — Research Saturday
April 14, 2018
Operation Parliament seems to have got what it came for. EITest finally sinkholed. Facebook testimony on Capitol Hill. Estonia reports. Swatting case teaches nothing?
April 13, 2018
Zuckerberg testimony. Supply chain cyber threat to satellites. DPRK destructive malware. "Early bird" code injection. GCHQ vs. ISIS. Germany blames compromise on Russia. Salisbury attack update.
April 12, 2018
Mark Zuckerberg testifies about Facebook, big data, and influence. Patch Tuesday notes. Deterrence or open conflict in cyberspace?
April 11, 2018
Facebook comes to Washington. Research ethics? IoT threats. Switch bug exploited in the wild. Criminal misdirection. Russia and the West, again. And what do cybercriminals earn?
April 10, 2018
Hacktivists may be warning Russia and Iran against interfering in US elections. Britain on alert for Russian moves against infrastructure. Facebook preps for Congress. Ransomware updates.
April 9, 2018
Crypto crumple zones — Research Saturday
April 7, 2018
Multibreach via chat app. OceanLotus notes. Mirai vs. Banks. Energetic Bear vs. Switches. Russia warns Britain against provocation. DataTribe finalists.
April 6, 2018
Facebook agonistes. Really agonizing. Ad-supported apps like them some data. Sino-US trade tensions and Chinese cyber espionage. Russian wet work and disinformation. Western reprisals.
April 5, 2018
Facebook boots Russian trolls for being trolls. Zuckerberg will testify before Congress. Different continents, different privacy protections. YouTube shootings. Pipeline hacks. Panera Bread's incident response.
April 4, 2018
Magento brute-forcing. Android IM spyware. njRAT updated. Panera breach. Pipeline operator hacked. Cyber tensions. Cambridge Analytica named in class action suit.
April 3, 2018
Department stores suffer a paycard breach. Atlanta still working on SamSam recovery. Ransomware in India. SWIFT fraud attempt. Facebook's troubles. Kremlin doxed. Reality Winner case update.
April 2, 2018
Chasing FlawedAMMYY — Research Saturday
March 31, 2018
Under Armour fitness app breached. Warning shot from WannaCry. Lazarus Group update. Aadhaar security questions. Ransomware and city governments. FBI agent charged in leak case.
March 30, 2018
Russia retaliates against the US with tit-for-tat PNGs, consular closure. Assange has no more Internet (until he behaves). Fauxpersky and WannaCry seen in the wild. Facebook works on privacy.
March 29, 2018
Tensions over Salisbury nerve agent attack remain high. BranchScope raises concerns about side-channel attacks. Facebook data scandal updates. Atlanta and Baltimore recover from hacks.
March 28, 2018
Blockchains that bind us — Special Edition
Phishing from the library. Facebook and Cambridge Analytica updates. Bots as propaganda readers. SamSam still plagues Atlanta. Aadhaar leaky? Many nations expel Russian diplomats.
March 27, 2018
Persona non grata, Ivan Ivanovich. Grid threat worries. Data scandal updates. Malware notes. Reaction to Iranian indictments. Alleged Carbanak kingpin collared.
March 26, 2018
Code comments cause SAML conundrum — Research Saturday
March 24, 2018
US indicts Iranian hackers. Guccifer 2.0 is a GRU Bear. Atlanta hit with ransomware. Equifax breach cost consumers plenty. Facebook's troubles persist, as do Cambridge Analytica's.
March 23, 2018
Kaspersky burned a JSOC op? Facebook affair: apps, legal fallout, regulatory inspiration, apologies and resolution to sin no more. Tariffs against IP theft. Best Buy shows Huawei the highway.
March 22, 2018
Preparing for grid attacks. Notes on breaches, crime, and punishment. And Facebook's no-good, bad, awful week.
March 21, 2018
Power grid threats coming through the router. Cambridge Analytica and Facebook face tough questions.
March 20, 2018
Power grid hacking fears running high. Social media problems. Election DDoS reported in Russia. FTC and SEC cyber enforcement actions. NSA hoarder case update.
March 19, 2018
Cryptojacking injections heat up - Research Saturday
March 17, 2018
NATO-Russian cyber tensions high. They're also high between Saudi Arabia and Iran. Updates on AMD vulnerability report. Another exposed AWS S3 bucket?
March 16, 2018
Chip vulnerability disclosure controversial. Black market and point-of-sale malware. SEC charges ex-Equifax exec with breach-related insider trading. Tensions over Salisbury nerve agent attack.
March 15, 2018
AMD investigates report of processor flaws. A look at OceanLotus. Patch Tuesday. Russo-British tensions high. MuddyWater threatens researchers.
March 14, 2018
May hands Putin an ultimatum (and cyber conflict is expected). HenBox spies on Uyghurs. Vixen Panda creeps in UK targets by backdoors. Changes at US State Department, CIA. SINET ITSEF notes.
March 13, 2018
Iran grows more capable and assertive in cyberspace. Bots have nothing on humans when it comes to peddling disinformation. Chinese influence ops. Fancy Bear, Slingshot updates.
March 12, 2018
Dark Caracal APT steals out of Lebanon — Research Saturday
March 10, 2018
Cyber reconnaissance. Vulnerability database misdirection. Cryptoming attempts. New Memcrash DDoS. Policy changes in the US coming as agencies report?
March 9, 2018
A Memcrash kill-switch. Shadow Brokers' leaked "Territorial Dispute" tools. Dutch DDoS, Indian hacks. FBI and backdoors. Notes from SINET ITSEF.
March 8, 2018
Patchable vulnerabilities in Apache Struts and Exim. CombJack malware. DPRK vs. UN Panel of Experts. Cyberwar and legal limits. Espionage Act prosecution. Infowars turn grimly kinetic.
March 7, 2018
Cyber espionage in Central and Eastern Europe. Cyber deterrence. Notes from Matrosskaya Tishina. Exabeam describes what crooks can get from your browser.
March 6, 2018
Humanitarian organizations targeted. Memcrash extortion. Spring Break bug. Equifax breach update. Russian influence operations (and American "yelling and hollering").
March 5, 2018
Lebal malware phishes for victims — Research Saturday
March 3, 2018
Memcrashing no longer just a theoretical possibility. Fancy Bear's pawprints in German networks and other peoples' embassies. Deterrence in cyberspace. High-profile fraud victims.
March 2, 2018
Fancy Bear finds Berlin just right. RedDrop Android blackmail malware. Another AWS S3 exposure. FTC settles; SEC investigates. Blockchain radix malorum?
March 1, 2018
Memcrash and amplification attacks. SAML vulnerabilities. Thanatos ransomware. Petya returns (so does Marcher). Deterrence and election security.
Feb. 28, 2018
Cryptojacking through an AWS S3 bucket. Threats, risk, and unintentional mistakes. Crime and punishment. Industry notes. Alien hackers?
Feb. 27, 2018
Olympic hacking—false flags and attack infrastructure. Cryptojacking. Smartphone security bans. Heraldic animals of hacking.
Feb. 26, 2018