Uncategorized

Tehran’s Lyceum group expands its activities against ISPs and telcos in Israel, Morocco, Tunisia, and Saudi Arabia. Clopp is going after unpatched instances of SolarWinds. Cyber mercenaries are quietly competing with lawful intercept vendors. NSO Group receives a setback from the US 9th Circuit. Mexico makes an arrest in its Pegasus investigation. Carole Theriault shares […]

Hive ransomware hits electronics retailer Media Markt. Robinhood Markets sustains a data breach it traces to social engineering. Ben Yelin looks at the law behind U.S. police demanding your phone passcode. Dave checks in with Rick Howard for his thoughts on the Trojan Source vulnerability. And more notes on the international action against REvil, including

REvil operators arrested and indicted. China says a foreign intelligence service accessed passenger travel records. Suspected Emissary Panda campaign. Conti (sort of) apologizes. Caleb Barlow thinks it’s time to re-think your security documentation. Our guest is Jessica Hetrick of Optiv Security on cyber fraud running rampant. And the FBI warns of ransomware attacks targeting casinos. For

Senior Vice President for Strategy, Partnerships, and Corporate Development at IronNet Cybersecurity, Jamil Jaffer, shares how his interest in technology brought him full circle. Always a tech guy, Jamil paid he way through college doing computer support. Jamil went to law school and worked in various jobs in Washington DC including a stint in the newly-created

Guest Mor Levi, Vice President of Cyber Practices from Cybereason, joins Dave Bittner to discuss her team’s work on “Operation GhostShell – Novel RAT Targets Global Aerospace and Telecoms Firms.” In July 2021, the Cybereason Nocturnus and Incident Response Teams responded to Operation GhostShell, a highly-targeted cyber espionage campaign targeting the Aerospace and Telecommunications industries mainly

The US offers a reward of up to ten million dollars for information leading to the identification or location of the leaders of the DarkSide ransomware gang. Researchers expect BlackMatter’s nominally retired operators to resurface in other criminal organizations. Ukraine outlines Russian FSB cyber operations during the hybrid war that’s been waged since 2014. Deterrence

Britain’s Labour Party is affected by a ransomware incident a third-party provider sustained. ANSSI identifies a new ransomware affiliate gang, “Lockean.” Notes on how and why BlackMatter and REvil went on the lam. Russo-American talks discussed cybercrime and cybersecurity. Iran’s gas stations are fully back in business, following the cyber sabotage they sustained. Kevin Magee

The BlackMatter ransomware gang says that it’s retiring under pressure from the authorities. The spokesman for the Groove group says his gang doesn’t exist–he was just playing the media. Quiet, high-level talks held between senior US and Russian officials. The US Commerce Department sanctions four spyware vendors. Carole Theriault wonders if you can train yourself

Researchers describe Trojan Source, a hard-to-detect threat to the software supply chain. A ransomware gang takes a page from the information operator’s book. From double extortion to triple extortion, as other ransomware gangs add distributed denial-of-service to encryption and doxing. Criminals are now hacking on material, non-public information, the FBI warns. Joe Carrigan looks at

Iran hasn’t finished investigating its gas station cyber sabotage, but Tehran is pretty sure the Great and Lesser Satans are behind it. NSO Group says it’s going in a new, nicer direction. The Conti gang hits a luxury jewelry dealer, and another, unknown group hits an upscale art dealership. The Chaos gang is after Minecraft