Hackers play the evasion game.
the cyberwire
11 hours ago
Hackers play the evasion game.
This week our guest is, John Hammond from Huntress and he sits down to talk about spoofing and evasion techniques used by hackers. Dave and Joe share a bit of follow up, including a question form listener John who writes in asking about a passkey discussion in the last episode. Joe has a story from Reddit this week, where someone posted about a dispute they are having with their wedding caterer, where the company is saying the couple still owes them over $5,000 after the wedding has happened for umbrellas, the person posting wants to know what they should do about this argument. Dave's story is from Retool, where they are warning customers after an employee of theirs fell victim to a phishing scheme through SMS. Our catch of the day comes from the University of Alabama department of engineering, where the receiver of a suspicious looking email is being "sued" after owing $300 and not paying it back.
Hacking Humans
Hackers play the evasion game.
the cyberwire
11 hours ago
Hackers play the evasion game.
This week our guest is, John Hammond from Huntress and he sits down to talk about spoofing and evasion techniques used by hackers. Dave and Joe share a bit of follow up, including a question form listener John who writes in asking about a passkey discussion in the last episode. Joe has a story from Reddit this week, where someone posted about a dispute they are having with their wedding caterer, where the company is saying the couple still owes them over $5,000 after the wedding has happened for umbrellas, the person posting wants to know what they should do about this argument. Dave's story is from Retool, where they are warning customers after an employee of theirs fell victim to a phishing scheme through SMS. Our catch of the day comes from the University of Alabama department of engineering, where the receiver of a suspicious looking email is being "sued" after owing $300 and not paying it back.
Hacking Humans

Cybersecurity News

the cyberwire
1 hour ago
BOLO Snatch ransomware. Trends in phishing, cyber insurance claims, threats to schools. Notes from the hybrid war.
CISA, FBI warn of Snatch ransomware. Phishing trends. Ransomware increasingly cited in cyber insurance claims. Trends in cyber threats to academic institutions. Russian hacktivist auxiliary disrupts Canadian border control and airport sites. ICC remains tight-lipped concerning cyberattack.
Daily Briefing
the cyberwire
1 hour ago
CISA, FBI warn of Snatch ransomware.
Snatch's C2 servers operate mostly, it seems, from Russia (without love).
Story
the cyberwire
1 hour ago
Ukraine at D+574: Breaching the Surovikin Line.
Signs of a breach in the Surovikin Line occur as Ukrainian missiles hit the Black Sea Fleet headquarters and Ukraine claims successful sabotage of military aircraft near Moscow. Russia continues to strike cities indiscriminately.
Story
the cyberwire
11 hours ago
Make your mark CISOs.
This week, our guest is Karen Worstell from VMware to discuss how CISOs can make their mark with the new SEC rules. Ben's story discusses a Michigan case dealing with persistent unmanned aerial vehicle (drone) surveillance. Dave's got the story of a California judge blocking a law aimed at increasing the online safety for kids, by saying it violates the first amendment in the constitution.
Caveat
the cyberwire
20 hours ago
Hacking the ICC. ShroudedSnooper active, simple, and novel. New criminal malware used against Chinese-speakers. More on the materiality of cyberattacks.
The International Criminal Court reports a "cybersecurity incident." ShroudedSnooper intrusion activity is both novel and simple. Criminal malware targets Chinese-speaking victims. The costs of insider risk. More on the casino attacks (and related social engineering capers). In our Learning Layer segment, Sam Meisenberg drops into a CISSP tutoring session and offers some test-taking tips. Our guest is Aaron Brazelton, Dean of Admissions and Advancement at the Alabama School of Cyber Technology and Engineering. And the Clorox incident shows how one company navigates unfamiliar new SEC rules.
CyberWire Daily
the cyberwire
20 hours ago
CrowdStrike to acquire Bionic. Dragos raises an additional $74 million in Series D round. HiddenLayer secures $50 million in Series A round.
CrowdStrike to acquire Bionic. Dragos raises an additional $74 million in Series D round. HiddenLayer secures $50 million in Series A round.
Business
the cyberwire
20 hours ago
Implementation of the US’s National Cybersecurity Strategy. US House examines two CISA cyber programs. UK’s Online Safety Bill passed by parliament.
Implementation of the US’s National Cybersecurity Strategy. US House examines two CISA cyber programs. UK’s Online Safety Bill passed by parliament.
Policy
the cyberwire
21 hours ago
The pitfalls of SAS tokens. US software company discloses MOVEit-related breach exposing health data. Pizza Hut Australia discloses data breach.
The pitfalls of SAS tokens. US software company discloses MOVEit-related breach exposing health data. Pizza Hut Australia discloses data breach.
Privacy
the cyberwire
Sep 20, 2023
New Trojan is simple, novel. Criminal activity targets East Asia. Insider risks. Applying SEC cyber rules. ICC hacked.
ShroudedSnooper intrusion activity is both novel and simple. Criminal malware from China prospects Sinophone victims. Costs of insider risk. More on the casino attacks (and related social engineering capers). Clorox incident shows how one company navigates unfamiliar new SEC rules. The International Criminal Court reports a "cybersecurity incident."
Daily Briefing
the cyberwire
Sep 20, 2023
Ukraine at D+573: Ukraine at the UN.
Ukraine continues its slow advance as President Zelenskyy implores the United Nations to stop Russian genocide.
Story
the cyberwire
Sep 20, 2023
ShroudedSnooper hits Middle Eastern telcos.
A probable APT continues a trend of targeting telecommunications providers.
Story
the cyberwire
Sep 20, 2023
Don't take energy for granted.
Redfly cyberespionage targets a national grid. DHS Threat Assessment looks at critical infrastructure threats. A look at the ICS threat landscape. DoE grants for research into distributed energy cybersecurity. CISA offers free vulnerability scanning for water infrastructure. CISA issues ICS advisories. Guest Michael Toecker, Cyber Security Advisor at the United States Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response, discusses community defense. On the Learning Lab, Mark Urban is joined by Alex Baretta, a senior solution architect at Dragos, for part one of their discussion about secure remote access.
Control Loop
Load More
Get more depth with CyberWire Pro.
Stay cyber-aware with access to all of our public podcasts ad-free, as well as our exclusive CyberWire Pro podcasts, briefings, articles, and events by becoming a CyberWire Pro subscriber. Get actionable reporting, analysis & insights on cyber events all at your fingertips.
Subscribe