Join us as we step inside the diverse and fascinating worlds of cybersecurity professionals around the globe and hear their personal stories in their own words. We're pleased to announce Career Notes, each episode of which features a look into one professional's journey, where it began, what influenced its course, and where it's going today.
We recently launched Recorded Future Express — a free browser extension for security teams. Use Express over any web-based SIEM, vulnerability management solution, security blog, and more to put real-time security intelligence at your fingertips. Instantly prioritize alerts, incidents, and vulnerabilities based on real-time risk scores from the world’s largest commercial collection platform. Sign up now.
Dark Basin's reverse advocacy. Honda hacked? Criminal cooperation (and competition). A contraband menu from the dark web.
The University of Toronto's Citizen Lab this morning released a report on a hacker-for-hire operation, "Dark Basin," which targeted "advocacy groups and journalists, elected and senior government officials, hedge funds, and multiple industries." Dark Basin is said to have been especially interested in US not-for-profits, notably climate change and net neutrality advocates. Citizen Lab says Dark Basin is run by Delhi-based IT and cybersecurity firm BellTroX. The New York Times says US Federal prosecutors are investigating.
Production at Honda plants in Europe, North America, and Japan has been affected by what the company calls a computer "disruption," NBC News and others report. The company is remaining relatively tight-lipped, but BleepingComputer says outside observers think they see signs that the incident was a ransomware attack with a variant of Snake (Ekans).
Here's the latest in a series of fitful attempts at cooperation among criminals, as described this morning by researchers at Digital Shadows. It's a DDoS protection tool, “EndGame” (no connection to the similarly named security company acquired last October by Elastic NV). Denial-of-service attacks have long been a drag on criminal operations, whether these are mounted by underworld competitors or law enforcement agencies. EndGame is a product of collaboration among players in the criminal souks Dread, White House Market, Big Blue Market, and Empire Market. Despite the ransomware cartelization BleepingComputer observes, Trend Micro reports that the underworld remains a low-trust community.
If you're buying commodity cyber contraband à la carte, Privacy Affairs has compiled a representative menu from the dark web.
Today's issue includes events affecting Australia, Canada, China, Estonia, the European Union, Germany, Greece, Israel, Russia, Turkey, the United Kingdom, and the United States.
This week's question: which early superhero movie depicted the hacking technique called “salami slicing,” where the hacker sliced off pieces of every penny transferred in a banking transaction, and what famous comedian played the hacker? Send your answers to email@example.com for chances to win stickers and other swell CyberWire stuff.
And last week's trivia question, in case you missed it, was, "What two Matthew Broderick movies presented the exact same social engineering hack to change his character’s grades?" The answer, of course, is WarGames (1983) and Ferris Bueller's Day Off (1986).
LastPass Identity provides simple control and visibility across every entry point to your business through single sign-on, password management and multi-factor authentication in one unified solution. LastPass Identity provides a holistic view of end user activity to simplify security for IT, all while delivering the passwordless login experience employees want. Start a free LastPass Identity trial today.
In today's CyberWire Daily Podcast, out later this afternoon, we speak with our partners at the University of Maryland's Center for Health and Homeland Security, as Ben Yelin offers some clarification on Twitter’s rights in flagging or removing the U.S. President’s tweets Our guest is Jeremy Oddo from The Third Floor, discussing cybersecurity in Hollywood during COVID-19.
Recorded Future's Threat Intelligence podcast, produced in partnership with the CyberWire, is also up. In this week's episode, "Broadening Your View With Security Intelligence," Alex Noga, solutions engineering manager at Recorded Future, shares his insights on enhancing organizations’ ability to make the most of the information they’re gathering by adopting security intelligence. He explains how this approach helps analysts connect the dots and empowers them to focus on the signals that matter — all while blocking out the noise.