One last reminder to check out our newly revised cybersecurity glossary. It's got a new interface and additional features to give you richer context and clarity that goes beyond just a simple definition. Each term has its own dedicated page that includes a pronunciation sound bite, a listing of CyberWire podcasts and publications where it's been used, and (if applicable) the episode of Word Notes that features the term. Be sure to bookmark this curated collection of hundreds of cybersecurity terms, useful to experienced cybersecurity professionals, newcomers, students, enthusiasts, and so on. Check it out here.

LastPass Identity provides simple control and visibility across every entry point to your business through single sign-on, password management and multi-factor authentication in one unified solution. LastPass Identity provides a holistic view of end user activity to simplify security for IT, all while delivering the passwordless login experience employees want. Start a free LastPass Identity trial today.
Ransomware payloads inside a VM. US sanctions WeChat and TikTok. Notes on APT41. Google vs. stalkerware, misrepresentation.
Sophos describes how Maze operators have begun distributing their ransomware payload inside a virtual machine, which renders it more difficult to detect. The Ragnar Locker gang began using the tactic earlier this year, and Maze is willing to learn from its criminal competition.
The US Department of Commerce this morning announced that most transactions with WeChat and TikTok will be banned, effective Sunday. Commerce explained the decision as follows: "While the threats posed by WeChat and TikTok are not identical, they are similar. Each collects vast swaths of data from users, including network activity, location data, and browsing and search histories. Each is an active participant in China’s civil-military fusion and is subject to mandatory cooperation with the intelligence services of the CCP. This combination results in the use of WeChat and TikTok creating unacceptable risks to our national security." The action was taken pursuant to Executive Orders 13942 and 13943.
Seeking Alpha reports that TikTok is seeking allies among rival social platforms to challenge the coming US ban. And, whatever Washington ultimately decides about a TikTok spinoff, the Wall Street Journal notes that any such arrangement would require Beijing’s approval, too.
Symantec Enterprise takes the opportunity offered by US indictments to publish an overview of China’s APT41, which it tracks as “Grayfly” and “Blackfly.”
Google has announced more stringent policies against stalkerware and misrepresentation for Google Play. Threatpost points out that the rules are designed to rule out various developer dodges, but also allow exceptions for parental monitoring apps.
Today's issue includes events affecting Australia, Brazil, Canada, China, the European Union, India, Iran, the United Kingdom, and the United States.
CloudShield™ Eclipse is a Network Detection and Response solution that delivers visibility and advanced threat response for complete and effective defense across your network.
Find out how CloudShield™ Eclipse aligns intelligence, visibility, scalability, detection, and mitigation into a seamless software-based solution that defends your organization from cyber attacks.