The LightBasin “activity cluster” has been active indeed against telecom infrastructure in what looks like an espionage campaign. The Magnitude exploit kit adds capabilities for hitting Chromium browsers. An exploit broker is interested in cloud-based VPNs. Victims continue to pay in ransomware attacks. A hacker gets seven years for conspiracy to defraud and identity theft. David Dufour from Webroot looks at the coming threat landscape. Our guest is Paul Shread from eSecurity Planet on backup tools for ransomware. And a Candy Corn shortage is averted.
A look at TA505, familiar yet adaptable. A US joint cybersecurity advisory outlines the BlackMatter threat to critical infrastructure. CISA asks industry for technical information on endpoint detection and response capabilities. Is REvil trying to run on reputation? The Sinclair Broadcasting ransomware incident seems to provide a case study in rapid disclosure. Carole Theriault considers the fight for online anonymity. Joe Carrigan shares steps to protect the C-Suite. And there’s a decryptor out for BlackByte.
The Sinclair Broadcast Group discloses that it sustained a ransomware attack over the weekend. Twitter kicks out two North Korean catphish deployed in a cyberespionage campaign. REvil goes offline, again, perhaps this time for good. Hacking back, at least insofar as you let the hoods know you can see them. Rick Howard previews the newest season of CSO Perspectives. Johannes Ullrich from SANS on Expired Domain Dumpster Diving. And an update on the Missouri disclosure and proposed hacking prosecution.
A CISA-issued Joint Advisory warns of threats and vulnerabilities at water and wastewater treatment facilities. CISA issues twenty-two other industrial control system advisories. Andrea Little Limbago from Interos on trends in the human element of security. Our guest is Gidi Cohen from Skybox with Vulnerability and Threat Trends. And the Governor of Missouri intends to prosecute the Saint Louis Post-Dispatch to the fullest extent of whatever the law turns out to be.
Data breach extortion seems to be an emerging criminal trend. Notes on a darknet market’s retirement. Verizon advises Visible users to look to their credentials. Windows users’ attention is drawn to seven potentially serious vulnerabilities (all patchable). The Necro botnet is installing Monero cryptojackers. Organizing an international response to ransomware. Carole Theriault shares thoughts on social engineering. Dinah Davis from Arctic Wolf on the supply chain attack framework. And a quick look at the state of cyber risk in higher education.