A CISA-issued Joint Advisory warns of threats and vulnerabilities at water and wastewater treatment facilities. CISA issues twenty-two other industrial control system advisories. Andrea Little Limbago from Interos on trends in the human element of security. Our guest is Gidi Cohen from Skybox with Vulnerability and Threat Trends. And the Governor of Missouri intends to prosecute the Saint Louis Post-Dispatch to the fullest extent of whatever the law turns out to be.
Data breach extortion seems to be an emerging criminal trend. Notes on a darknet market’s retirement. Verizon advises Visible users to look to their credentials. Windows users’ attention is drawn to seven potentially serious vulnerabilities (all patchable). The Necro botnet is installing Monero cryptojackers. Organizing an international response to ransomware. Carole Theriault shares thoughts on social engineering. Dinah Davis from Arctic Wolf on the supply chain attack framework. And a quick look at the state of cyber risk in higher education.
A Chinese-speaking APT is distributing the MysterySnail RAT in what appears to be a cyberespionage campaign. Some users still haven’t patched vulnerable SolarWinds instances. Notes on yesterday’s Patch Tuesday. The US-convened international ransomware conference kicked off today, and Russia wasn’t invited. Former users of a criminal booter service get a stern warning letter from the Dutch police. Caleb Barlow reacts to a recent ransomware tragedy. Our guest is Rob Gurzeev of CyCognito on the security issues with subsidiaries. And a Florida woman is charged with altering aircraft records.
Teheran is running password spraying attacks (especially on Thursdays and Sundays). More on the renewed popularity of DDoS attacks. NCSC warns British businesses against ransomware. Two journalists win the Nobel Peace Prize. Joe Carrigan shares his thoughts on GriftHorse. Our guest is Bindu Sundaresan from AT&T Cybersecurity football season and cyber risks. And watch out for small data cards in your peanut butter sandwiches, kids.
Fancy Bear’s snuffling at Gmail credentials. FIN12’s threat to healthcare, and BlackMatter’s threat to agriculture. REvil tries to reestablish itself in the underworld. Twitch update. Sachkov is charged.
Google warns fourteen-thousand Gmail users that Fancy Bear has probably been after their passwords. FIN12, a fast-running ransomware group, is after hospitals’ and healthcare providers’ money. BlackMatter remains active against the agriculture sector. REvil is back and talking on the RAMP forum, but so far it’s getting a chilly reception. Twitch traces its vulnerability to a server misconfiguration. David Dufour from webroot wonders about cracking down on crypto. Our guest is Jeff Dileo of NCC on mastering container security. And Group-IB’s CEO is charged with treason.