Podcasts
CyberWire Daily
Ep 1627
The CyberWire Daily Podcast 7.26.22
Ep 1627 | 7.26.22

LockBit gets an upgrade. CosmicStrand UEFI firmware rootkit. Treating thieves like white hats? Most-impersonated brands. AV-Test's Twitter account is hijacked. The cyber phase of a hybrid war.

Show Notes
Transcript

LockBit gets an upgrade. CosmicStrand firmware rootkit is out in a new and improved version. Are thieves being treated like white hats? AV-Test's Twitter account is hijacked. Joe Carrigan considers the mental health effects of the online scam economy. Mr. Security Answer Person John Pescatore ponders the cybersecurity talent gap. And ongoing speculation on the cyber phase of the hybrid war.

Selected reading.

LockBit Ransomware Group Augments Its Latest Variant, LockBit 3.0, With BlackMatter Capabilities (Trend Micro)

CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit (Securelist)

Crypto Firms Make Thieving Hackers an Offer: Keep a Little, Give Back the Rest (Wall Street Journal)

Phishers’ Favorites Top 25, H1 2022: Microsoft Is the Most Impersonated Brand in Phishing Attacks (Vade Secure)

Testing times for AV-Test as Twitter account hijacked by NFT spammers (Graham Cluley)

Ukraine fall-out and new ransomware tactics elevate cyber risks (Strategic Risk Europe)

Ed’s note: The Ukrainian-Russian cyber war no one speaks about (Smart Energy)

CyberWire Daily
Podcast Info
HOST(S):
Dave Bittner
Dave Bittner is a security podcast host and one of the founders at CyberWire. He's a creator, producer, videographer, actor, experimenter, and entrepreneur. He's had a long career in the worlds of television, journalism and media production, and is one of the pioneers of non-linear editing and digital storytelling.
Schedule: Monday-Friday
Creator: CyberWire, Inc.
CyberWire Daily
ADVERTISEMENT
Sponsored by SpyCloud
Sponsored by SpyCloud

SpyCloud protects consumers, employees, suppliers, and citizens from the dangers of compromised identity. Its solutions make breached information actionable to prevent fraud— enabling a proactive, automated response that negates the value of stolen data before it can be used to cause harm. Learn more.

Sponsored by ExtraHop
Sponsored by ExtraHop

ExtraHop provides cyber analytics for the hybrid enterprise. Using wire data and machine learning for real-time threat detection and investigation from Core to Cloud, ExtraHop delivers unprecedented visibility, definitive insights, and immediate answers so security teams can act with confidence. Learn more at ExtraHop.

Sponsored by Axonius
Sponsored by Axonius

Axonius is the cybersecurity asset management platform that correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action, giving security and IT teams the confidence to control complexity. Learn more.