The CyberWire Daily Podcast 7.26.22
Ep 1627 | 7.26.22

LockBit gets an upgrade. CosmicStrand UEFI firmware rootkit. Treating thieves like white hats? Most-impersonated brands. AV-Test's Twitter account is hijacked. The cyber phase of a hybrid war.

Show Notes

LockBit gets an upgrade. CosmicStrand firmware rootkit is out in a new and improved version. Are thieves being treated like white hats? AV-Test's Twitter account is hijacked. Joe Carrigan considers the mental health effects of the online scam economy. Mr. Security Answer Person John Pescatore ponders the cybersecurity talent gap. And ongoing speculation on the cyber phase of the hybrid war.

Selected reading.

LockBit Ransomware Group Augments Its Latest Variant, LockBit 3.0, With BlackMatter Capabilities (Trend Micro)

CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit (Securelist)

Crypto Firms Make Thieving Hackers an Offer: Keep a Little, Give Back the Rest (Wall Street Journal)

Phishers’ Favorites Top 25, H1 2022: Microsoft Is the Most Impersonated Brand in Phishing Attacks (Vade Secure)

Testing times for AV-Test as Twitter account hijacked by NFT spammers (Graham Cluley)

Ukraine fall-out and new ransomware tactics elevate cyber risks (Strategic Risk Europe)

Ed’s note: The Ukrainian-Russian cyber war no one speaks about (Smart Energy)