The CyberWire Daily Podcast 11.3.22
Ep 1697 | 11.3.22

“Static expressway” tactics in credential harvesting. Emotet is back. Black Basta linked to Fin7. RomCom hits Ukrainian targets and warms up against the Anglo-Saxons. Cyber cooperation?

Show Notes

Leveraging Microsoft Dynamics 365 Customer Voice for credential harvesting. Emotet is back. Black Basta ransomware linked to Fin7. A Russophone gang increases activity against Ukrainian targets. Betsy Carmelite from Booz Allen Hamilton on adversary-informed defense. Our guest is Tom Gorup of Fortra’s Alert Logic with a view on cybersecurity from a combat veteran. And Russia regrets that old US lack of cooperation in cyberspace–things would be so much better if the Anglo-Saxons didn’t think cyberspace was the property of the East India Company. Or something like that.

Selected reading.

Abusing Microsoft Customer Voice to Send Phishing Links (Avanan) 

Emotet botnet starts blasting malware again after 5 month break (BleepingComputer) 

Black Basta Ransomware | Attacks Deploy Custom EDR Evasion Tools Tied to FIN7 Threat Actor (SentinelOne) 

RomCom Threat Actor Abuses KeePass and SolarWinds to Target Ukraine and Potentially the United Kingdom (BlackBerry) 

Russia cyber director warns no U.S. cooperation risks "mutual destruction" (Newsweek)