Podcasts
CyberWire Daily
Ep 1733
The CyberWire Daily Podcast 1.5.23
Ep 1733 | 1.5.23

PurpleUrchin’s freejacking. Bluebottle versus the banks. A supply-chain attack on a machine-learning framework. The ransomware leaderboard. And cyber ops in a hybrid war.

Show Notes
Transcript

The PurpleUrchin freejacking campaign. Bluebottle activity against banks in Francophone Africa. The PyTorch framework sustains a supply-chain attack. 2022's ransomware leaderboard. Cellphone traffic as a source of combat information.  FBI Cyber Division AD Bryan Vorndran on the interaction and collaboration of federal agencies in the cyber realm. Our guest Jerry Caponera from ThreatConnect wonders if we need more "Carrots" Than "Sticks" In Cybersecurity Regulation. And two incommensurable views of information security.

Selected reading.

An analysis of the PurpleUrchin campaign. (CyberWire)

PurpleUrchin Bypasses CAPTCHA and Steals Cloud Platform Resources (Unit 42)

Bluebottle observed in the wild. (CyberWire)

Bluebottle: Campaign Hits Banks in French-speaking Countries in Africa (Symantec)

PyTorch incident disclosed, assessed. (CyberWire)

PyTorch dependency poisoned with malicious code (Register)

Compromised PyTorch-nightly dependency chain between December 25th and December 30th, 2022. (PyTorch)

Most active, impactful ransomware groups of 2022. (CyberWire)

2022 Year in Review: Ransomware (Trustwave)

Russia says phone use allowed Ukraine to target its troops (AP NEWS)

For Russian Troops, Cellphone Use Is a Persistent, Lethal Danger (New York Times)

Kremlin blames own soldiers for Himars barracks strike as official death toll rises (The Telegraph) 

No Water’s Edge: Russia’s Information War and Regime Security (Carnegie Endowment for International Peace)

CyberWire Daily
Podcast Info
HOST(S):
Dave Bittner
Dave Bittner is a security podcast host and one of the founders at CyberWire. He's a creator, producer, videographer, actor, experimenter, and entrepreneur. He's had a long career in the worlds of television, journalism and media production, and is one of the pioneers of non-linear editing and digital storytelling.
Schedule: Monday-Friday
Creator: CyberWire, Inc.
CyberWire Daily
ADVERTISEMENT
Sponsored by CrowdSec
Sponsored by CrowdSec

CrowdSec is a software editor developing the eponym open-source, free, massively multiplayer firewall designed to protect your IT assets against all kinds of attacks. You can also share signals across the community to ensure mutual security and have each other’s backs. Learn more.

Sponsored by SpyCloud
Sponsored by SpyCloud

SpyCloud protects consumers, employees, suppliers, and citizens from the dangers of compromised identity. Its solutions make breached information actionable to prevent fraud— enabling a proactive, automated response that negates the value of stolen data before it can be used to cause harm. Learn more.

Sponsored by Strata Identity
Sponsored by Strata Identity

Strata, the #1 platform for Identity Orchestration, integrates multi-cloud and hybrid identity infrastructure and allows enterprises to enforce consistent identity and access policies. Strata empowers IT and cybersecurity teams to architect identity that’s forever modern and permanently flexible. Learn more.