The CyberWire Daily Podcast 1.12.23
Ep 1738 | 1.12.23

Trojanized VPN installers circulate in Iran. A trip down the static expressway. Hacktivism-for-profit. IT incidents disrupt NOTAMs and Royal Mail. HR phishbait.

Show Notes

Iranian VPN users are afflicted by Trojanized installation apps. Phishing on the static expressway. NoName057(16) hacktivist auxiliaries target NATO. Yesterday’s flight outage appears not to have been caused by a cyberattack. Royal Mail is disrupted by a "cyber incident." Carole Theriault thinks Meta needs to step up their game when blocking financial scams. Our guest is Mark Sasson from Pinpoint Search Group to discuss why cybersecurity may no longer be a candidate-driven market.  And HR phishbait dangles raises, and some employees bite.

Selected reading.

EyeSpy - Iranian Spyware Delivered in VPN Installers (Bitdefender Labs)

Phishing on the Static Expressway. (CyberWire)

NoName057(16) - The Pro-Russian Hacktivist Group Targeting NATO (SentinelOne) 

Not a cyberattack, but an IT failure. (CyberWire)

FAA NOTAM Statement (FAA)

Canadian Pilot-Alert System Reports Outage Hours After U.S. Grounding Order (Wall Street Journal)

US air travel resumes but thousands of flights delayed after planes grounded - live updates (The Telegraph) 

US Flights Latest: Departures Resume After FAA Lifts Ground Stop (Bloomberg)

Royal Mail suffers ‘severe service disruption’ after cyber incident (Glasgow Times)

Royal Mail issues major disruption warning after 'cyber incident' (Computing) 

Parcels and letters stuck in limbo as Royal Mail is hit by a suspected hack (The Telegraph) 

Cyber Incident Hits UK Postal Service, Halts Overseas Mail (SecurityWeek)