The CyberWire Daily Podcast 1.26.23
Ep 1747 | 1.26.23

Remote monitoring and management tools abused. Russian and Iranian cyberespionage reported. The world according to the CIO. And if volume is your secret, maybe look for a better secret.

Show Notes

Joint advisory warns of remote monitoring and management software abuse. Iranian threat actors reported active against a range of targets. UK's NCSC warns of increased risk of Russian and Iranian social engineering attacks. A look at trends, as seen by CIOs. Carole Theriault ponders health versus privacy with former BBC guru Rory Cellan Jones. Kyle McNulty, host of the Secure Ventures podcast shares lessons from the cybersecurity startup community. And the DRAGONBRIDGE spam network is disrupted.

Selected reading.

CISA, NSA, and MS-ISAC Release Advisory on the Malicious Use of RMM Software (CISA)

Protecting Against Malicious Use of Remote Monitoring and Management Software (CISA)

CISA: Federal agencies hacked using legitimate remote desktop tools (BleepingComputer)

'Malicious' cyber attacks launched by groups connected to Iran's regime (ABC) 

Abraham's Ax Likely Linked to Moses Staff (Secureworks)

SEABORGIUM and TA453 continue their respective spear-phishing campaigns against targets of interest (NCSC)

NCSC: Russian and Iranian hackers targeting UK politicians, journalists (Computing)

State of the CIO Study 2023: CIOs cement leadership role (Foundry)

U.S. says it 'hacked the hackers' to bring down ransomware gang, helping 300 victims (Reuters)

Over 50,000 instances of DRAGONBRIDGE activity disrupted in 2022 (Google TAG)