The CyberWire Daily Podcast 6.22.23
Ep 1849 | 6.22.23

Cyber spies and vulnerability goodbyes. RedLine Stealer and Vidar: the cryptkeepers. Social engineering TTPs.

Show Notes

North Korea's APT37 deploys FadeStealer to steal information from its targets. Apple patches vulnerabilities under active exploitation. Access to a US satellite is being hawked in a Russophone cybercrime forum. Russian hacktivist auxiliaries say they’ve disrupted IFC.org. Unmasking pig-butchering scams. Social engineering as a method of account takeover. Fraudsters seen abusing generative AI. Sergey Medved from Quest Software describes the “Great Cloud Repatriation”. Mark Ryland of AWS speaks with Rick Howard about software defined perimeters. And embedded URLs in malware.

Selected reading.

RedEyes Group Wiretapping Individuals (APT37) (Ahn Lab)

Apple fixes iPhone software flaws used in widespread hacks of Russians (The Washington Post)

Apple issues emergency patch to address alleged spyware vulnerability (Cyberscoop)

Apple patch fixes zero-day kernel hole reported by Kaspersky – update now! (Sophos)

Military Satellite Access Sold on Russian Hacker Forum for $15,000 (HackRead)

Well done. Russian hackers shut down the IMF (Dzen.ru)

Why Malware Crypting Services Deserve More Scrutiny (KrebsOnSecurity)

Unmasking Pig-Butchering Scams And Protecting Your Financial Future (Trend Micro)

Classic Account Takeover via the Direct Deposit Change (Avanan)

Q2 2023 Digital Trust & Safety Index (Sift)

Compromised Domains account for over 50% of Embedded URLs in Malware Phishing Campaigns (Cofense)