An international hunt bags Qakbot’s infrastructure. Anticipating remediation. Adversaries in the middle. More effective phishbait. Air travel disruption was a glitch, not an attack. Hybrid war update.

An international operation takes down Qakbot. Chinese threat actors anticipated Barracuda remediations. A look at adversary-in-the-middle attacks, making phishbait more effective and the emergence of a new ransomware threat. Narrative themes in Russian influence operations. My conversation with Natasha Eastman from (CISA), Bill Newhouse from (NIST), and Troy Lange from (NSA) to discuss their recent joint advisory on post-quantum readiness. Microsoft’s Ann Johnson from Afternoon Cyber Tea speaks with Cyber Threat Alliance President and CEO Michael Daniel about the current state of cybercrime. And when toilet bowls are outlawed, only outlaws will have toilet bowls.

Listen to the full conversation with Natasha Eastman, Bill Newhouse, and Troy Lange here: A joint advisory on post-quantum readiness.

Selected reading.

Operation Duck Hunt bags Qakbot. (CyberWire)

FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown (Federal Bureau of Investigation)

Qakbot Malware Disrupted in International Cyber Takedown (US Department of Justice)

Law Enforcement Takes Down Qakbot (Secureworks)

Qakbot: Takedown Operation Dismantles Botnet Infrastructure (Symantec) 

Chinese APT Was Prepared for Remediation Efforts in Barracuda ESG Zero-Day Attack (SecurityWeek) 

Phishing-as-a-Service Gets Smarter: Microsoft Sounds Alarm on AiTM Attacks (The Hacker News)

The Lure of Subject Lines in Phishing Emails - How Threat Actors Utilize Dates to Trick Victims (Cofense)

The Emergence of Ransomed: An Uncertain Cyber Threat in the Making (Flashpoint)

Cancelled flights: Air traffic disruption caused by flight data issue (BBC News)

Russian Offensive Campaign Assessment, August 29, 2023 (Institute for the Study of War)