The CyberWire Daily Podcast 10.3.23
Ep 1919 | 10.3.23

Where ICS touches the Internet. BunnyLoader traded in C2C markets. Phantom Hacker scams. API risks. Cybersecurity attitudes and behavior. DHS IG reports on two cyber issues. Updates on the hybrid war.

Show Notes

Nearly 100,000 ICS services exposed to the Internet. BunnyLoader in the C2C market. Phantom Hacker scams. API risks. Cybersecurity attitudes and behaviors. Homeland Security IG finds flaws in TSA pipeline security programs, and privacy issues with CBP, ICE, and USSS use of commercial telemetry. Kyiv prepares for Russian attacks on Ukraine's power grid. Ben Yelin on the Department of Commerce placing guardrails on semi-conductor companies. As part of our sponsored Industry Voices segment, Dave Bittner sits down with Nick Ascoli, Founder and CTO at Foretrace, to discuss the last year in data leaks. And Russian disinformation is expected to aim at undermining US support for Ukraine.

Selected reading.

Bitsight identifies nearly 100,000 exposed industrial control systems (Bitsight) 

New BunnyLoader threat emerges as a feature-rich malware-as-a-service (BleepingComputer) 

"Phantom Hacker" Scams Target Senior Citizens and Result in Victims Losing their Life Savings (FBI)

FBI warns of surge in 'phantom hacker' scams impacting elderly (BleepingComputer)

APIs: Unveiling the Silent Killer of Cyber Security Risk Across Industries (Hacker News)

Oh Behave! The Annual Cybersecurity Attitudes and Behaviors Report 2023 (National Cybersecurity Alliance)

Watchdog says pipeline security regulations, data collection safeguards not up to snuff at DHS (Washington Post) 

Better TSA Tracking and Follow-up for the 2021 Security Directives Implementation Should Strengthen Pipeline Cybersecurity (REDACTED) (Office of Inspector General, Department of Homeland Security) 

CBP, ICE, and Secret Service Did Not Adhere to Privacy Policies or Develop Sufficient Policies Before Procuring and Using Commercial Telemetry Data (REDACTED) (Office of Inspector General, Department of Homeland Security) 

Ukraine prepares for winter again as Russia targets its power grid (The Economist) 

Putin’s Next Target: U.S. Support for Ukraine, Officials Say (New York Times