The CyberWire Daily Podcast 10.4.23
Ep 1920 | 10.4.23

A phishnet for the C-suite. Rootkit delivered by typosquatting. Stream-jacking in YouTube. Risk management. Hybrid war, and the laws thereof.

Show Notes

EvilProxy phishes for executives. Typosquatting to deliver a rootkit. Stream-jacking on YouTube. A global look at risk management. Assistance from a diverse set of international partners. In our Solution Spotlight segment, Simone Petrella speaks with Diane Janosek, Executive Director of Capitol Technology University's Center for Women in Cyber, about paths to cybersecurity and ways to address cybersecurity workforce intelligence through education. Dave Bittner previews the 3rd annual SOC Analyst Appreciation Day with Kayla Williams of Devo. And some guidelines for hacktivists engaged in hybrid war.

Selected reading.

EvilProxy Phishing Attack Strikes Indeed (Menlo Security)

Typosquatting campaign delivers r77 rootkit via npm (ReversingLabs)

A Deep Dive into Stream-Jacking Attacks on YouTube and Why They're So Popular (Bitdefender Labs) 

The C-suite playbook: Putting security at the epicenter of innovation (PwC)

European Peace Foundation (EPF) opens cyber classroom for Ukrainian Armed Forces - EU NEIGHBOURS east (EU NEIGHBOURS east) 

Rethinking Security When So Many Threats Are Invisible (New York Times)

8 rules for “civilian hackers” during war, and 4 obligations for states to restrain them (EJIL: Talk!)