The CyberWire Daily Podcast 10.11.23
Ep 1924 | 10.11.23

Cyber phases of two hybrid wars prominently feature influence operations. Rapid Reset is a novel and powerful DDoS vulnerability. Credential phishing resurgent. And a look back at Patch Tuesday.

Show Notes

Cyber operations in Hamas's war, Cryptocurrency as a source of funding, and Russian hacktivist auxiliaries shifting their focus. Not all influence operations involve disinformation. Rapid Reset is a Novel DDoS attack. A resurgent credential phishing campaign. Ann Johnson from Afternoon Cyber Tea speaks with Ram Shankar Siva Kumar and Dr. Hyrum Anderson about the promise, peril, and impact of AI. Our own Rick Howard talks cyber intelligence in the medical vertical with Taylor Lehmann of Google. And a quick look back at Patch Tuesday.

Selected reading.

Hackers make their mark in Israel-Hamas conflict (Axios) 

Hacktivists take sides in Israel-Palestinian war (Record) 

Cyberattacks Targeting Israel Are Rising After Hamas Assault (Time) 

Hacktivists stoke Israel-Gaza conflict online (Reuters) 

Hackers, some tied to Russia, target Israeli media and government websites (MSN) 

Hamas Militants Behind Israel Attack Raised Millions in Crypto (Wall Street Journal) 

Cryptocurrency fueled Hamas' war machine (Quartz) 

The Israeli police cyber unit, Lahav 433, has frozen the cryptocurrency accounts of Hamas (Odessa Journal) 

U.S. surging cyber support to Israel (POLITICO Pro) 

Savvy Israel-linked hacking group reemerges amid Gaza fighting (CyberScoop) 

Israeli Cyber Companies Rally as Digital, Physical Assaults Continue (Wall Street Journal) 

Hamas Seeds Violent Videos on Sites With Little Moderation (New York Times) 

Social media platforms foment disinformation about war in Israel (Record) 

Hamas terrorists post murder of Israeli grandmother on her Facebook page (The Telegraph) 

How to limit graphic social media images from the Israel-Hamas war (Washington Post) 

Briefing: EU Commissioner Asks Musk for Information on “Illegal Content and Disinformation” Spreading on X (The Information)

EU warns Elon Musk of 'penalties' for disinformation circulating on X amid Israel-Hamas war (CNN) 

Hamas Got Around Israel’s Surveillance Prowess by Going Dark (Bloomberg) 

‘HTTP/2 Rapid Reset’ Zero-Day Exploited to Launch Largest DDoS Attacks in History (SecurityWeek)

New 'HTTP/2 Rapid Reset' zero-day attack breaks DDoS records (BleepingComputer) 

The largest cyberattack of its kind recently happened. Here’s how. (Washington Post) 

New technique leads to largest DDoS attacks ever, Google and Amazon say (Record) 

HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487 (Cybersecurity and Infrastructure Security Agency CISA)

LinkedIn Smart Links Fuel Credential Phishing Campaign (Cofense)

Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business (SecurityWeek) 

Microsoft's October Patch Tuesday update resolves three zero-days (Computing) 

Microsoft Releases October 2023 Security Updates (Cybersecurity and Infrastructure Security Agency CISA) 

Patch Tuesday: Code Execution Flaws in Adobe Commerce, Photoshop (SecurityWeek) 

Citrix Releases Security Updates for Multiple Products (Cybersecurity and Infrastructure Security Agency CISA)