The CyberWire Daily Podcast 10.27.23
Ep 1936 | 10.27.23

Social engineering as a blunt instrument–almost like swatting without the middleman.

Show Notes

Eastern European gangs overcome their reservations about working with anglophone criminals. Mirth Connect is vulnerable to a critical flaw. A look at a mercenary spyware strain. “PepsiCo” as phishbait. Ben Yelin explains the FCC’s renewed interest in Net Neutrality. Our guest is Wade Baker from the Cyentia Institute with insights on measuring risk. And Europol thinks police should take a good look at quantum computing and law enforcement.

Selected reading.

Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction (Microsoft Security)

MGM Resorts hackers 'one of the most dangerous financial criminal groups’ (Record)

Critical Mirth Connect Vulnerability Could Expose Sensitive Healthcare Data (SecurityWeek) 

Examining Predator Mercenary Spyware (HYAS)

Fresh Phish: The Case of the PepsiCo Procurement Ploy (INKY) 

U.S. Tries New Tack on Russian Disinformation: Pre-Empting It (New York Times) 

ESET APT Activity Report Q2–Q3 2023 (We Live Security) 

Russian hackers claim takedown of WA’s Transperth transport agency with DDoS attack (Cyber Daily) 

The Second Quantum Revolution: The impact of quantum computing and quantum technologies on law enforcement (Europol Innovation Lab)