The CyberWire Daily Podcast 11.7.23
Ep 1943 | 11.7.23

Cybercriminals at the service of the state, and an array of new underworld tools.

Show Notes

Data brokers offer information on active US military personnel. Current BlueNoroff activity. A new Gootloader variant is active in the wild. Atlassian vulnerabilities actively exploited. The prevalence of breaches. Update on a Barracuda vulnerability. Hacktivism and the cyber course of the Hamas-Israel war. Bot-hunting in Ukraine. Microsoft’s Ann Johnson from Afternoon Cyber Tea speaks with Sharon Barber, Chief Information Officer at Lloyds Banking Group, about cyber trends in financial services. Ben Yelin looks at the ease of purchasing US military personnel data from data brokers. And election security is in the news–an off-year election is an election nonetheless.

Selected reading.

Researchers find sensitive personal data of US military personnel is for sale online (CNN)

How foreigners can buy data on US military members, for the right price (POLITICO)

GootBot - Gootloader's new approach to post-exploitation (Security Intelligence)

BlueNoroff strikes again with new macOS malware (Jamf)

GootBot - Gootloader's new approach to post-exploitation (Security Intelligence)

Rapid7-Observed Exploitation of Atlassian Confluence CVE-2023-22518 (Rapid7) 

Armis Research Finds One-Third of Global Organizations Experienced Multiple Security Breaches in Last 12 Months (Armis)

Technical analysis: Barracuda Email Security Gateway by Quentin Olagne (Vectra) 

Maccabi Tel Aviv basketball team website comes under cyber attack (The Jerusalem Post) 

The Digital Frontline of the Israel-Hamas Conflict Could Extend Long After the War (Inkstick) 

Five attack vectors that businesses should focus on in the wake of the Israel-Hamas war (SC Media) 

Israel’s cyber defense chief tells CNN he is concerned Iran could increase severity of its cyberattacks (CNN)

SBU blocks 76 bot farms with 3 mln fake accounts since start of full-scale war (Interfax-Ukraine) 

On Election Day, CISA and Partners Coordinate on Security Operations (Cybersecurity and Infrastructure Security Agency)

Cerby Releases “Threat Briefing: Social Media Security and Elections Volume II,” Providing a Detailed Analysis of Security Gaps in Social Media Platforms (Cerby)