Widespread exploitation of severe vulnerability in ownCloud.

Reports of a Critical Vulnerability in ownCloud. Sites serving bogus McAfee virus alerts. Japan’s space agency reports a breach. Okta revises the impact of their recent breach. Cryptomixer gets taken down in an international law enforcement operation. "SugarGh0st" RAT prospects targets in Uzbekistan and South Korea. NATO cyber exercise runs against the background of Russia's hybrid war.  On today’s Threat Vector segment, David Moulton of Palo Alto Networks’ Unit 42 talks with guest John Huebner about the intricacies of managing threat intelligence feeds. And Russian DDoS’ers are looking for volunteers. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guests

On today’s Threat Vector segment, David Moulton of Palo Alto Networks’ Unit 42 talks with guest John Huebner, an XSIAM Consultant at Palo Alto Networks. David and John delve into the intricacies of managing threat intelligence feeds in cybersecurity. They discuss the challenges organizations face in sifting valuable intelligence from the noise, emphasizing the importance of risk assessments in guiding the selection and tuning of these feeds.

Threat Vector

Please share your thoughts with us for future Threat Vector segments by taking our brief survey.

To learn what is top of mind each month from the experts at Unit 42 sign up for their Threat Intel Bulletin. 

T-Minus commentary on JAXA’s cyber threat. 

Dave is joined by T-Minus Space Daily host, Maria Varmazis, to discuss the significant cyber threat faced by Japan’s Aerospace Exploration Agency, known as JAXA. Listen to yesterday’s episode of T-Minus where they covered the incident. 

Selected Reading

ownCloud vulnerability with maximum 10 severity score comes under “mass” exploitation (Ars Technica)

Associated Press, ESPN, CBS among top sites serving fake virus alerts (Malwarebytes)

VIDAR INFOSTEALER STEALS BOOKING.COM CREDENTIALS IN FRAUD SCAM (Secureworks)

Japan space agency hit with cyberattack, rocket and satellite info not accessed (Reuters)

Okta October breach affected 134 orgs, biz admits (The Register)

October Customer Support Security Incident - Update and Recommended Actions (Okta)

Okta Hack Update Shows Challenges in Rapid Cyber Disclosures (Wall Street Journal)

US seizes Sinbad crypto mixer used by North Korean Lazarus hackers (Bleeping Computer)

Treasury Sanctions Mixer Used by the DPRK to Launder Stolen Virtual Currency (US Department of Treasury)

Crypto Country:  North Korea’s Targeting of Cryptocurrency (Recorded Future)

New SugarGh0st RAT targets Uzbekistan government and South Korea (Cisco Talos)

Russian hackers pose ‘high’ threat level to EU, bloc’s cyber team warns (Politico)

NATO Holds Cyber Defense Exercise as Wartime Hacking Threats Rise (Wall Street Journal)

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.