"The Cyberwire.  The Black Basta ransomware riddle."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 27 July 2024, 2220 UTC.

Content and Source:  Subscription from https://feedly.com.   https://feedly.com/i/subscription/feed%2Fhttps%3A%2F%2Fthecyberwire.com%2Ffeeds%2Frss.xml

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

The CyberWire

9K followers22 articles per week#security#ciso#tech

22

Yesterday

The Black Basta ransomware riddle.

2 TTPs

•

17h

Dick O'Brien from Symantec Threat Hunter team is talking about their work on "Ransomware Attackers May Have Used Privilege Escalation Vulnerability as Zero-day." Also going to provide some background/history on Black Basta. CVE-2024-26169 in the Windows Error Reporting Service, patched on March 12, 2024, allowed privilege escalation. Despite initial claims of no active exploitation, recent analysi

Recovery from global CrowdStrike outage continues. ICS malware disrupted heating services in Ukraine.

18h

French police launch operation to clean up PlugX infections. North Korea's APT45 conducts espionage alongside financially motivated attacks.

FBI and DOJ thwart North Korean cyber scheme.

1d

A North Korean hacker is indicted for major cyberattacks. CrowdStrike’s in recovery mode. Phishing thrives in the wake of BSOD chaos. Wiz spells out no to Alphabet's $23bn offer. France goes full clean-up. Israel's secret shield in spyware saga. KOSA and COPPA 2.0 promise safer surfing for kids. N2K’s CSO Rick Howard speaks with Steve Schmidt, CSO of Amazon, about the culture of security and what

US State Department offers $10 million reward for alleged North Korean hacker.

1d

French police launch operation to clean up PlugX infections. APT10 targets Japanese companies.

Jul 25, 2024

Playing doctor with cyberattacks.

2d

A North Korean hacking group targets healthcare, energy and finance. Leaked Leidos documents surface on the dark web. A Middle Eastern financial institution suffered a record-breaking DDoS attack. The latest tally on the fallout from the Crowdstrike outage. A cybersecurity audit of HHS reveals significant cloud security gaps. Docker patches a critical vulnerability for the second time. Google anno

Caveat Briefing for 07.25.24

2d

[no content]

North Korea's APT45 conducts espionage alongside financially motivated attacks.

2d

CrowdStrike outage estimated to cost Fortune 500 firms approximately $5.4 billion. Stolen Leidos documents leaked online.

Jul 24, 2024

Healthcare hassles and hefty heists.

2d

This week, Maria Varmazis host of the N2K daily space show, T-Minus, joins Dave and Joe, as they celebrate Maria joining the Hacking Humans podcast every week! Maria's story is from a listener this week who writes in with a story on an IT company that is a third party for a healthcare company, and the dangers that can come from that. Dave and Joe share some listener follow up from Michael, who sha

Blue screens of death: A deep dive into the Microsoft CrowdStrike outage.

2d

This week we are joined by Caleb Barlow to discuss the legal and policy implications of the CrowdStrike incident. Early last Friday, the Microsoft CrowdStrike outage began due to a faulty update to CrowdStrike's Falcon sensor software on Windows, leading to widespread "blue screens of death." The CrowdStrike IT outage has disrupted 8.5 million devices globally, causing major operational issues. In

Ghost accounts haunt GitHub.

3d

Stargazer Goblin hosts malicious code repositories on GitHub. Crowdstrike blames buggy validations checks for last week’s major incident. The Breachforums database reveals threat actor OPSEC. Windows Hello for Business (WHfB) was found vulnerable to downgrade attacks. A medical center in the U.S. Virgin Islands is hit with ransomware. Interisle analyzes the phishing landscape. The FTC orders eight

Wiz declines Google's $23 billion takeover and will pursue an IPO. Vanta raises $150 million in Series C round.

Wiz rejects Google's $23B offer

•

3d

Ghost accounts on GitHub distribute malware.

3d

Meta disrupts Nigerian sextortion operation. BreachForums database leaked on Telegram.

Microsoft’s The BlueHat Podcast joins the N2K CyberWire network.

3d

N2K Networks, a leader in cyber workforce intelligence, today announced the launch of The BlueHat Podcast, the latest podcast from the Microsoft Security team to join the leading cybersecurity media network. The show will air on the N2K CyberWire network and joins the ranks of other popular Microsoft Security podcasts, including The Microsoft Threat Intelligence Podcast, Afternoon Cyber Tea with A

Jul 23, 2024

Craig Nelson on Simulating Attacks with Microsoft’s Red Team

3d

Craig Nelson, leader of Microsoft's Red Team joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Craig explains how the Red Team simulates attacks on Microsoft's infrastructure to identify vulnerabilities and protect customer data stored in the cloud. He emphasizes the importance of these simulated attacks in preparing for real threats and describes the collaborati

Compelling Cyber Narratives with David J. Ebner

3d

Storytelling in cybersecurity doesn't have to be dry. There are stories of espionage, state-sponsored attacks, and ransom scenarios that are dramatic and engaging when told well. Today's special guest, David J. Ebner, the president and founder of Content Workshop, a content agency specializing in cybersecurity companies, is an expert in taking these technical topics and turning them into compellin

Don't mess with the NCA.

4d

UK law enforcement relieves DigitalStress. Congress summons Crowdstrike’s CEO to testify. FrostyGoop malware turned off the heat in Ukraine. EvilVideo is a zero-day exploit for Telegram. Daggerfly targets Hong Kong pro-democracy activists. Google has abandoned its plan to eliminate third-party cookies. The FCC settles with Tracfone Wireless over privacy and cybersecurity lapses. Wiz says no to Goo

ICS malware disrupted heating services in Ukraine.

2 TTPs

•

4d

Telegram exploit used zero-day vulnerability. Law enforcement shuts down DDoS-for-hire marketplace.

Leading United States Central Command - with General Frank McKenzie

4d

General Frank McKenzie joins Andrew Hammond to discuss his new book, The Melting Point. General McKenzie was the 14th commander of the United States Central Command.

Jul 22, 2024

CrowdStrike and Microsoft battle blue screens across the globe.

5d

Mitigation continues on the global CrowdStrike outage. UK police arrest a suspected member of Scattered Spider. A scathing report from DHS says CISA ignored a directive to cut ties with a faulty contractor. Huntress finds SocGholish distributing AsyncRAT. Ransomware takes down the largest trial court in the U.S. A US regulator finds many major banks inadequately manage cyber risk. CISA adds three

Recovery from global CrowdStrike outage continues.

5d

Social engineering attacks exploit CrowdStrike outage. UK teenager arrested for alleged connection to Scattered Spider gang.

Jul 21, 2024

The current state of Cyber Threat Intelligence.

5d

Rick Howard discusses CTI with John Hultquist.

The current state of Cyber Threat Intelligence.

5d

Rick Howard discusses CTI with John Hultquist

End of feed