episode-header-image

Sep 2023

33m 28s

What up in the underworld’s C2C markets....

About this episode

A Joint Advisory warns of Beijing's "BlackTech" threat activity. ShadowSyndicate is a new ransomware as a service operation. A Smishing Triad in the UAE. Openfire flaw actively exploited against servers. AtlasCross is technically capable and, above all, "cautious." Xenomorph malware in the wild. DDoS and API attacks hit the financial sector. In our Industry Voices segment, Joe DePlato from Bluestone Analytics demystified dark net drug markets. Our guest is Richard Hummel from Netscout with the latest trending DDoS vectors. And the FCC chair announces plans to restore net neutrality.

For links to all of today's stories check out our CyberWire daily news briefing:

https://thecyberwire.com/newsletters/daily-briefing/12/185

Selected reading.

CISA, NSA, FBI and Japan Release Advisory Warning of BlackTech, PRC-Linked Cyber Activity (Cybersecurity and Infrastructure Security Agency)

Dusting for fingerprints: ShadowSyndicate, a new RaaS player? (Group-IB)

Smishing Triad Stretches Its Tentacles into the United Arab Emirates (Security Affairs)

Hackers actively exploiting Openfire flaw to encrypt servers (BleepingComputer)

Vulnerability in Openfire messaging software allows unauthorized access to compromised servers (Dr.Web)

Suspicious New Ransomware Group Claims Sony Hack (Dark Reading)

Sony investigates cyberattack as hackers fight over who's responsible (BleepingComputer)

Sony Investigating After Hackers Offer to Sell Stolen Data (SecurityWeek)

Xenomorph Malware Strikes Again: Over 30+ US Banks Now Targeted (Threat Fabric)

The High Stakes of Innovation: Attack Trends in Financial Services (Akamai)

FACT SHEET: FCC Chairwoman Rosenworcel Proposes to Restore Net Neutrality Rules (Federal Communications Commission)

Ukraine: Russian hackers infiltrating software supply chains (Computing)

Russian hacking operations target Ukrainian law enforcement (CyberScoop)

Ukraine accuses Russian spies of hacking law enforcement (Register)

Russian hackers target Ukrainian government systems involved in war crimes investigations (Record)

Ukraine Cyber Defenders Prepare for Winter (Bank Info Security)

Learn more about your ad choices. Visit megaphone.fm/adchoices

Up next

Memory leaks and login sneaks.

Researchers release proof-of-concept exploits for CitrixBleed2. Grafana patches four high-severity vulnerabilities. A hacker claims to have breached Spanish telecom giant Telefónica. Italian police arrest a Chinese man wanted by U.S. authorities for alleged industrial espionage. ... Show More

SafePay, unsafe day.

Ingram Micro suffers a ransomware attack by the SafePay gang. Spanish police dismantle a large-scale investment fraud ring. The SatanLock ransomware group says it is shutting down. Brazilian police arrest a man accused of stealing over $100 million from the country’s banking syst ... Show More

Swati Shekhar: Challenges increase your risk appetite. [Engineering] [Career Notes]

Please enjoy this encore of Career Notes. Ground Labs' Head of Engineering, Swati Shekhar, shares her circuitous route from and back to engineering. Always being interested in leveraging the tools available to solve problems, Swati talks about how she found her place in engineeri ... Show More

Recommended Episodes

Russie : un malware inédit contre l’Ukraine ?

Si le conflit entre l’Ukraine et la Russie est un drame absolu pour les citoyens, force est de constater que le monde de la tech y joue un rôle de premier plan. Ces derniers jours, nous vous avons présenté différentes actions mises en place par les occidentaux pour tenter d’affai ... Show More

Charl van der Walt on Cyber Extortion

What are the latest trends in the ransomware-as-a-service ecosystem? Since at least May 27, the CL0P ransomware gang has been exploiting a previously unknown vulnerability to exfiltrate data from financial services organizations, energy corporations, government agencies, and even ... Show More

A hacking group called Hive has been hacked by the US authorities

The hackers have been hacked - a prolific international ransomware operation has been shut down by US, German and Dutch officials. The criminal network, Hive, is said to have targeted over 1,500 victims worldwide in the past 18 months and extorted over $100 million. FBI director ... Show More

How A Satellite Hack Became a Cybersecurity Wakeup Call

People around the world rely on satellites for their internet connections, credit card transactions–and even to keep track of time. Last year, a suspected Russian-led satellite hack exposed how vulnerable they are to security breaches, from individual hackers seeking to pilfer i ... Show More

War in Ukraine: the cyber frontier

How the conflict in Ukraine is playing out in cyberspace. With the conflict in Ukraine still raging following Russia’s invasion Ed Butler speaks to hackers from Ukraine including Vlad Styran of Berezha Security Group, one of the people tasked with fending off digital attacks on U ... Show More

Listen to millions of songs and podcasts on Anghami