A “flea” on the wall conducts cyberespionage. Cl0p update. Astrology finds its way into your computer systems. Fancy Bear sighted, again.

CyberWire Daily

N2K Networks, Inc.

Technology, Daily News, News, Tech News

4.8 • 1.1K Ratings

🗓️ 21 June 2023

⏱️ 29 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

The Flea APT sets its sights on diplomatic targets. An update on the Cl0p gang’s exploitation of a MOVEit vulnerability. Unpatched TP-Link Archer routers are meeting their match in the Condi botnet. The Muddled Libra threat group compromises companies in a variety of industries. A look into passwordless authentication. Derek Manky of Fortinet describes the Global Threat Landscape. Rick Howard speaks with Rod Wallace from AWS about data lakes. And Fancy Bear noses its way into Ukrainian servers. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/118 Selected reading. Graphican: Flea Uses New Backdoor in Attacks Targeting Foreign Ministries (Symantec) Ke3chang (MITRE) Third MOVEit vulnerability raises alarms as US Agriculture Department says it may be impacted (The Record) PwC and EY impacted by MOVEit cyber attack (Cybersecurity Hub) Norton Parent Says Employee Data Stolen in MOVEit Ransomware Attack (SecurityWeek) MOVEit hack: Gang claims not to have BBC, BA and Boots data (BBC) US govt offers $10 million bounty for info on Clop ransomware (BleepingComputer) Condi DDoS Botnet Spreads via TP-Link's CVE-2023-1389 (Fortinet) CVE-2023-1389 Detail (NIST) Download for Archer AX21 V3 (TP-Link) Threat Group Assessment: Muddled Libra (Unit 42) Axiad and ESG Survey: 82% of Respondents Indicate Passwordless Authentication is a Top Five Priority (PR Newswire) APT28 group used three Roundcube exploits (CVE-2020-35730, CVE-2021-44026, CVE-2020-12641) during another espionage campaign (CERT-UA#6805) (CERT-UA) BlueDelta Exploits Ukrainian Government Roundcube Mail Servers to Support Espionage Activities (The Record) CVE-2020-35730 Detail (NIST) CVE-2023-23397 Detail (NIST) Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the CyberWire Network, powered by N2K.
0:07.0	Today's episode is sponsored by SRM, your first call for cybersecurity and
0:18.1	investigations. Threats today are evolving faster than ever before and since 2005 SRM has pioneered
0:25.3	tailored security solutions for global corporations and their executives.
0:29.5	Whether it's defending against cyber attacks with their award-winning team of ethical hackers and incident response specialists,
0:36.4	or navigating the murky waters of compliance and ESG challenges,
0:40.9	SRMs, Insight and Straight straightforward advice will help you navigate complex risks
0:46.4	and emerge more resilient.
0:48.4	Their secret, a culture that nurtures the sharpest minds, giving them access to the newest technologies and the freedom
0:55.3	to solve problems in new ways, enabling them to craft simple effective solutions for your
1:01.4	unique cyber challenges.
1:03.7	Search your first call to discover how SRM can help your business. And now a word from our sponsor, Six Cents.
1:23.2	Six Cents provides award-winning cloud-based automated endpoint and vulnerability management solutions
1:29.5	to streamline IT and security operations. With its advanced platform, businesses gain complete visibility and control over their infrastructure, reducing IT and security risks, and optimizing operational efficiency.
1:43.0	With 6 cents, you'll get real-time alerts,
1:46.0	risk-based vulnerability prioritization and remediations,
1:49.0	and an intuitive automation and orchestration engine
1:52.0	so you can focus on your core business goals
1:55.0	confident in the knowledge that your enterprise is secure,
1:58.0	compliant and running smoothly.
2:00.0	Visit 6Cence.com
2:02.0	to learn why enterprises choose them. The Flea APT sets its sights on diplomatic targets, an update on the Clop Gang's exploitation of a move-it vulnerability,
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.