Moscow poorly served by its intelligence services, say London and Washington. Cyber phases of the hybrid war. A new zero-day, and some resurgent criminal activity.

CyberWire Daily

N2K Networks, Inc.

Daily News, Tech News, News, Technology

4.6 • 1K Ratings

🗓️ 31 March 2022

⏱️ 22 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Russian cyber operators collect against domestic targets. More details on the Viasat hack. Ukrainian hacktivists say they can interfere with Russian geolocation. Spring4shell is another remote-code-execution problem. The Remcos Trojan is seeing a resurgence. Malicious links distributed via Calendly. Johannes Ullrich from SANS on attack surface detection. Our guest is Fleming Shi from Barracuda on cybersecurity champions. Phishing with “emergency data requests.” Lapsus$ may be back from vacation. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/62 Selected reading. Vladimir Putin is being lied to by his advisers, says GCHQ (The Telegraph) U.S. intelligence suggests that Putin’s advisers misinformed him on Ukraine. (New York Times) White House: Intel shows Putin misled by advisers on Ukraine (AP NEWS) Russian troops sabotaging their own equipment and refusing orders in Ukraine, UK spy chief says (CNBC) Phishing campaign targets Russian govt dissidents with Cobalt Strike (BleepingComputer) KA-SAT Network cyber attack overview (Viasat.com) Tracking cyber activity in Eastern Europe (Google) Ukrainian Hackers Take Aim at Russian Artillery, Navigation Signals (Defense One) Russian efforts in Ukraine have not yet spilled over into cyberattacks on US, says lawmaker (C4ISRNet) New Spring Framework RCE Vulnerability Confirmed - What to do? (Sonatype) New Spring4Shell Zero-Day Vulnerability Confirmed: What it is and how to be prepared (Contrast Security) Spring Core on JDK9+ is vulnerable to remote code execution (Praetorian) Spring4Shell: No need to panic, but mitigations are advised (Help Net Security) Remcos Trojan: Analyzing the Attack Chain (Morphisec) Apple and Meta Gave User Data to Hackers Who Used Forged Legal Requests (Bloomberg) Fresh Phish: Phishers Schedule Victims on Calendar App (INKY) Lapsus$ claims Globant as its latest breach victim (TechCrunch)

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the CyberWire Network, powered by N2K.
0:07.0	Today's episode is sponsored by SRM, your first call for cybersecurity and
0:18.1	investigations. Threats today are evolving faster than ever before and since 2005 SRM has pioneered
0:25.3	tailored security solutions for global corporations and their executives.
0:29.5	Whether it's defending against cyber attacks with their award-winning team of ethical hackers and incident response specialists,
0:36.4	or navigating the murky waters of compliance and ESG challenges,
0:40.9	SRMs, Insight and Straight straightforward advice will help you navigate complex risks
0:46.4	and emerge more resilient.
0:48.4	Their secret, a culture that nurtures the sharpest minds, giving them access to the newest technologies and the freedom
0:55.3	to solve problems in new ways, enabling them to craft simple effective solutions for your
1:01.4	unique cyber challenges.
1:03.7	Search your first call to discover how SRM can help your business. And now a word from our sponsor, Six Cents.
1:23.2	Six Cents provides award-winning cloud-based automated endpoint and vulnerability management solutions
1:29.5	to streamline IT and security operations. With its advanced platform, businesses gain complete visibility and control over their infrastructure, reducing IT and security risks, and optimizing operational efficiency.
1:43.0	With 6 cents, you'll get real-time alerts,
1:46.0	risk-based vulnerability prioritization and remediations,
1:49.0	and an intuitive automation and orchestration engine
1:52.0	so you can focus on your core business goals
1:55.0	confident in the knowledge that your enterprise is secure,
1:58.0	compliant and running smoothly.
2:00.0	Visit 6Cence.com
2:02.0	to learn why enterprises choose them. Russian cyber operators collect against domestic targets, more details on the Viaset hack.
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.