Cisco fixes vulnerabilities in ICS appliances. NIST’s anti-phishing guidelines. OneNote exploitation. HeadCrab malware. Recent actions by Russian threat actors. Trends in state-directed cyber ops.


Manage episode 354307826 series 112238
By CyberWire Inc.. Discovered by Player FM and our community — copyright is owned by the publisher, not Player FM, and audio is streamed directly from their servers. Hit the Subscribe button to track updates in Player FM, or paste the feed URL into other podcast apps.

Cisco patches a command injection vulnerability. NIST issues antiphishing guidance. HeadCrab malware's worldwide distribution campaign. The Gamaredon APT is more interested in collection than destruction. Kathleen Smith of ClearedJobs.Net looks at hiring trends in the cleared community. Bennett from Signifyd describes the fraud ring that’s launched a war on commerce against U.S. merchants. And trends in cyberattacks by state-sponsored actors.

For links to all of today's stories check out our CyberWire daily news briefing:

Selected reading.

Command-Injection Bug in Cisco Industrial Gear Opens Devices to Complete Takeover (Dark Reading)

Phishing Resistance – Protecting the Keys to Your Kingdom (NIST)

OneNote Documents Increasingly Used to Deliver Malware | Proofpoint UK (Proofpoint)

HeadCrab: A Novel State-of-the-Art Redis Malware in a Global Campaign (Aquasec)

Another UAC-0010 Story (The State Cyber Protection Centre of the State Service of Special Communication and Information Protection of Ukraine)

Russia-backed hacker group Gamaredon attacking Ukraine with info-stealing malware (The Record from Recorded Future News)

City of London traders hit by Russia-linked cyber attack (The Telegraph)

ChristianaCare recovers from cyberattack, restores website service (6abc Philadelphia)

Nation-State Threats and the Rise of Cyber Mercenaries: Exploring the Microsoft Digital Defense Report (CSO Online)

Microsoft Digital Defense Report 2022 (Microsoft Security)

2444 episodes