A wormable version of the PlugX USB malware is found. Compromised webcams as a security threat. Emotet botnet out of hibernation. Proof-of-concept: AI used to generate polymorphic keylogger. Turning to alternatives as conventional tactics fail. Dave Bittner speaks with Eve Maler of ForgeRock to discuss how digital identity can help create a more secure connected car experience. Johannes Ullrich from SANS on configuring a proper time server infrastructure. And Phishing messages via legitimate Google notifications. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/46 Selected reading. A border-hopping PlugX USB worm takes its act on the road (Sophos News) BitSight identifies thousands of global organizations using insecure webcams and other IoT devices, finding many susceptible to eavesdropping (BitSight)  Emotet malware attacks return after three-month break (BleepingComputer) BlackMamba: Using AI to Generate Polymorphic Malware (HYAS)  Russian Cyberwar in Ukraine Stumbles Just Like Conventional One (Bloomberg) Australian official demands Russia bring criminal hackers ‘to heel’ (The Record by Recorded Future) Russia will have to rely on nukes, cyberattacks, and China since its military is being thrashed in Ukraine, US intel director says (Business Insider)  BEC 3.0 - Legitimate Sites for Illegitimate Purposes  (Avanan) Learn more about your ad choices. Visit megaphone.fm/adchoices