Supply-chain attack's effects spread. CISA makes new KEV entries. Bumblebee malware loader describes. Decoy Dog toolset discovered. Discord Papers were shared earlier and more widely.
Podcast |
CyberWire Daily
Publisher |
The CyberWire
Media Type |
audio
Podknife tags |
Cybersecurity
Tech News
Technology
Categories Via RSS |
Daily News
News
Tech News
Technology
Publication Date |
Apr 24, 2023
Episode Duration |
00:27:08
3CX is not the only victim in the recent supply chain attack. The PaperCut critical vulnerability is under active exploitation. The Bumblebee malware loader is buzzing around in the wild. A new unique malware toolkit called Decoy Dog. Rick Howard, CSO from N2K Networks, shares RSA Conference predictions and talks about his new book, "Cybersecurity First Principles." Our guest Theresa Lanowitz from AT&T Cybersecurity shares insights on Securing the Edge. And the alleged Discord Papers leaker shared earlier and more widely than previously known. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/78 Selected reading. 3CX Hackers Also Compromised Critical Infrastructure Firms (Infosecurity Magazine) That 3CX supply chain attack keeps getting worse (Register) Energy sector orgs in US, Europe hit by same supply chain attack as 3CX (Record)  Even more victims found in complex 3CX supply chain attack (CybersecurityConnect)  X_Trader Supply Chain Attack Affects Critical Infrastructure Organizations in U.S. and Europe (Symantec Enterprise Blogs)  URGENT | PaperCut MF/NG vulnerability bulletin (March 2023) (PaperCut) PaperCut CVE-2023-27350 Deep Dive and Indicators of Compromise (Horizon3.ai)  Russian Hackers Suspected in Ongoing Exploitation of Unpatched PaperCut Servers (The Hacker News)  CISA KEV Breakdown | April 21, 2023 (Nucleus Security) CISA Adds Three Known Exploited Vulnerabilities to Catalog (Cybersecurity and Infrastructure Security Agency CISA) CISA Adds 3 Actively Exploited Flaws to KEV Catalog, including Critical PaperCut Bug (The Hacker News)  CISA adds printer bug, Chrome zero-day and ChatGPT issue to exploited vulnerabilities catalog (Record) Bumblebee Malware Distributed Via Trojanized Installer Downloads (Secureworks). Google ads push BumbleBee malware used by ransomware gangs (BleepingComputer)  Bumblebee malware infects victims via fake Zoom, Cisco and ChatGPT software installers (Record)  Decoy Dog malware toolkit found after analyzing 70 billion DNS queries (BleepingComputer)  Analyzing DNS Traffic for Anomalous Domains and Threat Detection (Infoblox Blog)  Airman Shared Sensitive Intelligence More Widely and for Longer Than Previously Known (New York Times)  FBI leak investigators home in on members of private Discord server (Washington Post) From Discord to 4chan: The Improbable Journey of a US Intelligence Leak (bellingcat)  Europe’s Planes Keep Flying Despite Cyberattack (Wall Street Journal) Learn more about your ad choices. Visit megaphone.fm/adchoices
3CX is not the only victim in the recent supply chain attack. The PaperCut critical vulnerability is under active exploitation. The Bumblebee malware loader is buzzing around in the wild. A new unique malware toolkit called Decoy Dog. Rick Howard, CSO from N2K Networks, shares RSA Conference predictions and talks about his new book, "Cybersecurity First Principles." Our guest Theresa Lanowitz from AT&T Cybersecurity shares insights on Securing the Edge. And the alleged Discord Papers leaker shared earlier and more widely than previously known. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/78 Selected reading. 3CX Hackers Also Compromised Critical Infrastructure Firms (Infosecurity Magazine) That 3CX supply chain attack keeps getting worse (Register) Energy sector orgs in US, Europe hit by same supply chain attack as 3CX (Record)  Even more victims found in complex 3CX supply chain attack (CybersecurityConnect)  X_Trader Supply Chain Attack Affects Critical Infrastructure Organizations in U.S. and Europe (Symantec Enterprise Blogs)  URGENT | PaperCut MF/NG vulnerability bulletin (March 2023) (PaperCut) PaperCut CVE-2023-27350 Deep Dive and Indicators of Compromise (Horizon3.ai)  Russian Hackers Suspected in Ongoing Exploitation of Unpatched PaperCut Servers (The Hacker News)  CISA KEV Breakdown | April 21, 2023 (Nucleus Security) CISA Adds Three Known Exploited Vulnerabilities to Catalog (Cybersecurity and Infrastructure Security Agency CISA) CISA Adds 3 Actively Exploited Flaws to KEV Catalog, including Critical PaperCut Bug (The Hacker News)  CISA adds printer bug, Chrome zero-day and ChatGPT issue to exploited vulnerabilities catalog (Record) Bumblebee Malware Distributed Via Trojanized Installer Downloads (Secureworks). Google ads push BumbleBee malware used by ransomware gangs (BleepingComputer)  Bumblebee malware infects victims via fake Zoom, Cisco and ChatGPT software installers (Record)  Decoy Dog malware toolkit found after analyzing 70 billion DNS queries (BleepingComputer)  Analyzing DNS Traffic for Anomalous Domains and Threat Detection (Infoblox Blog)  Airman Shared Sensitive Intelligence More Widely and for Longer Than Previously Known (New York Times)  FBI leak investigators home in on members of private Discord server (Washington Post) From Discord to 4chan: The Improbable Journey of a US Intelligence Leak (bellingcat)  Europe’s Planes Keep Flying Despite Cyberattack (Wall Street Journal) Learn more about your ad choices. Visit megaphone.fm/adchoices

3CX is not the only victim in the recent supply chain attack. The PaperCut critical vulnerability is under active exploitation. The Bumblebee malware loader is buzzing around in the wild. A new unique malware toolkit called Decoy Dog. Rick Howard, CSO from N2K Networks, shares RSA Conference predictions and talks about his new book, "Cybersecurity First Principles." Our guest Theresa Lanowitz from AT&T Cybersecurity shares insights on Securing the Edge. And the alleged Discord Papers leaker shared earlier and more widely than previously known.

For links to all of today's stories check out our CyberWire daily news briefing:

https://thecyberwire.com/newsletters/daily-briefing/12/78

Selected reading.

magazine.com/news/3cx-hackers-compromised-critical/">3CX Hackers Also Compromised Critical Infrastructure Firms (Infosecurity Magazine)

That 3CX supply chain attack keeps getting worse (Register)

Energy sector orgs in US, Europe hit by same supply chain attack as 3CX (Record) 

Even more victims found in complex 3CX supply chain attack (CybersecurityConnect) 

enterprise-blogs.security.com/blogs/">X_Trader Supply Chain Attack Affects Critical Infrastructure Organizations in U.S. and Europe (Symantec Enterprise Blogs) 

URGENT | PaperCut MF/NG vulnerability bulletin (March 2023) (PaperCut)

PaperCut CVE-2023-27350 Deep Dive and Indicators of Compromise (Horizon3.ai

hackers-suspected-in-ongoing.html">Russian Hackers Suspected in Ongoing Exploitation of Unpatched PaperCut Servers (The Hacker News) 

CISA KEV Breakdown | April 21, 2023 (Nucleus Security)

CISA Adds Three Known Exploited Vulnerabilities to Catalog (Cybersecurity and Infrastructure Security Agency CISA)

adds-3-actively-exploited-flaws-to.html">CISA Adds 3 Actively Exploited Flaws to KEV Catalog, including Critical PaperCut Bug (The Hacker News) 

CISA adds printer bug, Chrome zero-day and ChatGPT issue to exploited vulnerabilities catalog (Record)

Bumblebee Malware Distributed Via Trojanized Installer Downloads (Secureworks).

Google ads push BumbleBee malware used by ransomware gangs (BleepingComputer) 

Bumblebee malware infects victims via fake Zoom, Cisco and ChatGPT software installers (Record) 

Decoy Dog malware toolkit found after analyzing 70 billion DNS queries (BleepingComputer) 

Analyzing DNS Traffic for Anomalous Domains and Threat Detection (Infoblox Blog) 

teixeira-leaks-russia-ukraine.html">Airman Shared Sensitive Intelligence More Widely and for Longer Than Previously Known (New York Times) 

FBI leak investigators home in on members of private Discord server (Washington Post)

From Discord to 4chan: The Improbable Journey of a US Intelligence Leak (bellingcat) 

Europe’s Planes Keep Flying Despite Cyberattack (Wall Street Journal)

Learn more about your ad choices. Visit megaphone.fm/adchoices

This episode currently has no reviews.

Submit Review
This episode could use a review!

This episode could use a review! Have anything to say about it? Share your thoughts using the button below.

Submit Review