Archive.fm

CyberWire Daily

Chinese threat actors reel in Barracuda appliances. Diicot: the gang formerly known as Mexals, with Romanian ties. Recent Russian cyberespionage against Ukraine and its sympathizers.

A Chinese threat actor exploits a Barracuda vulnerability. The upgraded version of the Android GravityRAT can exfiltrate WhatsApp messages. Cybercriminals pose as security researchers to propagate malware. Updates on the Vidar threat operation. A new Romanian hacking group has emerged. Shuckworm collects intelligence, and may support targeting. The Washington Post’s Tim Starks explains the section 702 debate. Our guest is Rotem Iram from At-Bay with insights on email security. And Russia's Cadet Blizzard.

For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/115

Selected reading. Android GravityRAT goes after WhatsApp backups (ESET) Quarterly Adversarial Threat Report (Facebook) Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China (Mandiant) GravityRAT - The Two-Year Evolution Of An APT Targeting India (Cisco Talos) Fake Security Researcher GitHub Repositories Deliver Malicious Implant (VulnCheck) Darth Vidar: The Aesir Strike Back (Team Cymru) Tracking Diicot: an emerging Romanian threat actor (Cado Security) Shuckworm: Inside Russia’s Relentless Cyber Campaign Against Ukraine (Symantec) Cadet Blizzard emerges as a novel and distinct Russian threat actor (Microsoft) Destructive malware targeting Ukrainian organizations (Microsoft) Learn more about your ad choices. Visit megaphone.fm/adchoices

Broadcast on:
15 Jun 2023

A Chinese threat actor exploits a Barracuda vulnerability. The upgraded version of the Android GravityRAT can exfiltrate WhatsApp messages. Cybercriminals pose as security researchers to propagate malware. Updates on the Vidar threat operation. A new Romanian hacking group has emerged. Shuckworm collects intelligence, and may support targeting. The Washington Post’s Tim Starks explains the section 702 debate. Our guest is Rotem Iram from At-Bay with insights on email security. And Russia's Cadet Blizzard.


For links to all of today's stories check out our CyberWire daily news briefing:

https://thecyberwire.com/newsletters/daily-briefing/12/115


Selected reading.

Android GravityRAT goes after WhatsApp backups (ESET)

Quarterly Adversarial Threat Report (Facebook)

Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China (Mandiant)

GravityRAT - The Two-Year Evolution Of An APT Targeting India (Cisco Talos)

Fake Security Researcher GitHub Repositories Deliver Malicious Implant (VulnCheck)

Darth Vidar: The Aesir Strike Back (Team Cymru)

Tracking Diicot: an emerging Romanian threat actor (Cado Security)

Shuckworm: Inside Russia’s Relentless Cyber Campaign Against Ukraine (Symantec)

Cadet Blizzard emerges as a novel and distinct Russian threat actor (Microsoft)

Destructive malware targeting Ukrainian organizations (Microsoft)

Learn more about your ad choices. Visit megaphone.fm/adchoices