China's Volt Typhoon snoops into US infrastructure, with special attention paid to Guam. Iranian cybercriminals are seen conducting ops against Israeli targets. A new ransomware gang uses recycled ransomware. A persistent Brazilian campaign targets Portuguese financial institutions. A new botnet targets the gaming industry. Phishing attempts impersonate OpenAI. Pro-Russian geolocation graffiti. Andrea Little Limbago from Interos addresses the policy implications of ChatGPT. Our guest is Jon Check from Raytheon Intelligence & Space, on cybersecurity and workforce strategy for the space community. And KillNet says no to slacker hackers.
For links to all of today's stories check out our CyberWire daily news briefing:
https://thecyberwire.com/newsletters/daily-briefing/12/101
Selected reading.
People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection (Joint Advisory)
Volt Typhoon targets US critical infrastructure with living-off-the-land techniques (Microsoft)
Chinese hackers spying on US critical infrastructure, Western intelligence says (Reuters)
Agrius Deploys Moneybird in Targeted Attacks Against Israeli Organizations (Check Point)
Iran-linked hackers Agrius deploying new ransomware against Israeli orgs (The Record)
Iranian Hackers Set Sights On Israeli Shipping & Logistics Firms (Information Security Buzz)
Fata Morgana: Watering hole attack on shipping and logistics websites (ClearSky Security)
Iran suspect in cyberattack targeting Israeli shipping, financial firms (Al-Monitor)
Buhti: New Ransomware Operation Relies on Repurposed Payloads (Symantec)
Operation Magalenha | Long-Running Campaign Pursues Portuguese Credentials and PII (SentinelOne)
The Dark Frost Enigma: An Unexpectedly Prevalent Botnet Author Profile (Akamai)
Fresh Phish: ChatGPT Impersonation Fuels a Clever Phishing Scam (INKY)
Learn more about your ad choices. Visit megaphone.fm/adchoices