Sunday, December 3, 2023

The CyberWire

The CyberWire The CyberWire is an independent voice delivering concise, accessible, and relevant cyber security news to people all across the globe. We separate the signal from the noise.

  • Bernard Brantley: Tomorrow is a new day. [CISO]
    on December 3, 2023 at 6:00 pm

    Bernard Brantley, CISO from Corelight sits down to share his inspiring career path with others. Bernard started at the very bottom of the tech stack, and shares how he was extremely unclear about what it was that he wanted to do in life and how he was going to get there. Ultimately he reached a point now where he has the self confidence and an incredible level of success that allows him to be authentic and proudly share his story. Bernard overcame dropping out of the military academy and was trying to figure out how he could take these big dreams and aspirations he had as a child and turn them into something fruitful as an adult. Working his way up from the bottom he is now sharing how he overcomes those days of adversity, saying “I spend minimum time trying to like spin my wheels or, kind of stay in frustration or a down period and, and really, uh, try as quickly as possible to move from, “hey, this was a tough day” to, to, into, “all right, uh, this was a tough day because maybe I didn’t commit enough time in this area, or maybe I could have had a bit better conversation with this person.” We thank Bernard for sharing his story with us.

  • Exploits and vulnerabilities.
    on December 2, 2023 at 6:00 am

    Ryan from Bishop Fox joins to describe their work on “Building an Exploit for FortiGate Vulnerability CVE-2023-27997.” After Lexfo published details of a pre-authentication remote code injection vulnerability in the Fortinet SSL VPN, Bishop Fox worked up a proof of concept demo. This research share how they were able to create that proof-of-concept exploit, step by step. The researchers state “Our debugging environment consisted of a FortiGate 7.2.4 virtual machine which we modified to disable some self-verification functionality. After bypassing these integrity checks, we were able to install an SSH server, BusyBox, and debugging tools such as GDB.”

  • Cyber operations across the spectrum of conflict, with some excursions into the criminal underworld.
    on December 2, 2023 at 5:15 am

    Hybrid war in Ukraine. The spread of hybrid war from Gaza. North Korean cyber operations: supply chain attacks and cryptocurrency raids. SugarGh0st’s cyberespionage. Ransomware privateering, and other developments in the cyber underworld.

  • Wyden blocks the senate vote.
    on December 1, 2023 at 9:10 pm

    Senator Wyden blocks the Senate vote on the new NSA and Cyber Command lead. GPS interference is attributed to Iran. Meta identifies and removes Chinese and Russian accounts and groups for coordinated inauthenticity. The EU Council president proposes ‘European cyber force’ with ‘offensive capabilities’. Twisted Spider is observed conducting new ransomware campaigns. Staples sustains a cyberattack. Apple releases security updates for two actively exploited zero-days. On today’s Mr. Security Answer Person segment, John Pescatore joins us to talk about Microsoft’s Secure Future Initiative. And how can you tell if your bot is involved in insider trading?

  • GPS interference (and other forms of deception).
    on December 1, 2023 at 4:08 pm

    GPS interference is attributed to Iran. Meta identifies and removes Chinese and Russian accounts and groups for coordinated inauthenticity. Twisted Spider observed conducting new ransomware campaigns. A new ScrubCrypt variant. Staples sustains a cyberattack. Ukraine inserts a speech by President Zelenskyy into Russian television programming in Crimea.