Cozy Bear never really left. Iran denies it suffered a US cyberattack. Malicious WAV files. Darknet dragnet hauls in child exploitation ring. Graboid infests Docker hosts.
Cozy Bear never really left. Iran denies it suffered a US cyberattack. Malicious WAV files. Darknet dragnet hauls in child exploitation ring. Graboid infests Docker hosts.
CyberWire Daily · N2K Networks
Audio is streamed directly from the publisher (pdst.fm) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Cozy Bear isn’t back--Cozy Bear never really left at all. Iran says the Americans are dreaming: there was no cyberattack in retaliation for Iran’s implausibly deniable missile strikes on Saudi oil fields last month. Malicious audio files are dropping cryptominers and reverse shells into victim systems. An international dragnet collars hundreds in a darknet child exploitation sweep. And Graboid is out there, worming its cryptojacker into susceptible Docker hosts. Robert M. Lee from Dragos on their contribution to the Splunk Boss of the SOC (BOTS) capture-the-flag (CTF) competition. Guest is Chris Hickman from Keyfactor on Public Key Infrastructure.
For links to all of today's stories check our our CyberWire daily news brief:
https://thecyberwire.com/issues/issues2019/October/CyberWire_2019_10_17.html
Learn more about your ad choices. Visit megaphone.fm/adchoices