Signal-targeted phishing against journalists

Google dismantles a huge residential proxy network. Did the FBI take down the notorious RAMP cybercrime forum? A long running North Korea backed cyber operation has splintered into three specialized threat groups. U.S. military cyber operators carried out a covert operation to disrupt Russian troll networks ahead of the 2024 elections. Phishing campaigns target journalists using the Signal app. SolarWinds patches vulnerabilities in its Web Help Desk product. Amazon found CSAM in its AI training data. Initial access brokers switch up their preferred bot. China executes scam center kingpins. Our guest is Tom Pace, CEO of NetRise, explaining how open-source vulnerabilities are opening doors for nation-states.  An unsecured webcam peers into Pyongyang. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today, Tom Pace, former DOE cyber analyst and CEO of NetRise, joins the show to explain how open-source vulnerabilities are opening doors for nation-states and why visibility into who maintains code repositories matters.

Selected Reading

Google Disrupted World’s Largest IPIDEA Residential Proxy Network (Cyber Security News)

Notorious Russia-based RAMP cybercrime forum apparently seized by FBI (The Record)

Long-running North Korea threat group splits into 3 distinct operations (CyberScoop)

Secret US cyber operations shielded 2024 election from foreign trolls, but now the Trump admin has gutted protections (CNN Politics)

Phishing attack: Numerous journalists targeted in attack via Signal Messenger (Netzpolitik.org)

Signal president warns AI agents are making encryption irrelevant (Cyber Insider)

SolarWinds Patches Critical Web Help Desk Vulnerabilities (SecurityWeek) 

Amazon Found ‘High Volume’ Of Child Sex Abuse Material in AI Training Data (Bloomberg)

Initial access hackers switch to Tsundere Bot for ransomware attacks (Bleeping Computer)

China Executes 11 People Linked to Cyberscam Centers in Myanmar   (Bloomberg)

North Korean Hackers' Daily Life Leaked in Video (The Chosun)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices