CyberWire Daily cover image

CyberWire Daily

Crooks phish for guests; spies phish for drone operators. ZenRAT is used in an info-stealing campaign. More MOVEit-related incidents (some involving Cl0p). DeFi platforms hit. The UK hunts forward.

Sep 26, 2023

An advanced phishing campaign hits hospitality industry. An information-stealing campaign deploys ZenRAT. More MOVEit-related data breaches are disclosed. Mixin Network suspends deposits and withdrawals. The OpenSea NFT market warns of third-party risk to its API. Phishing for Ukrainian military drone operators. Mr. Security Answer Person John Pescatore shares thoughts in Cisco acquiring Splunk. Ann Johnson from the Afternoon Cyber Tea podcast interviews Deb Cupp sharing a lesson in leadership. And the UK adopts a hunt-forward approach to cyber war.

23:10

Creator website

Episode guests

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Luxury hotels are being targeted in an ongoing phishing campaign, with advanced information stealer malware delivered through phishing emails.

A new malware called ZenRAT is infecting Windows devices through fake Bitwarden password manager installers, exhibiting information stealing capabilities.

Deep dives

Phishing Campaign Targets Hospitality Industry with Information Stealing Malware

Co-fence has discovered an ongoing phishing campaign targeting the hospitality industry. The campaign primarily targets luxury hotel chains and resorts. The phishing emails use lures related to the sector, such as booking requests and reservation changes. Once opened, these emails deliver advanced information stealer malware, exhibiting information stealing capabilities. Windows users are advised to exercise caution.

1.

Introduction

3min

2.

ZenRAP Malware, MOVEit Vulnerabilities, Ontario Data Breach, and Mixin Attack

6min

3.

Leadership in the cybersecurity industry, sponsorship messages from No Before and Hunter's SOC Platform

4min

4.

Cisco's Acquisition of Splunk: Impact on SIM Solution

8min

5.

Introduction to ArcSight Intelligence and MimeCast Email Security

4min

An advanced phishing campaign hits hospitality industry. An information-stealing campaign deploys ZenRAT. More MOVEit-related data breaches are disclosed. Mixin Network suspends deposits and withdrawals. The OpenSea NFT market warns of third-party risk to its API. Phishing for Ukrainian military drone operators. Mr. Security Answer Person John Pescatore shares thoughts in Cisco acquiring Splunk. Ann Johnson from the Afternoon Cyber Tea podcast interviews Deb Cupp sharing a lesson in leadership. And the UK adopts a hunt-forward approach to cyber war.

For links to all of today's stories check out our CyberWire daily news briefing:

https://thecyberwire.com/newsletters/daily-briefing/12/184

Selected reading.

Luxury Hotels Major Target of Ongoing Social Engineering Attack (Cofense)

ZenRAT: Malware Brings More Chaos Than Calm (Proofpoint)

More MOVEit-related data breaches are disclosed. (CyberWire)

Mixin Network suspends deposits and withdrawals. (CyberWire)

OpenSea NFT market warns of third-party risk to its API. (CyberWire)

Threat Labs Security Advisory: New STARK#VORTEX Attack Campaign: Threat Actors Use Drone Manual Lures to Deliver MerlinAgent Payloads (Securonix)

Ukrainian Military Targeted in Phishing Campaign Leveraging Drone Manuals (The Hacker News)

British Army general says UK now conducting ‘hunt forward’ operations (Record)

Learn more about your ad choices. Visit megaphone.fm/adchoices

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

App store banner

Play store banner

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode