CyberWire Daily
Enter Sandman. A look at an initial access broker. Iran’s OilRig hits Israeli targets. Cyber ops and soft power. Update on casino ransomware attacks. Bermuda’s government sustains cyberattacks.
Sep 22, 2023
The podcast discusses a new APT group called Sandman targeting telecommunications providers. They also cover recent cybersecurity incidents, talent retention, increasing the pipeline of diverse talent, challenges of employee retention, and the importance of being coachable and adaptable in life.
32:16
Episode guests
AI Summary
AI Chapters
Episode notes
Podcast summary created with Snipd AI
Quick takeaways
- A new threat group called Sandman is targeting telecommunications providers and its activities suggest the involvement of a government paying for their operations.
- Gold Melody is a financially motivated group that acts as an initial access broker for other cybercriminals, relying on web shells and operating system utilities to facilitate its activities.
Deep dives
Sandman APT targets telecommunications providers in multiple regions
A new threat group called Sandman is targeting telecommunications providers in the Middle East, Western Europe, and South Asia. Sandman is using a backdoor called Lua Dream and it appears to be a well-executed and actively developed project. The researchers are unsure of attribution but believe it could be a private contractor or mercenary group. Sandman's activities suggest the involvement of a government paying for their operations.
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
