FamousSparrow’s sneaky resurgence.

China’s FamousSparrow is back. A misconfigured Amazon S3 bucket exposes data from an Australian fintech firm. Researchers uncover a sophisticated Linux-based backdoor targeting industrial systems. Infiltrating the BlackLock Ransomware group’s infrastructure. Solar inverters in the security spotlight. Credential stuffing gets automated. CISA updates the Known Exploited Vulnerabilities catalog. The UK’s NCA warns of online groups involved in sadistic cybercrime and real-world violence. Authorities arrest a dozen  individuals linked to the now-defunct Ghost encrypted communication platform. Our guest is Tal Skverer, Research Team Lead from Astrix, discussing the OWASP NHI Top 10 framework. Remembering our friend Matt Stephenson. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

We are joined by Tal Skverer, Research Team Lead from Astrix, who is discussing the OWASP NHI Top 10 framework and how teams can use these as they implement NHIs into their systems.

Selected Reading

Chinese Spy Group FamousSparrow Back with a Vengeance, Targets US (Infosecurity Magazine)

Aussie Fintech Vroom Exposes Thousands of Records After AWS Misconfiguration (HackRead)

New Sophisticated Linux Backdoor Targets OT Systems via 0-Day RCE Exploit (GB Hackers)

Blacklock Ransomware: A Late Holiday Gift with Intrusion into the Threat Actor's Infrastructure (Resecurity)

Dozens of solar inverter flaws could be exploited to attack power grids (Bleeping Computer)

Threat Actors Using Powerful Cybercriminal Weapon 'Atlantis AIO' to Automate Credential Stuffing Attacks (Cyber Security News)

CISA Adds of Sitecore CMS Code Execution Vulnerability to List of Known Exploited Vulnerabilities (Cyber Security News)

NCA Warns of Sadistic Online “Com” Networks (Infosecurity Magazine)

12 Cybercriminals Arrested Following Takedown of Ghost Communication Platform (Cyber Security News)

Matt Stephenson remembrance (LinkedIn) 

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices