Published on October 17th, 2019 📆 | 7241 Views ⚑0
Cozy Bear never really left. Iran denies it suffered a US cyberattack. Malicious WAV files….
Cozy Bear isn’t back–Cozy Bear never really left at all. Iran says the Americans are dreaming: there was no cyberattack in retaliation for Iran’s implausibly deniable missile strikes on Saudi oil fields last month. Malicious audio files are dropping cryptominers and reverse shells into victim systems. An international dragnet collars hundreds in a darknet child exploitation sweep. And Graboid is out there, worming its cryptojacker into susceptible Docker hosts. Robert M. Lee from Dragos on their contribution to the Splunk Boss of the SOC (BOTS) capture-the-flag (CTF) competition. Guest is Chris Hickman from Keyfactor on Public Key Infrastructure.
For links to all of today’s stories check our our CyberWire daily news brief:
<a href=”https://www.patreon.com/thecyberwire” rel=”payment”>Support our show</a>