Ghost accounts haunt GitHub.
Stargazer Goblin hosts malicious code repositories on GitHub. Crowdstrike blames buggy validations checks for last week’s major incident. The Breachforums database reveals threat actor OPSEC. Windows Hello for Business (WHfB) was found vulnerable to downgrade attacks. A medical center in the U.S. Virgin Islands is hit with ransomware. Interisle analyzes the phishing landscape. The FTC orders eight companies to explain algorithmic pricing. Meta cracks down on the Nigerian Yahoo Boys. A fake IT worker gets caught in the act. My conversation with Nic Fillingham and Wendy Zenone, co-hosts of Microsoft Security's "The Bluehat Podcast.” Researchers wonder if proving you’re human proves profitable for Google.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Nic Fillingham and Wendy Zenone, co-hosts of Microsoft Security's "The Bluehat Podcast," talking about what to expect on Bluehat on the N2K media network. You can catch the podcast every other Wednesday. Their latest episode launching today can be found here.
Selected Reading
A Hacker ‘Ghost’ Network Is Quietly Spreading Malware on GitHub (WIRED)
CrowdStrike blames test software for taking down 8.5 million Windows machines (The Verge)
BreachForums v1 database leak is an OPSEC test for hackers (Bleeping Computer)
Goodbye? Attackers Can Bypass 'Windows Hello' Strong Authentication (Dark Reading)
Schneider Regional Medical Center hit by ransomware attack (Beyond Machines)
New phishing report names and shames TLDs, registrars (The Verge)
FTC Issues Orders to Eight Companies Seeking Information on Surveillance Pricing (FTC)
Meta bans 63,000 accounts belonging to Nigeria’s sextortionist Yahoo Boys (The Record)
How a North Korean Fake IT Worker Tried to Infiltrate Us (KnowBe4)
Forget security – Google's reCAPTCHA v2 is exploiting users for profit (The Register)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices