Podcasts News Tech News CyberWire Daily An update on three threat actors: Fangxiao, Killnet, and Billbug, one of them in it for money, another for the glory, and a third for the intell. Twitter and SMS 2FA. Zendesk patches. CISA adds a KEV.

An update on three threat actors: Fangxiao, Killnet, and Billbug, one of them in it for money, another for the glory, and a third for the intell. Twitter and SMS 2FA. Zendesk patches. CISA adds a KEV.

Published: Nov. 15, 2022, 9:15 p.m.

Fangxiao works ad scams enroute to other compromises. Killnet claims to have defaced a US FBI site. CISA registers another Known Exploited Vulnerability. Difficulties with Twitter's SMS 2FA system. Zendesk vulnerability discovered. Joe Carrigan explains registration bombing for email addresses. Our guest is Miles Hutchinson from Jumio with insights on defense against sophisticated ransomware attackers. And Billbug romps through Asian government agencies.\n\nFor links to all of today's stories check out our CyberWire daily news briefing:\nhttps://thecyberwire.com/newsletters/daily-briefing/11/219\n\nSelected reading.\nFangxiao: a Chinese threat actor (Cyjax)\nFangxiao: A Phishing Threat Actor (Tripwire)\xa0\nRussian hackers claim cyber attack on FBI website (Newsweek)\xa0\nCISA Has Added One Known Exploited Vulnerability to Catalog (CISA)\nTwitter\u2019s SMS Two-Factor Authentication Is Melting Down (WIRED)\nVaronis Threat Labs Discovers SQLi and Access Flaws in Zendesk (Varonis)\nBillbug: State-sponsored Actor Targets Cert Authority, Government Agencies in Multiple Asian Countries (Symantec)\nChinese hackers target government agencies and defense orgs (BleepingComputer)\xa0\nResearchers Say China State-backed Hackers Breached a Digital Certificate Authority (The Hacker News)\nLearn more about your ad choices. Visit megaphone.fm/adchoices