BROADCASTS.com

AhRat exfiltrates files and records audio on Android devices. The BlackCat ransomware group uses a signed kernel driver to evade detection. GUI-Vil in the cloud. Unwitting money mules. Ben Yelin unpacks the Supreme Court\u2019s section 230 rulings. Our guest is Mike DeNapoli from Cymulate with insights on cybersecurity effectiveness. And a trio of commercial spyware cases.\n\nFor links to all of today's stories check out our CyberWire daily news briefing:\nhttps://thecyberwire.com/newsletters/daily-briefing/12/99\n\nSelected reading.\nAndroid app breaking bad: From legitimate screen recording to file exfiltration within a year (ESET)\nLove scam or espionage? Transparent Tribe lures Indian and Pakistani officials (ESET)\nBlackCat Ransomware Deploys New Signed Kernel Driver (Trend Micro)\nUnmasking GUI-Vil: Financially Motivated Cloud Threat Actor (Permiso)\nUncle Sam strangles criminals' cashflow by reining in money mules (The Register)\nGerman prosecutors charge four over violating trade act to sell spyware to Turkey (Washington Post)\nIsrael Torpedoed Morocco Spyware Deal - and NSO Competitor QuaDream Shut Down (Haaretz)\nHe Was Investigating Mexico\u2019s Military. Then the Spying Began. (New York Times)\nLearn more about your ad choices. Visit megaphone.fm/adchoices