BROADCASTS.com

Cisco patches a command injection vulnerability. NIST issues antiphishing guidance. HeadCrab malware's worldwide distribution campaign. The Gamaredon APT is more interested in collection than destruction. Kathleen Smith of ClearedJobs.Net looks at hiring trends in the cleared community. Bennett from Signifyd describes the fraud ring that\u2019s launched a war on commerce against U.S. merchants. And trends in cyberattacks by state-sponsored actors.\n\nFor links to all of today's stories check out our CyberWire daily news briefing:\nhttps://thecyberwire.com/newsletters/daily-briefing/12/22\n\nSelected reading.\nCommand-Injection Bug in Cisco Industrial Gear Opens Devices to Complete Takeover (Dark Reading)\nPhishing Resistance \u2013 Protecting the Keys to Your Kingdom (NIST)\xa0\nOneNote Documents Increasingly Used to Deliver Malware | Proofpoint UK (Proofpoint)\nHeadCrab: A Novel State-of-the-Art Redis Malware in a Global Campaign (Aquasec)\xa0\nAnother UAC-0010 Story (The State Cyber Protection Centre of the State Service of Special Communication and Information Protection of Ukraine)\nRussia-backed hacker group Gamaredon attacking Ukraine with info-stealing malware (The Record from Recorded Future News)\nCity of London traders hit by Russia-linked cyber attack (The Telegraph)\nChristianaCare recovers from cyberattack, restores website service (6abc Philadelphia)\xa0\nNation-State Threats and the Rise of Cyber Mercenaries: Exploring the Microsoft Digital Defense Report (CSO Online)\nMicrosoft Digital Defense Report 2022 (Microsoft Security)\nLearn more about your ad choices. Visit megaphone.fm/adchoices