BROADCASTS.com

MOVEit Transfer software sees exploitation. A website skimmer has been employed against targets in the Americas and Europe. A look into XeGroup's recent criminal activity. Apple denies the FSB\u2019s allegations of collusion with NSA. Kaspersky investigates compromised devices. Johannes Ullrich from SANS describes phony YouTube "live streams". Our guest is Sherry Huang from William and Flora Hewlett Foundation to discuss their grants funding cyber policy studies. And the US Department of Defense provides Starlink services to Ukraine.\n\nFor links to all of today's stories check out our CyberWire daily news briefing:\nhttps://thecyberwire.com/newsletters/daily-briefing/12/106\n\nSelected reading.\nMOVEit Transfer Critical Vulnerability (May 2023) (Progress Software)\nRapid7 Observed Exploitation of Critical MOVEit Transfer Vulnerability (Rapid7)\nNew MOVEit Transfer zero-day mass-exploited in data theft attacks (BleepingComputer)\nHackers use flaw in popular file transfer tool to steal data, researchers say (Reuters)\nNew Magecart-Style Campaign Abusing Legitimate Websites to Attack Others (Akamai)\nNot your average Joe: An analysis of the XeGroup\u2019s attack techniques (Menlo Security)\nUnmasking XE Group: Experts Reveal Identity of Suspected Cybercrime Kingpin (The Hacker News)\nApple denies surveillance claims made by Russia's FSB (Reuters)\nFSB uncovers US intelligence operation via malware on Apple mobile phones (TASS)\nKaspersky Says New Zero-Day Malware Hit iPhones\u2014Including Its Own (WIRED)\nOperation Triangulation: iOS devices targeted with previously unknown malware (Kaspersky)\nLithuania becomes first to designate Russia as terrorist state (CSCE)\nPentagon confirms SpaceX deal for Ukraine Starlink services (C4ISRNET)\nLearn more about your ad choices. Visit megaphone.fm/adchoices