Today's Headlines and the latest #cybernews from the desk of the #CISO:

Threat actors offer millions for zero-days, developers talk of exploit-as-a-service

Mandiant Attributes Ghostwriter APT Attacks to Belarus

Microsoft warns of the evolution of six Iranian hacking groups

Facebook: Pakistani hackers operated a fake app store to target former Afghan officials

CISA Releases Incident and Vulnerability Response Playbooks

 

Story Links:

https://www.bleepingcomputer.com/news/security/threat-actors-offer-millions-for-zero-days-developers-talk-of-exploit-as-a-service/ (https://www.bleepingcomputer.com/news/security/threat-actors-offer-millions-for-zero-days-developers-talk-of-exploit-as-a-service/)

https://www.securityweek.com/mandiant-attributes-ghostwriter-apt-attacks-belarus (https://www.securityweek.com/mandiant-attributes-ghostwriter-apt-attacks-belarus)

https://www.bleepingcomputer.com/news/security/microsoft-warns-of-the-evolution-of-six-iranian-hacking-groups/ (https://www.bleepingcomputer.com/news/security/microsoft-warns-of-the-evolution-of-six-iranian-hacking-groups/)

https://therecord.media/pakistani-hackers-operated-a-fake-app-store-to-target-former-afghan-officials/ (https://therecord.media/pakistani-hackers-operated-a-fake-app-store-to-target-former-afghan-officials/)

https://www.securityweek.com/cisa-releases-incident-and-vulnerability-response-playbooks (https://www.securityweek.com/cisa-releases-incident-and-vulnerability-response-playbooks)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.