China's Volt Typhoon snoops into US infrastructure, with special attention paid to Guam. Iranian cybercriminals are seen conducting ops against Israeli targets. A new ransomware gang uses recycled ransomware. A persistent Brazilian campaign targets Portuguese financial institutions. A new botnet targets the gaming industry. Phishing attempts impersonate OpenAI. Pro-Russian geolocation graffiti. Andrea Little Limbago from Interos addresses the policy implications of ChatGPT. Our guest is Jon Check from Raytheon Intelligence & Space, on cybersecurity and workforce strategy for the space community. And KillNet says no to slacker hackers.

For links to all of today's stories check out our CyberWire daily news briefing:

https://thecyberwire.com/newsletters/daily-briefing/12/101

Selected reading.

People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection (Joint Advisory)

Volt Typhoon targets US critical infrastructure with living-off-the-land techniques (Microsoft)

Chinese hackers spying on US critical infrastructure, Western intelligence says (Reuters)

Agrius Deploys Moneybird in Targeted Attacks Against Israeli Organizations (Check Point)

Iran-linked hackers Agrius deploying new ransomware against Israeli orgs (The Record)

Iranian Hackers Set Sights On Israeli Shipping & Logistics Firms (Information Security Buzz)

Fata Morgana: Watering hole attack on shipping and logistics websites (ClearSky Security)

Iran suspect in cyberattack targeting Israeli shipping, financial firms (Al-Monitor)

Buhti: New Ransomware Operation Relies on Repurposed Payloads (Symantec)

Operation Magalenha | Long-Running Campaign Pursues Portuguese Credentials and PII (SentinelOne)

The Dark Frost Enigma: An Unexpectedly Prevalent Botnet Author Profile (Akamai)

Fresh Phish: ChatGPT Impersonation Fuels a Clever Phishing Scam (INKY)

Learn more about your ad choices. Visit megaphone.fm/adchoices