An update on three threat actors: Fangxiao, Killnet, and Billbug, one of them in it for money, another for the glory, and a third for the intell. Twitter and SMS 2FA. Zendesk patches. CISA adds a KEV.

Fangxiao works ad scams enroute to other compromises. Killnet claims to have defaced a US FBI site. CISA registers another Known Exploited Vulnerability. Difficulties with Twitter's SMS 2FA system. Zendesk vulnerability discovered. Joe Carrigan explains registration bombing for email addresses. Our guest is Miles Hutchinson from Jumio with insights on defense against sophisticated ransomware attackers. And Billbug romps through Asian government agencies.

For links to all of today's stories check out our CyberWire daily news briefing:
https://thecyberwire.com/newsletters/daily-briefing/11/219

Selected reading.
Fangxiao: …

2fa billbug cisa claims exploited fangxiao fbi kev killnet money patches scams sms third threat threat actors twitter update vulnerability zendesk