Apple patches its software. Reviewing the cyber phase of a hybrid war. The return of the (ShadowPad) alumni. Phishing from the Static Expressway. The state of cloud security. Overconfidence comes at a cost. Ann Johnson of Afternoon Cyber Tea speaks with Dr. Josephine Wolff from the Fletcher School about cyber insurance past. My conversation with FBI special agents Tom Sobocinski and Tom Breeden. And Charming Kitten and group-think in social engineering.

For links to all of today's stories check out our CyberWire daily news briefing:
https://thecyberwire.com/newsletters/daily-briefing/11/176

Selected reading.
Apple security updates (Apple Support)
Ukraine Cyber War Update September 2022 (CyberCube)
New Wave of Espionage Activity Targets Asian Governments (Broadcom Software Blogs)
Chinese gov’t hackers using ‘diverse’ toolset to target Asian prime ministers, telecoms (The Record by Recorded Future)
Leveraging Facebook Ads to Send Credential Harvesting Links (Avanan)
Unpatched and Outdated Medical Devices Provide Cyber Attack Opportunities (FBI) 
CFO Cyber Security Survey: Over-Confidence is Costly (Kroll) 
Snyk’s State of Cloud Security Report Reveals 80% of Organizations Have Experienced a Severe Cloud Security Incident in Past Year (Snyk) 
Look What You Made Me Do: TA453 Uses Multi-Persona Impersonation to Capitalize on FOMO (Proofpoint)
Iranian military using spoofed personas to target nuclear security researchers (The Record by Recorded Future)
Alleged cyber commander of Iran’s Revolutionary Guard named by opposition outlet (Times of Israel)