Cyberespionage, extortion, and DDoS as instruments of state policy. Ransomware continues to trouble a wide range of targets across many sectors.
07/05/23 • 25 min
1 Listener
Chinese cyberespionage campaign against European governments. The Port of Nagoya closes over ransomware attack. BlackCat and SEO poisoning. LockBit seeks to extort a semiconductor manufacturer. Professionals in the cyber underworld. CISA issued a DDoS alert for US companies and government agencies. Microsoft debunks claims of data theft by Anonymous Sudan. Matt O'Neill from the US Secret Service speaks with Dave Bittner about sextortion. Rick Howard sits down with Michael Fuller of AWS to talk about the kill chain. And Avast releases a free decryptor for Akira.
For links to all of today's stories check out our CyberWire daily news briefing:
https://thecyberwire.com/newsletters/daily-briefing/12/126
Selected reading.
Chinese Threat Actors Targeting Europe in SmugX Campaign - Check Point Research (Check Point Research)
Hackers target European government entities in SmugX campaign (BleepingComputer)
Chinese hackers target European embassies with HTML smuggling technique (Record)
Japan’s largest port stops operations after ransomware attack (BleepingComputer)
BlackCat ransomware pushes Cobalt Strike via WinSCP search ads (BleepingComputer)
BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising (The Hacker News)
TSMC Says Supplier Hacked After Ransomware Group Claims Attack on Chip Giant (SecurityWeek)
TSMC confirms data breach after LockBit cyberattack on third-party supplier (TechCrunch)
Taiwan Semiconductor Denies LockBit's $70M Hack Claim (Bank Info Security)
Semiconductor giant says IT supplier was attacked; LockBit makes related claims (Record)
DoS and DDoS Attacks against Multiple Sectors (Cybersecurity and Infrastructure Security Agency CISA)
CISA issues DDoS warning after attacks hit multiple US orgs (BleepingComputer)
Microsoft denies data breach, theft of 30 million customer accounts (BleepingComputer)
Microsoft Denies Major 30 Million Customer-Breach (Infosecurity Magazine)
Decrypted: Akira Ransomware (Avast Threat Labs)
Learn more about your ad choices. Visit megaphone.fm/adchoices
Chinese cyberespionage campaign against European governments. The Port of Nagoya closes over ransomware attack. BlackCat and SEO poisoning. LockBit seeks to extort a semiconductor manufacturer. Professionals in the cyber underworld. CISA issued a DDoS alert for US companies and government agencies. Microsoft debunks claims of data theft by Anonymous Sudan. Matt O'Neill from the US Secret Service speaks with Dave Bittner about sextortion. Rick Howard sits down with Michael Fuller of AWS to talk about the kill chain. And Avast releases a free decryptor for Akira.
For links to all of today's stories check out our CyberWire daily news briefing:
https://thecyberwire.com/newsletters/daily-briefing/12/126
Selected reading.
Chinese Threat Actors Targeting Europe in SmugX Campaign - Check Point Research (Check Point Research)
Hackers target European government entities in SmugX campaign (BleepingComputer)
Chinese hackers target European embassies with HTML smuggling technique (Record)
Japan’s largest port stops operations after ransomware attack (BleepingComputer)
BlackCat ransomware pushes Cobalt Strike via WinSCP search ads (BleepingComputer)
BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising (The Hacker News)
TSMC Says Supplier Hacked After Ransomware Group Claims Attack on Chip Giant (SecurityWeek)
TSMC confirms data breach after LockBit cyberattack on third-party supplier (TechCrunch)
Taiwan Semiconductor Denies LockBit's $70M Hack Claim (Bank Info Security)
Semiconductor giant says IT supplier was attacked; LockBit makes related claims (Record)
DoS and DDoS Attacks against Multiple Sectors (Cybersecurity and Infrastructure Security Agency CISA)
CISA issues DDoS warning after attacks hit multiple US orgs (BleepingComputer)
Microsoft denies data breach, theft of 30 million customer accounts (BleepingComputer)
Microsoft Denies Major 30 Million Customer-Breach (Infosecurity Magazine)
Decrypted: Akira Ransomware (Avast Threat Labs)
Learn more about your ad choices. Visit megaphone.fm/adchoices
Previous Episode
Two viewpoints on the National Cybersecurity Strategy. [Special Edition]
Earlier this month, the White House released the National Cybersecurity Strategy, the first issued since 2018. The strategy refocuses roles, responsibilities, and resource allocations in the digital ecosystem, with a five pillar approach. Those pillars are: defending critical infrastructure, disrupting threat actors, shaping market forces to drive security and resilience, investing in a resilient future, and forging international partnerships.
We wanted to delve into the strategy and its intended effects further, so Dave Bittner spoke with representatives from industry and inside government. Dave first speaks with Adam Isles, Principal and Head of Cybersecurity Practice at The Chertoff Group, sharing industry's take on the strategy. Following that conversation, Dave had a discussion with Steve Kelly, Special Assistant to the President and Senior Director for Cybersecurity and Emerging Technology at the National Security Council, for a look at the strategy from inside the White House.
Links to resources:
- Point of View: 2023 National Cybersecurity Strategy The Chertoff Group's blog
- National Cybersecurity Strategy 2023
- US GAO Snapshot: Cybersecurity: Launching and Implementing the National Cybersecurity Strategy
Learn more about your ad choices. Visit megaphone.fm/adchoices
Next Episode
The Port of Nagoya continues its recovery from ransomware. Charming Kitten ups its game. Spyware in the Play store. Risks to electrical infrastructure. And a quick update on hacktivist auxiliaries.
LockBit 3.0 claims responsibility for Nagoya ransomware attack. Charming Kitten sighting. Spyware infested apps found in Google Play. Threats and risks to electric vehicle charging stations. Solar panels and cyberattacks. Dave Bittner speaks with Eric Goldstein, Executive Assistant Director for Cybersecurity at CISA, to talk about CISA’s effort for companies to build safety into tech products.Rick Howard sits down with Clarke Rodgers of AWS to discuss the mechanics of CISO roundtables. And Hacktivist auxiliaries remain active in Russia's hybrid war.
For links to all of today's stories check out our CyberWire daily news briefing:
https://thecyberwire.com/newsletters/daily-briefing/12/127
Selected reading.
Pro-Russian hackers target Port of Nagoya, disrupting loading of Toyota parts (The Japan Times)
Port of Nagoya resumes operations later than planned after Russian hack (The Japan Times)
Ransomware Halts Operations at Japan's Port of Nagoya (Dark Reading)
Nagoya Port Faces Disruption After Ransomware Attack (Infosecurity Magazine)
Welcome to New York: Exploring TA453's Foray into LNKs and Mac Malware | Proofpoint US (Proofpoint)
Two spyware tied with China found hiding on the Google Play Store (Pradeo)
EV Charger Hacking Poses a ‘Catastrophic’ Risk (WIRED)
Exploited Solar Power Product Vulnerability Could Expose Energy Organizations to Attacks (SecurityWeek)
The Continued Expansion of Cyber Incidents by Non-State Actors in the War in Europe (OODA Loop).
Russian railway site allegedly taken down by Ukrainian hackers (Record)
Learn more about your ad choices. Visit megaphone.fm/adchoices
If you like this episode you’ll love
Episode Comments
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/cyberwire-daily-39916/cyberespionage-extortion-and-ddos-as-instruments-of-state-policy-ranso-31289325"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to cyberespionage, extortion, and ddos as instruments of state policy. ransomware continues to trouble a wide range of targets across many sectors. on goodpods" style="width: 225px" /> </a>
Copy