The FBI is investigating incidents on its networks. Frebniis backdoors Microsoft servers. ProxyShell vulnerabilities are used to install a cryptominer. Havoc's post-exploitation framework. Atlassian discloses a data breach. German airports sustain a cyber incident. An Aspen Institute report concludes that cyber assistance benefits Ukraine. US announces "Disruptive Technology Strike Force." Robert M. Lee from Dragos on the value of capture the flag events. Our guests are Commander Brandon Campbell of US Navy Cyber Defense Operations Command and Captain Steve Correia, Commanding Officer of Naval Network Warfare Command. And CISA releases fifteen ICS advisories.
For links to all of today's stories check out our CyberWire daily news briefing:
https://thecyberwire.com/newsletters/daily-briefing/12/33
Exclusive: FBI says it has 'contained' cyber incident on bureau's computer network (CNN)
Frebniis: New Malware Abuses Microsoft IIS Feature to Establish Backdoor (Symantec, by Broadcom Software)
ProxyShellMiner Campaign Creating Dangerous Backdoors (Morphisec)
Attacks with novel Havoc post-exploitation framework identified (SC Media)
Atlassian says recent data leak stems from third-party vendor hack (BleepingComputer)
German airport websites down in possible hacker attack (Deutsche Welle)
The Cyber Defense Assistance Imperative – Lessons from Ukraine (Aspen Institute)
U.S. launches 'disruptive technology' strike force to target national security threats (Reuters)
Justice Department to Increase Scrutiny of Technology Exports, Investments (Wall Street Journal)
ICS-CERT Advisories (CISA)
Learn more about your ad choices. Visit megaphone.fm/adchoices