episode-header-image

Mar 2023

28m 13s

Tools, alerts, and advisories from CISA....

About this episode

A CISA tool helps secure Microsoft clouds.JCDC and pre-ransomware notification. CISA releases six ICS advisories. Reply phishing. Cl0p goes everywhere exploiting GoAnywhere. Russian electronic warfare units show the ability to locate Starlink terminals. Betsy Carmelite from Booz Allen Hamilton on the DoD's zero trust journey. Analysis of the National Cybersecurity strategy from our special guests, Adam Isles, Principal at the Chertoff Group and Steve Kelly, Special Assistant to the President and Senior Director for Cybersecurity and Emerging Technology with the National Security Council.

For links to all of today's stories check out our CyberWire daily news briefing:

https://thecyberwire.com/newsletters/daily-briefing/12/57

Selected reading.

JCDC Cultivates Pre-Ransomware Notification Capability (Cybersecurity and Infrastructure Security Agency CISA)

US cyber officials make urgent push to warn businesses about vulnerabilities to hackers (CNN)

Untitled Goose Tool Aids Hunt and Incident Response in Azure, Azure Active Directory, and Microsoft 365 Environments | CISA (Cybersecurity and Infrastructure Security Agency CISA)

New CISA tool detects hacking activity in Microsoft cloud services (BleepingComputer)

CISA Releases Six Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency CISA)

The Microsoft Reply Attack (Avanan)

More victims emerge from Fortra GoAnywhere zero-day attacks (Security |

More Clop GoAnywhere attack victims emerge (SC Media)

Mass-Ransomware Attack on GoAnywhere File Transfer Tool Exposes Companies Worldwide (Medium)

City of Toronto confirms data theft, Clop claims responsibility (BleepingComputer)

Canadian movie chain Cineplex among the victims of GoAnywhere MFT hack (Financial Post)

Personal data of Rio Tinto's Aussie staff may have been hacked - memo (Reuters)

Another GoAnywhere Attack Affects Japanese Giant Hitachi Energy (Heimdal Security Blog)

Using Starlink Paints a Target on Ukrainian Troops (Defense One)

As CISA chief notes lack of Russian cyberattacks against US, experts focus on enhancing nuclear reactor security (Utility Dive)

Using Deception to Learn About Russian Threat Actors (Security Boulevard)

Learn more about your ad choices. Visit megaphone.fm/adchoices

Up next

Plug-ins gone rogue.

Patch Tuesday. An Iranian ransomware group puts a premium on U.S. and Israeli targets. Batavia spyware targets Russia’s industrial sector. HHS fines a Texas Behavioral Health firm for failed risk analysis. The Anatsa banking trojan targets financial institutions in the U.S. and C ... Show More

Memory leaks and login sneaks.

Researchers release proof-of-concept exploits for CitrixBleed2. Grafana patches four high-severity vulnerabilities. A hacker claims to have breached Spanish telecom giant Telefónica. Italian police arrest a Chinese man wanted by U.S. authorities for alleged industrial espionage. ... Show More

SafePay, unsafe day.

Ingram Micro suffers a ransomware attack by the SafePay gang. Spanish police dismantle a large-scale investment fraud ring. The SatanLock ransomware group says it is shutting down. Brazilian police arrest a man accused of stealing over $100 million from the country’s banking syst ... Show More

Recommended Episodes

The War with Algorithms: Why Your Next Security Strategy Includes A.I. and Machine Learning

The image of a hooded individual illuminated by the glare of a computer screen hacking into a company’s network is the classic picture of what a cyber attack looks like. The reality, though, is these attackers are almost never a one-man band, but rather a sophisticated team armed ... Show More

CISA Goes Rogue: How Cybersecurity Became Censorship | 2.25.24

The Cybersecurity and Infrastructure Security Agency faces claims it censors the American public and interferes in elections. After the debunked Russian collusion narrative and the Twitter files, some lawmakers now want to see the agency completely dismantled. Get the facts first ... Show More

AI Threats & Opportunities in Cyber Security With Material Security Co-Founder Ryan Noon

Cyber Security is going to change significantly in the era of AI, according to Ryan Noon, cofounder of Material Security, a security company that makes cloud-based Google and Microsoft email a safe place for sensitive data. Elad Gil and Ryan talk about how Material Security start ... Show More

Listen to millions of songs and podcasts on Anghami