episode-header-image

Mar 2023

28m 13s

Tools, alerts, and advisories from CISA....

About this episode

A CISA tool helps secure Microsoft clouds.JCDC and pre-ransomware notification. CISA releases six ICS advisories. Reply phishing. Cl0p goes everywhere exploiting GoAnywhere. Russian electronic warfare units show the ability to locate Starlink terminals. Betsy Carmelite from Booz Allen Hamilton on the DoD's zero trust journey. Analysis of the National Cybersecurity strategy from our special guests, Adam Isles, Principal at the Chertoff Group and Steve Kelly, Special Assistant to the President and Senior Director for Cybersecurity and Emerging Technology with the National Security Council.

For links to all of today's stories check out our CyberWire daily news briefing:

https://thecyberwire.com/newsletters/daily-briefing/12/57

Selected reading.

JCDC Cultivates Pre-Ransomware Notification Capability (Cybersecurity and Infrastructure Security Agency CISA)

US cyber officials make urgent push to warn businesses about vulnerabilities to hackers (CNN)

Untitled Goose Tool Aids Hunt and Incident Response in Azure, Azure Active Directory, and Microsoft 365 Environments | CISA (Cybersecurity and Infrastructure Security Agency CISA)

New CISA tool detects hacking activity in Microsoft cloud services (BleepingComputer)

CISA Releases Six Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency CISA)

The Microsoft Reply Attack (Avanan)

More victims emerge from Fortra GoAnywhere zero-day attacks (Security |

More Clop GoAnywhere attack victims emerge (SC Media)

Mass-Ransomware Attack on GoAnywhere File Transfer Tool Exposes Companies Worldwide (Medium)

City of Toronto confirms data theft, Clop claims responsibility (BleepingComputer)

Canadian movie chain Cineplex among the victims of GoAnywhere MFT hack (Financial Post)

Personal data of Rio Tinto's Aussie staff may have been hacked - memo (Reuters)

Another GoAnywhere Attack Affects Japanese Giant Hitachi Energy (Heimdal Security Blog)

Using Starlink Paints a Target on Ukrainian Troops (Defense One)

As CISA chief notes lack of Russian cyberattacks against US, experts focus on enhancing nuclear reactor security (Utility Dive)

Using Deception to Learn About Russian Threat Actors (Security Boulevard)

Learn more about your ad choices. Visit megaphone.fm/adchoices

Up next

No honor among thieves. [Research Saturday]

John Fokker, Head of Threat Intelligence at Trellix is discussing "Gang Wars: Breaking Trust Among Cyber Criminals." Trellix researchers reveal how the once-organized ransomware underworld is collapsing under its own paranoia. Once united through Ransomware-as-a-Service programs, ... Show More

When the breachers get breached.

International law enforcement take down the Breachforums domains. Researchers link exploitation campaigns targeting Cisco, Palo Alto Networks, and Fortinet. Juniper Networks patches over 200 vulnerabilities. Apple and Google update their bug bounties. Evaluating AI use in applica ... Show More

Cyber defenders pulled into deportation duty.

DHS reassigns cyberstaff to immigration duties. A massive DDoS attack disrupts several major gaming platforms. Discord refuses ransom after a third-party support system breach. Researchers examine Chaos ransomware and creative log-poisoning web intrusions. The FCC reconsiders its ... Show More

Recommended Episodes

The War with Algorithms: Why Your Next Security Strategy Includes A.I. and Machine Learning

The image of a hooded individual illuminated by the glare of a computer screen hacking into a company’s network is the classic picture of what a cyber attack looks like. The reality, though, is these attackers are almost never a one-man band, but rather a sophisticated team armed ... Show More

CISA Goes Rogue: How Cybersecurity Became Censorship | 2.25.24

The Cybersecurity and Infrastructure Security Agency faces claims it censors the American public and interferes in elections. After the debunked Russian collusion narrative and the Twitter files, some lawmakers now want to see the agency completely dismantled. Get the facts first ... Show More

Analyzing the Impact of A.I. and Technology on Society and Cybersecurity

Technology is advancing at pace never seen before and the newest tech, applications and widgets are being widely adopted at an even quicker rate. Just look at A.I. and machine learning tools,which are now used to identify things once thought unimaginable — whether it's to figure ... Show More

Listen to millions of songs and podcasts on Anghami