episode-header-image

Jun 2023

29m 31s

CISA's new Binding Operational Directive...

About this episode

CISA issues a new Binding Operational Directive. An update on CosmicEnergy. Hackers’ homage to fromage in attacks against the Swiss government. Ukraine's Cyber Police shut down a pro-Russian bot farm. Clothing and footwear retailers see impersonation and online fraud. A 2021 ransomware attack contributed to a hospital closing. A proof-of-concept exploit of a patched MOVEit vulnerability. An industry letter calls for a new framework on the White House cybersecurity strategy. Joe Carrigan examines a ChatGPT fueled phishing scam. Our guest is Neha Rungta, Applied Science Director at AWS Identity discussing Amazon Verified Permissions. And trends in cyber risks for small and medium businesses.

For links to all of today's stories check out our CyberWire daily news briefing:

https://thecyberwire.com/newsletters/daily-briefing/12/113

Selected reading.

Binding Operational Directive 23-02 (US Cybersecurity and Infrastructure Security Agency)

COSMICENERGY: New OT Malware Possibly Related To Russian Emergency Response Exercises (Mandiant)

Dragos Analysis Determines COSMICENERGY Is Not an Immediate Threat (Dragos)

More than 4,000 bots to discredit the Defense Forces of Ukraine and spread propaganda in favor of Russia: the police of Vinnytsia eliminated a large-scale bot farm (Ukraine Cyber Police)

Ukraine police raid social media bot farm accused of pro-Russia propaganda (The Record)

Widespread Brand Impersonation Scam Campaign Targeting Hundreds of the Most Popular Apparel Brands (Bolster)

An Illinois hospital is the first health care facility to link its closing to a ransomware attack (NBC News)

Ransomware attack causes Illinois hospital to close (Becker’s Hospital Review)

New BlackFog research: 61% of SMBs were victims of a cyberattack in the last year (BlackFog)

Switzerland warns that a ransomware gang may have accessed government data (The Record)

Swiss government warns of ongoing DDoS attacks, data leak (BleepingComputer)

Swiss Government Targeted by Series of Cyber-Attacks (Infosecurity Magazine)

DDoS attack on Federal Administration: various Federal Administration websites and applications unavailable (The Federal Council of the Swiss Government)

Learn more about your ad choices. Visit megaphone.fm/adchoices

Up next

Plug-ins gone rogue.

Patch Tuesday. An Iranian ransomware group puts a premium on U.S. and Israeli targets. Batavia spyware targets Russia’s industrial sector. HHS fines a Texas Behavioral Health firm for failed risk analysis. The Anatsa banking trojan targets financial institutions in the U.S. and C ... Show More

Memory leaks and login sneaks.

Researchers release proof-of-concept exploits for CitrixBleed2. Grafana patches four high-severity vulnerabilities. A hacker claims to have breached Spanish telecom giant Telefónica. Italian police arrest a Chinese man wanted by U.S. authorities for alleged industrial espionage. ... Show More

SafePay, unsafe day.

Ingram Micro suffers a ransomware attack by the SafePay gang. Spanish police dismantle a large-scale investment fraud ring. The SatanLock ransomware group says it is shutting down. Brazilian police arrest a man accused of stealing over $100 million from the country’s banking syst ... Show More

Recommended Episodes

Nicole Perlroth, "This Is How They Tell Me the World Ends: The Cyberweapons Arms Race" (Bloomsbury, 2021)

For years, cybersecurity experts have debated whether cyber-weapons represent a destabilizing new military technology or merely the newest tool in the spies’ arsenal. In This Is How They Tell Me the World Ends (Bloomsbury, 2021), Nicole Perlroth makes a compelling case that cyber ... Show More

Listen to millions of songs and podcasts on Anghami