episode-header-image

Jun 2023

29m 31s

CISA's new Binding Operational Directive...

About this episode

CISA issues a new Binding Operational Directive. An update on CosmicEnergy. Hackers’ homage to fromage in attacks against the Swiss government. Ukraine's Cyber Police shut down a pro-Russian bot farm. Clothing and footwear retailers see impersonation and online fraud. A 2021 ransomware attack contributed to a hospital closing. A proof-of-concept exploit of a patched MOVEit vulnerability. An industry letter calls for a new framework on the White House cybersecurity strategy. Joe Carrigan examines a ChatGPT fueled phishing scam. Our guest is Neha Rungta, Applied Science Director at AWS Identity discussing Amazon Verified Permissions. And trends in cyber risks for small and medium businesses.

For links to all of today's stories check out our CyberWire daily news briefing:

https://thecyberwire.com/newsletters/daily-briefing/12/113

Selected reading.

Binding Operational Directive 23-02 (US Cybersecurity and Infrastructure Security Agency)

COSMICENERGY: New OT Malware Possibly Related To Russian Emergency Response Exercises (Mandiant)

Dragos Analysis Determines COSMICENERGY Is Not an Immediate Threat (Dragos)

More than 4,000 bots to discredit the Defense Forces of Ukraine and spread propaganda in favor of Russia: the police of Vinnytsia eliminated a large-scale bot farm (Ukraine Cyber Police)

Ukraine police raid social media bot farm accused of pro-Russia propaganda (The Record)

Widespread Brand Impersonation Scam Campaign Targeting Hundreds of the Most Popular Apparel Brands (Bolster)

An Illinois hospital is the first health care facility to link its closing to a ransomware attack (NBC News)

Ransomware attack causes Illinois hospital to close (Becker’s Hospital Review)

New BlackFog research: 61% of SMBs were victims of a cyberattack in the last year (BlackFog)

Switzerland warns that a ransomware gang may have accessed government data (The Record)

Swiss government warns of ongoing DDoS attacks, data leak (BleepingComputer)

Swiss Government Targeted by Series of Cyber-Attacks (Infosecurity Magazine)

DDoS attack on Federal Administration: various Federal Administration websites and applications unavailable (The Federal Council of the Swiss Government)

Learn more about your ad choices. Visit megaphone.fm/adchoices

Up next

Julian Waits: Find a way to help society. [Serial Entrepreneur] [Career Notes]

Please enjoy this encore of Career Notes. Senior Vice President and Executive in Residence with Rapid7 and Chairman for Cyversity, Julian Waits, grew up in the era of the Justice League and Superman and it shaped his career. Julian always wanted to do something where he could fin ... Show More

Beyond the smoke screen. [Research Saturday]

This week, we are joined by Dr. Renée Burton, VP of Infoblox Threat Intel, who is discussing their work on VexTrio, a notorious traffic distribution system (TDS) involved in digital fraud. The VexTrio investigation uncovers a massive global ad fraud and scam operation powered by ... Show More

A free speech showdown.

The FTC warns one country’s “online safety” may be another’s “censorship.” A new bipartisan bill aims to reduce barriers to federal cyber jobs. MURKY PANDA targets government, technology, academia, legal, and professional services in North America. MITRE updates their hardware we ... Show More

Recommended Episodes

Nicole Perlroth, "This Is How They Tell Me the World Ends: The Cyberweapons Arms Race" (Bloomsbury, 2021)

For years, cybersecurity experts have debated whether cyber-weapons represent a destabilizing new military technology or merely the newest tool in the spies’ arsenal. In This Is How They Tell Me the World Ends (Bloomsbury, 2021), Nicole Perlroth makes a compelling case that cyber ... Show More

Listen to millions of songs and podcasts on Anghami