episode-header-image

Jun 2023

31m 25s

The Cl0p gang moves its way into US gove...

About this episode

The US Government discloses exploitations of MOVEit vulnerabilities, and the Department of Energy is targeted by the Cl0p gang. CISA releases an updated advisory for Telerik vulnerabilities affecting Government servers. Shampoo malware emerges with multiple persistence mechanisms. How the IT Army of Ukraine can exemplify a cyber auxiliary. Russophone gamers are being targeted with ransomware. An alleged LockBit operator has been arrested. The FBI’s Deputy Assistant Director for cyber Cynthia Kaiser joins us with cybercriminal trends and recent successes. Our guest is Will Markow from Lightcast, speaking with Simone Petrella about data-driven strategic workforce decisions. And a federal grand jury indicts the alleged Discord Papers leaker.

For links to all of today's stories check out our CyberWire daily news briefing:

https://thecyberwire.com/newsletters/daily-briefing/12/116

Selected reading.

US government hit by Russia's Clop in MOVEit mass attack (The Register)

Energy Department among ‘several’ federal agencies hit by MOVEit breach (Federal News Network)

Threat Actors Exploit Progress Telerik Vulnerabilities in Multiple U.S. Government IIS Servers (CISA)

CVE-2019-18935 Detail (NIST)

CVE-2017-9248 Detail (NIST)

Cryptographic Weakness (Telerik)

Shampoo: A New ChromeLoader Campaign (HP)

Cyber attacks on Rotterdam and Groningen websites (World Cargo News)

The Dynamics of the Ukrainian IT Army’s Campaign in Russia (Lawfare)

Watch: Why early failures in Ukraine's counter-offensive aren't Russian victories (The Telegraph)

Russian War Report: Anti-Ukrainian counteroffensive narratives fail to go viral (Atlantic Council)

Threat Actor Targets Russian Gaming Community With WannaCry-Imitator (Cyble)

Hackers infect Russian-speaking gamers with fake WannaCry ransomware (The Record)

Russian national arrested in Arizona, charged for alleged role in LockBit ransomware attacks (CyberScoop)

Suspected LockBit ransomware affiliate arrested, charged in US (BleepingComputer)

Russian national arrested in US for deploying LockBit ransomware (The Record)

Guardsman indicted on charges of disclosing classified national defense information (AP News)

Charges Against Alleged Pentagon Leaker Jack Teixeira Explained (Newsweek)

Jack Teixeira, Pentagon leaks suspect, indicted by federal grand jury (The Guardian)

Learn more about your ad choices. Visit megaphone.fm/adchoices

Up next

Plug-ins gone rogue.

Patch Tuesday. An Iranian ransomware group puts a premium on U.S. and Israeli targets. Batavia spyware targets Russia’s industrial sector. HHS fines a Texas Behavioral Health firm for failed risk analysis. The Anatsa banking trojan targets financial institutions in the U.S. and C ... Show More

Memory leaks and login sneaks.

Researchers release proof-of-concept exploits for CitrixBleed2. Grafana patches four high-severity vulnerabilities. A hacker claims to have breached Spanish telecom giant Telefónica. Italian police arrest a Chinese man wanted by U.S. authorities for alleged industrial espionage. ... Show More

SafePay, unsafe day.

Ingram Micro suffers a ransomware attack by the SafePay gang. Spanish police dismantle a large-scale investment fraud ring. The SatanLock ransomware group says it is shutting down. Brazilian police arrest a man accused of stealing over $100 million from the country’s banking syst ... Show More

Recommended Episodes

Russie : un malware inédit contre l’Ukraine ?

Si le conflit entre l’Ukraine et la Russie est un drame absolu pour les citoyens, force est de constater que le monde de la tech y joue un rôle de premier plan. Ces derniers jours, nous vous avons présenté différentes actions mises en place par les occidentaux pour tenter d’affai ... Show More

How Are US Chips Ending Up In Russian Weapons?

US sanctions against Russia are supposed to cut off Moscow’s access to all kinds of goods, including semiconductors, which are used in missiles and drones. But US officials allege a secret supply chain has illegally funneled these chips, some of them American-made, to Russia, whe ... Show More

CISA Goes Rogue: How Cybersecurity Became Censorship | 2.25.24

The Cybersecurity and Infrastructure Security Agency faces claims it censors the American public and interferes in elections. After the debunked Russian collusion narrative and the Twitter files, some lawmakers now want to see the agency completely dismantled. Get the facts first ... Show More

Nicole Perlroth, "This Is How They Tell Me the World Ends: The Cyberweapons Arms Race" (Bloomsbury, 2021)

For years, cybersecurity experts have debated whether cyber-weapons represent a destabilizing new military technology or merely the newest tool in the spies’ arsenal. In This Is How They Tell Me the World Ends (Bloomsbury, 2021), Nicole Perlroth makes a compelling case that cyber ... Show More

Listen to millions of songs and podcasts on Anghami