A VMConnect supply chain attack is connected to the DPRK. Reports of an aledgedly "fully undetectable information stealer." DB#JAMMER brute forces exposed MSSQL databases. A Cyberattack on a Canadian utility. The state of DevSecOps. A look at hacktivism, today and beyond. Betsy Carmelite from Booz Allen on threat intelligence as part of a third-party risk management program. Our guest is Adam Marré from Arctic Wolf Networks, with an analysis of Chinese cyber tactics. And a free decryptor is released for Key Group ransomware.
For links to all of today's stories check out our CyberWire daily news briefing:
https://thecyberwire.com/newsletters/daily-briefing/12/168
VMConnect supply chain attack continues, evidence points to North Korea (ReversingLabs)
Montreal electricity organization latest victim in LockBit ransomware spree (Record)
LockBit ransomware gang targets electrical infrastructure organization in Montreal (teiss)
[Analyst Report] SANS 2023 DevSecOps Survey (Synopsys)
SANS 2023 DevSecOps Survey (Application Security Blog)
Government Agencies Report New Russian Malware Targets Ukrainian Military (National Security Agency/Central Security Service)
Russian military hackers take aim at Ukrainian soldiers' battle plans, US and allies say (CNN)
Ukraine: The First Cyber Lessons (AFCEA International)
The Return of Hacktivism: A Temporary Reprise or Here for Good? (ReliaQuest)
Decrypting Key Group Ransomware: Emerging Financially Motivated Cyber Crime Gang (EclecticIQ)
Learn more about your ad choices. Visit megaphone.fm/adchoices