Influence operation targets the rare earth marketplace. SOHO routers under attack. YTStealer discovered, out and active in the wild. CISA releases six ICS security advisories. Most dangerous software weaknesses. Response to Killnet.
Iranian steel mill suspends production due to cyberattack. Bumblebee rising. CISA adds to its Known Exploited Vulnerabilities Catalog. Distributed denial-of-service attacks against Lithuania. Dark Crystal RAT described.
Conti seems to have retired its brand. LockBit 2.0 takes Conti's place as the leading ransomware brand. Two-stage ransomware now tends to skip the first stage (encryption). Lithuania sustains a major DDoS attack. Lessons from NotPetya. Lessons from #OpRussia.
Another warning of spyware in use against targets in Italy and Kazakhstan. Cyberespionage uses ransomware as misdirection. Lithuania's NKSC warns of increased DDoS threat. Think tanks as targets. CISA's tabletop exercises. CISA releases six industrial control system advisories.
ICEFALL advice and reactions. CISA issues an updated version of its Cloud Security Technical Reference Architecture. Reviewing Russian cyber campaigns in the war against Ukraine. Ukraine's IT Army is a complex phenomenon.