CISA issued Binding Operational Directive 23-01. LAUSD says ransomware operators missed most sensitive PII. API protection report describes malicious transactions. Analysis of cyber risk in relation to SaaS applications. Review: Russian cyber operations have achieved nuisance-level effects. Reports of dissident hacktivism in Russia.
Microsoft Exchange Server zero-days exploited in the wild. Apparent hacktivism against the Mexican government. Lazarus Group's BYOVD spearphishing campaign. Customer service software supply chain attack. Underground markets offer to help Russians avoid mobilization. MI5 website sustains brief DDoS attack.
North Korean operators "weaponize" open-source software. SolarMarker info-stealer returns in watering hole campaign. Fast Company's Word Press hijacking incident. Deepfakes, and their evolution. Kinetic sabotage raises concerns about threats to infrastructure in cyberspace. CISA releases six Industrial Control System Advisories.
Cyber dissent and hybrid warfare. C2C markets. Cyberespionage campaigns.
Gray-hat support for Iranian dissidents. Witchetty cyberespionage group: recent activity. C2C access for sale: high-end auction houses and "flea markets." Securonix describes an effective and carefully crafted cyberespionage campaign. Novel malware discovered targeting VMware SXi hypervisors. Russian soldiers' intercepted mobile calls.
Leaked LockBit 3.0 builder used in ransomware attacks. Cloud complexity and its effect on security. Operation In(ter)ception: social engineering by the Lazarus Group. Meta takes down Russian disinformation networks. DDoS remains the characteristic mode of cyber ops in Russia's hybrid war against Ukraine. CISA releases three more ICS Advisories.
