At a glance.
- Baphomet backs out.
- Malware could detect sandbox emulations.
- VEC supply chain attack.
- Report: a new APT is active in Russian-occupied sections of Ukraine.
- Someone claiming to be a Russian patriot claims responsibility for the D.C. Health Link attack.
- CISA and NSA offer guidance on identity and access management (IAM).
- CISA updates Cybersecurity Performance Goals.
- CISA releases eight ICS advisories.
Baphomet backs out.
The Record reports that Baphomet has changed his mind about bringing back BreachForums. Baphomet posted yesterday, "This will be my final update on Breached, as I've decided to shut it down. I'm aware this news will not please anyone, but it's the only safe decision now that I've confirmed that the glowies [sic] likely have access to Poms [that is, Pompompurin's] machine." He added, "Any servers we use are never shared with anyone else, so someone would have to know the credentials to that server to be able to login. I now feel like I'm put into a position where nothing can be assumed safe, whether its our configs, source code, or information about our users the list is endless. This means that I can't confirm the forum is safe, which has been a major goal from the start of this sh*tshow." For more on the demise, resuscitation, and second demise of BreachForums, see CyberWire Pro.