The CyberWire Daily Podcast 3.7.22
Ep 1529 | 3.7.22

Cyber dimensions of Russia’s hybrid war against Ukraine. Hacktivists and cybercriminals choose sides. Lapsu$ releases NVIDIA and Samsung data (and says a victim hacked back).

Show Notes

Russian influence operations fail as few support Russia's war of aggression. Ukraine will become a "contributing participant" in NATO's CCDCOE. Ukrainian cyberattacks, and the marshaling of hacktivists. Russian cyberattacks: surprisingly restrained and unsurprisingly supported by criminal organizations like Conti. The FBI’s Bryan Vorndran joins us with insights on the work his team did on Sodinokibi. Rick Howard looks at vulnerability management. Lapsu$ gang releases data taken from NVIDIA and Samsung in separate extortion incidents.

Selected reading.

What Happened on Day 11 of Russia’s Invasion of Ukraine (New York Times)

Putin says Ukraine's future in doubt as cease-fires collapse 

After temporary cease-fires break down, Putin threatens Ukraine’s government (AP NEWS) 

Ukraine to join NATO cyber defence centre as 'contributing participant' (Reuters)

Putin Is Raising an Iron Firewall Around Russia (Bloomberg) 

Three reasons Moscow isn't taking down Ukraine's cell networks (POLITICO) 

Hacktivists Stoke Pandemonium Amid Russia’s War in Ukraine (Wired) 

DDoS hacktivism: A highly risky exercise (Avast)

This Ukrainian cyber firm is offering hackers bounties for taking down Russian sites (The Record by Recorded Future)

Ukraine Cyber Official: We Only Attack Military Targets (SecurityWeek) 

Volunteer Hackers Converge on Ukraine Conflict With No One in Charge (New York Times) 

Russia shares list of 17,000 IPs allegedly DDoSing Russian orgs (BleepingComputer) 

Ukraine's 'IT army' targets Belarus railway network, Russian GPS (Reuters) 

HawkEye 360 detects GPS interference in Ukraine (SpaceNews) 

Hackers are being forced to pick sides in the Russia-Ukraine war (KTVH) 

Nvidia allegedly hacks back (Avast)

Credentials of 71,000 NVIDIA Employees Leaked Following Cyberattack (SecurityWeek) 

Leaked stolen Nvidia cert can code-sign Windows malware (Register) 

Hackers claim massive Samsung leak, including encryption keys and source code (Android Police) 

Lapsus$ group leaks 190GB of Samsung data, source code (Computing) 

Samsung’s secret data leaks after devastating cyberattack (SamMobile)