The CyberWire Daily Podcast 3.23.22
Ep 1541 | 3.23.22

British-American warnings of a Russian cyber threat, and Russia’s response. More on the Lapsus$ gang incidents at Microsoft and Okta. And Secureworks looks at Conti and sees a criminal ecosystem.

Show Notes

The US and the UK warn of impending Russian cyberattacks, and Russia responds with warnings against “banditry,” crime, and bad manners. CISA issues two new ICS advisories. Microsoft confirms a Lapsus$ gang incident, and so does Okta, but Okta’s case is more complicated. Josh Ray from Accenture on the cyber workforce. Our guest is Tom Gaffney from F-Secure with some ways to reduce digital anxietySecureworks takes a look at the criminal ecosystem around Conti.

Selected reading.

Ukraine war has put our relationship with US at breaking point - Russia (Daily Post Nigeria) 

Kremlin dismisses U.S. warning of potential Russian cyber attacks (Reuters) .

As Biden puts US on alert, Russia seeks talks to help prevent cyber war (Newsweek) 

U.K. echoes Biden warning on Russian cyberattacks (The Record by Recorded Future) 

Biden: Russia mulling cyberattacks on US (C4ISRNet) 

National Security Advisor details new intelligence on potential Russian cyberattacks (FOX 5 DC)

The Threat of Russian Cyberattacks Looms Large (The New Yorker) 

FBI sees growing Russian hacker interest in US energy firms (AP NEWS) 

CISA Call with Critical Infrastructure Partners on Potential Russian Cyberattacks Against the U.S. (YouTube) 

CISA highlights new reporting hotline amid warnings about potential Russian cyber attacks (Federal News Network)

Delta Electronics DIAEnergie (CISA) 

Delta Electronics DIAEnergie (Update B) (CISA) 

Microsoft, Okta Investigating Data Theft Claims (SecurityWeek) 

Hackers hit authentication firm Okta, customers 'may have been impacted' (Reuters) 

'This Is Really, Really Bad': Lapsus$ Gang Claims Okta Hack (Wired).

Okta ‘identifying and contacting’ customers potentially affected by Lapsus$ breach (The Record by Recorded Future) 

Okta Investigates Report of Security Breach, Says It Finds No Evidence of New Attack (Wall Street Journal) 

Fury As Okta—The Company That Manages 100 Million Logins—Fails To Tell Customers About Breach For Months (Forbes) 

Cloudflare’s investigation of the January 2022 Okta compromise (Cloudflare Blog).

Updated Okta Statement on LAPSUS$ (Okta) 

GOLD ULRICK leaks reveal organizational structure and relationships (Secureworks) 

Details of Conti ransomware affiliate released ( 

More can be done to curb misuse of Cobalt Strike, expert says (VentureBeat)