Cyber phases of a hybrid war continue at a nuisance level. IcedID’s distribution vectors. Automating software supply-chain attacks. CISA offers power supply risk mitigation guidance.
A cyberattack takes down a major Ukrainian Internet provider. GhostWriter is said to deploy Cobalt Strike against the Ukrainian government. Anonymous makes some large claims. This just in: spies drive drunk: Ukrainian intelligence doxes FSB officers. Conventional criminals continue to exploit sympathy for Ukraine in social engineering scams. Red-Lili automates software supply-chain attacks. Ben Yelin considers Russian cyber capabilities. Mr. Security Answer Person John Pescatore addresses security automation. And CISA offers mitigation guidance on risks to uninterruptible power supplies.
Selected reading.
Russia says it will scale back near Kyiv as talks progress (AP NEWS)
Ukraine Claims Some Battle Successes as Russia Focuses on Another Front (New York Times)
Ukrainian telecom company's internet service disrupted by 'powerful' cyberattack (Reuters)
‘Most Severe’ Cyberattack Since Russian Invasion Crashes Ukraine Internet Provider (Forbes)
GhostWriter APT targets state entities of Ukraine with Cobalt Strike Beacon (Security Affairs)
Secret World of Pro-Russia Hacking Group Exposed in Leak (Wall Street Journal)
Anonymous is working on a huge data dump that will blow Russia away (Security Affairs)
While Twitter suspends Anonymous accounts, the group hacked VGTRK Russian Television and Radio (Security Affairs)
Names and addresses of 620 FSB officers published in data breach (Times)
Russian spies unmasked in embarrassing blow for Vladimir Putin (The Telegraph)
New Conversation Hijacking Campaign Delivering IcedID (Intezer)
Spoofed Invoice Used to Drop IcedID (Fortinet Blog)
A Beautiful Factory for Malicious Packages (Checkmarx)
School of Hard Knocks: Job Fraud Threats Target University Students (Proofpoint)
Mitigating Attacks Against Uninterruptible Power Supply Devices (CISA Insights)