The CyberWire Daily Podcast 4.11.22
Ep 1554 | 4.11.22

Cyber skirmishing as Russia redeploys in Ukraine. Spyware in senior EC official’s device. Sharkbot-infested apps ejected from Google Play. Advice from CISA.

Show Notes

US National Security Advisor says atrocities were part of Russia's plan. Russian commanders seek to keep troops away from dangerous sections of the Internet. Cyberattacks in Finland may be a shot across Helsinki's bow. CERT-UA warns of a phishing campaign. Hacktivists hit Russian organizations. Mixed reviews for US preemptive measures against GRU botnets. Sharkbot-infested apps ejected from Google Play. Johannes Ullrich from SANS on malicious ISO files embedded in HTML. Our guest is Neal Dennis from Cyware on threat intel sharing with members of Auto-ISAC. What you should do when your Shields are Up.

Selected reading.

Russia Shuffles Command in Ukraine as Thousands Flee the East (New York Times) 

Sullivan: Intel indicates plan from ‘highest levels’ of Russian government to target civilians (The Hill) 

Russian soldiers banned from social media as ‘uncomfortable truths’ drain their morale (The Telegraph) 

West Seeks to Pierce Russia’s Digital Iron Curtain (Foreign Policy)

YouTube blocks Russian parliament channel, drawing ire from officials (Reuters) 

U.S. quietly paying millions to send Starlink terminals to Ukraine, contrary to SpaceX claims (Washington Post)

Hackers use Conti's leaked ransomware to attack Russian companies (BleepingComputer) 

Державна служба спеціального зв’язку та захисту інформації України (GUR)

How Russia's Invasion Triggered a US Crackdown on Its Hackers (Wired)

The U.S. Opens a Risky New Front in Cyberdefense (Bloomberg) 

Meet the 1,300 librarians racing to back up Ukraine’s digital archives (Washington Post) 

The Race to Save Posts That May Prove Russian War Crimes (Wired) 

Exclusive: Senior EU officials were targeted with Israeli spyware (Reuters) 

SharkBot Android Malware Continues Popping Up on Google Play (SecurityWeek) 

SharkBot Banking Trojan spreads through fake AV apps on Google Play (Security Affairs) 

Sharing Cyber Event Information: Observe, Act, Report (CISA)