The CyberWire Daily Podcast 5.3.22
Ep 1570 | 5.3.22

Hybrid war and disinfo from the swamp. Stormous hacks on behalf of Russia. DNS poisoning risk. Updates on Chinese cyberespionage campaigns. Notes on ransomware operations.

Show Notes

Russia reroutes Internet traffic in occupied regions of Ukraine through Russian services. The Stormous gang, hacking on behalf of Russia. DNS poisoning risk. Updates on Chinese cyberespionage campaigns. Our guest Chetan Mathur of Next Pathway finds similarities between the cloud industry and the 1849 California Gold Rush. Eldan Ben-Haim of Apiiro on why cybersecurity is largely a culture issue. Notes on ransomware operations.

Selected reading.

Microsoft sees Russian cyberattacks on Ukraine 'getting more and more disruptive' (Inside Defense) 

Sergey Lavrov claims Hitler had 'Jewish blood' (The Telegraph)

Lavrov’s anti-Semitic outburst exposes absurdity of Russia’s “Nazi Ukraine” claims (Atlantic Council) 

Russia likens Zelensky to Hitler as Mariupol says Russia worse than Nazis (Newsweek) 

Russia reroutes internet in occupied Ukrainian territory through Russian telcos (The Record by Recorded Future) 

Stormous: The Pro-Russian, Clout Hungry Ransomware Gang Targets the US and Ukraine (Trustwave)

Zhadnost ‘stamps’ out Ukrainian National Postal Service’s website. (SecurityScorecard) 

Industrial cybersecurity researchers, looking for help, go public with unpatched IoT bug (The Record by Recorded Future) 

Nozomi Networks Discovers Unpatched DNS Bug in Popular C Standard Library Putting IoT at Risk (Nozomi Networks)

Chinese "Override Panda" Hackers Resurface With New Espionage Attacks (The Hacker News) 

Chinese Hackers Caught Exploiting Popular Antivirus Products to Target Telecom Sector (The Hacker News) 

New Black Basta Ransomware Possibly Linked to Conti Group (SecurityWeek) 

Experts Analyze Conti and Hive Ransomware Gangs' Chats With Their Victims (The Hacker News) 

Conti and Hive ransomware operations: What we learned from these groups' victim chats (Cisco Talos) 

Conti and Hive ransomware operations: (Cisco Talos)