The CyberWire Daily Podcast 5.20.22
Ep 1583 | 5.20.22

Is Conti rebranding? Commercial spyware scrutinized. Notes from the cyber phases of a hybrid war. Notes on the underworld. Software supply chain attack. Canada will exclude Huawei from 5G.

Show Notes

Was Conti’s digital insurrection in Costa Rica misdirection? Google assesses a commercial spyware threat “with high confidence.” Continuing expectations of escalation in cyberspace. The limitations of an alliance of convenience. Fronton botnet shows versatility. Russian hacktivists hit Italian targets, again. Lazarus Group undertakes new SolarWinds exploitation. Crypters in the C2C market. CrateDepression supply chain attack. Johannes Ullrich describes an advance fee scam hitting crypto markets. Our guest is Marty Roesch, CEO of Netography and inventor of Snort. Canada to exclude Huawei from 5G networks on security grounds.

Selected reading.

Conti ransomware shuts down operation, rebrands into smaller units (BleepingComputer) 

Protecting Android users from 0-Day attacks (Google) 

Microsoft President: Cyber Space Has Become the New Domain of Warfare (Infosecurity Magazine)

Twisted Panda: Chinese APT espionage operation against Russian’s state-owned defense institutes (Check Point Research) 

Chinese Hackers Tried to Steal Russian Defense Data, Report Says (New York Times) 

China-linked Space Pirates APT targets the Russian aerospace industry (Security Affairs) 

This Russian botnet does far more than DDoS attacks - and on a massive scale (ZDNet) 

Pro-Russian hackers attack institutional websites in Italy, police say (Reuters) 

Lazarus hackers target VMware servers with Log4Shell exploits (BleepingComputer)

ITG23 Crypters Highlight Cooperation Between Cybercriminal Groups (Security Intelligence) 

CrateDepression | Rust Supply-Chain Attack Infects Cloud CI Pipelines with Go Malware (SentinelOne) 

Canada to ban Huawei/ZTE 5G equipment, joining Five Eyes allies (Reuters)