The CyberWire Daily Podcast 5.25.22
Ep 1586 | 5.25.22

More cyberespionage in Russia. Advice on conducting propaganda. Iranian group conducts DDoS against Port of London Authority. News from the underworld. CISA alerts. Operation Delilah.

Show Notes

More cyberespionage targets Russian networks. Lincoln Project veterans visit Ukraine with advice on conducting an influence campaign against President Putin. A politically motivated DDoS attack hits the Port of London Authority website. Is REvil back and looking into new criminal techniques, or is a recent DDoS campaign the work of impostors? RansomHouse may be operated by frustrated bounty hunters. Kevin Magee from Microsoft sets his security sights toward space. Our guest is Mathieu Gorge of VigiTrust to discuss the threat of printer hacks. Operation Delilah trims SilverTerrier’s locks.

Selected reading.

Unknown APT group has targeted Russia repeatedly since Ukraine invasion (Malwarebytes Labs) 

Hackers target Russian govt with fake Windows updates pushing RATs (BleepingComputer) 

Researchers Find New Malware Attacks Targeting Russian Government Entities (The Hacker News) 

Ukraine May Use Lincoln Project's Anti-Trump Tactics Against Putin (Newsweek)

Pro-Iran Group ALtahrea Hits Port of London Website by DDoS Attack (HackRead)

REvil Resurgence? Or a Copycat? (Akamai)

RansomHouse: Bug bounty hunters gone rogue? (Help Net Security) 

Data theft gang RansomHouse might be 'frustrated' white hat hackers, researchers claim (Tech Monitor)

CISA Adds 20 Known Exploited Vulnerabilities to Catalog (CISA) 

CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog (Security Affairs) 

Rockwell Automation Logix Controllers (CISA) 

Matrikon OPC Server (CISA) 

Mitsubishi Electric FA Engineering Software Products (Update D) (CISA) 

Mitsubishi Electric Factory Automation Engineering Products (Update F) (CISA) 

Suspected head of cybercrime gang arrested in Nigeria (Interpol)

Interpol arrests alleged leader of the SilverTerrier BEC gang (BleepingComputer) 

INTERPOL hauls in alleged Nigerian cybercrime ringleader (CyberScoop) 

Operation Delilah: Unit 42 Helps INTERPOL Identify Nigerian Business Email Compromise Actor (Unit42)