The CyberWire Daily Podcast 6.15.22
Ep 1600 | 6.15.22

Hertzbleed, a troublesome feature of processors. Cyberespionage and hybrid war. Patch Tuesday notes. Software bills of materials. Wannabe cybercrooks and criminal publicity stunts.

Show Notes

The Hertzbleed side-channel issue affects Intel and AMD processors. An Iranian spearphishing campaign prospected former Israeli officials. Patch Tuesday notes. A look at software bills of materials. Russia routes occupied Ukraine's Internet traffic through Russia. Intercepts in the hybrid war: the odd and the ugly. Deepen Desai from ZScaler joins us with the latest numbers on ransomware. Rob Boyce from Accenture Security looks at cyber invisibility. And, finally, criminal wannabes and criminal publicity stunts.

Selected reading.

A new vulnerability in Intel and AMD CPUs lets hackers steal encryption keys (Ars Technica) 

Iranian Spear-Phishing Operation Targets Former Israeli and US High-Ranking Officials (Check Point Research)

Microsoft June 2022 Patch Tuesday fixes 1 zero-day, 55 flaws (BleepingComputer) 

Microsoft Releases June 2022 Security Updates (CISA) 

Windows Updates Patch Actively Exploited 'Follina' Vulnerability (SecurityWeek) 

Adobe Plugs 46 Security Flaws on Patch Tuesday (SecurityWeek)

Citrix Releases Security Updates for Application Delivery Management (CISA)

SAP Releases June 2022 Security Updates (CISA) 

So long, Internet Explorer. The browser retires today (AP NEWS)

SBOM in Action: finding vulnerabilities with a Software Bill of Materials (Google Online Security Blog)

Russia Is Taking Over Ukraine’s Internet (Wired)

Belarusian hacktivist group releases purported Belarusian wiretapped audio of Russian embassy (CyberScoop) 

Intercepted call: Russian plan to send PoWs out into minefields (The Telegraph) 

Hacker Advertises ‘Crappy’ Ransomware on Instagram (Vice) 

LockBit Ransomware Compromise of Mandiant Not Supported by Any Evidence, May Be a PR Move by Cybercrime Gang (CPO Magazine)